copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Publications » AusCERT Web Log » AusCERT Week in Review for 27 May, 2011
 

AusCERT Week in Review for 27 May, 2011
Date: 27 May 2011

Click here for printable version
AusCERT Week in Review
27 May 2011

A part of the AusCERT conference that has generated a lot of interest from within the security community is the annual AusCERT and SC Magazine awards ceremony. We're pleased to be the facilitator for these awards, as they recognise achievement on the part of both individuals and organisations toward excellence in this growing sector. We only hope that the awards continue to gain recognition and respect and assert themselves as the pre-eminent accolade for a practitioner (or vendor) of ICT security to this community. To peruse the winners of the AusCERT awards (chosen by the AusCERT team), visit:

http://conference.auscert.org.au/conf2011/awards.html

Mac OS X malware has been a focus this week, with Mac users fooled into installing fake anti-virus programs. If installed - names this malware goes by include MacDefender, MacSecurity, MacProtector or MacGuard - this malware generates additional false virus detection alarms and causes the default web browser to load pornographic web sites in its attempts to convince the user to pay for 'registration'. The point of contact with this malware is, commonly, a result of the user following a poisoned search result that redirects to an infected site. We've seen at least one report that a variant of this malware doesn't require an administrative password for its installation.

http://www.f-secure.com/weblog/archives/00002165.html
http://community.ca.com/blogs/securityadvisor/archive/2011/05/12/latest-mac-os-x-threat-osx-fakeav-a.aspx
http://www.theregister.co.uk/2011/05/26/mac_malware_game_changer/

AusCERT in the Media:
- ---------------------

Looking a little closer at the winners of the SC Magazine Awards http://searchsecurity.techtarget.com.au/feature/Looking-a-little-closer-at-the-winners-of-the-SC-Magazine-Awards


Web Log Entries:
- ----------------
Title: AusCERT Week in Review for 20 May, 2011
Date: 23 May 2011
URL: http://www.auscert.org.au/14372


Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2011.0044 - [Win][Linux][Mac][OSX] Google Chrome: Multiple
vulnerabilities
Date: 27 May 2011
URL: http://www.auscert.org.au/14410

Title: ASB-2011.0043 - [Win][UNIX/Linux] WordPress prior to 3.1.3: Access
privileged data - Remote with user interaction
Date: 26 May 2011
URL: http://www.auscert.org.au/14407

Title: ASB-2011.0042 - [Win][Linux][OSX] IBM Lotus Notes: Execute arbitrary
code/commands - Remote with user interaction
Date: 25 May 2011
URL: http://www.auscert.org.au/14400

Title: ASB-2011.0040 - [Win] Intel 10 Gigabit Ethernet 82598 and 82599
Controllers: Denial of service - Remote/unauthenticated
Date: 24 May 2011
URL: http://www.auscert.org.au/14395

Title: ASB-2011.0041 - [Win][UNIX/Linux] TWiki prior to version 5.0.2:
Cross-site scripting - Remote with user interaction
Date: 24 May 2011
URL: http://www.auscert.org.au/14396


External Security Bulletins:
- ----------------------------
Title: ESB-2011.0567 - [Win][UNIX/Linux] Drupal: Multiple vulnerabilities
Date: 27 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14411

Title: ESB-2011.0566 - [Win][Linux][HP-UX][Solaris][AIX] IBM WebSphere Portal:
Cross-site scripting - Remote with user interaction
Date: 27 May 2011
OS: Solaris, Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian
GNU/Linux, Windows XP, HP-UX, SUSE, Windows 2000, AIX, Windows Vista,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14409

Title: ESB-2011.0565 - [Cisco] Cisco XR 12000 Series Shared Port Adapters:
Denial of service - Remote/unauthenticated
Date: 26 May 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14408

Title: ESB-2011.0564.2 - UPDATED ALERT [Cisco] Cisco RVS4000 and WRVS4400N:
Multiple vulnerabilities
Date: 26 May 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14406

Title: ESB-2011.0563 - [Cisco] Cisco IOS XR Software: Denial of service -
Remote/unauthenticated
Date: 26 May 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14405

Title: ESB-2011.0562 - [Cisco] Cisco Content Delivery System: Denial of
service - Remote/unauthenticated
Date: 26 May 2011
OS: Cisco Products
URL: http://www.auscert.org.au/14404

Title: ESB-2011.0561 - [UNIX/Linux][Debian] cyrus-imapd-2.2: Provide
misleading information - Remote with user interaction
Date: 26 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/14403

Title: ESB-2011.0560 - [Debian] qemu-kvm: Denial of service - Existing account
Date: 25 May 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14402

Title: ESB-2011.0559 - [Debian] linux-2.6: Multiple vulnerabilities
Date: 25 May 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14401

Title: ESB-2011.0558 - [Win][UNIX/Linux] TYPO3: Cross-site scripting - Remote
with user interaction
Date: 25 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14399

Title: ESB-2011.0557 - [Win] Avaya Windows Portable Device Manager: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 25 May 2011
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/14398

Title: ESB-2011.0556 - [Win][UNIX/Linux][Debian] libmojolicious-perl:
Cross-site scripting - Remote with user interaction
Date: 25 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14397

Title: ESB-2011.0555 - [Win][Linux] IBM Virtualization Manager: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 24 May 2011
OS: Windows 2003, Red Hat Linux, Windows 7, Ubuntu, Debian GNU/Linux,
Windows XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008,
Other Linux Variants
URL: http://www.auscert.org.au/14394

Title: ESB-2011.0554 - [Win][UNIX/Linux] Tomcat: Increased privileges -
Remote/unauthenticated
Date: 23 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14393

Title: ESB-2011.0553 - [Win][UNIX/Linux] Apache Portable Runtime: Denial of
service - Remote/unauthenticated
Date: 23 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14392

Title: ESB-2011.0552 - [Win][UNIX/Linux] Apache HTTP Server: Denial of service
- Remote/unauthenticated
Date: 23 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/14391

Title: ESB-2011.0551 - [Win][UNIX/Linux] phpMyAdmin 3.3.x and 3.4.0:
Cross-site scripting - Remote with user interaction
Date: 23 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/14390

Title: ESB-2011.0550 - [UNIX/Linux] Webform (Druapl third-party module):
Cross-site scripting - Remote/unauthenticated
Date: 23 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/14389

Title: ESB-2011.0549 - [RedHat] tomcat6: Multiple vulnerabilities
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14388

Title: ESB-2011.0548 - [RedHat] avahi: Denial of service - Existing account
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14387

Title: ESB-2011.0547 - [RedHat] openssl: Denial of service -
Remote/unauthenticated
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14386

Title: ESB-2011.0546 - [RedHat] pidgin: Denial of service - Remote with user
interaction
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14385

Title: ESB-2011.0545 - [RedHat] dovecot: Multiple vulnerabilities
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14384

Title: ESB-2011.0544 - [RedHat] sudo: Increased privileges - Existing account
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14383

Title: ESB-2011.0543 - [Linux][RedHat] libguestfs: Unauthorised access -
Existing account
Date: 23 May 2011
OS: Red Hat Linux, Other Linux Variants, SUSE, Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/14382

Title: ESB-2011.0542 - [Win][Linux][RedHat][OSX] eclipse: Cross-site scripting
- Remote with user interaction
Date: 23 May 2011
OS: Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Debian GNU/Linux,
Ubuntu, Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux
Variants, Windows Server 2008
URL: http://www.auscert.org.au/14381

Title: ESB-2011.0541 - [RedHat] sssd: Denial of service - Existing account
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14379

Title: ESB-2011.0540 - [RedHat] perl: Execute arbitrary code/commands - Remote
with user interaction
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14380

Title: ESB-2011.0539 - [RedHat] python: Multiple vulnerabilities
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14378

Title: ESB-2011.0538 - [RedHat] squid: Denial of service -
Remote/unauthenticated
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14377

Title: ESB-2011.0537 - [RedHat] kernel: Multiple vulnerabilities
Date: 23 May 2011
OS: Red Hat Linux
URL: http://www.auscert.org.au/14376

Title: ESB-2011.0536 - [SUSE] kernel: Multiple vulnerabilities
Date: 23 May 2011
OS: SUSE
URL: http://www.auscert.org.au/14375

Title: ESB-2011.0535 - [SUSE][OpenSUSE] flash-player: Execute arbitrary
code/commands - Remote with user interaction
Date: 23 May 2011
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/14374

Title: ESB-2011.0534 - [UNIX/Linux][Debian] vino: Denial of service -
Remote/unauthenticated
Date: 23 May 2011
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/14373

Title: ESB-2011.0532.2 - UPDATE [Win][Cisco][Solaris] Cisco Unified Operations
Manager and CiscoWorks Common Services: Multiple vulnerabilities
Date: 23 May 2011
OS: Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows
XP, Windows 2003, Cisco Products, Solaris
URL: http://www.auscert.org.au/14370

Title: ESB-2011.0524.2 - UPDATE [Debian] apr: Denial of service -
Remote/unauthenticated
Date: 23 May 2011
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/14359

Title: ESB-2011.0477.2 - UPDATE [Win][RedHat][HP-UX][Solaris] SiteMinder:
Increased privileges - Existing account
Date: 23 May 2011
OS: Windows Server 2008, Windows Vista, Windows 7, Windows 2000, Windows
XP, HP-UX, Red Hat Linux, Windows 2003, Solaris
URL: http://www.auscert.org.au/14304



===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================


Comments? Click here http://www.auscert.org.au/render.html?cid=7066&it=14412