- Linux Kernel 'drivers/char/tpm/tpm.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46866
- Linux Kernel 'perf_count_sw_cpu_clock' Event Denial of Service Vulnerability
http://www.securityfocus.com/bid/49152
- Linux Kernel 'x86_assign_hw_event()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/48580
Important: kernel security, bug fix, and enhancement update
http://rhn.redhat.com/errata/RHSA-2011-1350.html
Moderate: openswan security update
http://rhn.redhat.com/errata/RHSA-2011-1356.html
ウイルスを使ったフィッシング出現、偽のパスワード入力画面を表示
国内の大手銀行をかたる、総額で数百万円の実害が発生
http://itpro.nikkeibp.co.jp/article/NEWS/20111006/370225/?ST=security
JVNVU#357851 UPnP 対応の複数のルータにアクセス制限不備の脆弱性
http://jvn.jp/cert/JVNVU357851/index.html
JVNVU#225833 Iceni Argus にバッファオーバーフローの脆弱性
http://jvn.jp/cert/JVNVU225833/index.html
Openswan IKE Key Length Null Pointer Dereference Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026146
OpenOffice.org Word Document File Importer Out-of-Bounds Read Error May Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026145
Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers
http://www.securitytracker.com/id/1026144
Linux Kernel Generic Receive Offload (GRO) CVE-2011-2723 Denial of Service Vulnerability
http://www.securityfocus.com/bid/48929
Linux Kernel 'taskstats.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/48383
Linux Kernel 'agp_allocate_memory/agp_create_user_memory' Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/47535
Linux Kernel 'agp_ioctl()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/47843
Linux Kernel eCryptfs Multiple Vulnerabilities
http://www.securityfocus.com/bid/49108
Linux Kernel 'mremap()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47321
+- Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module
http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml
http://www.securityfocus.com/bid/49952
+ Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module
http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml
http://www.securityfocus.com/bid/49955
http://www.securityfocus.com/bid/49953
+ Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49957
+ Linux Kernel kexec-tools Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/49944
Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b97901.shtml
[SECURITY] [DSA 2315-1] openoffice.org security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00021.html
Secunia Research: Cyrus IMAPd NTTP Authentication Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00020.html
vTiger CRM 5.2.x <= Blind SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00019.html
vTiger CRM 5.2.x <= Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00018.html
VMSA-2011-0011 VMware hosted products address remote code execution vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00017.html
怪しい「QRコード」に注意、読み取るとウイルスがダウンロード
カスペルスキー研究所が報告、有料サービスを勝手に利用
http://itpro.nikkeibp.co.jp/article/NEWS/20111005/370152/?ST=security
Adobe SSL Certificate Problem (fixed)
http://isc.sans.edu/diary.html?storyid=11737
Cisco Advisories - FWSM, ASA, and NAC
http://isc.sans.edu/diary.html?storyid=11740
VMware Advisory - UDF file system handling
http://isc.sans.edu/diary.html?storyid=11743
ServersCheck Monitoring Unspecified File Disclosure and Script Insertion Vulnerabilities
http://secunia.com/advisories/46281/
ServersCheck Monitoring Multiple Vulnerabilities
http://secunia.com/advisories/46150/
WordPress YSlider Plugin "src" Arbitrary File Upload
http://secunia.com/advisories/46316/
SRWare Iron Multiple Vulnerabilities
http://secunia.com/advisories/46260/
Cyrus IMAPd NTTP Authentication Bypass Logic Error Vulnerability
http://secunia.com/advisories/46093/
CF Image Hosting Script "q" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46290/
Ubuntu update for samba
http://secunia.com/advisories/46285/
Ubuntu update for cifs-utils
http://secunia.com/advisories/46284/
VMware Workstation / Player / Fusion UDF Filesystem Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/46241/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/46308/
Ubuntu update for linux
http://secunia.com/advisories/46313/
SUSE update for MozillaThunderbird
http://secunia.com/advisories/46315/
Adobe Photoshop Elements 8.0 Multiple Arbitrary Code Execution Vulnerabilities
http://securityreason.com/securityalert/8410
Zikula 1.3.0 XSS
http://securityreason.com/securityalert/8409
JBoss, JMX Console, misconfigured DeploymentScanner
http://securityreason.com/securityalert/8408
LightNEasy 3.2.4 Multiple XSS vulnerabilities
http://securityreason.com/securityalert/8407
NX Server for Linux Vulnerable SUID script in (nomachine)
http://securityreason.com/securityalert/8406
Spring Framework and Spring Security serialization-based remoting vulnerabilities
http://securityreason.com/securityalert/8405
VU#357851 UPnP requests accepted over router WAN interfaces
http://www.kb.cert.org/vuls/id/357851
VU#225833 Iceni Argus PDF parser stack buffer overflow
http://www.kb.cert.org/vuls/id/225833
Cyrus IMAP Server NNTP Service Lets Remote Users Bypass Authentication
http://www.securitytracker.com/id/1026143
Cisco Network Admission Control Manager Directory Traversal Flaw Lets Remote Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1026142
Cisco Firewall Service Module Bugs Let Remote Users Bypass TACACS+ Authentication in Certain Cases and Cause Denial of Service Conditions
http://www.securitytracker.com/id/1026141
Cisco ASA 5500 Bugs Let Remote Users Bypass TACACS+ Authentication in Certain Cases and Cause Denial of Service Conditions
http://www.securitytracker.com/id/1026140
VMware UDF Filesystem Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026139
Ashampoo Burning Studio Elements "ashprj" Heap Overflow Vulnerability
http://www.vupen.com/english/ADV-2011-2136.php
Google Chrome Use-after-free and Memory Corruption Vulnerabilities
http://www.vupen.com/english/ADV-2011-2135.php
Samba "mtab" Lock File Handling Local Denial of Service Vulnerability
http://www.vupen.com/english/ADV-2011-2134.php
VMware Products UDF File System Import Code Execution Vulnerability
http://www.vupen.com/english/ADV-2011-2133.php
Novell IDM User Application Two Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/ADV-2011-2132.php
Novell IDM Roles Based Provisioning Module Cross Site Scripting
http://www.vupen.com/english/ADV-2011-2131.php
vtiger CRM Data Processing Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/ADV-2011-2130.php
LOCAL: PolicyKit Pwnage: linux local privilege escalation on polkit-1 <= 0.101
http://www.exploit-db.com/exploits/17932
DoS/PoC: vX Plus Web Player "file://" Buffer Overflow Vulnerability PoC
http://www.exploit-db.com/exploits/17933
Mozilla Firefox/Thunderbird/SeaMonkey Enter Key Dialog Bypass Weakness
http://www.securityfocus.com/bid/49811
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2011-2999 Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/49848
Mozilla Firefox CVE-2011-2997 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49812
Mozilla Firefox RegExp Remote Integer Underflow Vulnerability
http://www.securityfocus.com/bid/49809
Stunnel Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49254
Mozilla Firefox/Thunderbird/SeaMonkey Enter Key Dialog Bypass Vulnerability
http://www.securityfocus.com/bid/49837
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2011-3000 HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/49849
Mozilla Firefox CVE-2011-2996 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49845
Mozilla Firefox CVE-2011-2995 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49810
RETIRED: LightNEasy 'LightNEasy.php' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/49967
Perl Digest Module 'Digest->new()' Code Injection Vulnerability
http://www.securityfocus.com/bid/49911
rpm-python RPM File Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49799
Quagga Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/49784
ServersCheck Monitoring Software Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/49793
DivX Plus Web Player 'file://' URL Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49647
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2011-3232 YARR Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/49850
Novell Identity Manager 'apwaDetail' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/49935
PolicyKit 'pkexec' Utility and 'polkitd' Daemon Local Race Condition Vulnerability
http://www.securityfocus.com/bid/47496
NX Server 'nxconfigure.sh' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/49720
Zikula Application Framework 'themename' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/49491
AmmSoft ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49707
WordPress AllWebMenus Plugin 'abspath' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/49685
TYPO3 Drag Drop Mass Upload Extension 'ameos_dragndropupload' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/49516
Gitolite 'ADC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/46473
Multiple HTC devices 'HtcLoggers.apk' Application Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49916
Mozilla Firefox/Thunderbird/SeaMonkey OGG headers Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49808
Mozilla Firefox and SeaMonkey CVE-2011-3002 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49813
Mozilla Firefox and SeaMonkey CVE-2011-3003 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/49847
Drupal Petition Node HTML Injection Vulnerability
http://www.securityfocus.com/bid/49982
Drupal Homebox for Organic Groups HTML Injection Vulnerability
http://www.securityfocus.com/bid/49978
Drupal Rate Module Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/49977
Echo Module Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/49971
Drupal OG Feature Local Task Menu Item Security Bypass Vulnerability
http://www.securityfocus.com/bid/49970
OpenOffice Microsoft Word File Format Importer Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/49969
Iceni Argus PDF Parser Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49959
Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49957
Multiple Cisco Products TACACS+ Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/49956
Cisco Firewall Services Module Authentication Proxy Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/49955
Cisco Network Admission Control (CVE-2011-3305) Directory Traversal Vulnerability
http://www.securityfocus.com/bid/49954
Cisco Firewall Services Module Syslog Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/49953
Cisco ASA 5500 Series MSN IM Inspection (CVE-2011-3304) Denial of Service Vulnerability
http://www.securityfocus.com/bid/49952
Multiple Cisco Products SunRPC/ILS Inspections Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/49951
Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/49949
vtiger CRM 'onlyforuser' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/49948
vtiger CRM 'class.phpmailer.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/49946
Linux Kernel kexec-tools Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/4994
0 件のコメント:
コメントを投稿