Keyboard Shortcuts
Thread View
j
: Next unread messagek
: Previous unread messagej a
: Jump to all threadsj l
: Jump to MailingList overview

[pacnog] AusCERT Week in Review - Week Ending 17/12/2010 (AUSCERT#20073f686)
AusCERT Week in Review 17 December 2010
Alerts, Advisories and Updates: - ------------------------------- Title: ASB-2010.0251 - [Linux][BSD][Solaris] ISC DHCP Server prior to 4.2.0-P2: Denial of service - Remote/unauthenticated Date: 14 December 2010 URL: http://www.auscert.org.au/13715
Title: ASB-2010.0250 - [Win] Sophos SafeGuard Enterprise Device Encryption Client: Unauthorised access - Remote with user interaction Date: 13 December 2010 URL: http://www.auscert.org.au/13709
External Security Bulletins: - ---------------------------- Title: ESB-2010.1162.2 - UPDATE [Appliance] Apple Time Capsule and AirPort Base Station: Multiple vulnerabilities Date: 17 December 2010 URL: http://www.auscert.org.au/13748
Title: ESB-2010.1161 - [Win][UNIX/Linux] Drupal third-party modules: Cross-site request forgery - Remote with user interaction Date: 17 December 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/13747
Title: ESB-2010.1160 - [Win][UNIX/Linux][Appliance] HP StorageWorks Modular Smart Array P2000 G3: Unauthorised access - Remote/unauthenticated Date: 17 December 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/13746
Title: ESB-2010.1159 - [Win] HP Discovery & Dependency Mapping Inventory: Cross-site scripting - Remote with user interaction Date: 17 December 2010 OS: Windows 2003, HP-UX, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13745
Title: ESB-2010.1158 - [Win][Linux] HP Power Manager: Execute arbitrary code/commands - Remote/unauthenticated Date: 17 December 2010 OS: Windows 7, Windows 2003, Red Hat Linux, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/13744
Title: ESB-2010.1157 - HP OpenVMS Integrity Servers: Increased privileges - Existing account Date: 16 December 2010 OS: HP-UX URL: http://www.auscert.org.au/13743
Title: ESB-2010.1156 - [Win][Linux] HP Insight Management Agents: Access privileged data - Remote/unauthenticated Date: 16 December 2010 OS: Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/13741
Title: ESB-2010.1155 - [Win][Linux] HP Insight Diagnostics Online Edition: Cross-site scripting - Remote with user interaction Date: 16 December 2010 OS: Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/13742
Title: ESB-2010.1154 - [RedHat] java-1.6.0-ibm: Multiple vulnerabilities Date: 16 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13740
Title: ESB-2010.1153 - [RedHat] java-1.4.2-ibm-sap: Multiple vulnerabilities
Date: 16 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13739
Title: ESB-2010.1152 - [Win][VMware ESX][Linux] Symantec Endpoint Protection: Execute arbitrary code/commands - Remote/unauthenticated Date: 16 December 2010 OS: Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian GNU/Linux, Windows XP, Virtualisation, SUSE, Windows 2000, Windows Vista, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/13738
Title: ESB-2010.1151 - [Win] SAP NetWeaver: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows 2003, Windows 7, Windows XP, Windows 2000, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13737
Title: ESB-2010.1150 - [SUSE] kernel: Multiple vulnerabilities Date: 15 December 2010 OS: SUSE URL: http://www.auscert.org.au/13736
Title: ESB-2010.1149 - [RedHat] HelixPlayer: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13735
Title: ESB-2009.1148.4 - UPDATE [HP-UX] BIND: Denial of service - Remote/unauthenticated Date: 17 December 2010 OS: HP-UX URL: http://www.auscert.org.au/11443
Title: ESB-2010.1148 - [Win][Netware][Linux][Solaris][AIX] BlackBerry Enterprise Server: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Solaris, Windows 2003, Red Hat Linux, Windows 7, Novell Netware, Ubuntu, Debian GNU/Linux, Windows XP, SUSE, Windows 2000, AIX, Windows Vista, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/13734
Title: ESB-2010.1147 - [Win] Microsoft Exchange Server 2007 Service Pack 2: Denial of service - Existing account Date: 15 December 2010 OS: Windows 2003, Windows Server 2008 URL: http://www.auscert.org.au/13733
Title: ESB-2010.1146 - [Win] Microsoft Office Graphics Filters: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13732
Title: ESB-2010.1145 - [Win] Microsoft Office SharePoint Server 2007 Service Pack 2: Execute arbitrary code/commands - Remote/unauthenticated Date: 15 December 2010 OS: Windows 2003, Windows Server 2008 URL: http://www.auscert.org.au/13731
Title: ESB-2010.1144 - [Win] Microsoft Publisher: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13730
Title: ESB-2010.1143 - [Win] Hyper-V: Denial of service - Existing account Date: 15 December 2010 OS: Windows Server 2008 URL: http://www.auscert.org.au/13729
Title: ESB-2010.1142 - [Win] Windows Netlogon Service: Denial of service - Existing account Date: 15 December 2010 OS: Windows 2003, Windows Server 2008 URL: http://www.auscert.org.au/13728
Title: ESB-2010.1141 - [Win] Consent User Interface: Administrator compromise - Existing account Date: 15 December 2010 OS: Windows Vista, Windows Server 2008, Windows 7 URL: http://www.auscert.org.au/13727
Title: ESB-2010.1140 - [Win] Routing and Remote Access NDProxy component: Administrator compromise - Existing account Date: 15 December 2010 OS: Windows 2003, Windows XP URL: http://www.auscert.org.au/13726
Title: ESB-2010.1139 - [Win] Microsoft Windows: Administrator compromise - Existing account Date: 15 December 2010 OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13725
Title: ESB-2010.1138 - [Win] Internet Connection Signup Wizard: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows 2003, Windows XP URL: http://www.auscert.org.au/13724
Title: ESB-2010.1137 - [Win] Windows Address Book: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13723
Title: ESB-2010.1136 - [Win] Windows BranchCache: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows Server 2008, Windows 7 URL: http://www.auscert.org.au/13722
Title: ESB-2010.1135 - [Win] Windows Media Encoder: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows Vista, Windows 2003, Windows XP, Windows Server 2008 URL: http://www.auscert.org.au/13721
Title: ESB-2010.1134 - [Win] Windows Movie Maker 2.6: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows Vista URL: http://www.auscert.org.au/13720
Title: ESB-2010.1133 - [Win] Task Scheduler: Administrator compromise - Existing account Date: 15 December 2010 OS: Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13719
Title: ESB-2010.1132 - ALERT [Win] Windows Open Type Font (OTF) driver: Administrator compromise - Remote with user interaction Date: 15 December 2010 OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13718
Title: ESB-2010.1131 - ALERT [Win] Microsoft Internet Explorer: Multiple vulnerabilities Date: 15 December 2010 OS: Windows 2003, Windows XP, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13717
Title: ESB-2010.1130 - [Appliance] Avaya CMS and Avaya IR: Denial of service - Existing account Date: 14 December 2010 URL: http://www.auscert.org.au/13716
Title: ESB-2010.1129 - [UNIX/Linux][Debian] collectd: Denial of service - Remote/unauthenticated Date: 14 December 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/13714
Title: ESB-2010.1128 - [Win][Netware][Linux] Novell ZENWorks: Multiple vulnerabilities Date: 14 December 2010 OS: Windows 2003, Red Hat Linux, Windows 7, Novell Netware, Ubuntu, Debian GNU/Linux, Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/13713
Title: ESB-2010.1127 - [Win] Symantec Antivirus Corporate Edition 10.1.4.4010 and prior: Denial of service - Remote/unauthenticated Date: 14 December 2010 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/13712
Title: ESB-2010.1126 - [RedHat] openssl: Multiple vulnerabilities Date: 14 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13711
Title: ESB-2010.1125.2 - UPDATE [RedHat] bind: Multiple vulnerabilities Date: 14 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13710
Title: ESB-2010.1124.2 - UPDATE [Win][UNIX/Linux] RealPlayer: Execute arbitrary code/commands - Remote with user interaction Date: 15 December 2010 OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD, AIX, OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP, Ubuntu, Debian GNU/Linux, Mac OS X, Windows 7, Red Hat Linux, Windows 2003, Solaris, HP Tru64 UNIX, IRIX URL: http://www.auscert.org.au/13708
Title: ESB-2010.1123.2 - UPDATE [HP-UX] Java: Multiple vulnerabilities Date: 14 December 2010 OS: HP-UX URL: http://www.auscert.org.au/13707
Title: ESB-2010.1122 - [Debian] xulrunner: Multiple vulnerabilities Date: 13 December 2010 OS: Debian GNU/Linux URL: http://www.auscert.org.au/13706
Title: ESB-2010.1121 - [Debian] bind9: Denial of service - Remote/unauthenticated Date: 13 December 2010 OS: Debian GNU/Linux URL: http://www.auscert.org.au/13705
Title: ESB-2010.1120 - [RedHat] exim: Root compromise - Remote/unauthenticated Date: 13 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13703
Title: ESB-2010.1119 - ALERT [UNIX/Linux][Debian] exim4: Multiple vulnerabilities Date: 13 December 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/13704
Title: ESB-2010.1118 - [RedHat] seamonkey: Multiple vulnerabilities Date: 13 December 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/13702
=========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072
Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. ===========================================================================
Activity Summary
- 4489 days inactive
- 4489 days old
- pacnog@pacnog.org
- 1 participants
- 0 comments