[AusNOG] AusCERT Week in Review - Week Ending 05/11/2010 (AUSCERT#20073F686)
Richard Billington
richard at auscert.org.au
Fri Nov 5 17:23:47 EST 2010
AusCERT Week in Review
05 November 2010
AusCERT in the Media:
- - ---------------------
Papers, Articles and other documents:
- - -------------------------------------
Web Log Entries:
- - ----------------
Alerts, Advisories and Updates:
- - -------------------------------
Title: ASB-2010.0237 - [Win][Linux][OSX] Google Chrome prior to 7.0.517.44:
Execute arbitrary code/commands - Remote with user interaction
Date: 05 November 2010
URL: http://www.auscert.org.au/13569
Title: ASB-2010.0236 - [Linux][BSD][Solaris] ISC DHCP Server: Denial of
service - Remote/unauthenticated
Date: 04 November 2010
URL: http://www.auscert.org.au/13565
Title: ASB-2010.0235 - [Win][UNIX/Linux] Intel Xeon 5500 and 5600 Series
Firmware: Increased privileges - Remote/unauthenticated
Date: 03 November 2010
URL: http://www.auscert.org.au/13561
External Security Bulletins:
- - ----------------------------
Title: ESB-2010.1005 - [Win][UNIX/Linux] Bugzilla: Multiple vulnerabilities
Date: 05 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13568
Title: ESB-2010.1004 - [Win][Linux][Mobile][Solaris][OSX] Adobe Flash Player:
Multiple vulnerabilities
Date: 05 November 2010
OS: Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Debian
GNU/Linux, Ubuntu, Windows XP, SUSE, Windows 2000, Windows Vista, Other
Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13567
Title: ESB-2010.1003 - ALERT [Win] Internet Explorer: Execute arbitrary
code/commands - Remote with user interaction
Date: 04 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13566
Title: ESB-2010.1002 - [SUSE] SUSE: Multiple vulnerabilities
Date: 04 November 2010
OS: SUSE
URL: http://www.auscert.org.au/13564
Title: ESB-2010.1001 - [SUSE] kernel: Multiple vulnerabilities
Date: 04 November 2010
OS: SUSE
URL: http://www.auscert.org.au/13563
Title: ESB-2010.1000 - [RedHat] mysql: Multiple vulnerabilities
Date: 04 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13562
Title: ESB-2010.0999 - [UNIX/Linux] ProFTPD: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 03 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/13560
Title: ESB-2010.0998 - [Win][UNIX/Linux][Mandriva] php: Multiple
vulnerabilities
Date: 02 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13559
Title: ESB-2010.0997 - [Win][UNIX/Linux][Mandriva] python: Multiple
vulnerabilities
Date: 02 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13558
Title: ESB-2010.0996 - [UNIX/Linux][RedHat] pam: Multiple vulnerabilities
Date: 02 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/13557
Title: ESB-2010.0995 - [RedHat] Red Hat Enterprise Linux 3: End of Life
Date: 02 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13556
Title: ESB-2010.0994 - [Debian] xulrunner: Multiple vulnerabilities
Date: 02 November 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13555
Title: ESB-2010.0993 - [Debian] nss: Multiple vulnerabilities
Date: 02 November 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13554
Title: ESB-2010.0992 - [Linux] HP Insight Control: Cross-site request forgery
- Remote with user interaction
Date: 01 November 2010
OS: Red Hat Linux, SUSE, Other Linux Variants, Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/13553
Title: ESB-2010.0991 - [Win] HP Insight Orchestration Software: Multiple
vulnerabilities
Date: 01 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13552
Title: ESB-2010.0990 - [Win] HP Insight Managed System Setup Wizard: Access
privileged data - Remote/unauthenticated
Date: 01 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13551
Title: ESB-2010.0989 - [Win] HP Insight Recovery: Multiple vulnerabilities
Date: 01 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13550
Title: ESB-2010.0988 - [Win] HP Insight Control Performance Management:
Multiple vulnerabilities
Date: 01 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13549
Title: ESB-2010.0987.2 - UPDATE [Win][OSX] Shockwave Player 11.5.8.612 and
prior: Execute arbitrary code/commands - Remote with user interaction
Date: 01 November 2010
OS: Mac OS X, Windows Server 2008, Windows Vista, Windows 7, Windows 2000,
Windows XP, Windows 2003
URL: http://www.auscert.org.au/13548
Title: ESB-2010.0969.2 - UPDATE [Win] HP Insight Control Virtual Machine
Management: Multiple vulnerabilities
Date: 01 November 2010
OS: Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows
XP, HP-UX, Windows 2003
URL: http://www.auscert.org.au/13527
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list