[AusNOG] AusCERT Week in Review - Week Ending 30/4/2010 (AUSCERT#20073f686)

Daniel McNamara daniel at auscert.org.au
Fri Apr 30 15:11:30 EST 2010 

AusCERT Week in Review

30 April 2010

 

Alerts, Advisories and Updates:

-------------------------------

Title: ASB-2010.0034.2 - UPDATE [Win][UNIX/Linux] PostgreSQL: Execute

       arbitrary code/commands - Existing account 

Date:  30 April 2010

URL:   http://www.auscert.org.au/12307

 

Title: ASB-2010.0113 - [Win] Google Chrome prior to 4.1.249.1064: Execute

       arbitrary code/commands - Remote with user interaction 

Date:  29 April 2010

URL:   http://www.auscert.org.au/12749

 

Title: ASB-2010.0108.2 - UPDATE [Win][UNIX/Linux] MySQL "UNINSTALL PLUGIN":

       Modify arbitrary files - Existing account 

Date:  27 April 2010

URL:   http://www.auscert.org.au/12719

 

Title: ASB-2010.0110.2 - UPDATE [Win] Google Chrome prior to 4.1.249.1059:

       Multiple vulnerabilities 

Date:  27 April 2010

URL:   http://www.auscert.org.au/12724

 

 

External Security Bulletins:

----------------------------

Title: ESB-2010.0411 - ALERT [Win] Microsoft SharePoint: Increased
privileges

       - Existing account 

Date:  30 April 2010

OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,

       Windows Server 2008 

URL:   http://www.auscert.org.au/12752

 

Title: ESB-2010.0410.2 - UPDATE [Ubuntu] postgresql: Denial of service -

       Existing account 

Date:  30 April 2010

OS:    Ubuntu 

URL:   http://www.auscert.org.au/12751

 

Title: ESB-2010.0409 - [RedHat] java-1.6.0-ibm: Multiple vulnerabilities 

Date:  30 April 2010

OS:    Red Hat Linux 

URL:   http://www.auscert.org.au/12750

 

Title: ESB-2010.0408 - [Win][UNIX/Linux] Drupal Third-Party Modules:
Increased

       privileges - Existing account 

Date:  29 April 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,

       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD

       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,

       Other Linux Variants, Windows Server 2008 

URL:   http://www.auscert.org.au/12748

 

Title: ESB-2010.0407 - [UNIX/Linux][RedHat] xorg-x11-server: Root compromise
-

       Existing account 

Date:  29 April 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian

       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,

       Other Linux Variants 

URL:   http://www.auscert.org.au/12747

 

Title: ESB-2010.0406 - [SUSE][OpenSUSE] SUSE: Multiple vulnerabilities 

Date:  28 April 2010

OS:    Other Linux Variants, SUSE 

URL:   http://www.auscert.org.au/12746

 

Title: ESB-2010.0405 - [Win][Linux][HP-UX] HP System Insight Manager:
Multiple

       vulnerabilities 

Date:  28 April 2010

OS:    Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu,

       HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux

       Variants, Windows Server 2008 

URL:   http://www.auscert.org.au/12745

 

Title: ESB-2010.0404 - [RedHat] kernel: Multiple vulnerabilities 

Date:  28 April 2010

OS:    Red Hat Linux 

URL:   http://www.auscert.org.au/12744

 

Title: ESB-2010.0403 - [RedHat] JBoss Enterprise Application Platform:

       Multiple vulnerabilities 

Date:  27 April 2010

OS:    Red Hat Linux 

URL:   http://www.auscert.org.au/12743

 

Title: ESB-2010.0402 - [OpenSUSE] Advance discontinuation notice for
openSUSE

       11.0 

Date:  27 April 2010

OS:    Other Linux Variants 

URL:   http://www.auscert.org.au/12742

 

Title: ESB-2010.0401 - [Win][Netware][Linux] Novell Zenworks: Execute

       arbitrary code/commands - Remote/unauthenticated 

Date:  27 April 2010

OS:    Windows 2003, Red Hat Linux, Windows 7, Novell Netware, Ubuntu,
Debian

       GNU/Linux, Windows XP, SUSE, Windows 2000, Windows Vista, Windows

       Server 2008, Other Linux Variants 

URL:   http://www.auscert.org.au/12741

 

Title: ESB-2010.0400 - [NetBSD] ntpd: Denial of service -

       Remote/unauthenticated 

Date:  27 April 2010

OS:    Other BSD Variants 

URL:   http://www.auscert.org.au/12740

 

Title: ESB-2010.0399 - [NetBSD] NetBSD: Execute arbitrary code/commands -

       Existing account 

Date:  27 April 2010

OS:    Other BSD Variants 

URL:   http://www.auscert.org.au/12739

 

Title: ESB-2010.0398 - [Win][UNIX/Linux][Debian] cacti: Execute arbitrary

       code/commands - Remote/unauthenticated 

Date:  27 April 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,

       Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD

       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,

       Other Linux Variants, Windows Server 2008 

URL:   http://www.auscert.org.au/12738

 

Title: ESB-2010.0397 - [Debian] spamass-milter: Reduced security - Existing

       account 

Date:  27 April 2010

OS:    Debian GNU/Linux 

URL:   http://www.auscert.org.au/12737

 

Title: ESB-2010.0346.3 - UPDATE ALERT [Win] Windows Media Services: Execute

       arbitrary code/commands - Remote/unauthenticated 

Date:  28 April 2010

OS:    Windows 2000 

URL:   http://www.auscert.org.au/12649

 

Title: ESB-2010.0149.2 - UPDATE [Win] HP ProLiant Support Pack 8.30 for

       Windows: Multiple vulnerabilities 

Date:  28 April 2010

OS:    Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows

       XP, Windows 2003 

URL:   http://www.auscert.org.au/12387

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100430/eddef60d/attachment.html>

More information about the AusNOG mailing list