[AusNOG] AusCERT Week in Review - Week Ending 12/11/2010
Jonathan Levine
jonathan at auscert.org.au
Fri Nov 12 16:42:49 EST 2010
AusCERT Week in Review
12 November 2010
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2010.0237.2 - UPDATE [Win][Linux][OSX] Google Chrome prior to
7.0.517.44: Multiple vulnerabilities
Date: 08 November 2010
URL: http://www.auscert.org.au/13569
External Security Bulletins:
- ----------------------------
Title: ESB-2010.1041 - [Win][UNIX/Linux] Drupal Third-party modules:
Cross-site request forgery - Remote with user interaction
Date: 12 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13608
Title: ESB-2010.1040 - [SUSE] kernel: Multiple vulnerabilities
Date: 12 November 2010
OS: SUSE
URL: http://www.auscert.org.au/13607
Title: ESB-2010.1039 - [OSX] Mac OS X: Multiple vulnerabilities
Date: 11 November 2010
OS: Mac OS X
URL: http://www.auscert.org.au/13606
Title: ESB-2010.1038 - [FreeBSD] pseudofs: Root compromise - Existing
account
Date: 11 November 2010
OS: FreeBSD
URL: http://www.auscert.org.au/13605
Title: ESB-2010.1037 - [RedHat] java-1.5.0-ibm: Multiple vulnerabilities
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13604
Title: ESB-2010.1036 - [RedHat] glibc: Increased privileges - Existing
account
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13603
Title: ESB-2010.1035 - [RedHat] flash-plugin: Multiple vulnerabilities
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13602
Title: ESB-2010.1034 - [RedHat] cups: Denial of service -
Remote/unauthenticated
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13601
Title: ESB-2010.1033 - [RedHat] java-1.6.0-openjdk: Multiple vulnerabilities
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13600
Title: ESB-2010.1032 - [RedHat] freetype: Multiple vulnerabilities
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13599
Title: ESB-2010.1031 - [RedHat] krb5: Execute arbitrary code/commands -
Existing account
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13598
Title: ESB-2010.1030 - [RedHat] nss: Provide misleading information - Remote
with user interaction
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13597
Title: ESB-2010.1029 - [RedHat] firefox: Multiple vulnerabilities
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13596
Title: ESB-2010.1028 - [RedHat] samba: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13595
Title: ESB-2010.1027 - [RedHat] poppler: Multiple vulnerabilities
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13593
Title: ESB-2010.1026 - [RedHat] bzip2: Execute arbitrary code/commands -
Remote with user interaction
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13594
Title: ESB-2010.1025 - [RedHat] kernel: Multiple vulnerabilities
Date: 11 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13592
Title: ESB-2010.1024 - [Win][Linux] Adobe Flash Media Server: Multiple
vulnerabilities
Date: 10 November 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian GNU/Linux,
Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008,
Other Linux Variants
URL: http://www.auscert.org.au/13591
Title: ESB-2010.1023 - [RedHat] kernel: Multiple vulnerabilities
Date: 10 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13590
Title: ESB-2010.1022 - [Win][Netware][Linux] Novell Groupwise: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 10 November 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Novell Netware, Ubuntu,
Debian
GNU/Linux, Windows XP, SUSE, Windows 2000, Windows Vista, Windows
Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13589
Title: ESB-2010.1021 - [Win][RedHat][HP-UX][Solaris][AIX][SUSE] IBM Tivoli
Directory Server: Denial of service - Remote/unauthenticated
Date: 10 November 2010
OS: Solaris, Windows 2003, Windows XP, HP-UX, SUSE, Windows 2000, Windows
7, AIX, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/13588
Title: ESB-2010.1020 - [Win][Linux][HP-UX][Solaris][AIX] IBM WebSphere
Application Server: Denial of service - Remote with user interaction
Date: 10 November 2010
OS: Solaris, Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian
GNU/Linux, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13587
Title: ESB-2010.1019 - [Win] Forefront Unified Access Gateway: Multiple
vulnerabilities
Date: 10 November 2010
OS: Windows Server 2008
URL: http://www.auscert.org.au/13586
Title: ESB-2010.1018 - [Win][Mac][OSX] Microsoft Office: Execute arbitrary
code/commands - Remote with user interaction
Date: 10 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008, Mac OS X
URL: http://www.auscert.org.au/13585
Title: ESB-2010.1017 - ALERT [Win][OSX] Microsoft Office: Execute arbitrary
code/commands - Remote with user interaction
Date: 10 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008, Mac OS X
URL: http://www.auscert.org.au/13584
Title: ESB-2010.1016 - [Win][Netware][Linux] Novell GroupWise: Administrator
compromise - Remote/unauthenticated
Date: 09 November 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Novell Netware, Ubuntu,
Debian
GNU/Linux, Windows XP, SUSE, Windows 2000, Windows Vista, Windows
Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13581
Title: ESB-2010.1015 - [Win][UNIX/Linux] SAP NetWeaver: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 09 November 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13580
Title: ESB-2010.1014 - [SUSE][OpenSUSE] Firefox, Seamonkey and Thunderbird:
Multiple vulnerabilities
Date: 09 November 2010
OS: SUSE
URL: http://www.auscert.org.au/13579
Title: ESB-2010.1013 - [RedHat] rhpki and pki: Multiple vulnerabilities
Date: 09 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13578
Title: ESB-2010.1012 - [RedHat] flash-plugin: Multiple vulnerabilities
Date: 09 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13577
Title: ESB-2010.1011 - ALERT [Win][Mac][OSX] Microsoft Security Bulletin
Advance Notification for November 2010
Date: 08 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac
OS X, Windows Server 2008
URL: http://www.auscert.org.au/13576
Title: ESB-2010.1010 - [Win] Cisco ICM Setup Manager: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 08 November 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13575
Title: ESB-2010.1009 - [Juniper] Juniper Secure Access Series: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 08 November 2010
URL: http://www.auscert.org.au/13574
Title: ESB-2010.1008 - [Win] Novell ZENworks Handheld Management: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 08 November 2010
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/13573
Title: ESB-2010.1007 - [SUSE][OpenSUSE] flash-player: Multiple
vulnerabilities
Date: 08 November 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/13572
Title: ESB-2010.1006 - [RedHat] flash-plugin: Multiple vulnerabilities
Date: 08 November 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13571
Title: ESB-2010.0965.2 - UPDATE [Win][Linux][HP-UX][Solaris][AIX] IBM
WebSphere Application Server: Multiple vulnerabilities
Date: 10 November 2010
OS: Windows Server 2008, Other Linux Variants, Windows Vista, AIX,
Windows
2000, SUSE, HP-UX, Windows XP, Ubuntu, Debian GNU/Linux, Windows 7,
Red
Hat Linux, Windows 2003, Solaris
URL: http://www.auscert.org.au/13523
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list