Keyboard Shortcuts
Thread View
j: Next unread messagek: Previous unread messagej a: Jump to all threadsj l: Jump to MailingList overview
Hi all,
It's that time of week where we send out the list of advisories we have released.
Please note that there is a new zero day attack using Adobe Acrobat Reader. See the ShadowServer write up for more information (http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090219).
Regards, Zane.
------------------------------------------------
Web Log Entries: ---------------- Title: Small increase in port scanning Date: 15 February 2009 URL: http://www.auscert.org.au/10508
Alerts, Advisories and Updates: ------------------------------- Title: AA-2009.0019 -- [Win][UNIX/Linux] -- Multiple vulnerabilities reported in Wireshark Date: 20 February 2009 URL: http://www.auscert.org.au/10495
Title: AA-2009.0020 -- [Win] -- Access bypass vulnerability reported in Trend Micro Interscan Web Security Suite Date: 20 February 2009 URL: http://www.auscert.org.au/10496
Title: AA-2009.0034 -- [Linux] -- Linux Kernel 2.6.28.5 corrects a security vulnerability Date: 20 February 2009 URL: http://www.auscert.org.au/10529
Title: AA-2009.0035 -- [Win][UNIX/Linux] -- Security vulnerability corrected in Ruby - Revision 22440 Date: 20 February 2009 URL: http://www.auscert.org.au/10530
Title: AA-2009.0031 -- [Win] -- Code execution vulnerability reported in FeedDemon Date: 19 February 2009 URL: http://www.auscert.org.au/10523
Title: AA-2009.0032 -- [Win][UNIX/Linux] -- Security updates released for Symantec Veritas NetBackup Date: 19 February 2009 URL: http://www.auscert.org.au/10524
Title: AA-2009.0033 -- [Win][UNIX/Linux] -- Security Updates released for UltraVNC and TightVnc Date: 19 February 2009 URL: http://www.auscert.org.au/10525
Title: AA-2008.0211 -- [Win][Appliance] -- Vulnerabilities in multiple Avaya products Date: 18 February 2009 URL: http://www.auscert.org.au/9959
Title: AL-2009.0013 -- [Win] -- MS09-003 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution Date: 18 February 2009 URL: http://www.auscert.org.au/10478
Title: AA-2009.0025 -- [Win][UNIX/Linux] -- MySQL Community Server 5.0.77 released Date: 18 February 2009 URL: http://www.auscert.org.au/10515
Title: AU-2009.0009 -- AusCERT Update - [Win] - Updated - MS09-003 - Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution Date: 18 February 2009 URL: http://www.auscert.org.au/10516
Title: AA-2009.0026 -- [Win][UNIX/Linux] -- Information disclosure vulnerability in IBM WebSphere Message Broker Date: 18 February 2009 URL: http://www.auscert.org.au/10517
Title: AA-2009.0027 -- [Win][UNIX/Linux] -- Code execution vulnerability corrected in ffmpeg Date: 18 February 2009 URL: http://www.auscert.org.au/10519
Title: AA-2009.0028 -- [UNIX/Linux] -- Patch released for libvirt to correct privilege escalation vulnerability Date: 18 February 2009 URL: http://www.auscert.org.au/10520
Title: AA-2009.0029 -- [UNIX/Linux] -- A vulnerability identified in evolution may allow for Man in the Middle (MITM) attacks Date: 18 February 2009 URL: http://www.auscert.org.au/10521
Title: AA-2009.0030 -- [Linux] -- Local Denial of Service (DoS) vulnerability corrected in the Linux Kernel Date: 18 February 2009 URL: http://www.auscert.org.au/10522
Title: AA-2009.0023 -- [Win][UNIX/Linux] -- Security updates available for IBM WebSphere Application Server Date: 17 February 2009 URL: http://www.auscert.org.au/10513
Title: AA-2009.0024 -- [UNIX/Linux] -- ProFTPD 1.3.2 released Date: 17 February 2009 URL: http://www.auscert.org.au/10514
Title: AA-2009.0021 -- [Win][UNIX/Linux] -- Multiple vulnerabilities reported in Bugzilla Date: 16 February 2009 URL: http://www.auscert.org.au/10503
Title: AA-2009.0022 -- [Win] -- Two remote code execution vulnerabilities in RealPlayer 11 Date: 16 February 2009 URL: http://www.auscert.org.au/10510
External Security Bulletins: ---------------------------- Title: ESB-2008.0445 -- [HP-UX] -- HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges Date: 16 February 2009 OS: HP-UX URL: http://www.auscert.org.au/9205
Title: ESB-2009.0161 -- [Solaris] -- The Name Service Caching Daemon (nscd(1M)) Does Not Cache Hosts for Cluster Nodes After Installing Patch 120011-14 (SPARC) or 120012-14 (x86) Date: 20 February 2009 OS: Solaris URL: http://www.auscert.org.au/10528
Title: ESB-2009.0160 -- [RedHat] -- Important: cups security update Date: 20 February 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/10527
Title: ESB-2009.0159 -- [RedHat] -- Moderate: imap security update Date: 20 February 2009 OS: Red Hat Linux URL: http://www.auscert.org.au/10526
Title: ESB-2009.0158 -- [UNIX/Linux][Ubuntu] -- fglrx-installer vulnerability Date: 18 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX, AIX URL: http://www.auscert.org.au/10518
Title: ESB-2009.0157 -- [FreeBSD] -- telnetd code execution vulnerability Date: 17 February 2009 OS: FreeBSD URL: http://www.auscert.org.au/10512
Title: ESB-2009.0156 -- [Win] -- GE Fanuc Proficy HMI/SCADA iFIX uses insecure authentication techniques Date: 17 February 2009 OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista URL: http://www.auscert.org.au/10511
Title: ESB-2009.0155 -- [HP-UX] -- HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) Date: 16 February 2009 OS: HP-UX URL: http://www.auscert.org.au/10509
Title: ESB-2009.0154 -- [Win][Linux][HP-UX][Solaris][AIX] -- A Security Vulnerability in the Sun Java System Server, Related to the Directory Proxy Server, May Lead to a Denial of Service (DoS) Condition Date: 20 February 2009 OS: Windows Vista, AIX, HP-UX, Red Hat Linux, Server 2008, Windows XP, Other Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu, Solaris URL: http://www.auscert.org.au/10507
Title: ESB-2009.0153 -- [Solaris] -- A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges Date: 16 February 2009 OS: Solaris URL: http://www.auscert.org.au/10506
Title: ESB-2009.0152 -- [Win][UNIX/Linux][Debian] -- New websvn packages fix information leak Date: 16 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista URL: http://www.auscert.org.au/10505
Title: ESB-2009.0151 -- [Win][UNIX/Linux][Debian] -- New moodle packages fix several vulnerabilities Date: 16 February 2009 OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista URL: http://www.auscert.org.au/10504
Title: ESB-2009.0146 -- [AIX] -- AIX at information disclosure vulnerability
Date: 17 February 2009 OS: AIX URL: http://www.auscert.org.au/10497
Title: ESB-2009.0143 -- [Win][Linux][HP-UX][Solaris][AIX] -- A Security Vulnerability in Sun Java System Directory Server May Allow Specific Requests to Crash the Directory Server Causing a Denial of Service (DoS) Date: 18 February 2009 OS: Windows Vista, AIX, HP-UX, Red Hat Linux, Server 2008, Windows XP, Other Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu, Solaris URL: http://www.auscert.org.au/10490
Title: ESB-2009.0127 -- [Appliance] -- Certain HP Printers, and HP Digital Senders, Remote Unauthorized Access to Files Date: 17 February 2009 URL: http://www.auscert.org.au/10470
Title: ESB-2009.0127 -- [Win][UNIX/Linux] -- HP Storage Essentials SRM, Remote Unauthorized Access Date: 16 February 2009 OS: Windows Vista, AIX, HP-UX, Red Hat Linux, Windows XP, Other Linux Variants, Windows 2000, Windows 2003, IRIX, Debian GNU/Linux, Ubuntu, HP Tru64 UNIX, Solaris URL: http://www.auscert.org.au/8751
Title: ESB-2009.0126 -- [Win][UNIX/Linux][HP-UX][Solaris] -- HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code Date: 18 February 2009 OS: Windows Vista, HP-UX, Red Hat Linux, Server 2008, Windows XP, Other Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu, Solaris URL: http://www.auscert.org.au/10469
Title: ESB-2009.0110 -- [Solaris] -- Security Vulnerability in OpenSSL due to Improper Usage of Signature Date: 20 February 2009 OS: Solaris URL: http://www.auscert.org.au/10444
Title: ESB-2009.0098 -- [Solaris] -- Security Vulnerability in Solaris BIND named(1M) due to Incorrect DNSSEC Signature Verification Date: 16 February 2009 OS: Solaris URL: http://www.auscert.org.au/10428
=========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072
Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. ===========================================================================
Activity Summary
- 5330 days inactive
- 5330 days old
- pacnog@pacnog.org
- 1 participants
- 0 comments