[AusNOG] AusCERT Week in Review - Week Ending 08/04/2011 (AUSCERT#20073f686)

Jonathan Levine jonathan at auscert.org.au
Fri Apr 8 15:38:35 EST 2011


AusCERT Week in Review
08 April 2011

Papers, Articles and other documents:
- -------------------------------------
Title: AusCERT Online Crime Symposium 2011
Date:  07 April 2011
URL:   http://www.auscert.org.au/14109

Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0027 - [Win][UNIX/Linux] WordPress: Multiple vulnerabilities
Date:  06 April 2011
URL:   http://www.auscert.org.au/14202

External Security Bulletins:
- ----------------------------
Title: ESB-2011.0394 - [RedHat] kernel: Multiple vulnerabilities
Date:  08 April 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14215

Title: ESB-2011.0393 - [Linux][RedHat] spice-xpi: Multiple vulnerabilities
Date:  08 April 2011
OS:    Red Hat Linux, Other Linux Variants, SUSE, Ubuntu, Debian GNU/Linux 
URL:   http://www.auscert.org.au/14214

Title: ESB-2011.0392 - [UNIX/Linux][Ubuntu] x11-xserver-utils: Root
compromise
       - Remote/unauthenticated
Date:  08 April 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/14213

Title: ESB-2011.0391 - [Win][OSX] Microsoft: Execute arbitrary code/commands
-
       Unknown/unspecified
Date:  08 April 2011
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac
       OS X, Windows Server 2008 
URL:   http://www.auscert.org.au/14212

Title: ESB-2011.0390 - [NetBSD] kernel: Denial of service -
       Remote/unauthenticated
Date:  08 April 2011
OS:    Other BSD Variants 
URL:   http://www.auscert.org.au/14211

Title: ESB-2011.0389 - [Debian] tmux: Increased privileges - Existing
account
Date:  08 April 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/14210

Title: ESB-2011.0388 - ALERT [Solaris] Oracle Solaris 10: Root compromise -
       Remote/unauthenticated
Date:  07 April 2011
OS:    Solaris 
URL:   http://www.auscert.org.au/14209

Title: ESB-2011.0387 - [Win][UNIX/Linux] Node Quick Find (Drupal third-party
       module): Unauthorised access - Remote/unauthenticated
Date:  07 April 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/14208

Title: ESB-2011.0386 - [RedHat] postfix: Multiple vulnerabilities
Date:  07 April 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14207

Title: ESB-2011.0385 - [Win][UNIX/Linux] Tomcat: Multiple vulnerabilities
Date:  07 April 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/14206

Title: ESB-2011.0384 - [Debian] vlc: Execute arbitrary code/commands -
Remote
       with user interaction
Date:  07 April 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/14205

Title: ESB-2011.0383.2 - UPDATE [UNIX/Linux] ISC DHCP: Execute arbitrary
       code/commands - Remote/unauthenticated
Date:  08 April 2011
OS:    Other Linux Variants, FreeBSD, AIX, OpenBSD, SUSE, Other BSD
Variants,
       HP-UX, Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Solaris, HP
       Tru64 UNIX, IRIX 
URL:   http://www.auscert.org.au/14204

Title: ESB-2011.0382 - [AIX] AIX 6.1: Unauthorised access - Existing account
Date:  06 April 2011
OS:    AIX 
URL:   http://www.auscert.org.au/14203

Title: ESB-2011.0381 - [SUSE][OpenSUSE] SUSE: Multiple vulnerabilities
Date:  06 April 2011
OS:    Other Linux Variants, SUSE 
URL:   http://www.auscert.org.au/14201

Title: ESB-2011.0380 - [Win][Linux][HP-UX][Solaris] HP Network Node Manager
i:
       Access privileged data - Remote/unauthenticated
Date:  05 April 2011
OS:    Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
       Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, Windows Vista, Windows
       Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14200

Title: ESB-2011.0379 - [Win][Netware][SUSE] Novell File Reporter: Execute
       arbitrary code/commands - Remote/unauthenticated
Date:  05 April 2011
OS:    Windows 2003, Windows Server 2008, SUSE, Novell Netware 
URL:   http://www.auscert.org.au/14199

Title: ESB-2011.0378 - [Win][UNIX/Linux] Multiple Web Browsers: Denial of
       service - Remote with user interaction
Date:  05 April 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
       Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
       Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14198

Title: ESB-2011.0377 - [Linux][RedHat] policycoreutils: Execute arbitrary
       code/commands - Existing account
Date:  05 April 2011
OS:    Red Hat Linux, Other Linux Variants, SUSE, Ubuntu, Debian GNU/Linux 
URL:   http://www.auscert.org.au/14197

Title: ESB-2011.0376 - [RedHat] glibc: Multiple vulnerabilities
Date:  05 April 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14196

Title: ESB-2011.0375.2 - UPDATE [Win][Linux][HP-UX][Solaris][AIX] IBM
solidDB:
       Execute arbitrary code/commands - Remote/unauthenticated
Date:  06 April 2011
OS:    Windows Server 2008, Other Linux Variants, Windows Vista, AIX,
Windows
       2000, SUSE, HP-UX, Windows XP, Ubuntu, Debian GNU/Linux, Windows 7,
Red
       Hat Linux, Windows 2003, Solaris 
URL:   http://www.auscert.org.au/14194

Title: ESB-2011.0374 - [SUSE][OpenSUSE] SUSE: Multiple vulnerabilities
Date:  04 April 2011
OS:    Other Linux Variants, SUSE 
URL:   http://www.auscert.org.au/14195

Title: ESB-2011.0373 - [Debian] tiff: Multiple vulnerabilities
Date:  04 April 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/14193

Title: ESB-2011.0372 - [Debian] tgt: Denial of service -
       Remote/unauthenticated
Date:  04 April 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/14192

Title: ESB-2011.0371 - [HP-UX] HP-UX: Denial of service - Existing account
Date:  04 April 2011
OS:    HP-UX 
URL:   http://www.auscert.org.au/14191

Title: ESB-2011.0370 - [HP-UX] Apache: Multiple vulnerabilities
Date:  04 April 2011
OS:    HP-UX 
URL:   http://www.auscert.org.au/14190

Title: ESB-2011.0369 - [HP-UX] HP-UX: Denial of service -
       Remote/unauthenticated
Date:  04 April 2011
OS:    HP-UX 
URL:   http://www.auscert.org.au/14189

Title: ESB-2011.0368 - [UNIX/Linux] HP Operations: Multiple vulnerabilities
Date:  04 April 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/14188

===========================================================================
Australian Computer Emergency Response Team The University of Queensland
Brisbane Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================




More information about the AusNOG mailing list