Orbit


                        AusCERT Week in Review
26 November 2010
Web Log Entries:
- ----------------
Title: AusCERT Week in Review for 26th November 2010 
Date:  26 November 2010
URL:   http://www.auscert.org.au/13646
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2010.0239 - [Win][UNIX/Linux] Horde, Horde Groupware, Horde
       Groupware Webmail Edition: Cross-site scripting - Remote with user
       interaction 
Date:  24 November 2010
URL:   http://www.auscert.org.au/13642
Title: ASB-2010.0238 - [Win][UNIX/Linux] Wireshark: Denial of service -
Remote
       with user interaction 
Date:  22 November 2010
URL:   http://www.auscert.org.au/13633
External Security Bulletins:
- ----------------------------
Title: ESB-2010.1074 - [Win][UNIX/Linux][Mandriva] mono: Increased
privileges
       - Existing account 
Date:  26 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13645
Title: ESB-2010.1073 - [HP-UX] CIFS Server (Samba): Execute arbitrary
       code/commands - Remote/unauthenticated 
Date:  25 November 2010
OS:    HP-UX 
URL:   http://www.auscert.org.au/13644
Title: ESB-2010.1072 - [HP-UX] Apache Tomcat: Multiple vulnerabilities 
Date:  25 November 2010
OS:    HP-UX 
URL:   http://www.auscert.org.au/13643
Title: ESB-2010.1071 - [Appliance] RSA Adaptive Authentication: Cross-site
       scripting - Remote with user interaction 
Date:  24 November 2010
URL:   http://www.auscert.org.au/13641
Title: ESB-2010.1070 - [RedHat] postgresql: Execute arbitrary code/commands
-
       Existing account 
Date:  24 November 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13640
Title: ESB-2010.1069 - [RedHat] kernel: Execute arbitrary code/commands -
       Existing account 
Date:  24 November 2010
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/13639
Title: ESB-2010.1068 - [Debian] openssl: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  24 November 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13638
Title: ESB-2010.1067 - [Appliance][Apple iOS] Apple TV 4.0: Multiple
       vulnerabilities 
Date:  23 November 2010
OS:    Apple iOS 
URL:   http://www.auscert.org.au/13637
Title: ESB-2010.1066 - [Apple iOS] Apple iOS: Multiple vulnerabilities 
Date:  23 November 2010
OS:    Apple iOS 
URL:   http://www.auscert.org.au/13636
Title: ESB-2010.1065 - [Debian] openssl: Execute arbitrary code/commands -
       Remote/unauthenticated 
Date:  23 November 2010
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/13635
Title: ESB-2010.1064 - [Win][UNIX/Linux] Apache Tomcat: Cross-site scripting
-
       Remote with user interaction 
Date:  23 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13634
Title: ESB-2010.1063 - [Win][UNIX/Linux][Mandriva] php: Denial of service -
       Remote with user interaction 
Date:  22 November 2010
OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
       Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
       Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
       Other Linux Variants, Windows Server 2008 
URL:   http://www.auscert.org.au/13632
Title: ESB-2010.1059.2 - UPDATED ALERT [Cisco] Cisco Unified
Videoconferencing
       Products: Multiple vulnerabilities 
Date:  23 November 2010
OS:    Cisco Products 
URL:   http://www.auscert.org.au/13627
Title: ESB-2010.1008.2 - UPDATE [Win] Novell ZENworks Handheld Management:
       Execute arbitrary code/commands - Remote/unauthenticated 
Date:  23 November 2010
OS:    Windows 2000, Windows 2003 
URL:   http://www.auscert.org.au/13573
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

Orbit

Activity Summary