Further Information

AU-2004.010 -- AusCERT Update - High levels of activity due to MyDoom.M/O variants - AusCERT has been informed of high levels of activity due to the MyDoom variants known as MyDoom.M or MyDoom.O. This mass-mailing virus which masquerades as variety of mail delivery and virus infection error messages designed to entice a user to run a malicious attachement. It also spreads through peer-to-peer (P2P) file sharing programs. (27/07/2004)

AU-2004.009 -- AusCERT Update - Worm activity against Microsoft MS04-011 LSASS vulnerability - AusCERT has learned that a new variant of PhatBot/Agobot/Gaobot is attacking unpatched Microsoft Windows 2000 and XP hosts, exploiting the vulnerability in the Microsoft Local Security Authority Subsystem Service (LSASS), described in Microsoft Security Bulletin MS04-011. (29/04/2004)

AU-2004.008 -- AusCERT Update - Exploit Code Publicly Available For Microsoft Vulnerability MS04-011 - AusCERT advises that unverified exploit code has now been published for a recent vulnerability in Microsoft's IIS web server, which may result in the execution of arbitrary code with SYSTEM level privileges. (22/04/2004)

AU-2004.007 -- AusCERT Update - Vulnerability in Internet Explorer Allows Program Execution - A vulnerability in the handling of "Windows Help" files by Internet Explorer allows the remote execution of arbitrary code on a local computer by a malicious web site. This vulnerability is currently being exploited against Australian users using the bogus bank email reported in AusCERT Alert AL-2004.10 (05/04/2004)

AU-2004.006 -- AusCERT Update - Exploit activity for Linux kernel memory management problem via mremap() - AusCERT advises that working exploit code has been published for the Linux kernel memory management code inside the mremap(2) system call. (27/02/2004)

AU-2003.021 -- AusCERT Update - Oracle updates to correct TSL/SSL vulnerabilities - (08/12/2003)

AU-2003.020 -- AusCERT Update - Novell eDirectory SSL/TLS ASN.1 Parser and Novell NFS Server Incorrect Hostname Alias Handling Vulnerabilities - (08/12/2003)

AU-2003.019 -- AusCERT Update - Exploit Code Publicly Available for Microsoft Internet Explorer Cross Domain Scripting Vulnerabilities. - AusCERT advises that working proof of concept exploit code has now been published for several versions of Microsoft Internet Explorer. (27/11/2003)

AU-2003.018 -- AusCERT Update - Exploit code publically available for Microsoft vulnerabilities MS03-049 and MS03-051 - (19/11/2003)

AU-2003.017 -- AusCERT Update - New Worm: W32.Paylap - (14/11/2003)

AU-2003.016 -- AusCERT Update - Exploit Code Publicly Available For Microsoft Vulnerability MS03-043 - AusCERT advises that working exploit code has now been published for the Microsoft Windows Messenger Service vulnerability described in AusCERT ALERT AL-2003.22 (22/10/2003)

AU-2003.015 -- AusCERT Update - New email virus/worm "Swen" masquerades as Microsoft Update - Users and system administrators should be aware of a new mass-mailer worm that claims to be either the "September 2003, Cumulative Patch" or a qmail delivery failure notice with an executable attachment. (19/09/2003)

AU-2003.014 -- AusCERT Update - Exploit Code Publicly Available For Microsoft Vulnerability MS03-039 - AusCERT advises that working exploit code has now been published for the most recent Microsoft Remote Procedure Call (RPC) vulnerability described in AusCERT ALERT AL-2003.15 , "Buffer Overrun In RPCSS Service Could Allow Code Execution (824146)" (17/09/2003)

AU-2003.012 -- AusCERT Update - RealNetworks Server Suite Remote Buffer Overflow Vulnerability - RealNetworks have confirmed a vulnerability which allows an unauthorised remote user to gain root/administrator privileges. An exploit is publically available and AusCERT has become aware of increasing scanning activity for this particular vulnerability (02/09/2003)

AU-2003.011 -- AusCERT Update - Worm (MSBLASTER) propagation for recent Microsoft RPC vulnerability - AusCERT has received reports of the wide spread propagation of a new worm: MSBLASTER. This worm exploits the Microsoft Windows DCOM RPC vulnerability announced July 16, 2003. (18/08/2003)

AU-2003.010 -- AusCERT Update - Exploit Code Publicly Available For Recent Microsoft RPC Vulnerability - AusCERT advises that an exploit has now been published for the Microsoft Remote Procedure Call (RPC) vulnerability described in AusCERT ALERT AL-2003.11, "Buffer Overrun In RPC Interface Could Allow Code Execution (Q823980) - Microsoft Security Bulletin MS03-026" (UPDATED) (29/07/2003)

AU-2003.009 -- AusCERT Update - Exploit Code Publicly Available For Recent Cisco DoS Vulnerability - AusCERT has confirmed that working exploit code for the "Cisco IOS Interface Blocked by IPv4 Packet" vulnerability has now been made publicly available. (18/07/2003)

AU-2003.008 -- AusCERT Update - Media Reports on the "DEFACEMENT CHALLENGE" - AusCERT has observed an increase in the number of media reports regarding the "defacement challenge". This is a loosely arranged competition where contestants attempt to deface as many websites in the shortest possible time. The competition is scheduled to occur on July 6, 2003. (03/07/2003)

AU-2003.007 -- AusCERT Update - WORM_SOBIG.E activity increase - AusCERT has noticed activity by a new variant of the W32/SOBIG worm. WORM_SOBIG.E is spread by network shares and e-mail using its own SMTP engine. (26/06/2003)

AU-2003.006 -- AusCERT Update - Update to Recent Samba and Microsoft WebDAV Security Bulletins - This AusCERT Update is to provide you with additional information regarding two recent security bulletins; ESB-2003.0171 "Samba" and AL-2003.02 "Microsoft IIS WebDAV Remote Compromise Vulnerability". Both bulletins discuss vulnerabilities with impacts of root/Administrator compromise. (19/03/2003)

AU-2003.005 -- AusCERT Update - W32/Deloder-A worm activity - (10/03/2003)

AU-2003.004 -- AusCERT Update - Possible False Positive Attack Signatures in Sendmail Error Logs - (05/03/2003)

AU-2003.003 -- AusCERT Update - Sendmail Proof of Concept Code Available - New Version of BIND - (05/03/2003)

AU-2003.002 -- AusCERT Update - "Slammer" Worm Causing Wide Spread DDoS Effect - (25/01/2003)

AU-2003.001 -- AusCERT Update - Information Leakage from Padding of Undersized Ethernet Frames - (10/01/2003)

AU-2002.011 -- AusCERT Update - Networks affected negatively by FriendGreetings E-Card program - (30/10/2002)

AU-2002.010 -- AusCERT Update - Recent Increase in Malicious Activity Targeting Windows Hosts - AusCERT has seen a recent increase in system compromises which follow closely to the pattern of activity described in AusCERT Advisory AA-2002.03 [1]. The cause of these compromise appears to be a new worm-like tool targeting Windows NT/2002/XP hosts. (25/10/2002)

AU-2002.009 -- AusCERT Update - False Positive Virus Reports Using McAfee Anti-Virus Products - This update is meant to draw your attention to a recent issue discovered with the McAfee anti-virus product line. McAfee have received reports of false positive detections of the W32/Insane.dam virus while using the VirusScan, Netshield, and Virex anti-virus products. (23/10/2002)

AU-2002.008 -- AusCERT Update - Updated Information Regarding BugBear Virus - (03/10/2002)

AU-2002.007 -- AusCERT Update - Serious Vulnerability Fixed in Microsoft Windows XP Service Pack 1 - (12/09/2002)

AU-2002.006 -- AusCERT Update - Public DoS Exploit Tools for Vulnerabilities in Windows SMB - (30/08/2002)

AU-2002.005 -- AusCERT Update - SSL Vulnerabilities in IE and Konqueror (UPDATE) - (16/08/2002)

AU-2002.004 -- AusCERT Update - SSL Vulnerabilities in Internet Explorer and Konqueror - (13/08/2002)

AU-2002.003 -- AusCERT Update - Updated information regarding SNMP vulnerabilities - (18/03/2002)

AU-2002.002 -- AusCERT Update - Multiple Vulnerabilities in Oracle Products - (12/03/2002)


Previous  1, 2, 3, 4, 5  Next denotes AusCERT member only content.