[AusNOG] AusCERT Week in Review - Week Ending 21/10/2011 (AUSCERT#20073f686)
Jonathan Levine
jonathan at auscert.org.au
Fri Oct 21 17:38:21 EST 2011
AusCERT Week in Review
21 October 2011
Papers, Articles and other documents:
- -------------------------------------
Title: AusCERT is seeking to recruit a Software Developer/Programmer
Date: 21 October 2011
URL: http://www.auscert.org.au/14996
Title: Global CyberLympics
Date: 20 October 2011
URL: http://www.auscert.org.au/14993
Title: The Government has released a public discussion paper as part of the
Cyber White Paper
Date: 19 October 2011
URL: http://www.auscert.org.au/14981
Title: AusCERT Certificate Service Repository
Date: 17 October 2011
URL: http://www.auscert.org.au/11668
Web Log Entries:
- ----------------
Title: Auditing positions at the Department of Public Works QLD
Date: 18 October 2011
URL: http://www.auscert.org.au/14980
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0090 - [Win][UNIX/Linux] ClamAV: Denial of service -
Unknown/unspecified
Date: 19 October 2011
URL: http://www.auscert.org.au/14982
Title: ASB-2011.0091 - ALERT [Win][UNIX/Linux] Oracle Products: Reduced
security - Unknown/unspecified
Date: 19 October 2011
URL: http://www.auscert.org.au/14985
Title: ASB-2011.0092 - [Win][UNIX/Linux] Java: Reduced security -
Unknown/unspecified
Date: 19 October 2011
URL: http://www.auscert.org.au/14986
Title: ASB-2011.0089 - [Win][UNIX/Linux] VLC media player: Denial of service
-
Remote with user interaction
Date: 17 October 2011
URL: http://www.auscert.org.au/14972
External Security Bulletins:
- ----------------------------
Title: ESB-2011.1064 - [Debian] wireshark: Execute arbitrary code/commands -
Remote with user interaction
Date: 21 October 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15000
Title: ESB-2011.1063 - [RedHat] httpd: Multiple vulnerabilities
Date: 21 October 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14999
Title: ESB-2011.1062 - [RedHat] kernel: Multiple vulnerabilities
Date: 21 October 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14998
Title: ESB-2011.1061 - [Win][UNIX/Linux] krb5: Denial of service -
Remote/unauthenticated
Date: 21 October 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14997
Title: ESB-2011.1060 - [Win] HP MFP Digital Sending Software: Access
confidential data - Existing account
Date: 20 October 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14995
Title: ESB-2011.1059 - [Win] Novell ZENworks: Execute arbitrary
code/commands
- Remote/unauthenticated
Date: 20 October 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14994
Title: ESB-2011.1058 - [Win] CiscoWorks Common Services: Administrator
compromise - Existing account
Date: 20 October 2011
OS: Cisco Products, Windows 2003, Windows XP, Windows 2000, Windows 7,
Windows Vista, Windows Server 2008
URL: http://www.auscert.org.au/14992
Title: ESB-2011.1057 - [Win][UNIX/Linux][Cisco] Cisco Show and Share:
Multiple
vulnerabilities
Date: 20 October 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Cisco Products, Windows 2003, Red Hat
Linux, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP,
HP-UX, Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows
Vista, FreeBSD, Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14991
Title: ESB-2011.1056 - [RedHat] kdelibs and kdelibs3: Provide misleading
information - Remote with user interaction
Date: 20 October 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14990
Title: ESB-2011.1055 - [RedHat] java-1.6.0-sun: Multiple vulnerabilities
Date: 20 October 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14989
Title: ESB-2011.1054 - [Win] Symantec IM Manager: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 19 October 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14988
Title: ESB-2011.1053 - [Win][VMware ESX][UNIX/Linux] Avaya Identity Engines
Ignition Server: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 19 October 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, Virtualisation, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD,
Windows Vista, Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14987
Title: ESB-2011.1052 - [RedHat] java-1.6.0-openjdk: Multiple vulnerabilities
Date: 19 October 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14984
Title: ESB-2011.1051 - [UNIX/Linux][RedHat] krb5: Denial of service -
Remote/unauthenticated
Date: 19 October 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/14983
Title: ESB-2011.1050 - [Win] HP Data Protector Notebook Extension: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 18 October 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14979
Title: ESB-2011.1049 - [Win][Linux] Novell Open Enterprise Server: Increased
privileges - Existing account
Date: 18 October 2011
OS: Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu,
Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants,
Windows Server 2008
URL: http://www.auscert.org.au/14978
Title: ESB-2011.1048 - [SUSE] kernel: Multiple vulnerabilities
Date: 18 October 2011
OS: SUSE
URL: http://www.auscert.org.au/14977
Title: ESB-2011.1047 - [SUSE] popt: Execute arbitrary code/commands -
Existing
account
Date: 18 October 2011
OS: SUSE
URL: http://www.auscert.org.au/14976
Title: ESB-2011.1046 - [Win][UNIX/Linux] phpMyAdmin: Multiple
vulnerabilities
Date: 18 October 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14975
Title: ESB-2011.1045 - [UNIX/Linux] Asterisk: Denial of service -
Remote/unauthenticated
Date: 18 October 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/14974
Title: ESB-2011.1044 - [RedHat] postgresql and postgresql84: Reduced
security
- Remote/unauthenticated
Date: 18 October 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14973
Title: ESB-2011.1043 - [Win][Linux][Mac][OSX] Lotus Notes: Denial of service
-
Remote with user interaction
Date: 17 October 2011
OS: Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Debian GNU/Linux,
Ubuntu, Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server
2008, Other Linux Variants
URL: http://www.auscert.org.au/14971
Title: ESB-2011.1042 - [Win][VMware ESX][UNIX/Linux] Symantec Products:
Multiple vulnerabilities
Date: 17 October 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, Virtualisation, SUSE, Windows 2000, OpenBSD, AIX, Windows
Vista, FreeBSD, Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14970
Title: ESB-2011.1041 - [Win][Linux][HP-UX][Solaris][AIX] WebSphere
Application
Server: Provide misleading information - Remote with user interaction
Date: 17 October 2011
OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14969
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list