:: IT Security Neophyte Investigator's MEMO ::: 20日水曜日、大安

2010年1月20日水曜日

20日水曜日、大安

+ RHSA-2010:0054-1: Moderate: openssl security update
http://rhn.redhat.com/errata/RHSA-2010-0054.html

[ANN] Apache Archiva 1.3 Released
http://archiva.apache.org/download.html

「安全なウェブサイトの作り方　改訂第4版」を公開
http://www.ipa.go.jp/security/vuln/websecurity.html

JPCERT/CC WEEKLY REPORT 2010-01-20
http://www.jpcert.or.jp/wr/2010/wr100201.html

JVNVU#360341 BIND 9 の DNSSEC 検証コードに脆弱性
http://jvn.jp/cert/JVNVU360341/index.html

JVNDB-2009-002426 複数の SSL VPN (Web VPN) 製品においてウェブブラウザのセキュリティが迂回される問題
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002426.html

JVNDB-2009-002425 dstat における Python module の検索パスに関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002425.html

JVNDB-2009-002424 PI Server の OSIsoft PI System におけるデータベースの情報を変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002424.html

JVNDB-2009-002319 SSL および TLS プロトコルに脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002319.html

JVNDB-2009-002263 Xpdf および Poppler の ImageStream::ImageStream 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002263.html

JVNDB-2009-002261 Xpdf および Poppler の PSOutputDev::doImageL1Sep 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002261.html

Security Patch for for BIND 9.6.1 Released
http://isc.sans.org/diary.html?storyid=8029

When Rogue On-Line Pharmacies Take Over Forum Discussions
http://isc.sans.org/diary.html?storyid=8032

Vulnerability Note VU#144233: Rockwell Automation Allen-Bradley MicroLogix PLC authentication and authorization vulnerabilities
http://www.kb.cert.org/vuls/id/144233

■BIND 9の脆弱性を利用したサービス不能(DoS)攻撃について
- パッチ適用を推奨 -
http://jprs.jp/tech/security/bind9-vuln-bogus-nxdomain.html

BIND DNSSEC NSEC/NSEC3 Error May Let Remote Users Spoof NXDOMAIN Responses
http://securitytracker.com/alerts/2010/Jan/1023474.html

Mac OS X Image Raw Buffer Overflow in Processing DNG Image Files Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023473.html

Mac OS X CoreAudio Buffer Overflow in Playing MP4 Audio Files Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023472.html

HP Power Manager Username and Password Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023470.html

Pidgin MSN <= 2.6.4 File Download Vulnerability
http://www.exploit-db.com/exploits/11203

RM Downloader .m3u BOF (SEH)
http://www.exploit-db.com/exploits/11202

+ ISC BIND 9.4.3-P5,9.5.2-P2,9.6.1-P3 released
http://ftp.isc.org/isc/bind9/9.4.3-P5/9.4.3-P5
http://ftp.isc.org/isc/bind9/9.6.1-P3/9.6.1-P3
http://ftp.isc.org/isc/bind9/9.5.1-P2/9.5.1-P2

+ BIND 9 Cache Update from Additional Section (Updated 19Jan2010)
https://www.isc.org/advisories/CVE-2009-4022v6

+ BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
https://www.isc.org/advisories/CVE-2010-0097
http://www.kb.cert.org/vuls/id/360341
http://www.securityfocus.com/bid/37865

+ Samba 3.4.5 Available for Download
http://news.samba.org/releases/3.4.5/
http://samba.org/samba/history/samba-3.4.5.html

+ RHSA-2010:0046-1: Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0046.html

+ Windows Kernel #GP Trap Handler Flaw Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Jan/1023471.html
http://isc.sans.org/diary.html?storyid=8023
http://www.exploit-db.com/exploits/11199
http://www.securityfocus.com/bid/37864

+ Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274870-1

HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01971741

HPSBMA02474 SSRT090107 rev.2 - HP Power Manager, Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01905743

Sun StorageTek VM/HSC Dynamic Reconfiguration Fails With ABEND S0C4 After Applying PTF L1H151B (VM/HSC 6.1) or PTF L1H153D (VM/HSC 6.2)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275670-1

APSB10-03: Security update available for Shockwave Player
http://www.adobe.com/support/security/bulletins/apsb10-03.html

Document ID: 340278: Storage Foundation for Windows 5.1 (SFW) and Service Pack 1 (SP1) requires at least a 40GB Boot Partition for Windows 2008 Server X64, when booting from a SAN device (BFS) with Dynamic Multi-pathing (DMP).
http://seer.entsupport.symantec.com/docs/340278.htm

RHBA-2010:0047-1: strace bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0047.html

RHBA-2010:0050-1: glibc bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0050.html

RHBA-2010:0052-1: util-linux bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0052.html

RHBA-2010:0048-1: ruby bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0048.html

RHBA-2010:0049-1: glibc bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0049.html

RHBA-2010:0051-1: util-linux bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0051.html

Nikolas Sotiriu : Google Wave Design Bugs
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31496

CYBSEC : FreePBX 2.5.x Information disclosure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31499

CYBSEC : FreePBX 2.5.x-2.6 Permanent XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31500

CYBSEC : FreePBX 2.5.1 SQL Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31501

Independent Researcher : Study of BlackBerry Proof-of-Concept Malicious Applications (Whitepaper)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31497

Independent Researcher : AOL ActiveX - Hail to The Francis
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31498

Independent Researcher : Code to mitigate IE event zero-day (CVE-2010-0249)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31505

Mandriva : transmission
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31491

Mandriva : transmission
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31492

Securitylab.ir : 0day vulnerability Sogou input method to obtain system privileges
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31504

Ubuntu Security Notice : LibThai vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31493

Ubuntu Security Notice : Pidgin vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31494

Ubuntu Security Notice : LibThai vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31495

ドイツやフランスの政府機関、「IEの利用中止」を推奨
グーグルなどへの攻撃に脆弱性が悪用、「パッチ適用までは別ブラウザーを」
http://itpro.nikkeibp.co.jp/article/NEWS/20100120/343477/?ST=security

フォーティーネット、40Gbpsのスループットをもつ新UTMを発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100119/343462/?ST=security

[CORELAN-10-006] BOF Vulnerability in S.O.M.P.L. Player
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00158.html

[ MDVSA-2010:016 ] wireshark
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00157.html

[ MDVSA-2010:018 ] phpMyAdmin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00156.html

[security bulletin] HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitra
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00152.html

[ MDVSA-2010:017 ] ruby
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00149.html

[ MDVSA-2010:015 ] roundcubemail
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00143.html

Blaze Apps Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00148.html

ezContents CMS Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00147.html

Baidu Security Center FireFoxProxy ActiveX Remote Exec 0day POC
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00145.html

Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00146.html

Xunlei XPPlayer ActiveX Remote Exec 0day POC
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00144.html

Multiple Vulnerabilities in XOOPS 2.4.3 and earlier
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00159.html

OpenOffice for Windows ".slk" File Parsing Null Pointer Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00142.html

JBroFuzz 1.9 Fuzzer Released!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00141.html

Forensic challenges
http://isc.sans.org/diary.html?storyid=8014

The IE saga continues, out-of-cycle patch coming soon
http://isc.sans.org/diary.html?storyid=8017

49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
http://isc.sans.org/diary.html?storyid=8020

Unpatched Microsoft Windows (all versions) Privilege Escalation Vulnerability Released
http://isc.sans.org/diary.html?storyid=8023

Apple Security Update 2010-001
http://isc.sans.org/diary.html?storyid=8026
http://support.apple.com/kb/HT4004

Vulnerability Note VU#360341: BIND 9 DNSSEC validation code could cause fake NXDOMAIN responses
http://www.kb.cert.org/vuls/id/360341

Sun Java System Web Server Heap Overflow in Processing TRACE Requests Lets Remote Users Execute Arbitary Code
http://securitytracker.com/alerts/2010/Jan/1023469.html

Bits Video Script Arbitrary File Upload and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38252/

MySmartBB SQL Injection Vulnerability
http://secunia.com/advisories/38249/

Thelia Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38248/

Rockwell Automation MicroLogix Controller Security Issue and Vulnerability
http://secunia.com/advisories/38246/

MoinMoin "sys.argv" Information Disclosure Vulnerability
http://secunia.com/advisories/38242/

LetoDMS Local File Inclusion and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/38237/

Ubuntu update for pidgin
http://secunia.com/advisories/38236/

AOL 9.5 ActiveX Heap Overflow Vulnerability
http://www.exploit-db.com/exploits/11190

Windows NT User Mode to Ring 0 Escalation Vulnerability
http://www.exploit-db.com/exploits/11199

Millenium MP3 Studio v1.X (.m3u File) Local Stack Overflow
http://www.exploit-db.com/exploits/11191

Internet Explorer CVE-2010-0249 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37815

Wireshark 0.9.0 through 1.2.4 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37407

phpMyAdmin 'unserialize()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37861

phpMyAdmin Insecure Temporary File and Directory Creation Vulnerabilities
http://www.securityfocus.com/bid/37826

LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/35451

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935

Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/37269

Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37272

Adobe Flash Player and AIR JPEG File Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37266

CUPS File Descriptors Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37048

Adobe Flash Player and AIR (CVE-2009-3797) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37273

Adobe Flash Player and AIR 'exception_count' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37267

Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37270

Adobe Flash Player and AIR (CVE-2009-3798) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37275

HP Power Manager Script Login URI Buffer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37866

Zeus Web Server 'SSL2_CLIENT_HELLO' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37829

phpMySport Information Disclosure and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37856

Ruby WEBrick Terminal Escape Sequence in Logs Command Injection Vulnerability
http://www.securityfocus.com/bid/37710

THELIA Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37855

PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37333

PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37334

Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37203

Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37084

Adobe Flash Player SWF File Denial of Service Vulnerability
http://www.securityfocus.com/bid/37850

Roundcube Webmail Multiple Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/36920

MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
http://www.securityfocus.com/bid/37749

MIT Kerberos KDC Cross-Realm Referral NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37486

KDE KDELibs 'dtoa()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37080

Linux Kernel 'drivers/firewire/ohci.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/37339

Linux Kernel 'fuse_ioctl_copy_user()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37453

Linux Kernel 'net/ax25/af_ax25.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36635

Cute Editor for ASP.NET 'file' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35085

Libpurple MSN-SLP Emoticon Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37524

Microsoft SQL Server 'sp_replwritetovarbin' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/32710

Apple Mac OS X Image RAW 'DNG' Image Handling Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37869

Apple Mac OS X CoreAudio MP4 File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37868

HP Power Manager Export Logs Buffer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37867

ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37865

Microsoft Windows #GP Trap Handler Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37864

MySmartBB Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37863

XOOPS Arbitrary File Deletion and HTTP Header Injection Vulnerabilities
http://www.securityfocus.com/bid/37860

VisualShapers ezContents Authentication Bypass and Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37858

OpenOffice '.slk' File NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37857

Datalife Engine Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/37851

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)