[AusNOG] AusCERT Week in Review - Week Ending 10/02/2012 (AUSCERT#20073f686)
Jonathan Levine
jonathan at auscert.org.au
Fri Feb 10 18:04:50 EST 2012
AusCERT Week in Review
10 February 2012
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2012.0019 - [Win][UNIX/Linux] Chrome: Denial of service - Remote
with user interaction
Date: 09 February 2012
URL: http://www.auscert.org.au/15441
Title: ASB-2012.0018 - [Win][UNIX/Linux] Joomla!: Access confidential data -
Remote/unauthenticated
Date: 06 February 2012
URL: http://www.auscert.org.au/15431
External Security Bulletins:
- ----------------------------
Title: ESB-2012.0151 - [Win][UNIX/Linux][RedHat] jbosscache: Access
privileged
data - Existing account
Date: 10 February 2012
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/15445
Title: ESB-2012.0150 - [Linux][RedHat] kernel: Multiple vulnerabilities
Date: 10 February 2012
OS: Red Hat Linux, SUSE, Other Linux Variants, Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/15444
Title: ESB-2012.0149 - [Win][UNIX/Linux][Debian] cvs: Execute arbitrary
code/commands - Remote/unauthenticated
Date: 10 February 2012
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/15443
Title: ESB-2012.0148 - [Debian] icedove: Multiple vulnerabilities
Date: 10 February 2012
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15442
Title: ESB-2012.0147 - [Win][Linux] HP System Management Homepage (SMH):
Access confidential data - Remote/unauthenticated
Date: 09 February 2012
OS: Windows 2003, Red Hat Linux, Windows 7, Debian GNU/Linux, Ubuntu,
Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants,
Windows Server 2008
URL: http://www.auscert.org.au/15440
Title: ESB-2012.0146 - [RedHat] mysql: Multiple vulnerabilities
Date: 09 February 2012
OS: Red Hat Linux
URL: http://www.auscert.org.au/15439
Title: ESB-2012.0145 - [RedHat] libxml2: Execute arbitrary code/commands -
Remote with user interaction
Date: 09 February 2012
OS: Red Hat Linux
URL: http://www.auscert.org.au/15438
Title: ESB-2012.0144 - [Win][Solaris] Various Hewlett-Packard products:
Access
confidential data - Remote/unauthenticated
Date: 08 February 2012
OS: Solaris, Windows 2003, Windows XP, Windows 2000, Windows 7, Windows
Vista, Windows Server 2008
URL: http://www.auscert.org.au/15437
Title: ESB-2012.0143 - [HP-UX] Apache Tomcat: Multiple vulnerabilities
Date: 08 February 2012
OS: HP-UX
URL: http://www.auscert.org.au/15436
Title: ESB-2012.0142 - [RedHat] Red Hat Enterprise MRG: Execute arbitrary
code/commands - Existing account
Date: 07 February 2012
OS: Red Hat Linux
URL: http://www.auscert.org.au/15435
Title: ESB-2012.0141 - [RedHat] Red Hat: Access privileged data - Existing
account
Date: 07 February 2012
OS: Red Hat Linux
URL: http://www.auscert.org.au/15434
Title: ESB-2012.0140 - [Debian] apache2: Multiple vulnerabilities
Date: 07 February 2012
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15433
Title: ESB-2012.0139 - [Win][UNIX/Linux] Various Hewlett-Packard products.:
Execute arbitrary code/commands - Remote/unauthenticated
Date: 07 February 2012
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/15432
Title: ESB-2012.0138 - [Mac][OSX] Apple Mac OS X: Multiple vulnerabilities
Date: 06 February 2012
OS: Mac OS X
URL: http://www.auscert.org.au/15430
Title: ESB-2012.0137 - [Debian] cacti: Multiple vulnerabilities
Date: 06 February 2012
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15429
Title: ESB-2012.0136 - [Debian] xen-qemu-dm-4.0: Root compromise - Existing
account
Date: 06 February 2012
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15428
Title: ESB-2012.0135.2 - UPDATE [Debian] php5: Execute arbitrary
code/commands
- Remote/unauthenticated
Date: 07 February 2012
OS: Debian GNU/Linux, Debian GNU/Linux
URL: http://www.auscert.org.au/15427
Title: ESB-2012.0134 - [Debian] iceape: Multiple vulnerabilities
Date: 06 February 2012
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15426
Title: ESB-2012.0133 - [Debian] iceweasel: Multiple vulnerabilities
Date: 06 February 2012
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15425
Title: ESB-2012.0132 - [Debian] tomcat6: Multiple vulnerabilities
Date: 06 February 2012
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/15424
Title: ESB-2012.0131 - [AIX] AIX: Denial of service - Remote/unauthenticated
Date: 06 February 2012
OS: AIX
URL: http://www.auscert.org.au/15423
Title: ESB-2012.0130 - [Win][UNIX/Linux] EMC Documentum xPlore: Access
privileged data - Existing account
Date: 06 February 2012
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/15422
Title: ESB-2011.0063.2 - UPDATE [UNIX/Linux] libpng: Execute arbitrary
code/commands - Remote with user interaction
Date: 10 February 2012
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants, IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux,
Mac
OS X, Debian GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE,
OpenBSD, AIX, FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/13850
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list