[AusNOG] Subject: AusCERT Week in Review - Week Ending 17/09/2010 (AUSCERT#20073F686)
Richard Billington
richard at auscert.org.au
Fri Sep 17 16:12:15 EST 2010
AusCERT Week in Review
17 September 2010
Papers, Articles and other documents:
- - -------------------------------------
Title: Stuxnet worm has been exploiting four 0-day vuls in Windows
Date: 16 September 2010
URL: http://www.auscert.org.au/13361
Title: Siemens says Stuxnet worm hit industrial systems
Date: 15 September 2010
URL: http://www.auscert.org.au/13334
Title: An analysis of the BlackEnergy botnet
Date: 15 September 2010
URL: http://www.auscert.org.au/13349
Title: AusCERT is a finalist in the auDA Australia and New Zealand Internet
Best Practice Award
Date: 15 September 2010
URL: http://www.auscert.org.au/13352
Title: An analysis of Adobe Reader SING Table parsing vul - currently
exploited in the wild
Date: 14 September 2010
URL: http://www.auscert.org.au/13328
Title: Adobe Acrobat pushstring Memory Corruption vul
Date: 13 September 2010
URL: http://www.auscert.org.au/13326
Title: Mitigation posted for Adobe Reader vulnerability – use Microsoft EMET
2.0
Date: 11 September 2010
URL: http://www.auscert.org.au/13322
Web Log Entries:
- - ----------------
Title: Microsoft September 2010 bulletins
Date: 15 September 2010
URL: http://www.auscert.org.au/13344
Alerts, Advisories and Updates:
- - -------------------------------
Title: ASB-2010.0207.2 - UPDATE [Win][Linux][Mac][OSX] Google Chrome: Multiple
vulnerabilities
Date: 17 September 2010
URL: http://www.auscert.org.au/13350
Title: ASB-2010.0212 - [Win][Linux][HP-UX][Solaris][AIX] IBM DB2 9.7: Execute
arbitrary code/commands - Existing account
Date: 17 September 2010
URL: http://www.auscert.org.au/13364
Title: ASB-2010.0213 - [Win][Linux][HP-UX][Solaris][AIX] IBM WebSphere Portal:
Cross-site scripting - Remote/unauthenticated
Date: 17 September 2010
URL: http://www.auscert.org.au/13365
Title: ASB-2010.0208 - [Win][Linux][HP-UX][Solaris][AIX] Lotus Quickr: Denial
of service - Remote/unauthenticated
Date: 16 September 2010
URL: http://www.auscert.org.au/13354
Title: ASB-2010.0209 - [Win][UNIX/Linux] Splunk prior to version 4.1.5.:
Multiple vulnerabilities
Date: 16 September 2010
URL: http://www.auscert.org.au/13355
Title: ASB-2010.0210.2 - UPDATE [Win][Linux][OSX] IBM Lotus Sametime Connect:
Reduced security - Unknown/unspecified
Date: 16 September 2010
URL: http://www.auscert.org.au/13358
Title: ASB-2010.0211 - [Win][UNIX/Linux] OpenX prior to 2.8.7: Reduced
security - Unknown/unspecified
Date: 16 September 2010
URL: http://www.auscert.org.au/13360
Title: ASB-2010.0205.2 - UPDATE [Win][AIX] IBM Records Manager: Multiple
vulnerabilities
Date: 14 September 2010
URL: http://www.auscert.org.au/13325
Title: ASB-2010.0206 - [Win] Microsoft Bulletin Notification - September
Pre-release Announcement
Date: 14 September 2010
URL: http://www.auscert.org.au/13333
External Security Bulletins:
- - ----------------------------
Title: ESB-2010.0844 - [HP-UX] BIND: Provide misleading information -
Remote/unauthenticated
Date: 17 September 2010
OS: HP-UX
URL: http://www.auscert.org.au/13363
Title: ESB-2010.0843 - [Debian] samba: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 17 September 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13362
Title: ESB-2010.0842 - [Win][Linux] HP System Management Homepage: Multiple
vulnerabilities
Date: 16 September 2010
OS: Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian GNU/Linux,
Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008,
Other Linux Variants
URL: http://www.auscert.org.au/13359
Title: ESB-2010.0841 - [Win][UNIX/Linux] Drupal Third-party modules: Multiple
vulnerabilities
Date: 16 September 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13357
Title: ESB-2010.0840 - [Win][VMware ESX][RedHat][SUSE] Novell Platespin
Orchestrate: Execute arbitrary code/commands - Remote/unauthenticated
Date: 16 September 2010
OS: Windows 2003, Windows XP, Virtualisation, SUSE, Windows 2000, Windows
7, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/13356
Title: ESB-2010.0839 - [Win] QuickTime: Execute arbitrary code/commands -
Remote with user interaction
Date: 16 September 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13353
Title: ESB-2010.0838 - [Appliance] 3Com OfficeConnect Gigabit VPN Firewall:
Cross-site scripting - Remote with user interaction
Date: 15 September 2010
URL: http://www.auscert.org.au/13351
Title: ESB-2010.0837.2 - UPDATE [Win][Linux][Solaris][AIX] Lotus Domino
iCalendar: Execute arbitrary code/commands - Remote/unauthenticated
Date: 17 September 2010
OS: Other Linux Variants, Windows Server 2008, Windows Vista, AIX, Windows
2000, SUSE, Windows XP, Ubuntu, Debian GNU/Linux, Windows 7, Red Hat
Linux, Windows 2003, Solaris
URL: http://www.auscert.org.au/13348
Title: ESB-2010.0836 - [Win][UNIX/Linux][Debian] cvsnt: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 15 September 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13347
Title: ESB-2010.0835 - [Win][UNIX/Linux][RedHat] samba and samba3x: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 15 September 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13346
Title: ESB-2010.0834 - [Win] Microsoft Outlook Web Access: Unauthorised access
- Remote with user interaction
Date: 15 September 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13345
Title: ESB-2010.0833 - [Win] Microsoft Windows: Execute arbitrary
code/commands - Existing account
Date: 15 September 2010
OS: Windows 2003, Windows XP
URL: http://www.auscert.org.au/13343
Title: ESB-2010.0832 - [Win] Microsoft Active Directory: Multiple
vulnerabilities
Date: 15 September 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/13342
Title: ESB-2010.0831 - [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote with user interaction
Date: 15 September 2010
OS: Windows 2003, Windows XP
URL: http://www.auscert.org.au/13341
Title: ESB-2010.0830 - [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 15 September 2010
OS: Windows 2003, Windows XP
URL: http://www.auscert.org.au/13340
Title: ESB-2010.0829 - ALERT [Win] Microsoft Internet Information Services:
Multiple vulnerabilities
Date: 15 September 2010
OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/13339
Title: ESB-2010.0828 - ALERT [Win] Microsoft Office: Execute arbitrary
code/commands - Remote with user interaction
Date: 15 September 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13338
Title: ESB-2010.0827 - ALERT [Win] Microsoft Windows and Microsoft Office:
Execute arbitrary code/commands - Remote with user interaction
Date: 15 September 2010
OS: Windows 2003, Windows XP, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/13337
Title: ESB-2010.0826 - ALERT [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote with user interaction
Date: 15 September 2010
OS: Windows 2003, Windows XP, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/13336
Title: ESB-2010.0825 - ALERT [Win] Microsoft Windows: Execute arbitrary
code/commands - Remote with user interaction
Date: 15 September 2010
OS: Windows 2003, Windows XP, Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/13335
Title: ESB-2010.0824 - [Linux] HP System Management Homepage: Root compromise
- Existing account
Date: 14 September 2010
OS: Red Hat Linux, SUSE, Other Linux Variants, Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/13332
Title: ESB-2010.0823.2 - UPDATE [AIX] AIX: Multiple vulnerabilities
Date: 17 September 2010
OS: AIX
URL: http://www.auscert.org.au/13331
Title: ESB-2010.0822 - ALERT [Win][UNIX/Linux][Mobile] Adobe Flash Player,
Adobe Reader and Adobe Acrobat: Execute arbitrary code/commands -
Remote with user interaction
Date: 14 September 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/13330
Title: ESB-2010.0821 - [Netware] Novell Netware: Execute arbitrary
code/commands - Existing account
Date: 14 September 2010
OS: Novell Netware
URL: http://www.auscert.org.au/13329
Title: ESB-2010.0820 - [SUSE] kernel: Multiple vulnerabilities
Date: 14 September 2010
OS: SUSE
URL: http://www.auscert.org.au/13327
Title: ESB-2010.0819 - [Win] Blackberry Desktop Software: Execute arbitrary
code/commands - Remote with user interaction
Date: 13 September 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13324
Title: ESB-2010.0818 - [RedHat] tomcat5: Multiple vulnerabilities
Date: 13 September 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13323
Title: ESB-2010.0777.2 - UPDATE [Debian] phpmyadmin: Multiple vulnerabilities
Date: 13 September 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13266
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list