[AusNOG] AusCERT Week in Review - Week Ending 15/05/2009 (AUSCERT#20073f686)
Patrick Mannion
patrick at auscert.org.au
Fri May 15 15:33:27 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0117 -- [Win][UNIX/Linux] -- Matt Wright FormMail: Multiple
Vulnerabilities
Date: 15 May 2009
URL: http://www.auscert.org.au/10996
Title: AA-2009.0118 -- [Linux] -- kernel: Execute Arbitrary Code
Date: 15 May 2009
URL: http://www.auscert.org.au/10997
Title: AA-2009.0119 -- [Win][UNIX/Linux] -- Dokeos: Multiple Vulnerabilities
Date: 15 May 2009
URL: http://www.auscert.org.au/10998
Title: AA-2009.0115 -- [Win][UNIX/Linux] -- OpenSC: Inappropriate Access
Date: 14 May 2009
URL: http://www.auscert.org.au/10983
Title: AA-2009.0116 -- [Win][UNIX/Linux] -- Ruby: Execute Arbitrary Code
Date: 14 May 2009
URL: http://www.auscert.org.au/10986
Title: AL-2009.0038 -- [Win][Mac][OSX] -- Microsoft Office PowerPoint: Execute
Arbitrary Code
Date: 13 May 2009
URL: http://www.auscert.org.au/10978
Title: AL-2009.0039 -- [Win][Mac][OSX] -- Safari: Execute Arbitrary Code
Date: 13 May 2009
URL: http://www.auscert.org.au/10981
Title: AA-2009.0114 -- [Win][UNIX/Linux] -- Openfire: Inappropriate Access
Date: 12 May 2009
URL: http://www.auscert.org.au/10977
Title: AL-2009.0037 -- [Win] -- Microsoft Bulletin Notification - May
Pre-release Announcement
Date: 12 May 2009
URL: http://www.auscert.org.au/10975
Title: AA-2009.0112 -- [Win] -- chrome: Execute Arbitrary Code
Date: 11 May 2009
URL: http://www.auscert.org.au/10971
Title: AA-2009.0113 -- [Win] -- AVG: Reduced Security
Date: 11 May 2009
URL: http://www.auscert.org.au/10973
External Security Bulletins:
----------------------------
Title: ESB-2009.0702 -- [Solaris][OpenSolaris] -- Thunderbird 2.0: Multiple
Vulnerabilities
Date: 15 May 2009
OS: Solaris
URL: http://www.auscert.org.au/10994
Title: ESB-2009.0701 -- [Solaris][OpenSolaris] -- PostgreSQL: Denial of
Service
Date: 15 May 2009
OS: Solaris
URL: http://www.auscert.org.au/10993
Title: ESB-2009.0700 -- [RedHat] -- Poppler: Execute Arbitrary Code
Date: 15 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10995
Title: ESB-2009.0699 -- [Solaris] -- Adobe Reader: Execute Arbitrary Code
Date: 15 May 2009
OS: Solaris
URL: http://www.auscert.org.au/10992
Title: ESB-2009.0698 -- [UNIX/Linux] -- squirrelmail: Multiple Vulnerabilities
Date: 14 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10991
Title: ESB-2009.0697 -- [Win][UNIX/Linux] -- Drupal third-party modules:
Multiple Vulnerabilities
Date: 15 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10990
Title: ESB-2009.0696 -- [Win][Netware][Linux] -- HP Data Protector Express:
Execute Arbitrary Code
Date: 15 May 2009
OS: Windows 2003, Windows 2000, Other Linux Variants, Windows XP, Red Hat
Linux, Novell Netware
URL: http://www.auscert.org.au/10989
Title: ESB-2009.0695 -- [RedHat] -- perl-DBD-Pg: Execute Arbitrary
Code/Commands
Date: 14 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10988
Title: ESB-2009.0694 -- [Win][UNIX/Linux] -- Drupal core: Execute Arbitrary
Code
Date: 14 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10987
Title: ESB-2009.0693 -- [RedHat] -- acroread: Execute Arbitrary Code/Commands
Date: 14 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10985
Title: ESB-2009.0692 -- [Win][UNIX/Linux] -- Adobe Reader and Acrobat: Execute
Arbitrary Code/Commands
Date: 14 May 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP, Mac OS X
URL: http://www.auscert.org.au/10984
Title: ESB-2009.0691 -- [Slackware][Win][UNIX/Linux] -- gnutls: Multiple
Vulnerabilities
Date: 14 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10982
Title: ESB-2009.0690 -- [Mac][OSX] -- Mac OS X v10.5.7: Multiple
Vulnerabilities
Date: 13 May 2009
OS: Mac OS X
URL: http://www.auscert.org.au/10980
Title: ESB-2009.0689 -- [Win][Linux][Solaris][AIX] -- Sun GlassFish Enterprise
Server and Sun Java System Application Server: Execute Arbitrary Code
Date: 13 May 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS
X, AIX, Windows Vista
URL: http://www.auscert.org.au/10979
Title: ESB-2009.0688 -- [Debian] -- qemu: Multiple Vulnerabilities
Date: 12 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10976
Title: ESB-2009.0687 -- [Win][HP-UX][Solaris] -- HP OpenView Network Node
Manager - Multiple vulnerabilities
Date: 12 May 2009
OS: Windows Vista, HP-UX, Red Hat Linux, Windows Server 2008, Windows XP,
Windows 2000, Windows 2003, Solaris
URL: http://www.auscert.org.au/9563
Title: ESB-2009.0456 -- [SCO] -- igmp driver: Denial of Service
Date: 12 May 2009
URL: http://www.auscert.org.au/10974
Title: ESB-2009.0455 -- [Win][Linux] -- F-Secure: Reduced Security
Date: 11 May 2009
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Windows Vista
URL: http://www.auscert.org.au/10972
Title: ESB-2009.0454 -- [Debian] -- xulrunner: Execute Arbitrary Code
Date: 11 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10970
Title: ESB-2009.0453 -- [Debian] -- pango: Execute Arbitrary Code
Date: 11 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10969
Title: ESB-2009.0452 -- [Win][UNIX/Linux][RedHat] -- pango: Execute Arbitrary
Code
Date: 11 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, IRIX, Windows 2003,
OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP,
Windows Server 2008, Red Hat Linux, Mac OS X, HP-UX, Windows Vista
URL: http://www.auscert.org.au/10968
Title: ESB-2009.0411 -- [HP-UX] -- useradd: Inappropriate Access
Date: 11 May 2009
OS: HP-UX
URL: http://www.auscert.org.au/10910
Title: ESB-2009.0094 -- [Win][Netware][UNIX/Linux] -- CA Anti-Virus Engine
Detection Evasion Multiple Vulnerabilities
Date: 14 May 2009
OS: Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Windows Server
2008, Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/10424
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list