Orbit


                        AusCERT Week in Review
03 December 2010
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2010.0244 - [Win][UNIX/Linux] BIND: Multiple vulnerabilities 
Date:  03 December 2010
URL:   http://www.auscert.org.au/13674
Title: ASB-2010.0245 - [UNIX/Linux] ProFTPD ftp distribution server
compromise
Date:  03 December 2010
URL:   http://www.auscert.org.au/13675
Title: ASB-2010.0243 - ALERT [Win] McAfee VirusScan Enterprise 8.5i and
prior:
       Execute arbitrary code/commands - Remote with user interaction 
Date:  02 December 2010
URL:   http://www.auscert.org.au/13673
Title: ASB-2010.0242 - [Win][UNIX/Linux] WordPress prior to 3.0.2: Increased
       privileges - Existing account 
Date:  01 December 2010
URL:   http://www.auscert.org.au/13664
Title: ASB-2010.0241 - [Win][UNIX/Linux] phpMyAdmin: Cross-site scripting -
       Remote with user interaction 
Date:  30 November 2010
URL:   http://www.auscert.org.au/13655
Title: ASB-2010.0238.2 - UPDATE [Win][UNIX/Linux] Wireshark: Denial of
service
       - Remote with user interaction 
Date:  29 November 2010
URL:   http://www.auscert.org.au/13633
Title: ASB-2010.0240 - [Win][Linux][HP-UX][Solaris][AIX] IBM Websphere MQ
7.0:
       Provide misleading information - Remote/unauthenticated 
Date:  29 November 2010
URL:   http://www.auscert.org.au/13649
External Security Bulletins:
- ----------------------------
Title: ESB-2010.1097 - [HP-UX] OpenSSL: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  02 December 2010
OS:    HP-UX 
URL:   http://www.auscert.org.au/13672
Title: ESB-2010.1096 - [Win][UNIX/Linux] Drupal Third-party modules:
       Cross-site request forgery - Remote with user interaction 
Date:  02 December 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13671
Title: ESB-2010.1095 - [RedHat] JBoss Enterprise: Multiple vulnerabilities 
Date:  02 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13670
Title: ESB-2010.1094 - [RedHat] kernel: Multiple vulnerabilities 
Date:  02 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13669
Title: ESB-2010.1093 - [RedHat] java-1.4.2-ibm: Multiple vulnerabilities 
Date:  02 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13668
Title: ESB-2010.1092 - [RedHat] acroread: Multiple vulnerabilities 
Date:  02 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13667
Title: ESB-2010.1091 - [Debian] krb5: Increased privileges -
       Remote/unauthenticated 
Date:  02 December 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13666
Title: ESB-2010.1090 - [Debian] libxml2: Execute arbitrary code/commands -
       Remote with user interaction 
Date:  02 December 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13665
Title: ESB-2010.1089 - [Cisco] Cisco ASA 5500 Series, Cisco PIX 500 Series,
       Cisco VPN 3000 Series: Multiple vulnerabilities 
Date:  01 December 2010
OS:    Cisco Products 
URL:   http://www.auscert.org.au/13663
Title: ESB-2010.1088 - [SUSE] SUSE: Multiple vulnerabilities 
Date:  01 December 2010
OS:    SUSE 
URL:   http://www.auscert.org.au/13662
Title: ESB-2010.1087 - [RedHat] krb5: Multiple vulnerabilities 
Date:  01 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13661
Title: ESB-2010.1086 - [RedHat] wireshark: Multiple vulnerabilities 
Date:  01 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13660
Title: ESB-2010.1085 - [RedHat] dhcp: Denial of service -
       Remote/unauthenticated 
Date:  01 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13659
Title: ESB-2010.1084 - [RedHat] Red Hat Enterprise MRG Messaging and Grid:
       Unauthorised access - Existing account 
Date:  01 December 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13658
Title: ESB-2010.1083 - [VMware ESX] ESX Service Console OS: Increased
       privileges - Existing account 
Date:  01 December 2010
OS:    Virtualisation 
URL:   http://www.auscert.org.au/13657
Title: ESB-2010.1082 - [UNIX/Linux] krb5: Multiple vulnerabilities 
Date:  01 December 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
       GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
       Other Linux Variants 
URL:   http://www.auscert.org.au/13656
Title: ESB-2010.1081 - [FreeBSD] openssl: Multiple vulnerabilities 
Date:  30 November 2010
OS:    FreeBSD 
URL:   http://www.auscert.org.au/13654
Title: ESB-2010.1080 - [NetBSD] kernel: Denial of service - Existing account
Date:  30 November 2010
OS:    Other BSD Variants 
URL:   http://www.auscert.org.au/13653
Title: ESB-2010.1079 - [NetBSD] OpenSSL: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  30 November 2010
OS:    Other BSD Variants 
URL:   http://www.auscert.org.au/13652
Title: ESB-2010.1078 - [RedHat] php: Multiple vulnerabilities 
Date:  30 November 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13651
Title: ESB-2010.1077 - [Win][UNIX/Linux][RedHat] cvs: Execute arbitrary
       code/commands - Remote with user interaction 
Date:  30 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13650
Title: ESB-2010.1076 - [Win][UNIX/Linux][Debian] wireshark: Denial of
service
       - Remote/unauthenticated 
Date:  29 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13648
Title: ESB-2010.1075 - [Debian] linux-2.6: Multiple vulnerabilities 
Date:  29 November 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13647
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

Orbit

Activity Summary