UPDATE: VMSA-2011-0006.1: VMware vmrun utility local privilege escalation
http://www.vmware.com/security/advisories/VMSA-2011-0006.html
海外情報セキュリティ関連文書の翻訳・調査研究(NIST文書など)
http://www.ipa.go.jp/security/publications/nist/index.html
JVNDB-2011-001330 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001330.html
JVNDB-2011-001329 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001329.html
JVNDB-2011-001328 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001328.html
JVNDB-2011-001327 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001327.html
JVNDB-2011-001326 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001326.html
JVNDB-2011-001325 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001325.html
JVNDB-2011-001324 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001324.html
JVNDB-2011-001323 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001323.html
JVNDB-2011-001322 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001322.html
JVNDB-2011-001321 複数の Apple 製品の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001321.html
JVNDB-2011-001320 BlackBerry Enterprise Server の PDF Distiller におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001320.html
JVNDB-2010-002778 BlackBerry Device Software のブラウザにおける同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002778.html
JVNDB-2010-001645 Apple Mac OS X 上で稼働する CUPS におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001645.html
JVNDB-2010-002317 CUPS の cupsFileOpen 関数における任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002317.html
JVNDB-2010-001670 CUPS の テキストフィルタサブシステムにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001670.html
JVNDB-2010-002318 CUPS の cupsd 内にある ipp.c における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002318.html
JVNDB-2010-001646 Apple Mac OS X 上で稼働する CUPS における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001646.html
JVNDB-2011-001183 Adobe Flash Player における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001183.html
GNOME Display Manager Race Condition Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/47063
- ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46491
Sudo version 1.8.1b4 released
http://www.sudo.ws/sudo/devel.html#1.8.1b4
Sudo version 1.7.6b4 released
http://www.sudo.ws/sudo/devel.html#1.7.6b4
Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b74117.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Secure Access Control System Unauthorized Password Change Vulnerability
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b7411a.html
Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b74114.shtml
Two Cisco advisories: cisco-sa-20110330-nac and cisco-sa-20110330-acs
http://isc.sans.edu/diary.html?storyid=10627
Cisco NAC Guest Server Configuration Error Lets Remote Users Bypass Authentication and Access the Network
http://www.securitytracker.com/id/1025272
Cisco Secure Access Control System Management Interface Bug Lets Remote Users Change Arbitrary User Passwords
http://www.securitytracker.com/id/1025271
VMware vmrun Utility Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1025270
IBM Rational ClearQuest Licensing Component Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1025269
IBM AppScan Licensing Component Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1025268
libvirt API Access Control Flaw Lets Remote Users Deny Service and Potentially Gain Elevated Privileges
http://www.securitytracker.com/id/1025262
Conga luci Unspecified Bug Lets Remote Users Gain Elevated Privileges
http://www.securitytracker.com/id/1025258
LibTIFF Buffer Overflow in ThunderCode Decoder Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025257
YaCOMAS Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/43928/
osCSS2 Cross-Site Scripting and Local File Inclusion Vulnerabilities
http://secunia.com/advisories/43889/
Unidesk "ReportingService" Session Handling Security Bypass
http://secunia.com/advisories/43922/
Liferay Portal Multiple Vulnerabilities
http://secunia.com/advisories/43902/
RunCMS Multiple Vulnerabilities
http://secunia.com/advisories/43542/
Debian update for tomcat5.5
http://secunia.com/advisories/43863/
VMware VIX API "vmrun" Privilege Escalation Security Issue
http://secunia.com/advisories/43943/
VMware Workstation "vmrun" Privilege Escalation Security Issue
http://secunia.com/advisories/43885/
Spitfire "username" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/43919/
Ubuntu update for tomcat6
http://secunia.com/advisories/43888/
Ubuntu update for libvirt
http://secunia.com/advisories/43897/
Ubuntu update for quagga
http://secunia.com/advisories/43894/
Ubuntu update for subversion
http://secunia.com/advisories/43892/
Fedora update for phpMyAdmin
http://secunia.com/advisories/43940/
Fedora update for wordpress
http://secunia.com/advisories/43941/
Oracle Solaris BIND Two Vulnerabilities
http://secunia.com/advisories/43935/
Debian update for mahara
http://secunia.com/advisories/43878/
REMOTE: Zend Java Bridge - Remote Code Execution (ZDI-11-113)
http://www.exploit-db.com/exploits/17078/
LOCAL: HT Editor File openning Stack Overflow (0day)
http://www.exploit-db.com/exploits/17083/
DoS/PoC: Media Player Classic Home Cinema 1.5.0.2827 AVI DoS PoC
http://www.exploit-db.com/exploits/17075/
VMware Workstation and VIX API "vmrun" Library Path Privilege Escalation
http://www.vupen.com/english/advisories/2011/0816
Oracle Solaris 11 Express Avahi Two Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2011/0815
Oracle Sun Solaris BIND Remote Denial of Service and Security Bypass
http://www.vupen.com/english/advisories/2011/0814
Fedora Security Update Fixes Libxml2 XPath Double Free Vulnerability
http://www.vupen.com/english/advisories/2011/0813
Fedora Security Update Fixes phpMyAdmin Information Disclosure Issues
http://www.vupen.com/english/advisories/2011/0812
Fedora Security Update Fixes WordPress Information Disclosure Issues
http://www.vupen.com/english/advisories/2011/0811
Turbolinux Security Update Fixes Flash Code Execution Vulnerability
http://www.vupen.com/english/advisories/2011/0810
Ubuntu Security Update Fixes vsftpd Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0809
Ubuntu Security Update Fixes Tomcat Information Disclosure and DoS
http://www.vupen.com/english/advisories/2011/0808
Ubuntu Security Update Fixes Subversion Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0807
Ubuntu Security Update Fixes Quagga Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2011/0806
Ubuntu Security Update Fixes Libvirt Connections Privilege Escalation
http://www.vupen.com/english/advisories/2011/0805
Debian Security Update Fixes Tomcat Information Disclosure and DoS
http://www.vupen.com/english/advisories/2011/0804
Debian Security Update Fixes Mahara Input Validation Vulnerabilities
http://www.vupen.com/english/advisories/2011/0803
libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46658
EMC Replication Manager Client Control Service Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46235
ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46491
PAM 'pam_namespace' Module Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44590
pam-xauth Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/42472
Linux-PAM 'pam_env' and 'pam_mail' Modules Multiple Vulnerabilities
http://www.securityfocus.com/bid/43487
Zend Server Java Bridge 'javamw.jar' Service Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/47060
OpenLDAP 'modrdn' NULL OldDN Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46831
OpenLDAP Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/46363
libxml2 'XPATH' Expressions Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45617
0 件のコメント:
コメントを投稿