[AusNOG] AusCERT Week in Review - Week Ending 5/3/2010 (AUSCERT#20073f686)
Daniel McNamara
daniel at auscert.org.au
Fri Mar 5 16:06:33 EST 2010
AusCERT Week in Review
05 March 2010
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2010.0072 - [Win][UNIX/Linux] libpng: Denial of service - Remote
with user interaction
Date: 04 March 2010
URL: http://www.auscert.org.au/12487
Title: ASB-2010.0069 - [Win][UNIX/Linux] BIND 9.6.x: Multiple
vulnerabilities
Date: 03 March 2010
URL: http://www.auscert.org.au/12473
Title: ASB-2010.0070 - [Win][UNIX/Linux] Apache HTTP: Denial of service -
Remote/unauthenticated
Date: 03 March 2010
URL: http://www.auscert.org.au/12474
Title: ASB-2010.0071 - [Linux] McAfee LinuxShield 1.5 and prior: Root
compromise - Existing account
Date: 03 March 2010
URL: http://www.auscert.org.au/12476
Title: ASB-2010.0067 - [Win][Linux][Solaris][AIX] IBM Lotus iNotes: Execute
arbitrary code/commands - Remote with user interaction
Date: 02 March 2010
URL: http://www.auscert.org.au/12470
Title: ASB-2010.0068 - [Win][UNIX/Linux] IBM Informix & EMC NetWorker:
Execute
arbitrary code/commands - Remote/unauthenticated
Date: 02 March 2010
URL: http://www.auscert.org.au/12471
Title: ASB-2010.0064 - [Win][UNIX/Linux] PHP 5.2.x prior to 5.2.13: Reduced
security - Remote/unauthenticated
Date: 01 March 2010
URL: http://www.auscert.org.au/12463
Title: ASB-2010.0065 - [Win][Linux][AIX] Hitachi Cosminexus Products and
uCosminexus Portal Framework: Cross-site scripting - Remote with user
interaction
Date: 01 March 2010
URL: http://www.auscert.org.au/12464
Title: ASB-2010.0066 - [Win] JP1/Cm2/Network Node Manager: Overwrite
arbitrary
files - Existing account
Date: 01 March 2010
URL: http://www.auscert.org.au/12465
External Security Bulletins:
----------------------------
Title: ESB-2010.0227 - [Win] KeyView SDK: Execute arbitrary code/commands -
Remote with user interaction
Date: 05 March 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/12492
Title: ESB-2010.0226 - [UNIX/Linux][Mandriva] pam_krb5: Reduced security -
Remote/unauthenticated
Date: 05 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12491
Title: ESB-2010.0225 - [SUSE] Firefox/Seamonkey: Multiple vulnerabilities
Date: 05 March 2010
OS: SUSE
URL: http://www.auscert.org.au/12490
Title: ESB-2010.0224 - [VMware ESX][RedHat] VMware ESX: Multiple
vulnerabilities
Date: 05 March 2010
OS: Red Hat Linux, Virtualisation
URL: http://www.auscert.org.au/12489
Title: ESB-2010.0223 - [Win][UNIX/Linux] Drupal core: Multiple
vulnerabilities
Date: 04 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12488
Title: ESB-2010.0222 - [Win][UNIX/Linux] Drupal Third-party modules: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 04 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12486
Title: ESB-2010.0221 - [SUSE] kernel: Multiple vulnerabilities
Date: 04 March 2010
OS: SUSE
URL: http://www.auscert.org.au/12485
Title: ESB-2010.0220 - [AIX] xntpd: Denial of service -
Remote/unauthenticated
Date: 04 March 2010
OS: AIX
URL: http://www.auscert.org.au/12484
Title: ESB-2010.0219 - [Cisco] Cisco Digital Media Manager: Multiple
vulnerabilities
Date: 04 March 2010
OS: Cisco Products
URL: http://www.auscert.org.au/12483
Title: ESB-2010.0218 - [Cisco] Cisco Unified Communications Manager: Denial
of
service - Remote/unauthenticated
Date: 04 March 2010
OS: Cisco Products
URL: http://www.auscert.org.au/12482
Title: ESB-2010.0217 - [Cisco] Cisco Digital Media Player: Provide
misleading
information - Remote/unauthenticated
Date: 04 March 2010
OS: Cisco Products
URL: http://www.auscert.org.au/12481
Title: ESB-2010.0216 - [UNIX/Linux][Debian] cups: Execute arbitrary
code/commands - Existing account
Date: 04 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/12480
Title: ESB-2010.0215 - [RedHat] java-1.5.0-ibm: Unauthorised access - Remote
with user interaction
Date: 04 March 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12479
Title: ESB-2010.0214 - [RedHat] cups: Denial of service -
Remote/unauthenticated
Date: 04 March 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12478
Title: ESB-2010.0213.2 - UPDATE [Win] Luxology Modo 401 : Execute arbitrary
code/commands - Remote with user interaction
Date: 04 March 2010
OS: Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows
XP, Windows 2003
URL: http://www.auscert.org.au/12477
Title: ESB-2010.0212 - [Win][Netware][UNIX/Linux] Novell eDirectory: Denial
of
service - Remote/unauthenticated
Date: 03 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Novell Netware, Ubuntu, Debian GNU/Linux, Windows XP,
HP-UX,
Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista,
FreeBSD, Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/12475
Title: ESB-2010.0211 - [Debian] sudo: Increased privileges - Existing
account
Date: 03 March 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/12472
Title: ESB-2010.0210 - ALERT [Win] Internet Explorer: Execute arbitrary
code/commands - Remote with user interaction
Date: 02 March 2010
OS: Windows 2003, Windows XP, Windows 2000
URL: http://www.auscert.org.au/12469
Title: ESB-2010.0209 - [RedHat] kvm: Multiple vulnerabilities
Date: 02 March 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12468
Title: ESB-2010.0208 - [RedHat] systemtap: Multiple vulnerabilities
Date: 02 March 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12467
Title: ESB-2010.0207 - [Debian] linux-2.6.24: Multiple vulnerabilities
Date: 01 March 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/12466
Title: ESB-2010.0206 - [UNIX/Linux] Asterisk: Unauthorised access -
Remote/unauthenticated
Date: 01 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12462
Title: ESB-2010.0205 - [UNIX/Linux][Debian] samba: Denial of service -
Existing account
Date: 01 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/12461
Title: ESB-2010.0204.2 - UPDATE [UNIX/Linux][RedHat] sudo: Multiple
vulnerabilities
Date: 02 March 2010
OS: Debian GNU/Linux, Mac OS X, Red Hat Linux, Solaris, HP Tru64 UNIX,
IRIX, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12460
Title: ESB-2010.0011.2 - UPDATE [VMware ESX][RedHat] VMWare ESX and vMA:
Multiple vulnerabilities
Date: 05 March 2010
OS: Virtualisation, Red Hat Linux
URL: http://www.auscert.org.au/12195
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100305/93e082e3/attachment.html>
More information about the AusNOG
mailing list