Orbit

AusCERT Week in Review 05 August 2011

Alerts, Advisories and Updates: - ------------------------------- Title: ASB-2011.0060 - [Win][Linux][Mac][OSX] Google Chrome: Multiple vulnerabilities Date: 03 August 2011 URL: http://www.auscert.org.au/14669

Title: ASB-2011.0061 - [Win][UNIX/Linux] BIND: Denial of service - Remote/unauthenticated Date: 03 August 2011 URL: http://www.auscert.org.au/14670

External Security Bulletins: - ---------------------------- Title: ESB-2011.0806 - [Win] Microsoft: Microsoft Security Bulletin Advance Notification for August Date: 05 August 2011 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/14675

Title: ESB-2011.0805 - [SUSE] java-1_5_0-ibm: Multiple vulnerabilities Date: 05 August 2011 OS: SUSE URL: http://www.auscert.org.au/14674

Title: ESB-2011.0804 - [Win][UNIX/Linux] Drupal third-party modules: Cross-site scripting - Remote with user interaction Date: 04 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/14673

Title: ESB-2011.0803 - [Win][UNIX/Linux][Cisco] Cisco Warranty CDs: Execute arbitrary code/commands - Console/physical Date: 04 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Cisco Products, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/14672

Title: ESB-2011.0802 - [Win][Mac][OSX] QuickTime: Multiple vulnerabilities Date: 04 August 2011 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008, Mac OS X URL: http://www.auscert.org.au/14671

Title: ESB-2011.0801 - [SUSE] IBM Java: Multiple vulnerabilities Date: 03 August 2011 OS: SUSE URL: http://www.auscert.org.au/14668

Title: ESB-2011.0800 - [RedHat] kernel: Denial of service - Remote/unauthenticated Date: 03 August 2011 OS: Red Hat Linux URL: http://www.auscert.org.au/14667

Title: ESB-2011.0799 - [SUSE] libwebkit: Execute arbitrary code/commands - Remote with user interaction Date: 02 August 2011 OS: SUSE URL: http://www.auscert.org.au/14666

Title: ESB-2011.0798 - [RedHat] Red Hat Enterprise Linux (v. 5.4.z server): Reduced security - Unknown/unspecified Date: 02 August 2011 OS: Red Hat Linux URL: http://www.auscert.org.au/14665

Title: ESB-2011.0797 - [UNIX/Linux][RedHat] foomatic: Execute arbitrary code/commands - Remote with user interaction Date: 02 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/14664

Title: ESB-2011.0796 - [Win][Linux][Solaris][AIX] IBM WebSphere Application Server Community Edition: Multiple vulnerabilities Date: 01 August 2011 OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu, Windows XP, SUSE, Windows 2000, AIX, Windows Vista, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/14663

Title: ESB-2011.0795 - [Win][UNIX/Linux] Sybase Adaptive Server Backup: Execute arbitrary code/commands - Remote/unauthenticated Date: 01 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/14662

Title: ESB-2011.0794 - [RedHat] Cisco TelePresence Recording Server: Root compromise - Remote/unauthenticated Date: 01 August 2011 OS: Cisco Products, Red Hat Linux URL: http://www.auscert.org.au/14661

Title: ESB-2011.0763.2 - UPDATE [Win][UNIX/Linux] phpMyAdmin: Multiple vulnerabilities Date: 02 August 2011 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008, IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Debian GNU/Linux, Ubuntu, Windows XP, HP-UX, Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/14629

=========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072

Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. ===========================================================================