[AusNOG] AusCERT Week in Review - Week Ending (03/12/2010) (AUSCERT#20073f686)
Jonathan Levine
jonathan at auscert.org.au
Mon Dec 6 00:03:54 EST 2010
AusCERT Week in Review
03 December 2010
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2010.0244 - [Win][UNIX/Linux] BIND: Multiple vulnerabilities
Date: 03 December 2010
URL: http://www.auscert.org.au/13674
Title: ASB-2010.0245 - [UNIX/Linux] ProFTPD ftp distribution server
compromise
Date: 03 December 2010
URL: http://www.auscert.org.au/13675
Title: ASB-2010.0243 - ALERT [Win] McAfee VirusScan Enterprise 8.5i and
prior:
Execute arbitrary code/commands - Remote with user interaction
Date: 02 December 2010
URL: http://www.auscert.org.au/13673
Title: ASB-2010.0242 - [Win][UNIX/Linux] WordPress prior to 3.0.2: Increased
privileges - Existing account
Date: 01 December 2010
URL: http://www.auscert.org.au/13664
Title: ASB-2010.0241 - [Win][UNIX/Linux] phpMyAdmin: Cross-site scripting -
Remote with user interaction
Date: 30 November 2010
URL: http://www.auscert.org.au/13655
Title: ASB-2010.0238.2 - UPDATE [Win][UNIX/Linux] Wireshark: Denial of
service
- Remote with user interaction
Date: 29 November 2010
URL: http://www.auscert.org.au/13633
Title: ASB-2010.0240 - [Win][Linux][HP-UX][Solaris][AIX] IBM Websphere MQ
7.0:
Provide misleading information - Remote/unauthenticated
Date: 29 November 2010
URL: http://www.auscert.org.au/13649
External Security Bulletins:
- ----------------------------
Title: ESB-2010.1097 - [HP-UX] OpenSSL: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 02 December 2010
OS: HP-UX
URL: http://www.auscert.org.au/13672
Title: ESB-2010.1096 - [Win][UNIX/Linux] Drupal Third-party modules:
Cross-site request forgery - Remote with user interaction
Date: 02 December 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13671
Title: ESB-2010.1095 - [RedHat] JBoss Enterprise: Multiple vulnerabilities
Date: 02 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13670
Title: ESB-2010.1094 - [RedHat] kernel: Multiple vulnerabilities
Date: 02 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13669
Title: ESB-2010.1093 - [RedHat] java-1.4.2-ibm: Multiple vulnerabilities
Date: 02 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13668
Title: ESB-2010.1092 - [RedHat] acroread: Multiple vulnerabilities
Date: 02 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13667
Title: ESB-2010.1091 - [Debian] krb5: Increased privileges -
Remote/unauthenticated
Date: 02 December 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13666
Title: ESB-2010.1090 - [Debian] libxml2: Execute arbitrary code/commands -
Remote with user interaction
Date: 02 December 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13665
Title: ESB-2010.1089 - [Cisco] Cisco ASA 5500 Series, Cisco PIX 500 Series,
Cisco VPN 3000 Series: Multiple vulnerabilities
Date: 01 December 2010
OS: Cisco Products
URL: http://www.auscert.org.au/13663
Title: ESB-2010.1088 - [SUSE] SUSE: Multiple vulnerabilities
Date: 01 December 2010
OS: SUSE
URL: http://www.auscert.org.au/13662
Title: ESB-2010.1087 - [RedHat] krb5: Multiple vulnerabilities
Date: 01 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13661
Title: ESB-2010.1086 - [RedHat] wireshark: Multiple vulnerabilities
Date: 01 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13660
Title: ESB-2010.1085 - [RedHat] dhcp: Denial of service -
Remote/unauthenticated
Date: 01 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13659
Title: ESB-2010.1084 - [RedHat] Red Hat Enterprise MRG Messaging and Grid:
Unauthorised access - Existing account
Date: 01 December 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13658
Title: ESB-2010.1083 - [VMware ESX] ESX Service Console OS: Increased
privileges - Existing account
Date: 01 December 2010
OS: Virtualisation
URL: http://www.auscert.org.au/13657
Title: ESB-2010.1082 - [UNIX/Linux] krb5: Multiple vulnerabilities
Date: 01 December 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/13656
Title: ESB-2010.1081 - [FreeBSD] openssl: Multiple vulnerabilities
Date: 30 November 2010
OS: FreeBSD
URL: http://www.auscert.org.au/13654
Title: ESB-2010.1080 - [NetBSD] kernel: Denial of service - Existing account
Date: 30 November 2010
OS: Other BSD Variants
URL: http://www.auscert.org.au/13653
Title: ESB-2010.1079 - [NetBSD] OpenSSL: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 30 November 2010
OS: Other BSD Variants
URL: http://www.auscert.org.au/13652
Title: ESB-2010.1078 - [RedHat] php: Multiple vulnerabilities
Date: 30 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13651
Title: ESB-2010.1077 - [Win][UNIX/Linux][RedHat] cvs: Execute arbitrary
code/commands - Remote with user interaction
Date: 30 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13650
Title: ESB-2010.1076 - [Win][UNIX/Linux][Debian] wireshark: Denial of
service
- Remote/unauthenticated
Date: 29 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13648
Title: ESB-2010.1075 - [Debian] linux-2.6: Multiple vulnerabilities
Date: 29 November 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13647
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list