[Date Prev][Date Next][Date Index]

[Auscert-subscriber] AusCERT Week in Review - Week Ending 22/01/2010 (AUSCERT#20073f686)

To: centralcomputing@jcu.edu.au
Subject: [Auscert-subscriber] AusCERT Week in Review - Week Ending 22/01/2010 (AUSCERT#20073f686)
From: The Operator <operator@jcu.edu.au>
Date: Fri, 22 Jan 2010 15:06:10 +1000
Cc:

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

AusCERT Week in Review 22 January 2010
G'day all,

I wouldn't be surprised if there are a lot of Microsoft staff hitting the pubs this afternoon. What a week it has been for them with not one, but two zero day vulnerabilities to deal with. First of all we have the actively exploited vulnerability in Internet Explorer [1], which has now been patched, and the local privilege escalation in Windows [2]. If these two vulnerabilities were somehow combined, boy would there be trouble.
Speaking of zero days, security researcher Evgeny Legerov has published details for vulnerabilities in Sun Java Web Server [3] and IBM Lotus Domino [4]. With no patches in sight administrators running these systems should make sure network access is locked down and perform regular monitoring.
In other news, more cache poisoning vulnerabilities have been corrected in the latest versions of BIND [5], a new version of Shockwave Player is out [6], and the media streaming players RealPlayer and Helix Player [7] have been updated correcting numerous code execution vulnerabilities.
Have a good weekend and get those BBQs clean for Australia Day!

Paul

[1] http://www.auscert.org.au/12277 [2] http://www.auscert.org.au/12262 [3] http://www.auscert.org.au/12278 [4] http://www.auscert.org.au/12280 [5] http://www.auscert.org.au/12254 [6] http://www.auscert.org.au/12272 [7] http://www.auscert.org.au/12271
Alerts, Advisories and Updates: - ------------------------------- Title: ASB-2010.0023 - [Win][UNIX/Linux] Sun Java Web Server: Multiple vulnerabilities Date: 22 January 2010 URL: http://www.auscert.org.au/12278
Title: ASB-2010.0024 - [Win][Linux][Solaris][AIX] IBM Lotus Domino: Execute arbitrary code/commands - Remote/unauthenticated Date: 22 January 2010 URL: http://www.auscert.org.au/12280
Title: ASB-2010.0017.2 - UPDATE [Win][UNIX/Linux] IBM Lotus Web Content Management: Cross-site scripting - Remote/unauthenticated Date: 21 January 2010 URL: http://www.auscert.org.au/12251
Title: ASB-2010.0020 - [Win][Linux][OSX] RealPlayer: Multiple vulnerabilities Date: 21 January 2010 URL: http://www.auscert.org.au/12271
Title: ASB-2010.0021 - [Win][UNIX/Linux] Thunderbird: Multiple vulnerabilities Date: 21 January 2010 URL: http://www.auscert.org.au/12273
Title: ASB-2010.0022 - ALERT [Win] Internet Explorer: Execute arbitrary code/commands - Remote with user interaction Date: 21 January 2010 URL: http://www.auscert.org.au/12274
Title: ASB-2010.0019 - [Win] Microsoft Windows: Administrator compromise - Existing account Date: 20 January 2010 URL: http://www.auscert.org.au/12262
Title: ASB-2010.0018 - [Linux] SystemTap: Execute arbitrary code/commands - Remote/unauthenticated Date: 19 January 2010 URL: http://www.auscert.org.au/12252
Title: ASB-2010.0015 - [Win][UNIX/Linux] phpMyAdmin: Multiple vulnerabilities Date: 18 January 2010 URL: http://www.auscert.org.au/12248
Title: ASB-2010.0016 - [Win][Netware] Novell GroupWise Client: Execute arbitrary code/commands - Remote/unauthenticated Date: 18 January 2010 URL: http://www.auscert.org.au/12249

External Security Bulletins: - ---------------------------- Title: ESB-2009.1619.2 - UPDATE [HP-UX] sendmail: Denial of service - Remote/unauthenticated Date: 18 January 2010 OS: HP-UX URL: http://www.auscert.org.au/12085
Title: ESB-2010.0073 - [Win][RedHat][HP-UX][Solaris][AIX][SUSE] Novell ZENworks Asset Management: Execute arbitrary code/commands - Remote/unauthenticated Date: 22 January 2010 OS: Solaris, Windows 2003, Windows XP, HP-UX, SUSE, Windows 2000, Windows 7, AIX, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/12279
Title: ESB-2010.0072 - ALERT [Win] Internet Explorer: Multiple vulnerabilities Date: 22 January 2010 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/12277
Title: ESB-2010.0071 - [RedHat] kernel-rt : Multiple vulnerabilities Date: 22 January 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/12276
Title: ESB-2010.0070 - [Win][Linux][HP-UX][Solaris] Sun Java System Directory Server : Denial of service - Remote/unauthenticated Date: 21 January 2010 OS: Solaris, Red Hat Linux, Windows 2003, Windows 7, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/12275
Title: ESB-2010.0069 - [Win][OSX] Adobe Shockwave Player: Execute arbitrary code/commands - Remote with user interaction Date: 21 January 2010 OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac OS X, Windows Server 2008 URL: http://www.auscert.org.au/12272
Title: ESB-2010.0068 - [Win][UNIX/Linux] Control Panel, Recent Comments, Block Class (Drupal Third-party modules): Cross-site scripting - Remote/unauthenticated Date: 21 January 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/12270
Title: ESB-2010.0067 - [Win] CiscoWorks Internetwork Performance Monitor: Administrator compromise - Remote/unauthenticated Date: 21 January 2010 OS: Cisco Products, Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/12269
Title: ESB-2010.0066 - [Cisco] Cisco IOS: Denial of service - Remote/unauthenticated Date: 21 January 2010 OS: Cisco Products URL: http://www.auscert.org.au/12268
Title: ESB-2010.0065 - [Debian] Debian 4.0: Reduced security - Existing account Date: 21 January 2010 OS: Debian GNU/Linux URL: http://www.auscert.org.au/12267
Title: ESB-2010.0064 - [Debian] gzip: Execute arbitrary code/commands - Remote with user interaction Date: 21 January 2010 OS: Debian GNU/Linux URL: http://www.auscert.org.au/12266
Title: ESB-2010.0063 - [RedHat] bind: Multiple vulnerabilities Date: 21 January 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/12265
Title: ESB-2010.0062 - [Win][UNIX/Linux][RedHat] gzip: Execute arbitrary code/commands - Remote with user interaction Date: 21 January 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista, Other Linux Variants, Windows Server 2008 URL: http://www.auscert.org.au/12264
Title: ESB-2010.0061 - [RedHat] acroread: Multiple vulnerabilities Date: 21 January 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/12263
Title: ESB-2010.0060 - [RedHat] kernel: Denial of service - Remote/unauthenticated Date: 20 January 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/12261
Title: ESB-2010.0059 - [RedHat] openssl: Multiple vulnerabilities Date: 20 January 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/12260
Title: ESB-2010.0058 - [RedHat] kernel: Multiple vulnerabilities Date: 20 January 2010 OS: Red Hat Linux URL: http://www.auscert.org.au/12259
Title: ESB-2010.0057 - [SUSE][OpenSUSE] SUSE: Multiple vulnerabilities Date: 20 January 2010 OS: Other Linux Variants, SUSE URL: http://www.auscert.org.au/12258
Title: ESB-2010.0056 - [SUSE][OpenSUSE] krb5: Execute arbitrary code/commands - Remote/unauthenticated Date: 20 January 2010 OS: Other Linux Variants, SUSE URL: http://www.auscert.org.au/12257
Title: ESB-2010.0055 - [Win][RedHat][SUSE] HP Power Manager: Execute arbitrary code/commands - Remote/unauthenticated Date: 20 January 2010 OS: Windows 2003, Windows 7, HP-UX, Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008 URL: http://www.auscert.org.au/12256
Title: ESB-2010.0054 - [UNIX/Linux][Debian] glibc, eglibc: Access confidential data - Existing account Date: 20 January 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD, Other Linux Variants URL: http://www.auscert.org.au/12255
Title: ESB-2010.0053 - [Win][UNIX/Linux] BIND: Provide misleading information - Remote/unauthenticated Date: 20 January 2010 OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD, Windows Server 2008, Other Linux Variants URL: http://www.auscert.org.au/12254
Title: ESB-2010.0052 - [OSX] Mac OS X: Multiple vulnerabilities Date: 20 January 2010 OS: Mac OS X URL: http://www.auscert.org.au/12253
Title: ESB-2010.0051 - [Appliance] Micrologix 1100& 1400 Series Controllers: Administrator compromise - Remote/unauthenticated Date: 18 January 2010 URL: http://www.auscert.org.au/12250
Title: ESB-2010.0050 - [SUSE][OpenSUSE] kernel: Multiple vulnerabilities Date: 18 January 2010 OS: Other Linux Variants, SUSE URL: http://www.auscert.org.au/12247
Title: ESB-2010.0049.2 - UPDATE [UNIX/Linux][Debian] audiofile: Execute arbitrary code/commands - Remote with user interaction Date: 22 January 2010 OS: Other Linux Variants, FreeBSD, AIX, OpenBSD, SUSE, Other BSD Variants, HP-UX, Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Solaris, HP Tru64 UNIX, IRIX URL: http://www.auscert.org.au/12246
Title: ESB-2010.0040.2 - UPDATE [Win][UNIX/Linux] Drupal: Cross-site scripting - Remote with user interaction Date: 22 January 2010 OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD, AIX, OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP, Ubuntu, Debian GNU/Linux, Mac OS X, Windows 7, Red Hat Linux, Windows 2003, Solaris, HP Tru64 UNIX, IRIX URL: http://www.auscert.org.au/12234

=========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072
Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFLWSvhNVH5XJJInbgRAvwtAJ9bx9vxgHYhRKT8rSckJ3+Cs64FLACfdWP8 eSk65kffBBq3nDwzZbe5xV0= =vmny -----END PGP SIGNATURE----- _______________________________________________ Auscert-subscriber mailing list Auscert-subscriber@newlists.jcu.edu.au https://www.jcu.edu.au/mailman/listinfo/auscert-subscriber

Prev by Date: [Bulletin 2010011264General] UnScheduledOutage - Loss of Power in Cairns
Next by Date: [Critical-incidents] Cyclone Warning - Cyclone Olga - Far North Queensland
Index(es):
- Date

Blog: Visioneer Strobe Pro Windows Xp

Ads

Categories

Archives

Recently

Java Update For Windows 2000

[Auscert-subscriber] AusCERT Week in Review - Week Ending 22/01/2010 (AUSCERT#20073f686)