[AusNOG] AusCERT Week in Review - Week Ending 05/11/2010 (AUSCERT#20073F686)

Richard Billington richard at auscert.org.au
Fri Nov 5 17:23:47 EST 2010


AusCERT Week in Review
05 November 2010


AusCERT in the Media:
- - ---------------------

Papers, Articles and other documents:
- - -------------------------------------


Web Log Entries:
- - ----------------


Alerts, Advisories and Updates:
- - -------------------------------
Title: ASB-2010.0237 - [Win][Linux][OSX] Google Chrome prior to 7.0.517.44:
       Execute arbitrary code/commands - Remote with user interaction 
Date:  05 November 2010
URL:   http://www.auscert.org.au/13569

Title: ASB-2010.0236 - [Linux][BSD][Solaris] ISC DHCP Server: Denial of
       service - Remote/unauthenticated 
Date:  04 November 2010
URL:   http://www.auscert.org.au/13565

Title: ASB-2010.0235 - [Win][UNIX/Linux] Intel Xeon 5500 and 5600 Series
       Firmware: Increased privileges - Remote/unauthenticated 
Date:  03 November 2010
URL:   http://www.auscert.org.au/13561


External Security Bulletins:
- - ----------------------------
Title: ESB-2010.1005 - [Win][UNIX/Linux] Bugzilla: Multiple vulnerabilities 
Date:  05 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
       Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
       Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/13568

Title: ESB-2010.1004 - [Win][Linux][Mobile][Solaris][OSX] Adobe Flash Player:
       Multiple vulnerabilities 
Date:  05 November 2010
OS:    Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Debian
       GNU/Linux, Ubuntu, Windows XP, SUSE, Windows 2000, Windows Vista, Other
       Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13567

Title: ESB-2010.1003 - ALERT [Win] Internet Explorer: Execute arbitrary
       code/commands - Remote with user interaction 
Date:  04 November 2010
OS:    Windows 2003, Windows XP, Windows 2000, Windows Vista, Windows Server
       2008 
URL:   http://www.auscert.org.au/13566

Title: ESB-2010.1002 - [SUSE] SUSE: Multiple vulnerabilities 
Date:  04 November 2010
OS:    SUSE 
URL:   http://www.auscert.org.au/13564

Title: ESB-2010.1001 - [SUSE] kernel: Multiple vulnerabilities 
Date:  04 November 2010
OS:    SUSE 
URL:   http://www.auscert.org.au/13563

Title: ESB-2010.1000 - [RedHat] mysql: Multiple vulnerabilities 
Date:  04 November 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13562

Title: ESB-2010.0999 - [UNIX/Linux] ProFTPD: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  03 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/13560

Title: ESB-2010.0998 - [Win][UNIX/Linux][Mandriva] php: Multiple
       vulnerabilities 
Date:  02 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13559

Title: ESB-2010.0997 - [Win][UNIX/Linux][Mandriva] python: Multiple
       vulnerabilities 
Date:  02 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13558

Title: ESB-2010.0996 - [UNIX/Linux][RedHat] pam: Multiple vulnerabilities 
Date:  02 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/13557

Title: ESB-2010.0995 - [RedHat] Red Hat Enterprise Linux 3: End of Life 
Date:  02 November 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13556

Title: ESB-2010.0994 - [Debian] xulrunner: Multiple vulnerabilities 
Date:  02 November 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13555

Title: ESB-2010.0993 - [Debian] nss: Multiple vulnerabilities 
Date:  02 November 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13554

Title: ESB-2010.0992 - [Linux] HP Insight Control: Cross-site request forgery
       - Remote with user interaction 
Date:  01 November 2010
OS:    Red Hat Linux, SUSE, Other Linux Variants, Ubuntu, Debian GNU/Linux 
URL:   http://www.auscert.org.au/13553

Title: ESB-2010.0991 - [Win] HP Insight Orchestration Software: Multiple
       vulnerabilities 
Date:  01 November 2010
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/13552

Title: ESB-2010.0990 - [Win] HP Insight Managed System Setup Wizard: Access
       privileged data - Remote/unauthenticated 
Date:  01 November 2010
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/13551

Title: ESB-2010.0989 - [Win] HP Insight Recovery: Multiple vulnerabilities 
Date:  01 November 2010
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/13550

Title: ESB-2010.0988 - [Win] HP Insight Control Performance Management:
       Multiple vulnerabilities 
Date:  01 November 2010
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/13549

Title: ESB-2010.0987.2 - UPDATE [Win][OSX] Shockwave Player 11.5.8.612 and
       prior: Execute arbitrary code/commands - Remote with user interaction 
Date:  01 November 2010
OS:    Mac OS X, Windows Server 2008, Windows Vista, Windows 7, Windows 2000,
       Windows XP, Windows 2003 
URL:   http://www.auscert.org.au/13548

Title: ESB-2010.0969.2 - UPDATE [Win] HP Insight Control Virtual Machine
       Management: Multiple vulnerabilities 
Date:  01 November 2010
OS:    Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows
       XP, HP-UX, Windows 2003 
URL:   http://www.auscert.org.au/13527



===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================




More information about the AusNOG mailing list