copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Security Bul... » By Year » 2006
 

2006



Further Information
AA-2006.0005 -- [Win][UNIX/Linux] -- Proof of concept code exploiting Oracle Database Server vulnerability released - Proof of concept code has been released targeting a recently announced vulnerability in Oracle Database Server 9iR2 and 10gR1. (30/01/2006)

ESB-2006.0084 -- [UNIX/Linux][Debian] -- New lsh-utils packages fix local vulnerabilities - (27/01/2006)

ESB-2006.0083 -- [UNIX/Linux][Debian] -- New mailman packages fix denial of service - (27/01/2006)

ESB-2006.0082 -- [UNIX/Linux][Debian] -- New wine packages fix arbitrary code execution - (27/01/2006)

ESB-2006.0081 -- [Solaris] -- Security Vulnerabilities in Sun StorEdge Enterprise Backup Software (EBS) - (27/01/2006)

ESB-2006.0079 -- [Cisco] -- Cisco IOS AAA Command Authorization bypass vulnerability - (27/01/2006)

ESB-2006.0077 -- [FreeBSD] -- Local kernel memory disclosure - (27/01/2006)

ESB-2006.0068 -- [Debian] -- New ClamAV packages fix heap overflow - (27/01/2006)

ESB-2006.0076 -- [Win][UNIX/Linux] -- BEA WebLogic 14 security advisories released for WebLogic Server, Express and Portal - (25/01/2006)

denotes AusCERT member only content. AA-2006.0004 -- [Win][UNIX/Linux] -- Multiple PHP web applications ADOdb with PostgreSQL SQL injection - The ADOdb database interface library is incorporated in many popular web applications as well as web projects developed in-house. SQL injection attacks are possible when these applications are used with PostgreSQL. (25/01/2006)

AL-2006.0008 -- [HP-UX] -- HP-UX CIFS Server (Samba) Remote Execution of Arbitrary Code, Denial of Service (DoS) - (25/01/2006)

ESB-2006.0075 -- [Win][UNIX/Linux][Debian] -- New flyspray packages fix cross-site scripting - (25/01/2006)

ESB-2006.0074 -- [HP-UX] -- HP-UX Local Increased Privilege - (25/01/2006)

ESB-2006.0073 -- [Win][Linux][HP-UX][Solaris] -- HP Oracle for OpenView (OfO) Critical Patch Update January 2006 - (25/01/2006)

AL-2006.0007 -- [Win][Linux][HP-UX][Solaris][AIX] -- Computer Associates multiple products remote buffer overflow in iGateway component - Multiple CA iTechnology products incorporate the iGateway component, which contains a buffer overflow potentially allowing remote attackers to execute arbitrary code with full SYSTEM or root privileges. (24/01/2006)

ESB-2006.0072 -- [Debian] -- New libapache-auth-ldap packages fix arbitrary code execution - (24/01/2006)

ESB-2006.0071 -- [Win][UNIX/Linux][Debian] -- New trac packages fix SQL injection and cross-site scripting - (24/01/2006)

ESB-2006.0070 -- [Debian] -- New CUPS packages fix arbitrary code execution - (24/01/2006)

AU-2006.0005 -- AusCERT Update - [Win] - "Blackmal" email worm variant will cause file destruction - A variant of the "Blackmal" email worm reported in AL-2006.0005 is currently spreading rapidly and carries a payload that will destroy files on the third day of each month. (24/01/2006)

AL-2006.0006 -- Fake Reserve Bank of Australia email and website entice users to disclose banking ATM card number and PIN - A new fraudulent email is being sent, falsely claiming to be from the Reserve Bank of Australia. The email entices users to visit a fake Reserve Bank website and enter their banking ATM debit card details and PIN. (24/01/2006)

AA-2006.0003 -- [Win][UNIX/Linux] -- Thunderbird 1.5 release fixes email attachment type spoofing vulnerability - (23/01/2006)

ESB-2006.0069 -- [Debian] -- New kdelibs packages fix buffer overflow - (23/01/2006)

ESB-2006.0067 -- [UNIX/Linux][Debian] -- New sudo packages fix privilege escalation - (23/01/2006)

ESB-2006.0066 -- [HP-UX] -- SSRT5971 rev.1 - HP-UX Running ftpd Remote Denial of Service (DoS) - (20/01/2006)

ESB-2006.0064 -- [UNIX/Linux][RedHat] -- Moderate: tetex security update - (20/01/2006)

ESB-2006.0063 -- [Win][Linux] -- F-Secure ZIP and RAR-archive Handling Vulnerability - Specially crafted ZIP archives may be used to execute code on affected systems due to a buffer overflow in several F-Secure anti-virus products. (20/01/2006)

ESB-2006.0058 -- [UNIX/Linux][RedHat] -- Important: kernel security update - (20/01/2006)

ESB-2006.0065 -- [UNIX/Linux][RedHat] -- Critical: kdelibs security update - (20/01/2006)

ESB-2006.0062 -- [Win][UNIX/Linux] -- Oracle Products Contain Multiple Vulnerabilities - (19/01/2006)

AL-2006.0004 -- [FreeBSD] -- IEEE 802.11 buffer overflow - An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks may result in the execution of arbitary code. (19/01/2006)

ESB-2006.0061 -- [Cisco] -- IOS Stack Group Bidding Protocol Crafted Packet DoS - (19/01/2006)

ESB-2006.0060 -- [Cisco] -- Cisco Call Manager Privilege Escalation - (19/01/2006)

ESB-2006.0059 -- [Cisco] -- Cisco Call Manager Denial of Service - (19/01/2006)

AL-2006.0005 -- [Win] -- Increased activity of mass-mailer W32.Blackmal.E@mm - AusCERT has detected high levels of a new mass-mailer called W32.Blackmal.E@mm. (19/01/2006)

denotes AusCERT member only content. AA-2006.0002 -- [Win][UNIX/Linux] -- PHP Toolkit for PayPal v0.50 vulnerabilities - (18/01/2006)


Previous  1, 2, 3 ... 32, 33, 34, 35  Next denotes AusCERT member only content.



Comments? Click here http://www.auscert.org.au/render.html?cid=5874&it=5874