[AusNOG] AusCERT Week in Review - Week Ending 16/07/2010 (AUSCERT#20073F686)
Richard Billington
richard at auscert.org.au
Fri Jul 16 15:40:28 EST 2010
AusCERT Week in Review
16 July 2010
Alerts, Advisories and Updates:
- - -------------------------------
Title: ASB-2010.0170 - [Win][UNIX/Linux] BIND 9.7.1-P1: Denial of service -
Remote/unauthenticated
Date: 16 July 2010
URL: http://www.auscert.org.au/13069
Title: ASB-2010.0171 - [Win][Netware][Linux] Novell GroupWise: Access
privileged data - Remote/unauthenticated
Date: 16 July 2010
URL: http://www.auscert.org.au/13072
Title: ASB-2010.0168 - ALERT [Win][UNIX/Linux][Solaris] Multiple Oracle
Products: Unknown/unspecified - Remote/unauthenticated
Date: 14 July 2010
URL: http://www.auscert.org.au/13055
Title: ASB-2010.0169 - [Win] Winamp 5.572 and prior: Execute arbitrary
code/commands - Remote with user interaction
Date: 14 July 2010
URL: http://www.auscert.org.au/13060
Title: ASB-2010.0166.2 - UPDATED ALERT [Win] Microsoft Windows: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 13 July 2010
URL: http://www.auscert.org.au/13047
Title: ASB-2010.0167 - [Win][UNIX/Linux] Opera 10.60: Denial of service -
Remote with user interaction
Date: 13 July 2010
URL: http://www.auscert.org.au/13049
External Security Bulletins:
- - ----------------------------
Title: ESB-2010.0626 - [UNIX/Linux][Ubuntu] libvte9: Execute arbitrary
code/commands - Remote with user interaction
Date: 16 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/13071
Title: ESB-2010.0625 - [Win][UNIX/Linux][Mandriva] python: Denial of service -
Remote/unauthenticated
Date: 16 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13070
Title: ESB-2010.0624 - [Win][UNIX/Linux] Drupal Third-party modules: Multiple
vulnerabilities
Date: 15 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13068
Title: ESB-2010.0623 - [Win][UNIX/Linux][Debian] libmikmod: Execute arbitrary
code/commands - Remote with user interaction
Date: 15 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13067
Title: ESB-2010.0622 - [Win][UNIX/Linux][Debian] freetype: Execute arbitrary
code/commands - Remote with user interaction
Date: 15 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13066
Title: ESB-2010.0621 - [RedHat] libpng: Multiple vulnerabilities
Date: 15 July 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13065
Title: ESB-2010.0620 - [RedHat] pcsc-lite: Multiple vulnerabilities
Date: 15 July 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13064
Title: ESB-2010.0619 - [HP-UX] rpc.ttdbserver: Execute arbitrary code/commands
- Remote/unauthenticated
Date: 15 July 2010
OS: HP-UX
URL: http://www.auscert.org.au/13063
Title: ESB-2010.0618 - [Linux] HP Insight Control: Multiple vulnerabilities
Date: 15 July 2010
OS: Red Hat Linux, HP-UX, SUSE, Other Linux Variants, Debian GNU/Linux,
Ubuntu
URL: http://www.auscert.org.au/13062
Title: ESB-2010.0617 - [Win] SolidDB: Administrator compromise -
Remote/unauthenticated
Date: 14 July 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13061
Title: ESB-2010.0616 - [Win][Linux][HP-UX] HP Management Agents: Multiple
vulnerabilities
Date: 14 July 2010
OS: Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu,
HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux
Variants, Windows Server 2008
URL: http://www.auscert.org.au/13059
Title: ESB-2010.0615 - [OpenVMS] OpenVMS Auditing: Increased privileges -
Existing account
Date: 14 July 2010
OS: HP-UX
URL: http://www.auscert.org.au/13058
Title: ESB-2010.0614 - [RedHat] avahi: Denial of service -
Remote/unauthenticated
Date: 14 July 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13057
Title: ESB-2010.0613 - [VMware] VMware Studio 2.0: Multiple vulnerabilities
Date: 14 July 2010
OS: Virtualisation
URL: http://www.auscert.org.au/13056
Title: ESB-2010.0612 - [Win] Microsoft Office Outlook: Execute arbitrary
code/commands - Remote with user interaction
Date: 14 July 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13054
Title: ESB-2010.0611 - ALERT [Win] Microsoft Office Access: Execute arbitrary
code/commands - Remote with user interaction
Date: 14 July 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13053
Title: ESB-2010.0610 - ALERT [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 14 July 2010
OS: Windows 7
URL: http://www.auscert.org.au/13052
Title: ESB-2010.0609 - ALERT [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote with user interaction
Date: 14 July 2010
OS: Windows 2003, Windows XP
URL: http://www.auscert.org.au/13051
Title: ESB-2010.0608 - [FreeBSD] mbuf: Increased privileges - Existing account
Date: 13 July 2010
OS: FreeBSD
URL: http://www.auscert.org.au/13050
Title: ESB-2010.0607 - [UNIX/Linux][Debian] python-cjson: Denial of service -
Remote/unauthenticated
Date: 13 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/13048
Title: ESB-2010.0606 - [UNIX/Linux][Debian] znc: Denial of service -
Remote/unauthenticated
Date: 12 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/13046
Title: ESB-2010.0605 - [SUSE][OpenSUSE] FireFox: Multiple vulnerabilities
Date: 12 July 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/13045
Title: ESB-2010.0604 - [Win][UNIX/Linux] Apache Tomcat: Denial of service -
Remote/unauthenticated
Date: 12 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13044
Title: ESB-2009.0568 -- [Win][Linux][HP-UX][Solaris] -- HP OpenView SNMP
Emanate Master Agent: Inappropriate Access
Date: 15 July 2010
OS: Solaris, HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat
Linux, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP
URL: http://www.auscert.org.au/11152
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list