Keyboard Shortcuts
Thread View
j: Next unread messagek: Previous unread messagej a: Jump to all threadsj l: Jump to MailingList overview
AusCERT Week in Review 27 February 2009
Alerts, Advisories and Updates: ------------------------------- Title: AA-2009.0042 -- [Win][Mac][OSX] -- Vulnerability announced in Microsoft Excel Date: 25 February 2009 URL: http://www.auscert.org.au/10544
Title: AA-2009.0043 -- [Win][Linux][HP-UX][Solaris][AIX] -- Privilege escalation vulnerability in IBM websphere MQ Date: 25 February 2009 URL: http://www.auscert.org.au/10546
Title: AA-2009.0039 -- [OpenBSD] -- OpenBSD patch corrects sudo vulnerability Date: 24 February 2009 URL: http://www.auscert.org.au/10538
Title: AA-2009.0040 -- [Win][Linux][Solaris][AIX] -- Vulnerability corrected in IBM WebSphere Partner Gateway Date: 24 February 2009 URL: http://www.auscert.org.au/10539
Title: AA-2009.0041 -- [Appliance] -- Avaya addresses vulnerabilities in Digital Enhanced Cordless Telecommunications (DECT) Date: 24 February 2009 URL: http://www.auscert.org.au/10542
Title: AA-2009.0035 -- [Win][UNIX/Linux] -- Security vulnerability corrected in Ruby - Revision 22440 Date: 23 February 2009 URL: http://www.auscert.org.au/10530
Title: AA-2009.0037 -- [Win][UNIX/Linux] -- SQL injection vulnerabilities in GForge Date: 23 February 2009 URL: http://www.auscert.org.au/10534
Title: AA-2009.0038 -- [Win] -- Vulnerability corrected in LANDesk Management Suite Date: 23 February 2009 URL: http://www.auscert.org.au/10535
External Security Bulletins: ---------------------------- Title: ESB-2008.0997 -- [Win][UNIX/Linux] -- Multiple vulnerabilities in Drupal Core and third-party modules Date: 22 February 2009 OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD, HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, AIX, Server 2008, Windows Vista, Windows 2003, Windows 2000, Windows XP, Mac OS X URL: http://www.auscert.org.au/10003
Title: ESB-2008.0957 -- [Win][UNIX/Linux] -- SIOC and EveryBlog (Drupal third-party modules) Multiple vulnerabilities Date: 22 February 2009 OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD, HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, AIX, Server 2008, Windows Vista, Windows 2003, Windows 2000, Windows XP, Mac OS X URL: http://www.auscert.org.au/9941
Title: ESB-2009.0187 -- [VMware ESX] -- ESX 2.5.5 patch 12 updates service console package ed Date: 27 February 2009 OS: Virtualisation URL: http://www.auscert.org.au/10565
Title: ESB-2009.0186 -- [Cisco] -- Cisco Unified MeetingPlace Stored Cross-Site Scripting Vulnerability Date: 27 February 2009 OS: Cisco Products URL: http://www.auscert.org.au/10564
Title: ESB-2009.0185 -- [Win][UNIX/Linux] -- Tomcat information disclosure vulnerability Date: 27 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista URL: http://www.auscert.org.au/10563
Title: ESB-2009.0184 -- [Linux] -- A vulnerability has been identified and corrected in valgrind Date: 27 February 2009 OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux URL: http://www.auscert.org.au/10562
Title: ESB-2009.0183 -- [UNIX/Linux] -- Vulnerability identified in net-snmp
Date: 27 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX, AIX URL: http://www.auscert.org.au/10561
Title: ESB-2009.0182 -- [UNIX/Linux] -- Vulnerability identified in epiphany
Date: 27 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX, AIX URL: http://www.auscert.org.au/10560
Title: ESB-2009.0181 -- [Debian] -- New proftpd-dfsg packages fix SQL injection vulnerabilites Date: 27 February 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/10559
Title: ESB-2009.0180 -- [Win] -- HP Virtual Rooms Client Running on Windows, Remote Execution of Arbitrary Code Date: 27 February 2009 OS: Windows 2000, Windows XP, Windows Vista URL: http://www.auscert.org.au/10558
Title: ESB-2009.0179 -- [Solaris] -- Security Vulnerabilities in Tomcat 5.5 may Lead to Cross Site Scripting (XSS) or Directory Traversal Date: 27 February 2009 OS: Solaris URL: http://www.auscert.org.au/10557
Title: ESB-2009.0178 -- [Win] -- Update for Windows Autorun Date: 26 February 2009 OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista URL: http://www.auscert.org.au/10556
Title: ESB-2009.0177 -- [Cisco] -- Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Date: 26 February 2009 OS: Cisco Products URL: http://www.auscert.org.au/10555
Title: ESB-2009.0176 -- [Cisco] -- Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability Date: 26 February 2009 OS: Cisco Products URL: http://www.auscert.org.au/10554
Title: ESB-2009.0175 -- [Win] -- Updates available for RoboHelp and RoboHelp Server Cross-Site Scripting issues Date: 26 February 2009 OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista URL: http://www.auscert.org.au/10553
Title: ESB-2009.0174 -- [Win][UNIX/Linux][RedHat] -- Critical: flash-plugin security update Date: 26 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista URL: http://www.auscert.org.au/10552
Title: ESB-2009.0173 -- [Debian] -- New python-crypto packages fix denial of service Date: 26 February 2009 OS: Debian GNU/Linux URL: http://www.auscert.org.au/10551
Title: ESB-2009.0172 -- [Win] -- Drupal core - Local file inclusion on Windows Date: 26 February 2009 OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista URL: http://www.auscert.org.au/10550
Title: ESB-2009.0171 -- [Win][UNIX/Linux] -- Shibboleth IdP 2.X cross-site request attack Date: 25 February 2009 OS: Mac OS X, Windows XP, Windows 2000, Windows 2003, Windows Vista, Server 2008, AIX, Red Hat Linux, Other Linux Variants, Debian GNU/Linux, Ubuntu, HP-UX, FreeBSD, Other BSD Variants, OpenBSD, IRIX, Solaris, HP Tru64 UNIX URL: http://www.auscert.org.au/10549
Title: ESB-2009.0170 -- [Win][Linux][Solaris][Mac][OSX] -- Adobe Flash Player Invalid Object Reference Vulnerability Date: 26 February 2009 OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, Windows Vista URL: http://www.auscert.org.au/10548
Title: ESB-2009.0169 -- [Win][Linux][HP-UX][Solaris] -- HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access, Denial of Service (DoS) Date: 25 February 2009 OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, HP-UX, Windows Vista URL: http://www.auscert.org.au/10547
Title: ESB-2009.0168 -- [RedHat] -- Important: kernel security update Date: 25 February 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/10545
Title: ESB-2009.0167 -- [Win][VMware ESX][Linux] -- VirtualCenter Update 4 updates Tomcat to 5.5.27 Date: 24 February 2009 OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux Variants, Windows XP, Virtualisation, Server 2008, Red Hat Linux, Windows Vista URL: http://www.auscert.org.au/10543
Title: ESB-2009.0166 -- [Win][UNIX/Linux] -- Vulnerability corrected in PyCrypto Date: 24 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista URL: http://www.auscert.org.au/10541
Title: ESB-2009.0165 -- [UNIX/Linux] -- GNU Emacs, XEmacs: Multiple vulnerabilities Date: 24 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX, AIX URL: http://www.auscert.org.au/10540
Title: ESB-2009.0164 -- [Appliance] -- Intercepting proxy servers may incorrectly rely on HTTP headers to make connections Date: 24 February 2009 OS: Cisco Products URL: http://www.auscert.org.au/10537
Title: ESB-2009.0163 -- [Win][UNIX/Linux] -- OpenSSH 5.2 released Date: 23 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista URL: http://www.auscert.org.au/10536
Title: ESB-2009.0162 -- [Win][UNIX/Linux] -- Adobe Reader and Acrobat buffer overflow vulnerability Date: 23 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista URL: http://www.auscert.org.au/10533
Title: ESB-2009.0157 -- [FreeBSD] -- telnetd code execution vulnerability Date: 23 February 2009 OS: FreeBSD URL: http://www.auscert.org.au/10512
Title: ESB-2009.0114 -- [VMware ESX] -- ESX patches address an issue loading corrupt virtual disks and update Service Console packages Date: 27 February 2009 OS: Virtualisation URL: http://www.auscert.org.au/10448
=========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072
Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. ===========================================================================
Activity Summary
- 5200 days inactive
- 5200 days old
- pacnog@pacnog.org
- 1 participants
- 0 comments