[AusNOG] AusCERT Week in Review - Week Ending 02/09/2011 (AUSCERT#20073f686)

Jonathan Levine jonathan at auscert.org.au
Fri Sep 2 15:37:27 EST 2011


AusCERT Week in Review
02 September 2011

Web Log Entries:
- ----------------
Title: Exploding Blowfish Sushi 
Date:  01 September 2011
URL:   http://www.auscert.org.au/14783


Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0071 - [Win][UNIX/Linux] Opera: Provide misleading
information
       - Remote with user interaction 
Date:  01 September 2011
URL:   http://www.auscert.org.au/14778

Title: ASB-2011.0072 - [Win][UNIX/Linux] BIND: Denial of service -
       Remote/unauthenticated 
Date:  01 September 2011
URL:   http://www.auscert.org.au/14779

Title: ASB-2011.0073 - [Win][UNIX/Linux] Firefox and Thunderbird: Provide
       misleading information - Remote with user interaction 
Date:  01 September 2011
URL:   http://www.auscert.org.au/14780

Title: ASB-2011.0074 - [Linux] Security breach on kernel.org 
Date:  01 September 2011
URL:   http://www.auscert.org.au/14784

Title: ASB-2011.0070 - [Win][Linux][HP-UX][Solaris][AIX] IBM Tivoli Storage
       Productivity Center 4.2.1: Denial of service - Remote/unauthenticated

Date:  29 August 2011
URL:   http://www.auscert.org.au/14761


External Security Bulletins:
- ----------------------------
Title: ESB-2011.0903 - [SUSE] kernel: Multiple vulnerabilities 
Date:  02 September 2011
OS:    SUSE 
URL:   http://www.auscert.org.au/14791

Title: ESB-2011.0902 - [Win][Netware][Linux][Solaris][AIX][SUSE] Novell
       Identity Manager: Denial of service - Remote/unauthenticated 
Date:  02 September 2011
OS:    Solaris, Windows 2003, Red Hat Linux, Windows 7, Novell Netware,
       Ubuntu, Debian GNU/Linux, Windows XP, SUSE, Windows 2000, AIX,
Windows
       Vista, Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14790

Title: ESB-2011.0901 - [Win][Linux][HP-UX][Solaris][AIX] IBM HTTP Server:
       Denial of service - Remote/unauthenticated 
Date:  02 September 2011
OS:    Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
       Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
       Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14789

Title: ESB-2011.0900 - [SUSE] SUSE Linux Enterprise 9: End of General
Support 
Date:  02 September 2011
OS:    SUSE 
URL:   http://www.auscert.org.au/14788

Title: ESB-2011.0899 - [UNIX/Linux][RedHat] rsyslog: Denial of service -
       Existing account 
Date:  02 September 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/14787

Title: ESB-2011.0898 - [SUSE] Xen: Denial of service - Unknown/unspecified 
Date:  01 September 2011
OS:    SUSE 
URL:   http://www.auscert.org.au/14786

Title: ESB-2011.0897 - [Win][UNIX/Linux] Tivoli Access Manager for
e-business:
       Denial of service - Remote with user interaction 
Date:  01 September 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
       Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
       Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14785

Title: ESB-2011.0896 - [RedHat] httpd: Denial of service -
       Remote/unauthenticated 
Date:  01 September 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14782

Title: ESB-2011.0895 - [RedHat] Firefox, Thunderbird and Seamonkey: Provide
       misleading information - Remote with user interaction 
Date:  01 September 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14781

Title: ESB-2011.0894 - [Win][UNIX/Linux] Drupal third-party modules:
       Cross-site scripting - Remote with user interaction 
Date:  01 September 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/14777

Title: ESB-2011.0893 - [Linux][RedHat] ecryptfs-utils: Multiple
       vulnerabilities 
Date:  01 September 2011
OS:    Red Hat Linux, Other Linux Variants, SUSE, Ubuntu, Debian GNU/Linux 
URL:   http://www.auscert.org.au/14776

Title: ESB-2011.0892 - [RedHat] End Of Life announced for Red Hat Enterprise
       Linux 4 and Extended Update Support 4.7 
Date:  01 September 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14775

Title: ESB-2011.0891 - [Debian] ca-certificates: Provide misleading
       information - Remote with user interaction 
Date:  01 September 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/14774

Title: ESB-2011.0890 - [Debian] nss: Provide misleading information - Remote
       with user interaction 
Date:  01 September 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/14773

Title: ESB-2011.0889 - [Cisco] Cisco TelePresence Codecs: Denial of service
-
       Remote/unauthenticated 
Date:  01 September 2011
OS:    Cisco Products 
URL:   http://www.auscert.org.au/14772

Title: ESB-2011.0888 - [SUSE] vpnc: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  31 August 2011
OS:    SUSE 
URL:   http://www.auscert.org.au/14771

Title: ESB-2011.0887 - [Cisco] Cisco Devices: Denial of service -
       Remote/unauthenticated 
Date:  31 August 2011
OS:    Cisco Products 
URL:   http://www.auscert.org.au/14770

Title: ESB-2011.0886.2 - UPDATE [Win] Microsoft Windows: Provide misleading
       information - Remote with user interaction 
Date:  30 August 2011
OS:    Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server
       2008, Windows 2003, Windows XP, Windows 7, Windows Vista, Windows
       Server 2008 
URL:   http://www.auscert.org.au/14769

Title: ESB-2011.0885 - [SUSE][OpenSUSE] Firefox, Thunderbird and Seamonkey:
       Multiple vulnerabilities 
Date:  30 August 2011
OS:    Other Linux Variants, SUSE 
URL:   http://www.auscert.org.au/14768

Title: ESB-2011.0884 - [SUSE] java-1_4_2-ibm: Multiple vulnerabilities 
Date:  30 August 2011
OS:    SUSE 
URL:   http://www.auscert.org.au/14767

Title: ESB-2011.0883 - [Win][Linux][HP-UX][Solaris][AIX] IBM WebSphere
       Application Server: Access privileged data - Existing account 
Date:  30 August 2011
OS:    Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux,
       Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
       Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14766

Title: ESB-2011.0882 - [Win][UNIX/Linux] Squid: Denial of service -
       Remote/unauthenticated 
Date:  30 August 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
       Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
       Windows Server 2008, Other Linux Variants 
URL:   http://www.auscert.org.au/14765

Title: ESB-2011.0881 - [Debian] apache2: Denial of service -
       Remote/unauthenticated 
Date:  30 August 2011
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/14764

Title: ESB-2011.0880 - [Win][UNIX/Linux] Apache Tomcat: Access privileged
data
       - Remote/unauthenticated 
Date:  30 August 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/14763

Title: ESB-2011.0879 - [RedHat] samba, samba3x and cifs-utils: Multiple
       vulnerabilities 
Date:  30 August 2011
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/14762

Title: ESB-2011.0870.2 - UPDATED ALERT [Win][UNIX/Linux] Apache HTTPD:
Denial
       of service - Remote/unauthenticated 
Date:  29 August 2011
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008, IRIX, HP Tru64 UNIX,
       Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Debian
       GNU/Linux, Ubuntu, Windows XP, HP-UX, Other BSD Variants, SUSE,
Windows
       2000, OpenBSD, AIX, FreeBSD, Windows Vista, Other Linux Variants,
       Windows Server 2008 
URL:   http://www.auscert.org.au/14748



===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================




More information about the AusNOG mailing list