[AusNOG] AusCERT Week in Review - Week Ending 08/07/2011 (AUSCERT#20073F686)
Jonathan Levine
jonathan at auscert.org.au
Mon Jul 11 07:16:34 EST 2011
AusCERT Week in Review
08 July 2011
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0057 - [UNIX/Linux] vsftpd 2.3.4: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 05 July 2011
URL: http://www.auscert.org.au/14553
External Security Bulletins:
- ----------------------------
Title: ESB-2011.0712 - [HP-UX] OpenSSL: Denial of service -
Remote/unauthenticated
Date: 08 July 2011
OS: HP-UX
URL: http://www.auscert.org.au/14573
Title: ESB-2011.0711 - [Appliance] Symantec Web Gateway: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 08 July 2011
URL: http://www.auscert.org.au/14572
Title: ESB-2011.0710 - [Win][UNIX/Linux] Simple Clean (Drupal third-party
module): Cross-site scripting - Remote with user interaction
Date: 08 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14571
Title: ESB-2011.0709 - [Win] Microsoft: Microsoft Security Bulletin Advance
Notification for July 2011
Date: 08 July 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14570
Title: ESB-2011.0708 - [RedHat] bind: Denial of service -
Remote/unauthenticated
Date: 08 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14569
Title: ESB-2011.0707 - [Win][UNIX/Linux][Debian] openoffice.org: Execute
arbitrary code/commands - Remote with user interaction
Date: 08 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14568
Title: ESB-2011.0706 - [Debian] wireshark: Multiple vulnerabilities
Date: 08 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14567
Title: ESB-2011.0705 - [Win][UNIX/Linux] Shibboleth Service Provider: Denial
of service - Remote/unauthenticated
Date: 07 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14566
Title: ESB-2011.0704 - [Win][UNIX/Linux] TYPO3: Unauthorised access -
Existing
account
Date: 07 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14565
Title: ESB-2011.0703 - [Win][UNIX/Linux] Facebook Share (Drupal third-party
module): Cross-site scripting - Remote with user interaction
Date: 07 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14564
Title: ESB-2011.0702 - [Cisco] Cisco Content Services Gateway: Denial of
service - Remote/unauthenticated
Date: 07 July 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14563
Title: ESB-2011.0701 - [Debian] icedove: Multiple vulnerabilities
Date: 07 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14562
Title: ESB-2011.0700 - [UNIX/Linux][RedHat] krb5-appl: Multiple
vulnerabilities
Date: 06 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/14561
Title: ESB-2011.0699 - [RedHat] qemu-kvm: Multiple vulnerabilities
Date: 06 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14560
Title: ESB-2011.0698 - [RedHat] curl: Unauthorised access -
Remote/unauthenticated
Date: 06 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14559
Title: ESB-2011.0697 - [SUSE] Firefox and Thunderbird: Multiple
vulnerabilities
Date: 06 July 2011
OS: SUSE
URL: http://www.auscert.org.au/14558
Title: ESB-2011.0696 - [HP-UX] HP-UX Dynamic Loader: Increased privileges -
Existing account
Date: 06 July 2011
OS: HP-UX
URL: http://www.auscert.org.au/14557
Title: ESB-2011.0695 - [Debian] bind9: Denial of service -
Remote/unauthenticated
Date: 06 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14556
Title: ESB-2011.0694 - [UNIX/Linux] BIND 9: Denial of service -
Remote/unauthenticated
Date: 06 July 2011
OS: Other Linux Variants, FreeBSD, AIX, OpenBSD, SUSE, Other BSD
Variants,
HP-UX, Debian GNU/Linux, Ubuntu, Mac OS X, Red Hat Linux, Solaris, HP
Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/14555
Title: ESB-2011.0692 - [Win] HP Intelligent Management Center : Execute
arbitrary code/commands - Remote/unauthenticated
Date: 04 July 2011
OS: Windows 2003, HP-UX, Windows Server 2008
URL: http://www.auscert.org.au/14552
Title: ESB-2011.0691 - [UNIX/Linux][Debian] curl: Unauthorised access -
Remote/unauthenticated
Date: 04 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/14551
Title: ESB-2011.0690 - [UNIX/Linux][Debian] qemu-kvm: Execute arbitrary
code/commands - Existing account
Date: 04 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/14550
Title: ESB-2011.0689 - [Debian] iceweasal and iceape: Multiple
vulnerabilities
Date: 04 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14549
Title: ESB-2011.0688 - [Debian] perl: Unauthorised access - Existing account
Date: 04 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14548
Title: ESB-2011.0687 - [Debian] php5: Access confidential data -
Remote/unauthenticated
Date: 04 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14547
Title: ESB-2011.0686 - [Win][UNIX/Linux] phpMyAdmin: Multiple
vulnerabilities
Date: 04 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14546
Title: ESB-2011.0685.2 - UPDATE [UNIX/Linux] Asterisk: Access confidential
data - Remote/unauthenticated
Date: 07 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants, IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux,
Mac
OS X, Debian GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE,
OpenBSD, AIX, FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/14545
Title: ESB-2011.0672.2 - UPDATE [UNIX/Linux] Asterisk: Multiple
vulnerabilities
Date: 07 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants, IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux,
Mac
OS X, Debian GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE,
OpenBSD, AIX, FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/14528
Title: ESB-2011.0607.2 - UPDATE [Win][Linux][HP-UX][Solaris][AIX] HP Service
Manager and HP Service Center: Multiple vulnerabilities
Date: 07 July 2011
OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
Windows Server 2008, Other Linux Variants, Solaris, Windows 2003, Red
Hat Linux, Windows 7, Debian GNU/Linux, Ubuntu, Windows XP, HP-UX,
SUSE, Windows 2000, AIX, Windows Vista, Other Linux Variants, Windows
Server 2008
URL: http://www.auscert.org.au/14456
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list