Further Information

ESB-2012.0516 - ALERT [Win] Microsoft Windows: Access confidential data - Remote/unauthenticated - (04/06/2012)

ASB-2011.0109 - ALERT [Win][UNIX/Linux][Mobile] Fake ATO emails claiming "mistakes in filled tax return" - AusCERT has received reports, and have observed malicious email messages currently in circulation pretending to be from the Australian Tax Office. (08/12/2011)

ASB-2011.0077 - ALERT [Win][UNIX/Linux] Fake emails from ATO and ABR linking to malicious websites - Fake emails pretending to come from either the ATO (Australian Taxation Office) or the ABR (Australian Business Register) are being widely circulated. (15/09/2011)

ASB-2011.0052 - AusCERT PGP Key: AusCERT has generated a new PGP/GPG Key to use for signing and having data encrypted to - AusCERT has generated a new PGP/GPG Key to use for signing and having data encrypted to. (22/06/2011)

ASB-2011.0049 - 62000 compromised email accounts have been released publicly - AusCERT has been notified regarding a list of compromised email accounts which have been released to the public by a group of hackers who refer to themselves as LulzSec. (17/06/2011)

ESB-2008.1066 -- [Appliance] -- Cisco Response to TKIP Encryption Weakness - This advice applies to all wireless networking products. (28/11/2008)

ESB-2008.1076 -- [Win][UNIX/Linux][Appliance] -- SSH CBC plaintext recovery vulnerability - (26/11/2008)

AA-2008.0120 -- [Win][UNIX/Linux] -- new versions of stunnel released correcting two vulnerabilities - New versions of stunnel have been released to correct vulnerabilities. (27/05/2008)

AA-2008.0109 -- [Win] -- Vulnerability in Windows CE allows for remote code execution - A vulnerability has been reported in Windows CE which allows remote attackers to execute arbitrary code. (14/05/2008)

ESB-2008.0381 -- [Win][UNIX/Linux][OSX] -- TIBCO Enterprise Message Service vulnerability - (11/04/2008)

ESB-2007.0842 -- [Win] -- Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability - (26/10/2007)

ESB-2007.0838 -- [Win] -- Microsoft Windows CE IGMP Denial of Service - (25/10/2007)

ESB-2007.0509 -- [Win][Netware][UNIX/Linux][OSX] -- Mulitple vulnerabilities in Adobe products - (11/07/2007)

ESB-2006.0709 -- [Win][UNIX/Linux] -- OpenSSH 4.4 released - (05/10/2006)

ESB-2006.0305 -- Scripts in eBay Postings May Enable Phishing Attacks - A vulnerability in the eBay web site may allow an attacker to steal personal information from eBay customers. (28/04/2006)

ESB-2005.0345 -- iDEFENSE Security Advisory 04.26.05 -- Multiple Citrix Program Neighborhood Agent Vulnerabilities - This ESB contains two iDEFENSE advisories relating to vulnerabilities in the Citrix Program Neighborhood Agent and Citrix MetaFrame Presentation Server Client which could allow a remote attacker to execute arbitraty code on the clients computer. (27/04/2005)

ESB-2005.0318 -- iDEFENSE Security Advisory 04.18.05 -- McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability - (19/04/2005)

ESB-2005.0309 -- NGSSoftware Security Bulletin -- Multiple medium risk flaws fixed in new version of PHP (late advisory) - (14/04/2005)

ESB-2005.0307 -- Debian Security Advisory DSA 707-1 -- New mysql packages fix several vulnerabilities - (14/04/2005)

ESB-2005.0208 -- Sun Alert Notification 57741 -- Security Vulnerability With Java Plug-in in JRE/SDK for JDS - (09/03/2005)

ESB-2005.0200 -- iDEFENSE Security Advisory 03.01.05 -- RealNetworks RealPlayer .smil Buffer Overflow Vulnerability - RealNetworks RealPlayer, RealOne Player and HelixPlayex contain remote execute arbitrary code vulnerabilities in their SMIL and WAV file processing. (04/03/2005)

ESB-2005.0132 -- ISS Protection Brief -- F-Secure AntiVirus Library Heap Overflow - (11/02/2005)

ESB-2005.0105 -- Ethereal Security Advisory -- Multiple problems in Ethereal versions 0.8.10 to 0.10.8 - Ethereal 0.10.9 has been released which fixes 6 security vulnerabilities, the most serious of which may allow a remote attacker to execute arbitrary code. (03/02/2005)

ESB-2005.0038 -- RHSA-2005:038-01 -- Updated mozilla packages fix a buffer overflow - (14/01/2005)

ESB-2004.0781 -- iDEFENSE Security Advisory 12.16.04 -- Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability - Veritas Backup Exec Agent Browser buffer overflow vulnerability may allow administrator compromise. (17/12/2004)

ESB-2004.0775 -- iDEFENSE Security Advisory 12.13.04 -- Adobe Reader 6.0 .ETD File Format String Vulnerability - (15/12/2004)

ESB-2004.0720 -- US-CERT Technical Cyber Security Alert TA04-315A -- Buffer Overflow in Microsoft Internet Explorer - The previously reported Internet Explorer IFRAME buffer overflow vulnerability also affects FRAME and EMBED tags. (11/11/2004)

ESB-2004.0660 -- US-CERT Technical Cyber Security Alert TA04-293A -- Multiple Vulnerabilities in Microsoft Internet Explorer - (20/10/2004)

ESB-2004.0616 -- RHSA-2004:486-01 -- Updated mozilla packages fix security issues - (01/10/2004)

ESB-2004.0609 -- iDEFENSE Security Advisory 09.22.04 -- Sophos Small Business Suite Reserved Device Name Handling Vulnerability - (28/09/2004)

AL-2004.028 -- UNIRAS ALERT - 33/04 -- NISCC Vulnerability Advisory 380375/MIME - Multiple products' inconsistent implementation of MIME parsing causes inspection of MIME content for malicious data to fail. (14/09/2004)

ESB-2004.0493 -- Core Security Technologies Advisory CORE-2004-0705 -- Vulnerabilities in PuTTY and PSCP - (06/08/2004)

ESB-2004.0488 -- Two iDEFENSE Bulletins: iDEFENSE Security Advisory 08.03.04a and 08.03.04b -- NGSEC StackDefender 1.10/2.0 Invalid Pointer Dereference Vulnerability - (05/08/2004)

ESB-2004.0487 -- RHSA-2004:421-01 -- Updated mozilla packages fix security issues - (05/08/2004)

ESB-2004.0483 -- iDEFENSE Security Advisory 08.02.04 -- Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability - (05/08/2004)


1, 2, 3  Next denotes AusCERT member only content.