[AusNOG] AusCERT Week in Review - Week Ending 12/03/2010 (AUSCERT#20073f686)
Daniel McNamara
daniel at auscert.org.au
Fri Mar 12 16:10:16 EST 2010
AusCERT Week in Review
12 March 2010
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2010.0076 - [Win][Linux][Mac][OSX] Skype: Execute arbitrary
code/commands - Remote with user interaction
Date: 12 March 2010
URL: http://www.auscert.org.au/12512
Title: ASB-2010.0075 - [UNIX/Linux] samba: Unauthorised access -
Unknown/unspecified
Date: 10 March 2010
URL: http://www.auscert.org.au/12504
Title: ASB-2010.0074 - ALERT [Win][Mac][OSX] Microsoft Bulletin Notification
-
March Pre-release Announcement : Execute arbitrary code/commands -
Unknown/unspecified
Date: 09 March 2010
URL: http://www.auscert.org.au/12497
Title: ASB-2010.0073 - [Win][UNIX/Linux] Apache HTTP: Multiple
vulnerabilities
Date: 08 March 2010
URL: http://www.auscert.org.au/12495
External Security Bulletins:
----------------------------
Title: ESB-2009.1051.2 - UPDATED ALERT [Win] Microsoft Virtual PC/Virtual
Server: Increased privileges - Remote/unauthenticated
Date: 10 March 2010
OS: Virtualisation
URL: http://www.auscert.org.au/11301
Title: ESB-2010.0242 - [Ubuntu] dpkg: Modify arbitrary files - Remote with
user interaction
Date: 12 March 2010
OS: Ubuntu
URL: http://www.auscert.org.au/12511
Title: ESB-2010.0241 - [UNIX/Linux][Debian] egroupware: Execute arbitrary
code/commands - Remote with user interaction
Date: 12 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/12510
Title: ESB-2010.0240 - [Linux][Debian] linux-2.6: Multiple vulnerabilities
Date: 12 March 2010
OS: Red Hat Linux, SUSE, Other Linux Variants, Debian GNU/Linux, Ubuntu
URL: http://www.auscert.org.au/12509
Title: ESB-2010.0239.2 - UPDATED ALERT [Win][Mac][OSX] Safari: Multiple
vulnerabilities
Date: 12 March 2010
OS: Mac OS X, Windows Vista, Windows 7, Windows XP
URL: http://www.auscert.org.au/12508
Title: ESB-2010.0238 - [Win][UNIX/Linux] Drupal Third-party modules:
Multiple
vulnerabilities
Date: 11 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12507
Title: ESB-2010.0237 - [Debian] dpkg: Modify arbitrary files - Remote with
user interaction
Date: 11 March 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/12506
Title: ESB-2010.0236 - [Debian] kvm: Multiple vulnerabilities
Date: 11 March 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/12505
Title: ESB-2010.0235 - [Win][Linux][HP-UX][Solaris] HP Performance Insight:
Execute arbitrary code/commands - Remote/unauthenticated
Date: 10 March 2010
OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, Windows Vista, Windows
Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/12503
Title: ESB-2010.0234 - [Win][UNIX/Linux][Debian] tdiary: Cross-site
scripting
- Remote with user interaction
Date: 10 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12502
Title: ESB-2010.0233.2 - UPDATED ALERT [Win] Internet Explorer: Execute
arbitrary code/commands - Remote with user interaction
Date: 10 March 2010
OS: Windows Server 2008, Windows Vista, Windows 2000, Windows XP, Windows
2003
URL: http://www.auscert.org.au/12501
Title: ESB-2010.0232 - [Win][Mac][OSX] Microsoft Office Excel: Execute
arbitrary code/commands - Remote with user interaction
Date: 10 March 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac
OS X, Windows Server 2008
URL: http://www.auscert.org.au/12500
Title: ESB-2010.0231 - [Win] Windows Movie Maker: Execute arbitrary
code/commands - Remote with user interaction
Date: 10 March 2010
OS: Windows Vista, Windows XP, Windows 7
URL: http://www.auscert.org.au/12499
Title: ESB-2010.0230 - [Win][UNIX/Linux][Debian] TYPO3: Cross-site scripting
-
Remote with user interaction
Date: 09 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12498
Title: ESB-2010.0229 - [UNIX/Linux][Ubuntu] gnome-screensaver: Unauthorised
access - Console/physical
Date: 09 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12496
Title: ESB-2010.0228 - [Win][RedHat][HP-UX][Solaris] CA SiteMinder:
Cross-site
scripting - Remote with user interaction
Date: 08 March 2010
OS: Solaris, Windows 2003, Windows XP, HP-UX, Windows 2000, Windows 7,
Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/12494
Title: ESB-2010.0167 -- [Win][VMware ESX][Linux] -- VirtualCenter Update 4
and
ESX patch update Tomcat to version 5.5.27
Date: 09 March 2010
OS: Windows Vista, Red Hat Linux, Windows Server 2008, Virtualisation,
Windows XP, Other Linux Variants, Windows 2000, Windows 2003, Debian
GNU/Linux, Ubuntu
URL: http://www.auscert.org.au/10543
Title: ESB-2010.0163.2 - UPDATE [VMware ESX] VMware ESX 3.5: Denial of
service
- Remote/unauthenticated
Date: 09 March 2010
OS: Virtualisation
URL: http://www.auscert.org.au/12406
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100312/787b9b90/attachment.html>
More information about the AusNOG
mailing list