[AusNOG] AusCERT Week in Review - Week Ending 18/06/2010 (AUSCERT#20073f686)
Daniel McNamara
daniel at auscert.org.au
Fri Jun 18 15:14:05 EST 2010
AusCERT Week in Review
18 June 2010
Papers, Articles and other documents:
-------------------------------------
Title: AusCERT Malicious Feed XML Description
Date: 15 June 2010
URL: http://www.auscert.org.au/12928
Title: AusCERT Malicious Feed Other Description
Date: 15 June 2010
URL: http://www.auscert.org.au/12929
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2010.0147 - [Linux][BSD][Solaris] ISC DHCP: Denial of service -
Remote/unauthenticated
Date: 14 June 2010
URL: http://www.auscert.org.au/12922
Title: ASB-2010.0148 - [Win][UNIX/Linux] UnrealIRCd: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 14 June 2010
URL: http://www.auscert.org.au/12923
Title: ASB-2010.0149 - [Win][UNIX/Linux] libtiff: Execute arbitrary
code/commands - Remote with user interaction
Date: 14 June 2010
URL: http://www.auscert.org.au/12924
External Security Bulletins:
----------------------------
Title: ESB-2010.0551 - [Win][UNIX/Linux] Drupal Third Party-Modules:
Cross-site scripting - Remote with user interaction
Date: 18 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12945
Title: ESB-2010.0550 - [UNIX/Linux][RedHat] cups: Multiple vulnerabilities
Date: 18 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12944
Title: ESB-2010.0549 - [RedHat] java-1.5.0-ibm: Multiple vulnerabilities
Date: 18 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12943
Title: ESB-2010.0548 - [HP-UX] PHP: Multiple vulnerabilities
Date: 18 June 2010
OS: HP-UX
URL: http://www.auscert.org.au/12942
Title: ESB-2010.0547 - [HP-UX] Tomcat Servlet Engine: Multiple
vulnerabilities
Date: 18 June 2010
OS: HP-UX
URL: http://www.auscert.org.au/12941
Title: ESB-2010.0546 - [UNIX/Linux][Debian] pmount: Overwrite arbitrary
files
- Existing account
Date: 18 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/12940
Title: ESB-2010.0545 - [Debian] sudo: Increased privileges - Existing
account
Date: 18 June 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/12939
Title: ESB-2010.0544 - [Win][UNIX/Linux] Drupal Third Party-Modules:
Cross-site scripting - Remote with user interaction
Date: 17 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12938
Title: ESB-2010.0543 - [AIX] OpenSSH: Provide misleading information -
Remote
with user interaction
Date: 17 June 2010
OS: AIX
URL: http://www.auscert.org.au/12937
Title: ESB-2010.0542 - [OpenVMS] HP SSL: Multiple vulnerabilities
Date: 17 June 2010
OS: HP-UX
URL: http://www.auscert.org.au/12936
Title: ESB-2010.0541 - ALERT [RedHat] samba: Root compromise -
Remote/unauthenticated
Date: 17 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12935
Title: ESB-2010.0540 - ALERT [UNIX/Linux][Debian] samba: Root compromise -
Remote/unauthenticated
Date: 17 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/12934
Title: ESB-2010.0539 - ALERT [Win] iTunes: Multiple vulnerabilities
Date: 17 June 2010
OS: Windows XP, Windows 7, Windows Vista
URL: http://www.auscert.org.au/12933
Title: ESB-2010.0538 - [UNIX/Linux][RedHat] sudo: Increased privileges -
Existing account
Date: 16 June 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12932
Title: ESB-2010.0537 - [RedHat] kernel: Multiple vulnerabilities
Date: 16 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12931
Title: ESB-2010.0536 - ALERT [Mac][OSX] Mac OS X: Multiple vulnerabilities
Date: 16 June 2010
OS: Mac OS X
URL: http://www.auscert.org.au/12930
Title: ESB-2010.0535 - [RedHat] Red Hat Network Satellite Server IBM Java
Runtime: Multiple vulnerabilities
Date: 15 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12927
Title: ESB-2010.0534 - [RedHat] flash-plugin: Multiple vulnerabilities
Date: 15 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12926
Title: ESB-2010.0533 - [SUSE] SUSE: Multiple vulnerabilities
Date: 15 June 2010
OS: SUSE
URL: http://www.auscert.org.au/12925
Title: ESB-2010.0532 - [Appliance] Zero Day Initiative: Access confidential
data - Remote/unauthenticated
Date: 14 June 2010
URL: http://www.auscert.org.au/12921
Title: ESB-2010.0531 - [Win][Netware][Mac][OSX] mod_proxy_http: Access
confidential data - Remote/unauthenticated
Date: 14 June 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac
OS X, Windows Server 2008, Novell Netware
URL: http://www.auscert.org.au/12920
Title: ESB-2010.0530 - [Debian] cacti: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 14 June 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/12919
Title: ESB-2010.0529 - [RedHat] flash-plugin: Multiple vulnerabilities
Date: 14 June 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12918
Title: ESB-2010.0520.2 - UPDATE [Win][Linux][HP-UX][Solaris] HP OpenView
Network Node Manager: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 15 June 2010
OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, Windows Vista, Windows
Server 2008, Other Linux Variants, Solaris, Windows 2003, Red Hat
Linux, Windows 7, Debian GNU/Linux, Ubuntu, Windows XP, HP-UX, SUSE,
Windows 2000, Windows Vista, Windows Server 2008, Other Linux
Variants
URL: http://www.auscert.org.au/12901
Title: ESB-2010.0502.2 - UPDATE [Debian] bind9: Provide misleading
information
- Remote/unauthenticated
Date: 16 June 2010
OS: Debian GNU/Linux, Debian GNU/Linux
URL: http://www.auscert.org.au/12880
Title: ESB-2010.0443.2 - UPDATE [Win] HP MFP Digital Sending Software:
Unauthorised access - Existing account
Date: 14 June 2010
OS: Windows 2003, HP-UX, Windows XP, Windows 2000, Windows 7, Windows
Vista, Windows Server 2008, Windows 2003, HP-UX, Windows XP, Windows
2000, Windows 7, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/12801
Title: ESB-2010.0092.2 - UPDATE [Win][VMware ESX][Linux] VMWare: Multiple
vulnerabilities
Date: 14 June 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Debian GNU/Linux, Ubuntu,
Windows XP, Virtualisation, SUSE, Windows 2000, Windows Vista, Other
Linux Variants, Windows Server 2008, Windows 2003, Red Hat Linux,
Windows 7, Debian GNU/Linux, Ubuntu, Windows XP, Virtualisation,
SUSE,
Windows 2000, Windows Vista, Other Linux Variants, Windows Server
2008
URL: http://www.auscert.org.au/12313
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100618/07141f85/attachment.html>
More information about the AusNOG
mailing list