[AusNOG] AusCERT Week in Review - Week Ending 04/09/2009 (AUSCERT#20073F686)
Paul Fahey
paul at auscert.org.au
Fri Sep 4 15:24:54 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2009.1072 - [UNIX/Linux] Asterisk: Denial of service -
Remote/unauthenticated
Date: 04 September 2009
URL: http://www.auscert.org.au/11586
Title: ASB-2009.1070.2 - UPDATE [Win][UNIX/Linux] Opera: Multiple
vulnerabilities
Date: 03 September 2009
URL: http://www.auscert.org.au/11567
Title: ASB-2009.1071 - [Appliance] BIG-IP: Multiple vulnerabilities
Date: 02 September 2009
URL: http://www.auscert.org.au/11569
Title: ASB-2009.1069 - [Win][UNIX/Linux] Pidgin: Denial of service -
Remote/unauthenticated
Date: 01 September 2009
URL: http://www.auscert.org.au/11562
Title: ASB-2009.1066 - [Appliance] Xerox WorkCentre Web Server: Access
privileged data - Remote/unauthenticated
Date: 01 September 2009
URL: http://www.auscert.org.au/11558
Title: ASB-2009.1067 - [Win] Google Chrome: Provide misleading information -
Remote/unauthenticated
Date: 01 September 2009
URL: http://www.auscert.org.au/11560
Title: ASB-2009.1068 - [UNIX/Linux] Squid: Denial of service -
Remote/unauthenticated
Date: 01 September 2009
URL: http://www.auscert.org.au/11561
Title: ASB-2009.1065 - [Win][Solaris][SUSE] Novell Identity Manager and
Provisioning Module for Identity Manager: Cross-site scripting -
Remote/unauthenticated
Date: 31 August 2009
URL: http://www.auscert.org.au/11555
External Security Bulletins:
----------------------------
Title: ESB-2009.1256 - [Win][Linux][HP-UX][Solaris] Sun Microsystems: Denial
of service - Remote/unauthenticated
Date: 04 September 2009
OS: Solaris, Red Hat Linux, Windows 2003, Debian GNU/Linux, Ubuntu,
Windows
XP, HP-UX, SUSE, Windows 2000, Windows Vista, Other Linux Variants,
Windows Server 2008
URL: http://www.auscert.org.au/11587
Title: ESB-2009.1255 - [Solaris][OpenSolaris] Gnome-XScreenSaver: Denial of
service - Existing account
Date: 04 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11588
Title: ESB-2009.1254 - [Mac][OSX] Java: Multiple vulnerabilities
Date: 04 September 2009
OS: Mac OS X
URL: http://www.auscert.org.au/11585
Title: ESB-2009.1253 - [Win] Sun Java System Web Server: Access privileged
data - Remote/unauthenticated
Date: 03 September 2009
OS: Solaris, Windows 2003, Windows XP, Windows 2000, Windows Vista,
Windows
Server 2008
URL: http://www.auscert.org.au/11584
Title: ESB-2009.1252 - [Ubuntu] NSS: Multiple vulnerabilities
Date: 03 September 2009
URL: http://www.auscert.org.au/11583
Title: ESB-2009.1251 - [Debian] devscripts: Reduced security - Existing
account
Date: 03 September 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11582
Title: ESB-2009.1250 - [Debian] mysql-dfsg-5.0: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 03 September 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11581
Title: ESB-2009.1249 - [UNIX/Linux][RedHat] gdm: Unauthorised access -
Existing account
Date: 03 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11580
Title: ESB-2009.1248 - [UNIX/Linux][RedHat] cman: Modify arbitrary files -
Existing account
Date: 03 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11579
Title: ESB-2009.1247 - [UNIX/Linux][RedHat] rgmanager: Overwrite arbitrary
files - Existing account
Date: 03 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11578
Title: ESB-2009.1246 - [UNIX/Linux][RedHat] gfs2-utils: Overwrite arbitrary
files - Existing account
Date: 03 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11577
Title: ESB-2009.1245 - [RedHat] openssl: Denial of service -
Remote/unauthenticated
Date: 03 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11576
Title: ESB-2009.1244 - [RedHat] nfs-utils: Unauthorised access -
Remote/unauthenticated
Date: 03 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11575
Title: ESB-2009.1243 - [UNIX/Linux][RedHat] ecryptfs-utils: Access
privileged
data - Existing account
Date: 03 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11574
Title: ESB-2009.1242 - [RedHat] mysql: Multiple vulnerabilities
Date: 03 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11573
Title: ESB-2009.1241 - [RedHat] openssh: Access privileged data -
Remote/unauthenticated
Date: 03 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11572
Title: ESB-2009.1240 - [UNIX/Linux][RedHat] lftp: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 03 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11571
Title: ESB-2009.1239 - [RedHat] kernel: Multiple vulnerabilities
Date: 03 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11570
Title: ESB-2009.1238 - [SUSE] Multiple products: Multiple vulnerabilities
Date: 02 September 2009
OS: SUSE
URL: http://www.auscert.org.au/11566
Title: ESB-2009.1237 - [RedHat] kernel: Multiple vulnerabilities
Date: 02 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11565
Title: ESB-2009.1236 - [Debian] dnsmasq: Multiple vulnerabilities
Date: 02 September 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11564
Title: ESB-2009.1235.2 - UPDATE [Win] IIS: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 02 September 2009
OS: Windows Server 2008, Windows Vista, Windows 2000, Windows XP, Windows
2003
URL: http://www.auscert.org.au/11563
Title: ESB-2009.1234 - [UNIX/Linux][RedHat] dnsmasq: Multiple
vulnerabilities
Date: 01 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11559
Title: ESB-2009.1233 - [UNIX/Linux][Debian] ikiwiki: Access privileged data
-
Remote/unauthenticated
Date: 01 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/11557
Title: ESB-2009.1232 - [Solaris][OpenSolaris] sockfs: Denial of service -
Remote/unauthenticated
Date: 31 August 2009
OS: Solaris
URL: http://www.auscert.org.au/11556
Title: ESB-2009.1231 - [Win] Symantec Altiris Deployment Solution 6.9.x:
Multiple Vulnerabilities
Date: 31 August 2009
OS: Windows 2003, Windows XP, Windows 2000, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/11554
Title: ESB-2009.1230 - [SUSE] kernel: Root compromise - Existing account
Date: 31 August 2009
OS: SUSE
URL: http://www.auscert.org.au/11553
Title: ESB-2009.1229 - [RedHat] java-1.5.0-ibm: Multiple vulnerabilities
Date: 31 August 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11552
Title: ESB-2009.1221.2 - UPDATE [Solaris] Adobe Reader: Multiple
vulnerabilities
Date: 03 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11539
Title: ESB-2009.1218.2 - UPDATED ALERT [Win] iDEFENSE: Administrator
compromise - Remote/unauthenticated
Date: 02 September 2009
OS: Windows Server 2008, Windows Vista, Windows 2000, Windows XP, Windows
2003
URL: http://www.auscert.org.au/11535
Title: ESB-2009.1216.2 - UPDATE [Solaris][OpenSolaris] Flash Player:
Multiple
vulnerabilities
Date: 01 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11533
Title: ESB-2009.1011.3 - UPDATE [VMware ESX] krb5: Multiple vulnerabilities
Date: 01 September 2009
OS: Virtualisation
URL: http://www.auscert.org.au/11245
Title: ESB-2009.0699 -- [Solaris] -- Adobe Reader: Execute Arbitrary Code
Date: 03 September 2009
OS: Solaris
URL: http://www.auscert.org.au/10992
Title: ESB-2009.0064 -- [Solaris] -- Security vulnerability in Solaris
Related
to the Apache 1.3 mod_perl(3) Module Component "PerlRun.pm" may Lead
to
Denial of Service (DoS)
Date: 03 September 2009
OS: Solaris
URL: http://www.auscert.org.au/10367
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090904/edc1f9d1/attachment.html>
More information about the AusNOG
mailing list