 
|
|
 |
|
 |
| Home » Publications » AusCERT Web Log » AusCERT Week in Review for 6 May, 2011
|
| |
 |
 |
 |
|
|
|
|
Date: 06 May 2011
Click here for printable version
AusCERT Week in Review
06 May 2011
Good afternoon,
This week has been relatively uneventful with regards to major vulnerabilities.
Next week is Microsoft patch week and we will probably see a lot more bulletins because of this.
Regards,
Zane.
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0035 - [Win] Rational System Architect: Execute arbitrary
code/commands - Remote with user interaction
Date: 04 May 2011
URL: http://www.auscert.org.au/14330
External Security Bulletins:
- ----------------------------
Title: ESB-2011.0504 - [UNIX/Linux] BIND 9.8.0: Denial of service -
Remote/unauthenticated
Date: 06 May 2011
OS: IRIX, Solaris, HP Tru64 UNIX, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/14336
Title: ESB-2011.0503 - [Cisco] Cisco IOS: Denial of service -
Remote/unauthenticated
Date: 06 May 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14335
Title: ESB-2011.0502 - [RedHat] python: Multiple vulnerabilities
Date: 06 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14334
Title: ESB-2011.0501 - [RedHat] java-1.4.2-ibm: Reduced security -
Remote/unauthenticated
Date: 06 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14333
Title: ESB-2011.0500 - [RedHat] xmlsec1: Overwrite arbitrary files -
Remote/unauthenticated
Date: 05 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14332
Title: ESB-2011.0499 - [Win][UNIX/Linux] Menu Access (Drupal Third party
module): Cross-site scripting - Remote with user interaction
Date: 05 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14331
Title: ESB-2011.0498 - [SUSE] Suse Summary Advisory: Multiple vulnerabilities
Date: 04 May 2011
OS: SUSE
URL: http://www.auscert.org.au/14329
Title: ESB-2011.0497 - [Win][UNIX/Linux] RSA Data Loss Prevention Enterprise
Manager: Cross-site scripting - Remote/unauthenticated
Date: 04 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14328
Title: ESB-2011.0496 - [UNIX/Linux] OpenSSH prior to 5.8p2: Access
confidential data - Existing account
Date: 03 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/14327
Title: ESB-2011.0495 - [Win][Linux] Embarcadero Interbase: Multiple
vulnerabilities
Date: 03 May 2011
OS: Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian GNU/Linux,
Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008,
Other Linux Variants
URL: http://www.auscert.org.au/14326
Title: ESB-2011.0494 - [Win][UNIX/Linux][RedHat] libvirt: Denial of service -
Remote/unauthenticated
Date: 03 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14325
Title: ESB-2011.0493 - [UNIX/Linux][RedHat] gstreamer-plugins: Execute
arbitrary code/commands - Remote with user interaction
Date: 03 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/14324
Title: ESB-2011.0492 - [Debian] qemu-kvm: Multiple vulnerabilities
Date: 03 May 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14323
Title: ESB-2011.0491 - [Win][UNIX/Linux][Debian] spip: Denial of service -
Remote/unauthenticated
Date: 03 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14322
Title: ESB-2011.0490 - iceweasel: Multiple vulnerabilities
Date: 03 May 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14321
Title: ESB-2011.0489 - [Debian] iceape: Multiple vulnerabilities
Date: 03 May 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14320
Title: ESB-2011.0475.2 - UPDATE [Win][UNIX/Linux] SiteScope: Cross-site
scripting - Remote with user interaction
Date: 05 May 2011
OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD, AIX,
OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP,
Ubuntu, Debian GNU/Linux, Mac OS X, Windows 7, Red Hat Linux, Windows
2003, Solaris, HP Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/14302
Title: ESB-2011.0464.2 - UPDATE [Win][Linux] HP Proliant Support Pack:
Multiple vulnerabilities
Date: 04 May 2011
OS: Windows Server 2008, Other Linux Variants, Windows Vista, Windows 2000,
SUSE, Windows XP, HP-UX, Ubuntu, Debian GNU/Linux, Windows 7, Red Hat
Linux, Windows 2003
URL: http://www.auscert.org.au/14290
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
|
|
|
|
 |
|
 |
|
|
|
|
|