[AusNOG] AusCERT Week in Review - Week Ending 20/08/2010 (AUSCERT#20073f686)
Jonathan Levine
jonathan at auscert.org.au
Fri Aug 20 15:32:43 EST 2010
AusCERT Week in Review
20 August 2010
Papers, Articles and other documents:
- -------------------------------------
Title: Security updates available for Adobe Reader and Acrobat
Date: 20 August 2010
URL: http://www.auscert.org.au/13226
Title: Information for potential speakers at AusCERT2011
Date: 18 August 2010
URL: http://www.auscert.org.au/6609
Title: SSO newsletter for August 2010
Date: 17 August 2010
URL: http://www.auscert.org.au/13217
Title: Compromised Account Details and Logging FAQ
Date: 16 August 2010
URL: http://www.auscert.org.au/9536
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2010.0195 - [Appliance] ProxySG prior to version 5.5: Increased
privileges - Existing account
Date: 18 August 2010
URL: http://www.auscert.org.au/13222
Title: ASB-2010.0192 - [Win][UNIX/Linux] VLC prior to 1.1.3: Denial of
service
- Remote with user interaction
Date: 16 August 2010
URL: http://www.auscert.org.au/13213
Title: ASB-2010.0193 - [Linux] StrongSwan prior to 4.4.1: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 16 August 2010
URL: http://www.auscert.org.au/13214
Title: ASB-2010.0194 - [Win][UNIX/Linux] Ruby prior to 1.9.1-p430:
Cross-site
scripting - Remote with user interaction
Date: 16 August 2010
URL: http://www.auscert.org.au/13215
External Security Bulletins:
- ----------------------------
Title: ESB-2010.0751 - ALERT [Win][Linux] IBM Tivoli Storage Manager
Fastback:
Execute arbitrary code/commands - Remote/unauthenticated
Date: 20 August 2010
OS: Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu,
Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants,
Windows Server 2008
URL: http://www.auscert.org.au/13235
Title: ESB-2010.0750 - [RedHat] Red Hat HPC Solution: Multiple
vulnerabilities
Date: 20 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13234
Title: ESB-2010.0749 - [RedHat] qspice: Multiple vulnerabilities
Date: 20 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13233
Title: ESB-2010.0748 - [RedHat] vdsm22: Denial of service - Remote with user
interaction
Date: 20 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13232
Title: ESB-2010.0747 - [RedHat] kvm: Multiple vulnerabilities
Date: 20 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13231
Title: ESB-2010.0746 - [RedHat] rhev-hypervisor: Multiple vulnerabilities
Date: 20 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13230
Title: ESB-2010.0745 - [RedHat] Red Hat Enterprise Virtualization Manager:
Provide misleading information - Remote with user interaction
Date: 20 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13229
Title: ESB-2010.0744 - [Debian] linux-2.6: Multiple vulnerabilities
Date: 20 August 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13228
Title: ESB-2010.0743 - [Debian] ghostscript: Multiple vulnerabilities
Date: 20 August 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13227
Title: ESB-2010.0742 - ALERT [Win][UNIX/Linux] Adobe Reader and Acrobat:
Execute arbitrary code/commands - Remote with user interaction
Date: 20 August 2010
URL: http://www.auscert.org.au/13225
Title: ESB-2010.0741 - [Win][UNIX/Linux] Simplenews Content Selection
(Drupal
third-party module): Cross-site scripting - Remote with user
interaction
Date: 19 August 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13224
Title: ESB-2010.0740 - [SUSE] kernel: Denial of service - Remote with user
interaction
Date: 19 August 2010
OS: SUSE
URL: http://www.auscert.org.au/13223
Title: ESB-2010.0739 - [SUSE][OpenSUSE] SUSE: Multiple vulnerabilities
Date: 18 August 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/13221
Title: ESB-2010.0738 - [UNIX/Linux][Debian] lxr-cvs: Cross-site scripting -
Remote with user interaction
Date: 18 August 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/13220
Title: ESB-2010.0737 - [Debian] smarty: Execute arbitrary code/commands -
Remote with user interaction
Date: 18 August 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13219
Title: ESB-2010.0736 - [RedHat] kernel-rt: Multiple vulnerabilities
Date: 18 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13218
Title: ESB-2010.0735 - [UNIX/Linux][Ubuntu] icedtea6-plugin: Read-only data
access - Remote with user interaction
Date: 17 August 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/13216
Title: ESB-2010.0734 - [SUSE][OpenSUSE] flash-player: Multiple
vulnerabilities
Date: 16 August 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/13212
Title: ESB-2010.0498.3 - UPDATE [Win][Linux][HP-UX] HP StorageWorks Storage
Mirroring: Unauthorised access - Remote/unauthenticated
Date: 20 August 2010
OS: Windows Server 2008, Other Linux Variants, Windows Vista, Windows
2000,
SUSE, Windows XP, HP-UX, Ubuntu, Debian GNU/Linux, Windows 7, Red Hat
Linux, Windows 2003
URL: http://www.auscert.org.au/12871
Title: ESB-2009.0407 -- [Win][Linux][HP-UX][Solaris] -- HP OpenView Network
Node Manager: Execute Arbitrary Code/Commands
Date: 19 August 2010
OS: Solaris, HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red
Hat
Linux, Windows Server 2008, Windows Vista, Windows 2003, Windows
2000,
Windows XP
URL: http://www.auscert.org.au/10893
Title: ESB-2010.0084.2 - UPDATE [Win][RedHat][HP-UX][Solaris] HP OpenView
Network Node Manager: Denial of service - Remote/unauthenticated
Date: 20 August 2010
OS: Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows
XP, HP-UX, Windows 2003, Solaris
URL: http://www.auscert.org.au/12297
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list