News & Media
Become a member »
Advisories are Security Bulletins that are written by AusCERT to provide information to members about vulnerabilities and/or threat activity. Advisories are often member-only access.
AA-2008.0264 -- [Win][Netware][UNIX/Linux] -- Malformed CAB files may crash Sophos Anti-virus
AA-2009.0150 -- [Win][UNIX/Linux] -- php: Denial of Service
AA-2009.0157 -- [Win][UNIX/Linux] -- Tor: Denial of Service
- Tor 0.2.0.35 has been released fixing two security issues and a number of bugs.
AA-2009.0058 -- [Win][UNIX/Linux] -- ModSecurity 2.5.9 Released
- ModSecurity 2.5.9 has been released correcting two security vulnerabillities.
AA-2009.0153 -- [UNIX/Linux] -- Nagios: Execute Arbitrary Code
- A vulnerability has been identified in Nagios prior to 3.1.1.
AA-2009.0051 -- [Win][UNIX/Linux] -- A vulnerability has been identified in IBM Websphere Application Server
- A vulnerability has been corrected in IBM WebSphere Application Server prior to version 220.127.116.11
AA-2009.0156 -- [Win][Linux][HP-UX][Solaris][AIX] -- IBM Rational ClearQuest: Multiple Vulnerabilities
- Two fix packs have been released for ClearQuest 7.
AA-2009.0155 -- [Win] -- Google Chrome: Execute Arbitrary Code
- A buffer overflow vulnerability has been reported in Google Chrome.
AA-2009.0154 -- [Linux] -- Openswan: Denial of Service
- Two denial of service vulnerabilities in Openswan.
AA-2009.0152 -- [Cisco] -- Cisco ASA: Access Privileged Data
- Cisco Adaptive Security Appliance software was found to have a security vulnerability when configured to accept Clientless SSL VPN connections.
AA-2009.0151 -- [Win] -- Foxit Reader: Execute Arbitrary Code
- Two security vulnerabilities have been corrected in Foxit Reader 3.0 and JPEG/JBIG2 Decoder add-on version 2.0.2009.303
AA-2009.0149 -- [Win][UNIX/Linux] -- Apache Web Server: Denial of Service
- A tool has been released allowing attackers to perform denial of service attacks against Apache Web servers.
AA-2009.0148 -- [Linux] -- strongSwan: Denial of Service
- Two denial of service vulnerabilities have been reported in strongSwan due to an error in the pluto IKE daemon.
AA-2009.0147 -- [Win][UNIX/Linux] -- SquirrelMail web server compromise
- The SquirrelMail web server was discovered to be compromised at 17:00 GMT on the 16th of June 2009.
AA-2009.0146 -- [Win][UNIX/Linux] -- International Components for Unicode: Cross-site Scripting
- International Components (ICU) for Unicode is vulnerable to a cross-site-scripting attack due to improper handling of certain character encodings.
AA-2009.0143 -- [Appliance] -- f5 FirePass: Cross-site Scripting
- A security vulnerability has been corrected in f5 FirePass.
AA-2009.0078 -- [Win][UNIX/Linux] -- IBM WebSphere Application Server: Multiple Vulnerabilities
- Multiple Vulnerabilities in IBM WebSphere Application Server versions 6.1 and 7.0
AA-2009.0145 -- [Win][UNIX/Linux][Mac][OSX] -- HTTPS: Multiple Vulnerabilities
- A research paper from Microsoft has identified security risks affecting all major browsers and many websites when communicating via a proxy server.
AA-2009.0139 -- [Win][UNIX/Linux] -- libpng: Reduced Security
- A security vulnerability has been confirmed in libpng.
AA-2009.0144 -- [Win][UNIX/Linux] -- MoinMoin: Inappropriate Access
- MoinMoin 1.8.4 has been released correcting a security vulnerability.
AA-2009.0140 -- [Win][UNIX/Linux] -- Ruby: Denial of Service
- A security vulnerability has been reported in the BigDecimal library of Ruby.
AA-2009.0142 -- [Win] -- Novell Client: Reduced Security
- Novell have released a patch for the Novell Client v4.91 SP4, correcting a number of security vulnerabilities.
AA-2009.0141 -- [Win] -- Google Chrome: Multiple Vulnerabilities
- A number of security vulnerabilities have been corrected in the latest version of Google Chrome.
AA-2009.0138 -- [AIX] -- Portmapper: Denial of Service
- IBM have confirmed a security vulnerability in AIX 5.3.
AA-2009.0137 -- [Appliance][Cisco] -- Cisco IronPort: Cross-Site Scripting
- Cisco has confirmed a security vulnerability in the IronPort AsyncOS.
AA-2009.0136 -- [Win][UNIX/Linux] -- Joomla!: Cross-site Scripting
- Three cross site scripting vulnerabilities have been found in Joomla!
AA-2009.0134 -- [Linux] -- strongSwan: Denial of Service
- Two denial of service vulnerabilities have been reported in strongSwan due to an error in the IKEv2 charon daemon.
AA-2009.0135 -- [Win][Linux][HP-UX][Solaris][AIX] -- DB2 9.5 and 9.1: Multiple vulnerabilities
- Multiple vulnerabilities have been found in IBM DB2 9.5 and 9.1.
AA-2009.0133 -- [Netware][Linux] -- Novell Netstorage: Multiple Vulnerabilities
- Novell have released a patch correcting three security vulnerabilities in Novell Netstorage, including a file path disclosure, a cross-site scripting vulnerability and a denial of service attack.
AA-2009.0132 -- [IBM HMC] -- IBM Hardware Management Console: Reduced Security
- An unspecified vulnerability has been identified in IBM Hardware Management Console (HMC) Version 7 Release 3.4.0 Service Pack 2.
AA-2009.0131 -- [Win] -- Microsoft DirectShow: Execute Arbitrary Code
- A vulnerability in Microsoft DirectX, which could allow remote execution of arbitrary code, is currently being investigated.
AA-2009.0130 -- [Win][UNIX/Linux] -- ImageMagick: Execute Arbitrary Code
- ImageMagick 6.5.2-9 has been released correcting one security vulnerability.
AA-2009.0129 -- [Win][UNIX/Linux] -- libsndfile: Execute Arbitrary Code
- A multiple heap-based buffer overflow vulnerability has been found in libsndfile.
AA-2009.0128 -- [Win][UNIX/Linux] -- DotNetNuke: Execute Arbitrary Code
- Two security vulnerabilitie have been corrected in DotNetNuke.
AA-2009.0127 -- [Win] -- Nortel Contact Center Manager: Inappropriate Access
- Nortel has released two security bulletins identifying vulnerabilities in the Nortel Contact Center Manager.
denotes AusCERT member only content.
Comments? Click here