[AusNOG] AusCERT Week in Review - Week Ending 15/10/2010 (AUSCERT#20073f686)
Daniel McNamara
daniel at auscert.org.au
Fri Oct 15 16:50:17 EST 2010
AusCERT Week in Review
15 October 2010
Greetings,
As was warned last week there was a lot of patching work to be done this
week:
- Microsoft pushed the bulletins it promised last week which covered
virtually every aspect
of Microsoft software. The good news is that none of the flaws fixed in
the 16 bulletins were
being actively exploited prior to the patch release. The patch of primary
concern for
organisations should be the cumulative patch for all versions of Internet
Explorer. [1]
- Not to be outdone, Oracle released its quarterly patch update covering 81
flaws in total, 30 of
which could be exploited remotely and without authentication. These
patches covered the whole
gamut of Oracle and Sun products. [2]
- Once this excitement died down things returned to normal with the most
interesting item being a PDF
code execution vulnerability in BlackBerry Enterprise Server. [3]
Have an enjoyable weekend!
- Daniel
[1] ESB-2010.0907 - ALERT [Win] Microsoft Internet Explorer: Multiple
vulnerabilities
http://www.auscert.org.au/13452
[2] ASB-2010.0222.2 - UPDATED ALERT [Win][UNIX/Linux][Solaris] Multiple
Oracle Products: Unknown/unspecified - Remote/unauthenticated
https://www.auscert.org.au/it=13449
[3] ASB-2010.0226 - [Win] BlackBerry Enterprise Server: Execute arbitrary
code/commands - Remote with user interaction
https://www.auscert.org.au/13477
Papers, Articles and other documents:
-------------------------------------
Title: AusCERT Certificate Service Update - April 2010
Date: 14 October 2010
URL: http://www.auscert.org.au/13475
Title: AusCERT Certificate Service Update - September 2010
Date: 14 October 2010
URL: http://www.auscert.org.au/13476
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2010.0226 - [Win] BlackBerry Enterprise Server: Execute arbitrary
code/commands - Remote with user interaction
Date: 14 October 2010
URL: http://www.auscert.org.au/13477
Title: ASB-2010.0222.2 - UPDATED ALERT [Win][UNIX/Linux][Solaris] Multiple
Oracle Products: Unknown/unspecified - Remote/unauthenticated
Date: 13 October 2010
URL: http://www.auscert.org.au/13449
Title: ASB-2010.0224 - [Win][UNIX/Linux] Opera prior to 10.63: Execute
arbitrary code/commands - Remote with user interaction
Date: 13 October 2010
URL: http://www.auscert.org.au/13471
Title: ASB-2010.0225 - [Win][UNIX/Linux] Java SE and Java for Business:
Unknown/unspecified - Remote/unauthenticated
Date: 13 October 2010
URL: http://www.auscert.org.au/13472
Title: ASB-2010.0223 - [Win][UNIX/Linux] wireshark: Denial of service -
Remote
with user interaction
Date: 12 October 2010
URL: http://www.auscert.org.au/13451
External Security Bulletins:
----------------------------
Title: ESB-2010.0935 - [RedHat] Red Hat Enterprise MRG Messaging and Grid
Version 1.3: Denial of service - Existing account
Date: 15 October 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13485
Title: ESB-2010.0934 - [RedHat] kernel-rt: Multiple vulnerabilities
Date: 15 October 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13484
Title: ESB-2010.0933 - [RedHat] java-1.6.0-sun: Multiple vulnerabilities
Date: 15 October 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13483
Title: ESB-2010.0932 - [Win][Linux][HP-UX] HP Systems Insight Manager:
Read-only data access - Remote/unauthenticated
Date: 15 October 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian GNU/Linux,
HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server
2008, Other Linux Variants
URL: http://www.auscert.org.au/13482
Title: ESB-2010.0931 - [Appliance] HP ProCurve: Increased privileges -
Remote/unknown
Date: 15 October 2010
OS: HP-UX
URL: http://www.auscert.org.au/13481
Title: ESB-2010.0930 - [Win][Linux] Tivoli Storage Manager: Execute
arbitrary
code/commands - Remote/unauthenticated
Date: 14 October 2010
OS: Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu,
Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants,
Windows Server 2008
URL: http://www.auscert.org.au/13480
Title: ESB-2010.0929 - [SUSE] kernel: Increased privileges - Existing
account
Date: 14 October 2010
OS: SUSE
URL: http://www.auscert.org.au/13479
Title: ESB-2010.0928 - [RedHat] java-1.6.0-openjdk: Multiple vulnerabilities
Date: 14 October 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13478
Title: ESB-2010.0927 - [Win] SAP Crystal Reports JobServer: Execute
arbitrary
code/commands - Remote/unauthenticated
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13474
Title: ESB-2010.0926 - [Win] SAP BusinessObjects Crystal Reports Server:
Execute arbitrary code/commands - Remote/unauthenticated
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13473
Title: ESB-2010.0925 - [SUSE][OpenSUSE] Firefox/Thunderbird/Seamonkey:
Multiple vulnerabilities
Date: 13 October 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/13470
Title: ESB-2010.0924 - [Debian] postgresql-8.3: Increased privileges -
Existing account
Date: 13 October 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13469
Title: ESB-2010.0923 - [Debian] poppler: Multiple vulnerabilities
Date: 13 October 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13468
Title: ESB-2010.0922 - [Win] Windows Shared Cluster Disks: Unauthorised
access
- Existing account
Date: 13 October 2010
OS: Windows Server 2008
URL: http://www.auscert.org.au/13467
Title: ESB-2010.0921 - [Win] Internet Information Services (ISS): Denial of
service - Remote/unauthenticated
Date: 13 October 2010
OS: Windows Vista, Windows Server 2008, Windows 7
URL: http://www.auscert.org.au/13466
Title: ESB-2010.0920 - [Win] Microsoft Windows: Increased privileges -
Existing account
Date: 13 October 2010
OS: Windows 2003, Windows XP
URL: http://www.auscert.org.au/13465
Title: ESB-2010.0919 - [Win] WordPad and Windows Shell: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13464
Title: ESB-2010.0918 - [Win] Windows Media Player: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13463
Title: ESB-2010.0917 - [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13462
Title: ESB-2010.0916 - [Win][Mac][OSX] Microsoft Excel: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac
OS X, Windows Server 2008
URL: http://www.auscert.org.au/13461
Title: ESB-2010.0915 - [Win][Mac][OSX] Microsoft Word: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac
OS X, Windows Server 2008
URL: http://www.auscert.org.au/13460
Title: ESB-2010.0914 - [Win] Microsoft Windows: Multiple vulnerabilities
Date: 13 October 2010
OS: Windows 2003, Windows XP
URL: http://www.auscert.org.au/13459
Title: ESB-2010.0913 - [Win] Microsoft .NET Framework 4.0: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13458
Title: ESB-2010.0912 - [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows Vista, Windows 2003, Windows XP, Windows Server 2008
URL: http://www.auscert.org.au/13457
Title: ESB-2010.0911 - [Win] Microsoft Windows Media Player Network Sharing
Service: Execute arbitrary code/commands - Remote/unauthenticated
Date: 13 October 2010
OS: Windows Vista, Windows 7
URL: http://www.auscert.org.au/13456
Title: ESB-2010.0910 - [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13455
Title: ESB-2010.0909 - [Win] Microsoft Windows: Multiple vulnerabilities
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13454
Title: ESB-2010.0908 - [Win] Microsoft SharePoint: Cross-site scripting -
Remote with user interaction
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13453
Title: ESB-2010.0907 - ALERT [Win] Microsoft Internet Explorer: Multiple
vulnerabilities
Date: 13 October 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
2008
URL: http://www.auscert.org.au/13452
Title: ESB-2010.0906 - [SUSE][OpenSUSE] acroread: Multiple vulnerabilities
Date: 12 October 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/13450
Title: ESB-2010.0905 - [NetBSD] ftpd and sftp: Denial of service - Existing
account
Date: 11 October 2010
OS: Other BSD Variants
URL: http://www.auscert.org.au/13448
Title: ESB-2010.0904 - [Win][UNIX/Linux][Debian] subversion: Unauthorised
access - Remote/unauthenticated
Date: 11 October 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13447
Title: ESB-2010.0878.2 - UPDATE [Debian] moodle: Multiple vulnerabilities
Date: 11 October 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13415
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20101015/0bd32ae9/attachment.html>
More information about the AusNOG
mailing list