Orbit

AusCERT Week in Review 26 August 2011

Papers, Articles and other documents: - ------------------------------------- Title: Information for potential speakers at AusCERT2012 Date: 23 August 2011 URL: http://www.auscert.org.au/6609

Web Log Entries: - ---------------- Title: AusCERT Week in Review for 26th August 2011 Date: 26 August 2011 URL: http://www.auscert.org.au/14759

Alerts, Advisories and Updates: - ------------------------------- Title: ASB-2011.0068 - [Win][Linux][OSX] Google Chrome: Multiple vulnerabilities Date: 25 August 2011 URL: http://www.auscert.org.au/14755

Title: ASB-2011.0069 - [Win][UNIX/Linux] Pidgin: Execute arbitrary code/commands - Unknown/unspecified Date: 25 August 2011 URL: http://www.auscert.org.au/14756

Title: ASB-2011.0067.2 - UPDATE [Win][UNIX/Linux] PHP 5.3.7: Unauthorised access - Remote with user interaction Date: 24 August 2011 URL: http://www.auscert.org.au/14743

External Security Bulletins: - ---------------------------- Title: ESB-2011.0878 - [HP-UX] Veritas Enterprise Administrator: Execute arbitrary code/commands - Remote/unauthenticated Date: 26 August 2011 OS: HP-UX URL: http://www.auscert.org.au/14758

Title: ESB-2011.0877 - [Win] RSA enVision: Multiple vulnerabilities Date: 26 August 2011 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/14757

Title: ESB-2011.0876 - [Win] Citrix Access Gateway Enterprise Edition: Cross-site scripting - Remote with user interaction Date: 25 August 2011 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/14754

Title: ESB-2011.0875 - [Cisco] Cisco Unified Communications Manager and Cisco Unified Presence Server: Access confidential data - Remote/unauthenticated Date: 25 August 2011 OS: Cisco Products URL: http://www.auscert.org.au/14753

Title: ESB-2011.0874 - [Cisco] Cisco Intercompany Media Engine: Denial of service - Remote/unauthenticated Date: 25 August 2011 OS: Cisco Products URL: http://www.auscert.org.au/14752

Title: ESB-2011.0873 - [Cisco] Cisco Unified Communications Manager: Denial of service - Remote/unauthenticated Date: 25 August 2011 OS: Cisco Products URL: http://www.auscert.org.au/14751

Title: ESB-2011.0872 - [SUSE] Xen: Increased privileges - Existing account Date: 25 August 2011 OS: SUSE URL: http://www.auscert.org.au/14750

Title: ESB-2011.0871 - [Win][UNIX/Linux] phpMyAdmin: Cross-site scripting - Remote with user interaction Date: 25 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/14749

Title: ESB-2011.0870 - ALERT [Win][UNIX/Linux] Apache HTTPD: Denial of service - Remote/unauthenticated Date: 25 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/14748

Title: ESB-2011.0869 - [UNIX/Linux][SUSE] SUSE: Unauthorised access - Unknown/unspecified Date: 24 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/14747

Title: ESB-2011.0868 - [RedHat] libvirt: Denial of service - Remote/unauthenticated Date: 24 August 2011 OS: Red Hat Linux URL: http://www.auscert.org.au/14746

Title: ESB-2011.0867 - [Linux][RedHat] system-config-printer: Execute arbitrary code/commands - Remote/unauthenticated Date: 24 August 2011 OS: Red Hat Linux, Other Linux Variants, SUSE, Ubuntu, Debian GNU/Linux URL: http://www.auscert.org.au/14745

Title: ESB-2011.0866 - [RedHat] kernel: Multiple vulnerabilities Date: 24 August 2011 OS: Red Hat Linux URL: http://www.auscert.org.au/14744

Title: ESB-2011.0865 - [Win][Linux][HP-UX][Solaris][AIX] IBM HTTP Server: Cross-site scripting - Remote with user interaction Date: 22 August 2011 OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/14742

Title: ESB-2011.0864 - [SUSE] Xen: Denial of service - Existing account Date: 22 August 2011 OS: SUSE URL: http://www.auscert.org.au/14741

Title: ESB-2011.0863 - [Debian] icedove: Multiple vulnerabilities Date: 22 August 2011 OS: Debian GNU/Linux URL: http://www.auscert.org.au/14740

=========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072

Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. ===========================================================================