[AusNOG] AusCERT Week in Review - Week Ending 21/10/2011 (AUSCERT#20073f686)

Jonathan Levine jonathan at auscert.org.au
Fri Oct 21 17:38:21 EST 2011


AusCERT Week in Review
21 October 2011


Papers, Articles and other documents:
- -------------------------------------
Title: AusCERT is seeking to recruit a Software Developer/Programmer 
Date:  21 October 2011
URL:   http://www.auscert.org.au/14996

Title: Global CyberLympics 
Date:  20 October 2011
URL:   http://www.auscert.org.au/14993

Title: The Government has released a public discussion paper as part of the
       Cyber White Paper 
Date:  19 October 2011
URL:   http://www.auscert.org.au/14981

Title: AusCERT Certificate Service Repository 
Date:  17 October 2011
URL:   http://www.auscert.org.au/11668


Web Log Entries:
- ----------------
Title: Auditing positions at the Department of Public Works QLD 
Date:  18 October 2011
URL:   http://www.auscert.org.au/14980


Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0090 - [Win][UNIX/Linux] ClamAV: Denial of service -
       Unknown/unspecified 
Date:  19 October 2011
URL:   http://www.auscert.org.au/14982

Title: ASB-2011.0091 - ALERT [Win][UNIX/Linux] Oracle Products: Reduced
       security - Unknown/unspecified 
Date:  19 October 2011
URL:   http://www.auscert.org.au/14985

Title: ASB-2011.0092 - [Win][UNIX/Linux] Java: Reduced security -
       Unknown/unspecified 
Date:  19 October 2011
URL:   http://www.auscert.org.au/14986

Title: ASB-2011.0089 - [Win][UNIX/Linux] VLC media player: Denial of service
-
       Remote with user interaction 
Date:  17 October 2011
URL:   http://www.auscert.org.au/14972


External Security Bulletins:
- ----------------------------
Title: ESB-2011.1064 - [Debian] wireshark: Execute arbitrary code/commands -
       Remote with user interaction 
Date:  21 October 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/15000

Title: ESB-2011.1063 - [RedHat] httpd: Multiple vulnerabilities 
Date:  21 October 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14999

Title: ESB-2011.1062 - [RedHat] kernel: Multiple vulnerabilities 
Date:  21 October 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14998

Title: ESB-2011.1061 - [Win][UNIX/Linux] krb5: Denial of service -
       Remote/unauthenticated 
Date:  21 October 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/14997

Title: ESB-2011.1060 - [Win] HP MFP Digital Sending Software: Access
       confidential data - Existing account 
Date:  20 October 2011
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/14995

Title: ESB-2011.1059 - [Win] Novell ZENworks: Execute arbitrary
code/commands
       - Remote/unauthenticated 
Date:  20 October 2011
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/14994

Title: ESB-2011.1058 - [Win] CiscoWorks Common Services: Administrator
       compromise - Existing account 
Date:  20 October 2011
OS:    Cisco Products, Windows 2003, Windows XP, Windows 2000, Windows 7,
       Windows Vista, Windows Server 2008 
URL:   http://www.auscert.org.au/14992

Title: ESB-2011.1057 - [Win][UNIX/Linux][Cisco] Cisco Show and Share:
Multiple
       vulnerabilities 
Date:  20 October 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Cisco Products, Windows 2003, Red Hat
       Linux, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP,
       HP-UX, Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows
       Vista, FreeBSD, Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14991

Title: ESB-2011.1056 - [RedHat] kdelibs and kdelibs3: Provide misleading
       information - Remote with user interaction 
Date:  20 October 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14990

Title: ESB-2011.1055 - [RedHat] java-1.6.0-sun: Multiple vulnerabilities 
Date:  20 October 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14989

Title: ESB-2011.1054 - [Win] Symantec IM Manager: Execute arbitrary
       code/commands - Remote/unauthenticated 
Date:  19 October 2011
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/14988

Title: ESB-2011.1053 - [Win][VMware ESX][UNIX/Linux] Avaya Identity Engines
       Ignition Server: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  19 October 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, Virtualisation, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD,
       Windows Vista, Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/14987

Title: ESB-2011.1052 - [RedHat] java-1.6.0-openjdk: Multiple vulnerabilities

Date:  19 October 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14984

Title: ESB-2011.1051 - [UNIX/Linux][RedHat] krb5: Denial of service -
       Remote/unauthenticated 
Date:  19 October 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/14983

Title: ESB-2011.1050 - [Win] HP Data Protector Notebook Extension: Execute
       arbitrary code/commands - Remote/unauthenticated 
Date:  18 October 2011
OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
       Windows Server 2008 
URL:   http://www.auscert.org.au/14979

Title: ESB-2011.1049 - [Win][Linux] Novell Open Enterprise Server: Increased
       privileges - Existing account 
Date:  18 October 2011
OS:    Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu,
       Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants,
       Windows Server 2008 
URL:   http://www.auscert.org.au/14978

Title: ESB-2011.1048 - [SUSE] kernel: Multiple vulnerabilities 
Date:  18 October 2011
OS:    SUSE 
URL:   http://www.auscert.org.au/14977

Title: ESB-2011.1047 - [SUSE] popt: Execute arbitrary code/commands -
Existing
       account 
Date:  18 October 2011
OS:    SUSE 
URL:   http://www.auscert.org.au/14976

Title: ESB-2011.1046 - [Win][UNIX/Linux] phpMyAdmin: Multiple
vulnerabilities 
Date:  18 October 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/14975

Title: ESB-2011.1045 - [UNIX/Linux] Asterisk: Denial of service -
       Remote/unauthenticated 
Date:  18 October 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/14974

Title: ESB-2011.1044 - [RedHat] postgresql and postgresql84: Reduced
security
       - Remote/unauthenticated 
Date:  18 October 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14973

Title: ESB-2011.1043 - [Win][Linux][Mac][OSX] Lotus Notes: Denial of service
-
       Remote with user interaction 
Date:  17 October 2011
OS:    Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Debian GNU/Linux,
       Ubuntu, Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server
       2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14971

Title: ESB-2011.1042 - [Win][VMware ESX][UNIX/Linux] Symantec Products:
       Multiple vulnerabilities 
Date:  17 October 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
       Variants, Virtualisation, SUSE, Windows 2000, OpenBSD, AIX, Windows
       Vista, FreeBSD, Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14970

Title: ESB-2011.1041 - [Win][Linux][HP-UX][Solaris][AIX] WebSphere
Application
       Server: Provide misleading information - Remote with user interaction

Date:  17 October 2011
OS:    Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
       Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
       Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14969



===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================




More information about the AusNOG mailing list