Keyboard Shortcuts
Thread View
j: Next unread messagek: Previous unread messagej a: Jump to all threadsj l: Jump to MailingList overview
[pacnog] AusCERT Week in Review - Week Ending 14/08/2009 (AUSCERT#20073f686)
AusCERT Week in Review 14 August 2009
Web Log Entries: - ---------------- Title: Microsoft ATL vulnerability impacts developers Date: 13 August 2009 URL: http://www.auscert.org.au/11487
Alerts, Advisories and Updates: - ------------------------------- Title: ASB-2009.1049.2 - UPDATE [Win][UNIX/Linux] WordPress prior to 2.8.4: Denial of service - Remote/unauthenticated Date: 14 August 2009 URL: http://www.auscert.org.au/11488
Title: ASB-2009.1048 - [Win][UNIX/Linux] GnuTLS prior to 2.8.2: Provide misleading information - Remote with user interaction Date: 13 August 2009 URL: http://www.auscert.org.au/11486
Title: ASB-2009.1047 - [UNIX/Linux] Asterisk Open Source, Asterisk Business Edition & s800i Asterisk Appliance: Denial of service - Remote/unauthenticated Date: 11 August 2009 URL: http://www.auscert.org.au/11471
Title: ASB-2009.1046 - [Netware] Novell NetWare DNS Server: Read-only data access - Remote/unauthenticated Date: 11 August 2009 URL: http://www.auscert.org.au/11470
Title: ASB-2009.1044 - [Win][UNIX/Linux] PHP prior to version 5.2.10: Denial of service - Remote with user interaction Date: 10 August 2009 URL: http://www.auscert.org.au/11460
Title: ASB-2009.1045 - [Win][UNIX/Linux] Apache 2.2.12 and prior: Denial of service - Remote/unauthenticated Date: 10 August 2009 URL: http://www.auscert.org.au/11461
External Security Bulletins: - ---------------------------- Title: ESB-2009.1189 - [Linux] Insight Control Suite For Linux: Multiple vulnerabilities Date: 14 August 2009 OS: Red Hat Linux, HP-UX, SUSE, Other Linux Variants, Debian GNU/Linux, Ubuntu URL: http://www.auscert.org.au/11492
Title: ESB-2009.1188 - [Debian] libxml: Multiple vulnerabilities Date: 14 August 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/11491
Title: ESB-2009.1187 - [RedHat] kernel: Multiple vulnerabilities Date: 14 August 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/11490
Title: ESB-2009.1186 - [Win][UNIX/Linux][RedHat] curl: Provide misleading information - Remote/unauthenticated Date: 14 August 2009 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/11489
Title: ESB-2009.1185 - [Mac][OSX] BIND: Denial of service - Remote/unauthenticated Date: 13 August 2009 OS: Mac OS X URL: http://www.auscert.org.au/11485
Title: ESB-2009.1184 - [RedHat] nspr and nss: Multiple vulnerabilities Date: 13 August 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/11484
Title: ESB-2009.1183 - [HP Tru64] HP Internet Express: Access privileged data - Remote/unauthenticated Date: 13 August 2009 OS: HP Tru64 UNIX URL: http://www.auscert.org.au/11483
Title: ESB-2009.1182 - [Debian] Ruby 1.8 & Ruby 1.9: Multiple vulnerabilities Date: 13 August 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/11482
Title: ESB-2009.1181 - [Win][Mac][OSX] Safari: Multiple vulnerabilities Date: 12 August 2009 OS: Windows Vista, Windows XP, Mac OS X URL: http://www.auscert.org.au/11481
Title: ESB-2009.1180 - [Win] Telnet: Execute arbitrary code/commands - Remote with user interaction Date: 12 August 2009 OS: Windows 2003, Windows XP, Windows 2000, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/11480
Title: ESB-2009.1179 - [Win] Microsoft .NET Framework : Denial of service - Remote/unauthenticated Date: 12 August 2009 OS: Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/11479
Title: ESB-2009.1178 - [Win] Windows Message Queuing Service (MSMQ): Execute arbitrary code/commands - Existing account Date: 12 August 2009 OS: Windows 2003, Windows XP, Windows 2000, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/11478
Title: ESB-2009.1177 - [Win] Workstation Service: Execute arbitrary code/commands - Existing account Date: 12 August 2009 OS: Windows Vista, Windows 2003, Windows XP, Windows Server 2008 URL: http://www.auscert.org.au/11477
Title: ESB-2009.1176 - ALERT [Win] Microsoft Active Template Library: Execute arbitrary code/commands - Remote with user interaction Date: 12 August 2009 OS: Windows 2003, Windows XP, Windows 2000, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/11476
Title: ESB-2009.1175 - ALERT [Win] Windows Media File Processing: Execute arbitrary code/commands - Remote with user interaction Date: 12 August 2009 OS: Windows Vista, Windows 2003, Windows XP, Windows Server 2008 URL: http://www.auscert.org.au/11475
Title: ESB-2009.1174 - ALERT [Win] WINS: Administrator compromise - Remote/unauthenticated Date: 12 August 2009 OS: Windows 2003, Windows 2000 URL: http://www.auscert.org.au/11474
Title: ESB-2009.1173 - ALERT [Win][Mac][OSX] Microsoft Remote Desktop Connection: Execute arbitrary code/commands - Remote with user interaction Date: 12 August 2009 OS: Windows 2003, Windows XP, Windows 2000, Windows Vista, Mac OS X, Windows Server 2008 URL: http://www.auscert.org.au/11473
Title: ESB-2009.1172 - ALERT [Win] Microsoft Office Web Components: Execute arbitrary code/commands - Remote with user interaction Date: 12 August 2009 OS: Windows 2003, Windows XP, Windows 2000, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/11472
Title: ESB-2009.1171 - [Win][Linux][HP-UX][Solaris][AIX] Sun Java System Access Manager Policy Agent 2.2: Multiple vulnerabilities Date: 11 August 2009 OS: Solaris, Windows 2003, Red Hat Linux, HP-UX, Windows XP, SUSE, Windows 2000, AIX, Windows Vista, Windows Server 2008, Other Linux Variants, Ubuntu, Debian GNU/Linux URL: http://www.auscert.org.au/11469
Title: ESB-2009.1170 - [HP-UX] ttrace(2): Denial of service - Existing account Date: 11 August 2009 OS: HP-UX URL: http://www.auscert.org.au/11468
Title: ESB-2009.1169 - [RedHat] libxml and libxml2: Multiple vulnerabilities
Date: 11 August 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/11467
Title: ESB-2009.1168 - [RedHat] Apache httpd: Multiple vulnerabilities Date: 11 August 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/11466
Title: ESB-2009.1167 - [RedHat] apr and apr-util: Execute arbitrary code/commands - Remote/unauthenticated Date: 11 August 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/11465
Title: ESB-2009.1166 - [RedHat] subversion: Execute arbitrary code/commands - Existing account Date: 11 August 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/11464
Title: ESB-2009.1165.2 - UPDATE [Win][UNIX/Linux][Debian] libxml2: Multiple vulnerabilities Date: 13 August 2009 OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD, AIX, OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP, Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Windows 2003, Solaris, HP Tru64 UNIX, IRIX URL: http://www.auscert.org.au/11463
Title: ESB-2009.1164 - [Debian] imagemagick: Multiple vulnerabilities Date: 11 August 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/11462
Title: ESB-2009.1163 - [Win][Linux][HP-UX][Solaris][AIX] EMC Replication Manager Client: Execute arbitrary code/commands - Remote/unauthenticated Date: 10 August 2009 OS: Solaris, Red Hat Linux, Windows 2003, HP-UX, SUSE, Windows 2000, AIX, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/11459
Title: ESB-2009.1162 - [Win] CA Unicenter Products: Cross-site scripting - Remote with user interaction Date: 10 August 2009 OS: Windows Vista, Windows 2003, Windows Server 2008, Windows XP, Windows 2000 URL: http://www.auscert.org.au/11458
Title: ESB-2009.1161 - [Win] CA Data Transport Services: Execute arbitrary code/commands - Remote/unauthenticated Date: 10 August 2009 OS: Windows Vista, Windows 2003, Windows Server 2008, Windows XP, Windows 2000 URL: http://www.auscert.org.au/11457
Title: ESB-2009.1160 - [SUSE][OpenSUSE] Sun Java 1.5 and Sun Java 1.6: Execute arbitrary code/commands - Remote with user interaction Date: 10 August 2009 OS: SUSE URL: http://www.auscert.org.au/11456
Title: ESB-2009.1159 - [UNIX/Linux][Debian] camlimages: Execute arbitrary code/commands - Remote with user interaction Date: 10 August 2009 OS: IRIX, Solaris, HP Tru64 UNIX, Red Hat Linux, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/11455
Title: ESB-2009.1158 - [Debian] mantis: Unauthorised access - Existing account Date: 10 August 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/11454
Title: ESB-2009.1157 - [Win][UNIX/Linux][Debian] subversion: Execute arbitrary code/commands - Existing account Date: 10 August 2009 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, Windows Vista, FreeBSD, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/11453
Title: ESB-2009.1156 - [Debian] apr, apr-util: Execute arbitrary code/commands - Remote/unauthenticated Date: 10 August 2009 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/11452
Title: ESB-2009.1155 - [UNIX/Linux][Debian] memcached: Root compromise - Remote/unauthenticated Date: 10 August 2009 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/11451
Title: ESB-2009.1154 - [Debian] fetchmail: Provide misleading information - Remote with user interaction Date: 10 August 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/11450
Title: ESB-2009.1153 - [Debian] squid3: Denial of Service - Remote/unauthenticated Date: 10 August 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/11449
Title: ESB-2009.1152 - [HP NonStop] HP NonStop Servers with Telco CLIMs: Execute arbitrary code/commands - Remote/unauthenticated Date: 10 August 2009 URL: http://www.auscert.org.au/11448
Title: ESB-2009.1151 - [HP Tru64] BIND: Denial of service - Remote/unauthenticated Date: 10 August 2009 OS: HP Tru64 UNIX, HP-UX URL: http://www.auscert.org.au/11447
Title: ESB-2009.1146.2 - UPDATE [Win][Linux][Solaris][Mac][OSX] Sun VirtualBox: Denial of service - Existing account Date: 10 August 2009 OS: Windows Server 2008, Other Linux Variants, Windows Vista, Windows 2000, SUSE, Windows XP, Debian GNU/Linux, Ubuntu, Mac OS X, Windows 2003, Red Hat Linux, Solaris URL: http://www.auscert.org.au/11441
Title: ESB-2009.1145.2 - UPDATE [Win][Linux][HP-UX][Solaris] Sun Java System Access Manager and OpenSSO Enterprise: Unauthorised access - Remote/unauthenticated Date: 10 August 2009 OS: Debian GNU/Linux, Ubuntu, Other Linux Variants, Windows Server 2008, Windows Vista, Windows 2000, SUSE, HP-UX, Windows XP, Windows 2003, Red Hat Linux, Solaris URL: http://www.auscert.org.au/11440
Title: ESB-2009.1143.2 - UPDATE [Solaris][OpenSolaris] XScreenSaver: Access privileged data - Console/physical Date: 10 August 2009 OS: Solaris URL: http://www.auscert.org.au/11438
Title: ESB-2009.1132.4 - UPDATED ALERT [Win][Linux][Solaris] Sun Java: Multiple vulnerabilities Date: 11 August 2009 OS: Debian GNU/Linux, Ubuntu, Other Linux Variants, Windows Server 2008, Windows Vista, Windows 2000, SUSE, Windows XP, Windows 2003, Red Hat Linux, Solaris URL: http://www.auscert.org.au/11425
Title: ESB-2009.1087.2 - UPDATE [HP-UX] XNTP 3.5: Execute arbitrary code/commands - Remote/unauthenticated Date: 13 August 2009 OS: HP-UX URL: http://www.auscert.org.au/11353
Title: ESB-2009.0598 -- [NetBSD] -- PF firewall: Denial of Service Date: 14 August 2009 OS: Other BSD Variants URL: http://www.auscert.org.au/11195
Title: ESB-2009.0592 -- [AIX] -- AIX libtt.a rpc.ttdbserver: Execute Arbitrary Code Date: 11 August 2009 OS: AIX URL: http://www.auscert.org.au/11185
Activity Summary
- 4973 days inactive
- 4973 days old
- pacnog@pacnog.org
- 1 participants
- 0 comments