[AusNOG] AusCERT Week in Review - Week Ending 04/06/2010 (AUSCERT#20073f686)
Patrick Mannion
patrick at auscert.org.au
Fri Jun 4 15:34:17 EST 2010
AusCERT Week in Review
04 June 2010
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2010.0137 - [Win][Netware][Linux][Solaris][AIX] Novell eDirectory:
Execute arbitrary code/commands - Existing account
Date: 04 June 2010
URL: http://www.auscert.org.au/12875
Title: ASB-2010.0138 - [Win][UNIX/Linux] MoinMoin: Cross-site scripting -
Remote with user interaction
Date: 04 June 2010
URL: http://www.auscert.org.au/12876
Title: ASB-2010.0135 - [Win][UNIX/Linux] OpenSSL: Multiple vulnerabilities
Date: 03 June 2010
URL: http://www.auscert.org.au/12867
Title: ASB-2010.0136 - [Appliance] BIG-IP: Denial of service -
Remote/unauthenticated
Date: 03 June 2010
URL: http://www.auscert.org.au/12870
Title: ASB-2010.0129.4 - UPDATE [Win][Linux][Mac][OSX] Google Chrome: Multiple
vulnerabilities
Date: 02 June 2010
URL: http://www.auscert.org.au/12848
Title: ASB-2010.0134 - [Win][Linux][AIX] IBM Lotus Connections: Cross-site
scripting - Remote with user interaction
Date: 01 June 2010
URL: http://www.auscert.org.au/12857
Title: ASB-2010.0131 -
[Win][Netware][Linux][FreeBSD][HP-UX][SCO][Solaris][Mac][OSX] Avamar
4.1.x: Denial of service - Remote/unauthenticated
Date: 31 May 2010
URL: http://www.auscert.org.au/12854
Title: ASB-2010.0132 - [Win][Linux][HP-UX][Solaris][AIX] IBM DB2 9.7: Multiple
vulnerabilities
Date: 31 May 2010
URL: http://www.auscert.org.au/12855
Title: ASB-2010.0133 - [Win][UNIX/Linux] Joomla! 1.5.17 and prior: Cross-site
scripting - Existing account
Date: 31 May 2010
URL: http://www.auscert.org.au/12856
External Security Bulletins:
----------------------------
Title: ESB-2010.0501 - [Win][Linux][HP-UX][Solaris][AIX] HP ServiceCenter:
Cross-site scripting - Remote with user interaction
Date: 04 June 2010
OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/12874
Title: ESB-2010.0500 - [RedHat] Red Hat Certificate System 7.1.: Reduced
security - Existing account
Date: 04 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12873
Title: ESB-2010.0499 - [RedHat] Red Hat Directory Server 7.1.: Reduced
security - Existing account
Date: 04 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12872
Title: ESB-2010.0498 - [Win][Linux][HP-UX] HP StorageWorks Storage Mirroring:
Unauthorised access - Remote/unauthenticated
Date: 03 June 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian GNU/Linux,
HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server
2008, Other Linux Variants
URL: http://www.auscert.org.au/12871
Title: ESB-2010.0497 - [HP-UX] Apache-based Web Server: Multiple
vulnerabilities
Date: 03 June 2010
OS: HP-UX
URL: http://www.auscert.org.au/12869
Title: ESB-2010.0496 - [HP-UX] Java: Multiple vulnerabilities
Date: 03 June 2010
OS: HP-UX
URL: http://www.auscert.org.au/12868
Title: ESB-2010.0495 - [Win][UNIX/Linux] Rotor Banner (Drupal third-party
module): Cross-site scripting - Remote with user interaction
Date: 02 June 2010
OS: IRIX, Solaris, HP Tru64 UNIX, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, FreeBSD, Windows Vista,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/12866
Title: ESB-2010.0494 - [Win][UNIX/Linux] Storm (Drupal third-party module):
Cross-site scripting - Remote with user interaction
Date: 02 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12865
Title: ESB-2010.0493 - [RedHat] rhn-client-tools: Unauthorised access -
Existing account
Date: 02 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12864
Title: ESB-2010.0492 - [UNIX/Linux] Transmission: Execute arbitrary
code/commands - Remote with user interaction
Date: 02 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12863
Title: ESB-2010.0491 - [Win][Netware][Linux] Novell ZENworks: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 02 June 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Novell Netware, Ubuntu, Debian
GNU/Linux, Windows XP, SUSE, Windows 2000, Windows Vista, Windows
Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/12862
Title: ESB-2010.0490 - [OpenSolaris] IP Filter: Reduced security - Existing
account
Date: 01 June 2010
OS: Solaris
URL: http://www.auscert.org.au/12861
Title: ESB-2010.0489 - [Solaris][OpenSolaris] kernel: Reduced security -
Unknown/unspecified
Date: 01 June 2010
OS: Solaris
URL: http://www.auscert.org.au/12860
Title: ESB-2010.0488 - [OpenSolaris] libpurple, pidgin: Access confidential
data - Remote/unauthenticated
Date: 01 June 2010
OS: Solaris
URL: http://www.auscert.org.au/12859
Title: ESB-2010.0487 - [OpenSolaris] Kerberos, CIFS: Reduced security -
Unknown/unspecified
Date: 01 June 2010
OS: Solaris
URL: http://www.auscert.org.au/12858
Title: ESB-2010.0486 - [VMware ESX] VMWare: Multiple vulnerabilities
Date: 31 May 2010
OS: Virtualisation
URL: http://www.auscert.org.au/12853
Title: ESB-2010.0485 - [VMware ESX] Java JRE: Multiple vulnerabilities
Date: 31 May 2010
OS: Virtualisation
URL: http://www.auscert.org.au/12852
Title: ESB-2010.0484 - [VMware ESX] VMWare: Multiple vulnerabilities
Date: 31 May 2010
OS: Virtualisation
URL: http://www.auscert.org.au/12851
Title: ESB-2010.0479.2 - UPDATE [UNIX/Linux][Ubuntu] Ubuntu: Multiple
vulnerabilities
Date: 02 June 2010
OS: Other Linux Variants, FreeBSD, AIX, OpenBSD, SUSE, Other BSD Variants,
HP-UX, Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Solaris, HP
Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/12842
Title: ESB-2010.0458.2 - UPDATE [HP-UX] ONCPlus: Increased privileges -
Remote/unauthenticated
Date: 31 May 2010
OS: HP-UX
URL: http://www.auscert.org.au/12819
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list