[AusNOG] AusCERT Week in Review - Week Ending 26/11/2010 (AUSCERT#20073f686)

Jonathan Levine jonathan at auscert.org.au
Fri Nov 26 16:28:57 EST 2010 

AusCERT Week in Review
26 November 2010

Web Log Entries:
- ----------------
Title: AusCERT Week in Review for 26th November 2010 
Date:  26 November 2010
URL:   http://www.auscert.org.au/13646

Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2010.0239 - [Win][UNIX/Linux] Horde, Horde Groupware, Horde
       Groupware Webmail Edition: Cross-site scripting - Remote with user
       interaction 
Date:  24 November 2010
URL:   http://www.auscert.org.au/13642

Title: ASB-2010.0238 - [Win][UNIX/Linux] Wireshark: Denial of service -
Remote
       with user interaction 
Date:  22 November 2010
URL:   http://www.auscert.org.au/13633

External Security Bulletins:
- ----------------------------
Title: ESB-2010.1074 - [Win][UNIX/Linux][Mandriva] mono: Increased
privileges
       - Existing account 
Date:  26 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13645

Title: ESB-2010.1073 - [HP-UX] CIFS Server (Samba): Execute arbitrary
       code/commands - Remote/unauthenticated 
Date:  25 November 2010
OS:    HP-UX 
URL:   http://www.auscert.org.au/13644

Title: ESB-2010.1072 - [HP-UX] Apache Tomcat: Multiple vulnerabilities 
Date:  25 November 2010
OS:    HP-UX 
URL:   http://www.auscert.org.au/13643

Title: ESB-2010.1071 - [Appliance] RSA Adaptive Authentication: Cross-site
       scripting - Remote with user interaction 
Date:  24 November 2010
URL:   http://www.auscert.org.au/13641

Title: ESB-2010.1070 - [RedHat] postgresql: Execute arbitrary code/commands
-
       Existing account 
Date:  24 November 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13640

Title: ESB-2010.1069 - [RedHat] kernel: Execute arbitrary code/commands -
       Existing account 
Date:  24 November 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13639

Title: ESB-2010.1068 - [Debian] openssl: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  24 November 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13638

Title: ESB-2010.1067 - [Appliance][Apple iOS] Apple TV 4.0: Multiple
       vulnerabilities 
Date:  23 November 2010
OS:    Apple iOS 
URL:   http://www.auscert.org.au/13637

Title: ESB-2010.1066 - [Apple iOS] Apple iOS: Multiple vulnerabilities 
Date:  23 November 2010
OS:    Apple iOS 
URL:   http://www.auscert.org.au/13636

Title: ESB-2010.1065 - [Debian] openssl: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  23 November 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13635

Title: ESB-2010.1064 - [Win][UNIX/Linux] Apache Tomcat: Cross-site scripting
-
       Remote with user interaction 
Date:  23 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13634

Title: ESB-2010.1063 - [Win][UNIX/Linux][Mandriva] php: Denial of service -
       Remote with user interaction 
Date:  22 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13632

Title: ESB-2010.1059.2 - UPDATED ALERT [Cisco] Cisco Unified
Videoconferencing
       Products: Multiple vulnerabilities 
Date:  23 November 2010
OS:    Cisco Products 
URL:   http://www.auscert.org.au/13627

Title: ESB-2010.1008.2 - UPDATE [Win] Novell ZENworks Handheld Management:
       Execute arbitrary code/commands - Remote/unauthenticated 
Date:  23 November 2010
OS:    Windows 2000, Windows 2003 
URL:   http://www.auscert.org.au/13573

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

More information about the AusNOG mailing list