[AusNOG] AusCERT Week in Review - Week Ending 5/3/2010 (AUSCERT#20073f686)

Daniel McNamara daniel at auscert.org.au
Fri Mar 5 16:06:33 EST 2010


AusCERT Week in Review

05 March 2010

 

Alerts, Advisories and Updates:

-------------------------------

Title: ASB-2010.0072 - [Win][UNIX/Linux] libpng: Denial of service - Remote

       with user interaction 

Date:  04 March 2010

URL:   http://www.auscert.org.au/12487

 

Title: ASB-2010.0069 - [Win][UNIX/Linux] BIND 9.6.x: Multiple
vulnerabilities 

Date:  03 March 2010

URL:   http://www.auscert.org.au/12473

 

Title: ASB-2010.0070 - [Win][UNIX/Linux] Apache HTTP: Denial of service -

       Remote/unauthenticated 

Date:  03 March 2010

URL:   http://www.auscert.org.au/12474

 

Title: ASB-2010.0071 - [Linux] McAfee LinuxShield 1.5 and prior: Root

       compromise - Existing account 

Date:  03 March 2010

URL:   http://www.auscert.org.au/12476

 

Title: ASB-2010.0067 - [Win][Linux][Solaris][AIX] IBM Lotus iNotes: Execute

       arbitrary code/commands - Remote with user interaction 

Date:  02 March 2010

URL:   http://www.auscert.org.au/12470

 

Title: ASB-2010.0068 - [Win][UNIX/Linux] IBM Informix & EMC NetWorker:
Execute

       arbitrary code/commands - Remote/unauthenticated 

Date:  02 March 2010

URL:   http://www.auscert.org.au/12471

 

Title: ASB-2010.0064 - [Win][UNIX/Linux] PHP 5.2.x prior to 5.2.13: Reduced

       security - Remote/unauthenticated 

Date:  01 March 2010

URL:   http://www.auscert.org.au/12463

 

Title: ASB-2010.0065 - [Win][Linux][AIX] Hitachi Cosminexus Products and

       uCosminexus Portal Framework: Cross-site scripting - Remote with user

       interaction 

Date:  01 March 2010

URL:   http://www.auscert.org.au/12464

 

Title: ASB-2010.0066 - [Win] JP1/Cm2/Network Node Manager: Overwrite
arbitrary

       files - Existing account 

Date:  01 March 2010

URL:   http://www.auscert.org.au/12465

 

 

External Security Bulletins:

----------------------------

Title: ESB-2010.0227 - [Win] KeyView SDK: Execute arbitrary code/commands -

       Remote with user interaction 

Date:  05 March 2010

OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,

       Windows Server 2008 

URL:   http://www.auscert.org.au/12492

 

Title: ESB-2010.0226 - [UNIX/Linux][Mandriva] pam_krb5: Reduced security -

       Remote/unauthenticated 

Date:  05 March 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian

       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,

       Other Linux Variants 

URL:   http://www.auscert.org.au/12491

 

Title: ESB-2010.0225 - [SUSE] Firefox/Seamonkey: Multiple vulnerabilities 

Date:  05 March 2010

OS:    SUSE 

URL:   http://www.auscert.org.au/12490

 

Title: ESB-2010.0224 - [VMware ESX][RedHat] VMware ESX: Multiple

       vulnerabilities 

Date:  05 March 2010

OS:    Red Hat Linux, Virtualisation 

URL:   http://www.auscert.org.au/12489

 

Title: ESB-2010.0223 - [Win][UNIX/Linux] Drupal core: Multiple
vulnerabilities

Date:  04 March 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,

       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD

       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,

       Other Linux Variants, Windows Server 2008 

URL:   http://www.auscert.org.au/12488

 

Title: ESB-2010.0222 - [Win][UNIX/Linux] Drupal Third-party modules: Execute

       arbitrary code/commands - Remote/unauthenticated 

Date:  04 March 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,

       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD

       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,

       Other Linux Variants, Windows Server 2008 

URL:   http://www.auscert.org.au/12486

 

Title: ESB-2010.0221 - [SUSE] kernel: Multiple vulnerabilities 

Date:  04 March 2010

OS:    SUSE 

URL:   http://www.auscert.org.au/12485

 

Title: ESB-2010.0220 - [AIX] xntpd: Denial of service -
Remote/unauthenticated

Date:  04 March 2010

OS:    AIX 

URL:   http://www.auscert.org.au/12484

 

Title: ESB-2010.0219 - [Cisco] Cisco Digital Media Manager: Multiple

       vulnerabilities 

Date:  04 March 2010

OS:    Cisco Products 

URL:   http://www.auscert.org.au/12483

 

Title: ESB-2010.0218 - [Cisco] Cisco Unified Communications Manager: Denial
of

       service - Remote/unauthenticated 

Date:  04 March 2010

OS:    Cisco Products 

URL:   http://www.auscert.org.au/12482

 

Title: ESB-2010.0217 - [Cisco] Cisco Digital Media Player: Provide
misleading

       information - Remote/unauthenticated 

Date:  04 March 2010

OS:    Cisco Products 

URL:   http://www.auscert.org.au/12481

 

Title: ESB-2010.0216 - [UNIX/Linux][Debian] cups: Execute arbitrary

       code/commands - Existing account 

Date:  04 March 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian

       GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,

       FreeBSD, Other Linux Variants 

URL:   http://www.auscert.org.au/12480

 

Title: ESB-2010.0215 - [RedHat] java-1.5.0-ibm: Unauthorised access - Remote

       with user interaction 

Date:  04 March 2010

OS:    Red Hat Linux 

URL:   http://www.auscert.org.au/12479

 

Title: ESB-2010.0214 - [RedHat] cups: Denial of service -

       Remote/unauthenticated 

Date:  04 March 2010

OS:    Red Hat Linux 

URL:   http://www.auscert.org.au/12478

 

Title: ESB-2010.0213.2 - UPDATE [Win] Luxology Modo 401 : Execute arbitrary

       code/commands - Remote with user interaction 

Date:  04 March 2010

OS:    Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows

       XP, Windows 2003 

URL:   http://www.auscert.org.au/12477

 

Title: ESB-2010.0212 - [Win][Netware][UNIX/Linux] Novell eDirectory: Denial
of

       service - Remote/unauthenticated 

Date:  03 March 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,

       Mac OS X, Novell Netware, Ubuntu, Debian GNU/Linux, Windows XP,
HP-UX,

       Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista,

       FreeBSD, Windows Server 2008, Other Linux Variants 

URL:   http://www.auscert.org.au/12475

 

Title: ESB-2010.0211 - [Debian] sudo: Increased privileges - Existing
account 

Date:  03 March 2010

OS:    Debian GNU/Linux 

URL:   http://www.auscert.org.au/12472

 

Title: ESB-2010.0210 - ALERT [Win] Internet Explorer: Execute arbitrary

       code/commands - Remote with user interaction 

Date:  02 March 2010

OS:    Windows 2003, Windows XP, Windows 2000 

URL:   http://www.auscert.org.au/12469

 

Title: ESB-2010.0209 - [RedHat] kvm: Multiple vulnerabilities 

Date:  02 March 2010

OS:    Red Hat Linux 

URL:   http://www.auscert.org.au/12468

 

Title: ESB-2010.0208 - [RedHat] systemtap: Multiple vulnerabilities 

Date:  02 March 2010

OS:    Red Hat Linux 

URL:   http://www.auscert.org.au/12467

 

Title: ESB-2010.0207 - [Debian] linux-2.6.24: Multiple vulnerabilities 

Date:  01 March 2010

OS:    Debian GNU/Linux 

URL:   http://www.auscert.org.au/12466

 

Title: ESB-2010.0206 - [UNIX/Linux] Asterisk: Unauthorised access -

       Remote/unauthenticated 

Date:  01 March 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian

       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,

       Other Linux Variants 

URL:   http://www.auscert.org.au/12462

 

Title: ESB-2010.0205 - [UNIX/Linux][Debian] samba: Denial of service -

       Existing account 

Date:  01 March 2010

OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian

       GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,

       FreeBSD, Other Linux Variants 

URL:   http://www.auscert.org.au/12461

 

Title: ESB-2010.0204.2 - UPDATE [UNIX/Linux][RedHat] sudo: Multiple

       vulnerabilities 

Date:  02 March 2010

OS:    Debian GNU/Linux, Mac OS X, Red Hat Linux, Solaris, HP Tru64 UNIX,

       IRIX, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,

       Other Linux Variants 

URL:   http://www.auscert.org.au/12460

 

Title: ESB-2010.0011.2 - UPDATE [VMware ESX][RedHat] VMWare ESX and vMA:

       Multiple vulnerabilities 

Date:  05 March 2010

OS:    Virtualisation, Red Hat Linux 

URL:   http://www.auscert.org.au/12195

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100305/93e082e3/attachment.html>


More information about the AusNOG mailing list