copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Security Bul... » Security Bul... » AusCERT Alert
 

AusCERT Alert


Alerts contain information about threats and vulnerabilities of an urgent nature. Alerts may include material already published by third parties.


Further Information
AL-2005.007 -- 'Update your windows machine' fraudulent email - AusCERT would like to advise of fraudulent emails circulating with subjects such as 'Update your windows machine'. The site referenced in a recent email entices the user to install malware that connects to an IRC chat server, allowing execution of commands from an attacker. (08/04/2005)

AL-2005.005 -- Horde 3.0.4 Fixes Cross-site Scripting Vulnerability - (31/03/2005)

AL-2005.006 -- Kerio Personal Firewall Rule Bypass Vulnerability - (31/03/2005)

AL-2005.004 -- Linux Kernel Multiple Vulnerabilities - Multiple vulnerabilities in Linux kernel versions prior to 2.6.11.6 potentially allow root compromise, denial of service and infomation disclosure. (30/03/2005)

denotes AusCERT member only content. AL-2005.003 -- Multiple web browser homographic address spoofing vulnerability - International Domain Names (IDN) allow the inclusion of extended character sets in a web address. A malicious user may register a fraudulent domain name similar to a legitimate name but substituting similar international characters in place of others. This fraudulent domain may look highly convincing to a web browser user. (08/02/2005)

AL-2005.002 -- New worm currently exploiting MySQL on Windows - A new worm is currently exploiting MySQL on Windows systems. The worm enters systems by an automated attack on weak passwords for the MySQL "root" account. (28/01/2005)

AL-2005.001 -- Three vulnerabilities in Microsoft Windows and Internet Explorer - This alert describes three vulnerabilities in Microsoft Internet Explorer and other Windows components that allow remote execution of arbitrary code and denial of service. (04/01/2005)

AL-2004.044 -- US-CERT TA04-356A -- New worm Santy.A actively exploiting phpBB highlight parameter vulnerability - phpBB contains an input validation vulnerability that is currently being exploited by the worm Santy.A. The worm propagates by searching for the keyword "viewtopic.php" in order to find vulnerable sites. (22/12/2004)

AL-2004.043 -- Microsoft Internet Explorer DHTML Edit Control Cross-site Scripting Vulnerability - A vulnerability in Internet Explorer allows an attacker to open a window to a trusted web site, and then execute arbitrary scripted content in the security context of the trusted site. (20/12/2004)

AL-2004.042 -- Increased Virus Activity -- New Zafi Variant - AusCERT has been made aware of media attention regarding activity due to a new ZAFI worm known as Zafi.D and Erkez.D. Zafi.D is a mass-mailing worm affecting Windows systems which attempts to entice a user to run a malicious email attachment. The worm also spreads via Peer-to-Peer file sharing applications. (15/12/2004)

AL-2004.041 -- Window Injection Vulnerability in Multiple Web Browsers - A vulnerability in multiple web browsers allows an attacker to make spoofed web page content appear to come from a trusted site. Proof of concept exploit code is publicly available. (09/12/2004)

AL-2004.040 -- Tsunami Warning Fraudulent E-mails and Malicious Web Sites - AusCERT has become aware of several fraudulent e-mails, subject lines include "Warning, Tsunami", "Huge ocean wave!" and "Coming Tsunami" circulating in Australia and overseas, which are used to entice the reader to visit malicious web sites. (01/12/2004)

AL-2004.039 -- Unpatched remotely exploitable vulnerability in Microsoft WINS - Microsoft have acknowledged a possible security issue in WINS (Windows Internet Naming Service) which may allow the remote execution of code. (29/11/2004)

AL-2004.038 -- Internet Explorer IFRAME Buffer Overflow Vulnerability Allows Remote Compromise - Internet Explorer is vulnerable to buffer overflows in the IFRAME HTML element, allowing an attacker to remotely compromise the system. Exploit code for Windows XP SP1 and Windows 2000 is publicly available. (03/11/2004)

AL-2004.037 -- Increased Virus Activity - Bagel Variants AT, AU - New variants of Bagel are currently being detected in high numbers overseas and within Australia. (29/10/2004)

AL-2004.036 -- Internet Explorer Click and Scroll ("Drag and Drop") Vulnerability - A critical vulnerability in all current versions of Microsoft Internet Explorer allows the execution of arbitrary code if a user interacts with a malicious website. (28/10/2004)

denotes AusCERT member only content. AL-2004.035 -- Fraudulent Email and Website Purveying a Trojaned Red Hat fileutils Package - AusCERT has become aware of a fraudulent e-mail, purporting to be a security bulletin from Red Hat. (25/10/2004)

AL-2004.034 -- Multiple vulnerabilities in various tabbed web browsers - Secunia have advised that two vulnerabilities exist in many web browsers that support multiple tabs in a single window. (21/10/2004)

AL-2004.033 -- iDEFENSE Security Advisory 10.18.04 -- Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability - This vulnerability affects multiple anti-virus vendors including McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. (19/10/2004)

AL-2004.032 -- "Postcard" and "tvshop" Fraudulent E-mails and Malicious Web Sites - These emails entice the reader to visit malicious web sites. These web sites contain executable Java code and Internet Explorer exploits which, if successfully executed, will install a trojan program which in turn captures keystrokes when the user visits particular banking related web sites. (15/10/2004)

AL-2004.031 -- Canonicalisation issue in ASP.NET - An exploit has been recently disclosed for Microsoft IIS servers with ASP.NET enabled which may allow application level authentication to be bypassed, potentially exposing sensitive information and programs. (08/10/2004)

denotes AusCERT member only content. AL-2004.030 -- UNIRAS ALERT - 35/04 -- MS04-028 Proof of Concept code released. - (22/09/2004)

AL-2004.029 -- Apache Software Foundation Security Advisory -- Apache HTTP Server 2.0.51 Fixes 5 Security Vulnerabilities - The Apache Software Foundation has released version 2.0.51 of the Apache HTTP server. This version fixes 5 vulnerabilities, the most serious of which could allow for the execution of arbitrary code. (16/09/2004)

AL-2004.028 -- UNIRAS ALERT - 33/04 -- NISCC Vulnerability Advisory 380375/MIME - Multiple products' inconsistent implementation of MIME parsing causes inspection of MIME content for malicious data to fail. (14/09/2004)

denotes AusCERT member only content. AL-2004.027 -- Oracle security update -- Multiple vulnerabilities in Oracle products - Multiple vulnerabilities classified as high risk have been reported in a variety of Oracle products. (01/09/2004)

denotes AusCERT member only content. AL-2004.026 -- MIT krb5 Security Advisory 2004-002 -- double-free vulnerabilities in KDC and libraries - A vulnerability allowing remote execution of arbitrary code has been reported in Kerberos 5 Key Distribution Center. (01/09/2004)

AL-2004.025 -- XV Image Viewer - Multiple Buffer Overflow Vulnerabilities - Multiple stack and heap buffer overflows in XV allow a remote attacker to execute arbitrary code as the user running XV. (26/08/2004)

AL-2004.024 -- Critical Vulnerability in Internet Explorer Allows Remote Compromise - A critical vulnerability in all current versions of Microsoft Internet Explorer allows a remote attacker to plant executable files anywhere on the user's filesystem. (24/08/2004)

AL-2004.23 -- User Interface Spoofing in Mozilla and Firefox - A working proof of concept code has now been published for a vulnerability in all versions of Mozilla and Firefox. This exploit code could be utilised to facilitate identify fraud (aka "phishing") which may capture sensitive account details. (04/08/2004)

AL-2004.22 -- Summary for July 2004 -- Microsoft Security Bulletin - This out-of-band Microsoft update contains three critical updates. There are also four important and one moderate updates. (31/07/2004)

AL-2004.21 -- Increased Virus Activity - Bagel Variants AF, AG, AH and AI - New variants of Bagel are currently being detected in high numbers overseas and within Australia. (20/07/2004)

AL-2004.20 -- Release of DOWNLOAD.JECT Payload Detection and Removal Tool - Release of DOWNLOAD.JECT Payload Detection and Removal Tool Microsoft Product Support Services (14/07/2004)

AL-2004.19 -- Product Support Services - Critical Product Vulnerability - July 2004 - Microsoft have released two critical, four important updates and one moderate update. (14/07/2004)

denotes AusCERT member only content. AL-2004.18 -- Issues concerning Internet Explorer and the ADODB.STREAM patch - The recently released Microsoft patch for Internet Explorer that disables the ADODB.STREAM ActiveX control does NOT fix cross-domain IE vulnerabilities but rather mitigates against exploitation via ADODB.STREAM. (12/07/2004)

AL-2004.16 -- Exploit Code Publicly Available for Microsoft Internet Explorer Cross Domain Scripting Vulnerabilities. - AusCERT advises that working proof of concept exploit code has now been published for all recent versions of Microsoft Internet Explorer. There are reports of activity using this exploit. AusCERT expects this exploit code to be utilised in the installation of trojan horse software which may capture sensitive account details. (08/07/2004)


Previous  1, 2, 3 ... 14, 15, 16, 17, 18  Next denotes AusCERT member only content.



Comments? Click here http://www.auscert.org.au/render.html?cid=1977&it=1977