Activity Summary
- 4484 days inactive
- 4484 days old
- pacnog@pacnog.org
- 1 participants
- 0 comments
j
: Next unread message k
: Previous unread message j a
: Jump to all threads
j l
: Jump to MailingList overview
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
AusCERT Week in Review 10 December 2010
Greetings,
Popular applications in focus this week, with Firefox[1], Google Chrome[2], Thunderbird[3] and Quicktime[4] all corrected for multiple vulnerabilities. Next week is Microsoft patch week and the Advance Notification[5] is out: 17 bulletins in total, with critical impacts on Windows, Internet Explorer and Office.
regards, The AusCERT Team
[1] Mozilla Firefox http://www.auscert.org.au/13697 [2] Google Chrome http://www.auscert.org.au/13678 [3] Mozilla Thunderbird http://www.auscert.org.au/13698 [4] Apple Quicktime http://www.auscert.org.au/13687 [5] Microsoft Advance Notification http://www.auscert.org.au/13694
Alerts, Advisories and Updates: - ------------------------------- Title: ASB-2010.0248 - ALERT [Win][UNIX/Linux] Firefox: Multiple vulnerabilities Date: 10 December 2010 URL: http://www.auscert.org.au/13697
Title: ASB-2010.0249 - [Win][UNIX/Linux] Thunderbird: Multiple vulnerabilities Date: 10 December 2010 URL: http://www.auscert.org.au/13698
Title: ASB-2010.0247 - [Win][UNIX/Linux] WordPress prior to version 3.0.3: Increased privileges - Existing account Date: 09 December 2010 URL: http://www.auscert.org.au/13693
Title: ASB-2010.0246.2 - UPDATE [Win][Linux][OSX] Google Chrome prior to 8.0.552.215: Multiple vulnerabilities Date: 08 December 2010 URL: http://www.auscert.org.au/13678
External Security Bulletins: - ---------------------------- Title: ESB-2010.1117 - [RedHat] thunderbird: Multiple vulnerabilities Date: 10 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13700
Title: ESB-2010.1116 - [RedHat] firefox: Multiple vulnerabilities Date: 10 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13699
Title: ESB-2010.1115 - [Win] CA XOsoft: Execute arbitrary code/commands - Remote/unauthenticated Date: 10 December 2010 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13696
Title: ESB-2010.1114 - [HP-UX] HP-UX Apache-based Web Server: Multiple vulnerabilities Date: 10 December 2010 OS: HP-UX URL: http://www.auscert.org.au/13695
Title: ESB-2010.1113 - [Win] Microsoft Security Bulletin Advance Notification for December 2010 Date: 10 December 2010 OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13694
Title: ESB-2010.1112 - [Win][UNIX/Linux] Drupal third-party modules: Execute arbitrary code/commands - Remote with user interaction Date: 09 December 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/13692
Title: ESB-2010.1111 - [SUSE][OpenSUSE] SUSE: Multiple vulnerabilities Date: 09 December 2010 OS: Other Linux Variants, SUSE URL: http://www.auscert.org.au/13691
Title: ESB-2010.1110 - [SUSE][OpenSUSE] acoread: Multiple vulnerabilities Date: 09 December 2010 OS: Other Linux Variants, SUSE URL: http://www.auscert.org.au/13690
Title: ESB-2010.1109 - [RedHat] JBoss: Denial of service - Remote with user interaction Date: 09 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13689
Title: ESB-2010.1108 - [RedHat] kernel-rt: Multiple vulnerabilities Date: 09 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13688
Title: ESB-2010.1107 - [Win][OSX] QuickTime prior to 7.6.9: Multiple vulnerabilities Date: 08 December 2010 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac OS X, Windows Server 2008 URL: http://www.auscert.org.au/13687
Title: ESB-2010.1106 - [Win][UNIX/Linux][Mandriva] clamav: Multiple vulnerabilities Date: 08 December 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/13686
Title: ESB-2010.1105 - [VMware ESX] VMware ESX 3.5: Multiple vulnerabilities Date: 08 December 2010 OS: Virtualisation URL: http://www.auscert.org.au/13685
Title: ESB-2010.1104 - [HP-UX] HP-UX: Denial of service - Remote/unauthenticated Date: 08 December 2010 OS: HP-UX URL: http://www.auscert.org.au/13684
Title: ESB-2010.1103 - [RedHat] apr-util: Denial of service - Existing account Date: 08 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13683
Title: ESB-2010.1102 - [Win][UNIX/Linux] Atlassian JIRA prior to 4.2.1: Cross-site request forgery - Remote with user interaction Date: 07 December 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/13682
Title: ESB-2010.1101 - [RedHat] quagga: Multiple vulnerabilities Date: 07 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13681
Title: ESB-2010.1100 - [RedHat] kvm: Denial of service - Existing account Date: 07 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13680
Title: ESB-2010.1099 - [RedHat] Red Hat Enterprise Virtualization Manager: Increased privileges - Existing account Date: 07 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13679
=========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072
Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. ===========================================================================