[AusNOG] AusCERT Week in Review - Week Ending 22/07/2011 (AUSCERT#20073f686)
Jonathan Levine
jonathan at auscert.org.au
Fri Jul 22 16:14:30 EST 2011
AusCERT Week in Review
22 July 2011
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0058 - [Win][UNIX/Linux] wireshark: Denial of service -
Remote
with user interaction
Date: 20 July 2011
URL: http://www.auscert.org.au/14606
Title: ASB-2011.0059 - ALERT [Win][UNIX/Linux] Oracle Products: Reduced
security - Remote/unauthenticated
Date: 20 July 2011
URL: http://www.auscert.org.au/14609
External Security Bulletins:
- ----------------------------
Title: ESB-2011.0761 - [SUSE] Java: Multiple vulnerabilities
Date: 22 July 2011
OS: SUSE
URL: http://www.auscert.org.au/14626
Title: ESB-2011.0760 - [RedHat] freetype: Execute arbitrary code/commands -
Remote with user interaction
Date: 22 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14625
Title: ESB-2011.0759 - [RedHat] bash: Overwrite arbitrary files - Existing
account
Date: 22 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14624
Title: ESB-2011.0758 - [Linux][RedHat] kernel: Denial of service - Existing
account
Date: 22 July 2011
OS: Red Hat Linux, Other Linux Variants, SUSE, Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/14623
Title: ESB-2011.0757 - [RedHat] libvirt: Denial of service -
Remote/unauthenticated
Date: 22 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14622
Title: ESB-2011.0756 - [Linux][RedHat] sysstat: Create arbitrary files -
Existing account
Date: 22 July 2011
OS: Red Hat Linux, Other Linux Variants, SUSE, Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/14621
Title: ESB-2011.0755 - [RedHat] rgmanager: Increased privileges - Existing
account
Date: 22 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14620
Title: ESB-2011.0754 - [RedHat] rsync: Overwrite arbitrary files - Existing
account
Date: 22 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14619
Title: ESB-2011.0753 - [RedHat] sssd: Denial of service - Existing account
Date: 22 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14618
Title: ESB-2011.0752 - [Debian] opie: Multiple vulnerabilities
Date: 22 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14617
Title: ESB-2011.0751 - [Win][UNIX/Linux] Drupal third-party modules:
Cross-site request forgery - Remote with user interaction
Date: 21 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14616
Title: ESB-2011.0750 - [Win] CA Total Defense Suite: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 21 July 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14615
Title: ESB-2011.0749 - [Win][OSX] Safari: Multiple vulnerabilities
Date: 21 July 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008, Mac OS X
URL: http://www.auscert.org.au/14614
Title: ESB-2011.0748 - ALERT [Cisco] Cisco SA 500 Series: Multiple
vulnerabilities
Date: 21 July 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14613
Title: ESB-2011.0747 - [Cisco] Cisco ASR 9000 Series: Denial of service -
Remote/unauthenticated
Date: 21 July 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14612
Title: ESB-2011.0746 - [Win][UNIX/Linux][RedHat] libsndfile: Execute
arbitrary
code/commands - Remote with user interaction
Date: 21 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14611
Title: ESB-2011.0745 - [RedHat] fuse: Unauthorised access - Existing account
Date: 21 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14610
Title: ESB-2011.0744 - [Win] HP ArcSight Connector: Cross-site scripting -
Remote with user interaction
Date: 20 July 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14608
Title: ESB-2011.0743 - [UNIX/Linux][RedHat] mutt: Provide misleading
information - Remote/unauthenticated
Date: 20 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/14605
Title: ESB-2011.0742 - [Debian] libvirt: Multiple vulnerabilities
Date: 20 July 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14604
Title: ESB-2011.0741 - [Win][UNIX/Linux][Debian]
libapache2-mod-authnz-external: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 20 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14607
Title: ESB-2011.0740 - [SUSE] Java: Multiple vulnerabilities
Date: 19 July 2011
OS: SUSE
URL: http://www.auscert.org.au/14603
Title: ESB-2011.0739 - [SUSE] kvm: Multiple vulnerabilities
Date: 19 July 2011
OS: SUSE
URL: http://www.auscert.org.au/14602
Title: ESB-2011.0738 - [SUSE] bind: Denial of service -
Remote/unauthenticated
Date: 19 July 2011
OS: SUSE
URL: http://www.auscert.org.au/14599
Title: ESB-2011.0737 - [RedHat] system-config-firewall: Root compromise -
Existing account
Date: 19 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14600
Title: ESB-2011.0736 - [RedHat] JBoss: Execute arbitrary code/commands -
Remote with user interaction
Date: 19 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14601
Title: ESB-2011.0735 - [Win][UNIX/Linux] Shibboleth IdP v2.1.0 and later:
Provide misleading information - Existing account
Date: 19 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14598
Title: ESB-2011.0734 - [Win] EMC Documentum eRoom Indexing Server: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 19 July 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14597
Title: ESB-2011.0733 - [SUSE] java-1_6_0-ibm: Multiple vulnerabilities
Date: 19 July 2011
OS: SUSE
URL: http://www.auscert.org.au/14596
Title: ESB-2011.0732 - [AIX] BIND: Denial of service -
Remote/unauthenticated
Date: 18 July 2011
OS: AIX
URL: http://www.auscert.org.au/14595
Title: ESB-2011.0731 - [Apple iOS] Apple iOS: Multiple vulnerabilities
Date: 18 July 2011
OS: Apple iOS
URL: http://www.auscert.org.au/14594
Title: ESB-2011.0730 - [Win][UNIX/Linux][Debian] horde3: Multiple
vulnerabilities
Date: 18 July 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14593
Title: ESB-2011.0729 - [RedHat] java-1.6.0-ibm: Multiple vulnerabilities
Date: 18 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14592
Title: ESB-2011.0728 - [RedHat] kernel: Multiple vulnerabilities
Date: 18 July 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14591
Title: ESB-2011.0602.2 - UPDATE [Linux][Debian] oprofile: Increased
privileges
- Existing account
Date: 18 July 2011
OS: Red Hat Linux, Other Linux Variants, SUSE, Debian GNU/Linux, Ubuntu,
Red Hat Linux, Other Linux Variants, SUSE, Debian GNU/Linux, Ubuntu
URL: http://www.auscert.org.au/14449
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list