[pacnog] AusCERT Week in Review - Week Ending 13/04/2012 (AUSCERT#20073F

  • To: <pacnog at pacnog dot org>
  • Subject: [pacnog] AusCERT Week in Review - Week Ending 13/04/2012 (AUSCERT#20073F686)
  • From: "Jonathan Levine" <jonathan at auscert dot org dot au>
  • Date: Fri, 13 Apr 2012 16:37:06 +1000
  • Delivered-to: pacnog at mailman dot apnic dot net
  • List-archive: <http://mailman.apnic.net/mailing-lists/pacnog>
  • List-help: <mailto:pacnog-request@pacnog.org?subject=help>
  • List-id: Pacific Network Operators Group <pacnog.pacnog.org>
  • List-post: <mailto:pacnog@pacnog.org>
  • List-subscribe: <http://mailman.apnic.net/mailman/listinfo/pacnog>, <mailto:pacnog-request@pacnog.org?subject=subscribe>
  • List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/pacnog>, <mailto:pacnog-request@pacnog.org?subject=unsubscribe>
  • Thread-index: AQHNGT4qWde3m/5Cwk6M5zli8NVEwpaYTD7ggAAAxQA=
    • 13 April 2012
      
      Alerts, Advisories and Updates:
      - -------------------------------
      Title: ASB-2012.0005.3 - UPDATE [Win][UNIX/Linux] Wireshark: Denial of
      service
             - Remote with user interaction
      Date:  12 April 2012
      URL:   http://www.auscert.org.au/15327
      
      Title: ASB-2012.0043.2 - UPDATE [Win][UNIX/Linux] Wireshark: Denial of
      service
             - Remote with user interaction
      Date:  12 April 2012
      URL:   http://www.auscert.org.au/15651
      
      Title: ASB-2012.0054 - [Win][UNIX/Linux] Novell ZENworks Configuration
             Management: Multiple vulnerabilities
      Date:  12 April 2012
      URL:   http://www.auscert.org.au/15708
      
      Title: ASB-2012.0055 - [Win][Netware][RedHat][SUSE] Novell iManager: Denial
      of
             service - Existing account
      Date:  12 April 2012
      URL:   http://www.auscert.org.au/15709
      
      Title: ASB-2012.0056 - [Win][RedHat][Solaris] RealNetworks Helix Server &
             Helix Mobile Server: Multiple vulnerabilities
      Date:  12 April 2012
      URL:   http://www.auscert.org.au/15710
      
      Title: ASB-2012.0057 - [Win][UNIX/Linux] Oracle MySQL Server: Reduced
      security
             - Unknown/unspecified
      Date:  12 April 2012
      URL:   http://www.auscert.org.au/15711
      
      Title: ASB-2012.0058 - [Win][UNIX/Linux] Novell ZENworks Configuration
             Management: Access confidential data - Remote/unauthenticated
      Date:  12 April 2012
      URL:   http://www.auscert.org.au/15715
      
      Title: ASB-2012.0051 - [Win][UNIX/Linux] Google Chrome: Multiple
             vulnerabilities
      Date:  10 April 2012
      URL:   http://www.auscert.org.au/15691
      
      Title: ASB-2012.0052 - [Win][UNIX/Linux] Wireshark: Denial of service -
      Remote
             with user interaction
      Date:  10 April 2012
      URL:   http://www.auscert.org.au/15694
      
      Title: ASB-2012.0053 - [Appliance] Siemens Scalance X Switches: Denial of
             service - Remote/unauthenticated
      Date:  10 April 2012
      URL:   http://www.auscert.org.au/15695
      
      
      External Security Bulletins:
      - ----------------------------
      Title: ESB-2012.0371 - [Win][VMware ESX][UNIX/Linux] VMware products:
             Increased privileges - Existing account 
      Date:  13 April 2012
      OS:    IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
             Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
             Variants, Virtualisation, SUSE, Windows 2000, OpenBSD, AIX, Windows
             Vista, FreeBSD, Windows Server 2008, Other Linux Variants 
      URL:   http://www.auscert.org.au/15719
      
      Title: ESB-2012.0370 - [RedHat] Red Hat Enterprise MRG Management Console:
             Cross-site scripting - Existing account 
      Date:  13 April 2012
      OS:    Red Hat Linux 
      URL:   http://www.auscert.org.au/15718
      
      Title: ESB-2012.0369 - [Debian] samba: Root compromise -
             Remote/unauthenticated 
      Date:  13 April 2012
      OS:    Debian GNU/Linux 
      URL:   http://www.auscert.org.au/15717
      
      Title: ESB-2012.0368 - [Mac][OSX] Java: Reduced security - Remote with user
             interaction 
      Date:  13 April 2012
      OS:    Mac OS X 
      URL:   http://www.auscert.org.au/15716
      
      Title: ESB-2012.0367 - [Debian] sqlalchemy: Execute arbitrary code/commands
      -
             Remote/unauthenticated 
      Date:  12 April 2012
      OS:    Debian GNU/Linux 
      URL:   http://www.auscert.org.au/15714
      
      Title: ESB-2012.0366 - [Appliance] HP Procurve 5400 zl Series Switches:
             Reduced security - Existing account 
      Date:  12 April 2012
      OS:    HP-UX 
      URL:   http://www.auscert.org.au/15713
      
      Title: ESB-2012.0365 - [RedHat] tomcat5 & tomcat6: Denial of service -
             Remote/unauthenticated 
      Date:  12 April 2012
      OS:    Red Hat Linux 
      URL:   http://www.auscert.org.au/15712
      
      Title: ESB-2012.0364 - [UNIX/Linux][Ubuntu] puppet: Multiple vulnerabilities
      
      Date:  11 April 2012
      OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
             GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
             Other Linux Variants 
      URL:   http://www.auscert.org.au/15707
      
      Title: ESB-2012.0363 - [RedHat] acroread: Multiple vulnerabilities 
      Date:  11 April 2012
      OS:    Red Hat Linux 
      URL:   http://www.auscert.org.au/15706
      
      Title: ESB-2012.0362 - [RedHat] libtiff: Multiple vulnerabilities 
      Date:  11 April 2012
      OS:    Red Hat Linux 
      URL:   http://www.auscert.org.au/15705
      
      Title: ESB-2012.0361 - [RedHat] freetype: Multiple vulnerabilities 
      Date:  11 April 2012
      OS:    Red Hat Linux 
      URL:   http://www.auscert.org.au/15704
      
      Title: ESB-2012.0360 - ALERT [Win][UNIX/Linux][RedHat] samba & samba3x:
             Multiple Vulnerabilities 
      Date:  11 April 2012
      OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
             Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
             Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
             Other Linux Variants, Windows Server 2008 
      URL:   http://www.auscert.org.au/15703
      
      Title: ESB-2012.0359 - [Win][Linux][OSX] Adobe Reader & Acrobat: Multiple
             Vulnerabilities 
      Date:  11 April 2012
      OS:    Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Debian GNU/Linux,
             Ubuntu, Windows XP, SUSE, Windows 2000, Windows Vista, Other Linux
             Variants, Windows Server 2008 
      URL:   http://www.auscert.org.au/15702
      
      Title: ESB-2012.0358 - [Win] Microsoft Office & Works: Execute arbitrary
             code/commands - Remote with user interaction 
      Date:  11 April 2012
      OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15701
      
      Title: ESB-2012.0357 - ALERT [Win] Microsoft Windows Common Controls:
      Execute
             arbitrary code/commands - Remote with user interaction 
      Date:  11 April 2012
      OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15700
      
      Title: ESB-2012.0356 - [Win] Microsoft Forefront Unified Access Gateway:
             Multiple vulnerabilities 
      Date:  11 April 2012
      OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15699
      
      Title: ESB-2012.0355 - [Win] Microsoft .NET Framework: Execute arbitrary
             code/commands - Remote with user interaction 
      Date:  11 April 2012
      OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15698
      
      Title: ESB-2012.0354 - [Win] Microsoft Windows: Execute arbitrary
             code/commands - Remote with user interaction 
      Date:  11 April 2012
      OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15697
      
      Title: ESB-2012.0353 - [Win] Microsoft Internet Explorer: Execute arbitrary
             code/commands - Remote with user interaction 
      Date:  11 April 2012
      OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15696
      
      Title: ESB-2012.0352 - [Juniper] Juniper IVE OS: Multiple Vulnerabilities 
      Date:  10 April 2012
      URL:   http://www.auscert.org.au/15693
      
      Title: ESB-2012.0351 - [Win][UNIX/Linux][Debian] inspircd: Execute arbitrary
             code/commands - Remote/unauthenticated 
      Date:  10 April 2012
      OS:    IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
             Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
             Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
             Other Linux Variants, Windows Server 2008 
      URL:   http://www.auscert.org.au/15692
      
      Title: ESB-2012.0350 - ALERT [Win] Microsoft: Microsoft Security Bulletin
             Advance Notification for April 2012 
      Date:  10 April 2012
      OS:    Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15690
      
      Title: ESB-2012.0326.2 - UPDATE [Win][UNIX/Linux] Adobe Flash Player:
      Multiple
             vulnerabilities 
      Date:  10 April 2012
      OS:    IRIX, Solaris, HP Tru64 UNIX, Windows 2003, Red Hat Linux, Windows 7,
             Mac OS X, Debian GNU/Linux, Ubuntu, Windows XP, HP-UX, Other BSD
             Variants, SUSE, Windows 2000, OpenBSD, AIX, FreeBSD, Windows Vista,
             Windows Server 2008, Other Linux Variants, IRIX, HP Tru64 UNIX,
             Solaris, Windows 2003, Red Hat Linux, Windows 7, Mac OS X, Debian
             GNU/Linux, Ubuntu, Windows XP, HP-UX, Other BSD Variants, SUSE,
      Windows
             2000, OpenBSD, AIX, FreeBSD, Windows Vista, Other Linux Variants,
             Windows Server 2008 
      URL:   http://www.auscert.org.au/15657