AusCERT - 2007

copyright | disclaimer | privacy | contact

HOME

About AusCERT

Membership

Contact Us

PKI Services

Training

Publications

Sec. Bulletins

Conferences

News & Media

Services

Web Log

Site Map

Site Help

Member login

2007

Further Information
ESB-2007.0024 -- [RedHat] -- Critical: Adobe Acrobat Reader security update - (23/01/2007)

ESB-2007.0038 -- [UNIX/Linux][Debian] -- New netrik packages fix arbitary shell command execution - (22/01/2007)

ESB-2007.0033 -- [Win][UNIX/Linux] -- Security Vulnerability in Processing GIF Images in the Java Runtime Environment May Allow an Untrusted Applet to Elevate Privileges - (22/01/2007)

ESB-2007.0037 -- [RedHat] -- Moderate: kernel security update - (19/01/2007)

ESB-2007.0035 -- [Appliance] -- Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-001 Through MS07-004 - (19/01/2007)

ESB-2007.0032 -- [Appliance][Cisco] -- SSL/TLS Certificate and SSH Public Key Validation Vulnerability - A vulnerability exists in the way Cisco CS-MARS and ADSM validate SSL/TLS certificates and SSH keys allowing a malicious user to impersonate a managed device, potentially leading to information disclosure or provide misleading information. (19/01/2007)

ESB-2007.0031 -- [UNIX/Linux][Debian] -- New cacti packages fix arbitrary code execution - (18/01/2007)

denotes AusCERT member only content. AA-2007.0003 -- [Win][UNIX/Linux][OSX] -- Oracle Critical Patch Update - January 2007 - Oracle has released a Critical Patch Update for January 2007 fixing 51 security issues. (18/01/2007)

ESB-2007.0030 -- [Win][UNIX/Linux] -- WordPress multiple vulnerabilities - (16/01/2007)

ESB-2007.0029 -- [Debian] -- New xfree86 packages fix privilege escalation - (16/01/2007)

ESB-2007.0028 -- [UNIX/Linux][Debian][OSX] -- New libsoup packages fix denial of service - (15/01/2007)

ESB-2007.0027 -- [Solaris] -- Third-party Applications Using GSS-API May Be Vulnerable to Compromise - (12/01/2007)

ESB-2007.0026 -- [FreeBSD] -- Jail rc.d script privilege escalation - (12/01/2007)

ESB-2007.0025 -- [RedHat] -- Moderate: libgsf security update - (12/01/2007)

denotes AusCERT member only content. AL-2007.0011 -- [Win] -- CA ARCserve Backup and Protection Suite products - multiple critical vulnerabilities - A attacker who can connect to the backup server may compromise it and potentially use this control to restore malicious code to any backup client computers within the organisation. (11/01/2007)

AL-2007.0010 -- [Win][HP-UX][Linux][Solaris] -- HP OpenView Network Node Manager vulnerabilities allow remote compromise - A remote attacker may execute arbitrary code with the privileges of the NNM server, or read arbitrary files. (11/01/2007)

ESB-2007.0023 -- [VMware ESX] -- VMware ESX server security updates - (11/01/2007)

AU-2007.0002 -- AusCERT Update - [Win] - ColdFusion vulnerability allows reading of file contents - (11/01/2007)

ESB-2007.0022 -- [Cisco] -- Cisco IOS DLSw Denial of Service Vulnerability - (11/01/2007)

ESB-2007.0021 -- [Win] -- Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability - (11/01/2007)

ESB-2007.0020 -- [Solaris][Linux][Win] -- Security Vulnerability With StarOffice/StarSuite Versions 6, 7 and 8 Related to the '.wmf' File Format - (11/01/2007)

ESB-2007.0019 -- [Solaris] -- A Security Vulnerability in Solaris libnsl(3LIB) may lead to remote DoS of rpcbind(1M) - (11/01/2007)

ESB-2007.0018 -- [RedHat] -- Important: xorg-x11 security update - (11/01/2007)

ESB-2007.0017 -- [RedHat] -- Important: XFree86 security update - (11/01/2007)

ESB-2007.0016 -- [Win] -- Patch available for ColdFusion MX 7 information disclosure issue - (10/01/2007)

ESB-2007.0015 -- [UNIX/Linux] -- Multiple vendor X server privilege escalation vulnerabilities via Render and DBE - (10/01/2007)

ESB-2007.0013 -- [RedHat] -- Moderate: flash-plugin security update - (10/01/2007)

AU-2007.0001 -- AusCERT Update - [Win][Linux] - Server-side workarounds to prevent cross-site scripting due to Adobe Reader and Acrobat - The mitigations in this bulletin help guard against the possibility that some customers or users of an authenticated website may still have the vulnerable versions of Adobe Reader installed. (10/01/2007)

AL-2007.0009 -- [Win][UNIX/Linux] -- Multiple vulnerabilities in Adobe Reader and Acrobat 7.0.8 and prior - New vulnerabilities allowing remote compromise of the client computer are addressed, as well as the serious cross-domain vulnerability described in ESB-2007.0001. (10/01/2007)

AL-2007.0008 -- [UNIX/Linux] -- MIT Kerberos vulnerabilities allow remote compromise of key database - An unauthenticated user may cause kadmind to execute arbitrary code by sending specially crafted Kerberos packets. Third party server applications using the MIT krb5 GSS-API or RPC libraries may also be vulnerable. (10/01/2007)

ESB-2007.0012 -- [Win] -- MS07-001 - Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution - (10/01/2007)

AL-2007.0007 -- [Win] -- MS07-004 - Windows Vulnerability in Vector Markup Language Could Allow Remote Code Execution - Vulnerable computers may be compromised by a remote attacker if a user visits a malicious web page or views a malicious email. (09/01/2007)

AL-2007.0006 -- [Win] -- MS07-003 - Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution - An attacker may potentially compromise vulnerable computers remotely by sending a specially crafted email to a user. (09/01/2007)

AL-2007.0005 -- [Win][OSX] -- MS07-002 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - A remote attacker can potentially compromise vulnerable computers by supplying a specially crafted Excel file. (09/01/2007)

AA-2007.0002 -- [Linux] -- Novell Access Manager Identity Server cross-site scripting vulnerability - A remote attacker may potentially steal Identity Server authentication credentials. (09/01/2007)

Previous 1, 2, 3 ... , 37, 38, 39 Next denotes AusCERT member only content.