RHSA-2012:0128 Moderate: httpd security update
http://rhn.redhat.com/errata/RHSA-2012-0128.html
「脆弱性対策の標準仕様SCAPの仕組み」セミナー 開催のお知らせ
~MyJVNバージョンチェッカのカスタマイズ入門~
http://www.ipa.go.jp/security/vuln/seminar/lab_semi_scap_2011_4.html
PFU、Android/iOSに新規対応したネットワーク検疫ソフトの新版を発売
http://itpro.nikkeibp.co.jp/article/NEWS/20120214/381633/?ST=security
Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/50802
+ RHSA-2012:0127 Moderate: mysql security update
http://rhn.redhat.com/errata/RHSA-2012-0127.html
+ RHSA-2012:0126 Moderate: glibc security update
http://rhn.redhat.com/errata/RHSA-2012-0126.html
+ RHSA-2012:0125 Moderate: glibc security and bug fix update
http://rhn.redhat.com/errata/RHSA-2012-0125.html
+ Linux kernel 2.6.32.57, 3.0.21, 3.2.6 released
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.57
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.21
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.6
++ PHP CVE-2012-0831 'magic_quotes_gpc' Directive Security Bypass Weakness
http://www.securityfocus.com/bid/51954
- GNU glibc 'svc_run()' EMFILE Error Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/51439
- Linux Kernel CVE-2012-0056 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51625
- Linux Kernel KVM 'create_pit_timer()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51172
- PHP PDORow Object Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51952
- cURL/libcURL Remote Input Validation Vulnerability
http://www.securityfocus.com/bid/51665
- PHP 'tidy_diagnose()' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51992
Apache Subversion 1.7.3 Released
http://subversion.apache.org/download/#recommended-release
Dovecot v2.2 plans
http://blog.dovecot.org/2012/02/dovecot-v22-plans.html
「メールで送付されたDLLファイルに注意」、新たな標的型攻撃が出現
Officeの脆弱性を悪用、Word文書を開くだけでウイルスに感染
http://itpro.nikkeibp.co.jp/article/NEWS/20120214/381602/?ST=security
JVN#85695061 ALFTP における実行ファイル読み込みに関する脆弱性
http://jvn.jp/jp/JVN85695061/index.html
JVNVU#542123 複数の DNS ネームサーバの実装に問題
http://jvn.jp/cert/JVNVU542123/index.html
JVNDB-2010-001740 Apache Tomcat における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001740.html
JVNDB-2010-001453 Apache Tomcat における BASIC または DIGEST 認証の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001453.html
JVNDB-2012-001355 (JVNVU#542123) 複数の DNS ネームサーバの実装に問題
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001355.html
JVNDB-2011-002855 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002855.html
JVNDB-2012-001385 AdaCore Ada Web Services におけるサービス運用妨害 (CPU 資源の消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001385.html
JVNDB-2011-002865 Adobe Flash Player および Adobe AIR におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002865.html
JVNDB-2011-002864 Adobe Flash Player および Adobe AIR におけるクロスドメインポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002864.html
JVNDB-2011-002863 Adobe Flash Player および Adobe AIR におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002863.html
JVNDB-2012-001384 Sybase M-Business Anywhere の Web 管理インターフェイスにおけるユーザーアカウントをリストアップされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001384.html
JVNDB-2012-001383 OCaml におけるサービス運用妨害 (CPU 資源の消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001383.html
JVNDB-2011-002862 Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002862.html
JVNDB-2011-002861 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002861.html
JVNDB-2011-002860 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002860.html
JVNDB-2011-002859 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002859.html
JVNDB-2011-002858 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002858.html
JVNDB-2011-002857 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002857.html
JVNDB-2011-002856 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002856.html
JVNDB-2011-002866 Adobe Flash Player および Adobe AIR におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002866.html
JVNDB-2012-001382 複数の RealNetworks 製品の ATRAC コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001382.html
JVNDB-2012-001381 RealNetworks RealPlayer および RealPlayer SP における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001381.html
JVNDB-2012-001380 RealNetworks RealPlayer および RealPlayer SP の RV10 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001380.html
JVNDB-2012-001379 RealNetworks RealPlayer および RealPlayer SP の RV40 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001379.html
JVNDB-2012-001378 RealNetworks RealPlayer および RealPlayer SP における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001378.html
JVNDB-2012-001377 RealNetworks RealPlayer および RealPlayer SP の RV20 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001377.html
JVNDB-2012-001376 RealNetworks RealPlayer および RealPlayer SP の rvrender.dll における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001376.html
JVNDB-2012-000011 (JVN#85695061) ALFTP における実行ファイル読み込みに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000011.html
JVNDB-2012-001375 Google Chrome の Shader Translator 実装におけるサービス運用妨害 (out-of-bounds read) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001375.html
JVNDB-2012-001374 Google Chrome におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001374.html
JVNDB-2012-001373 Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001373.html
JVNDB-2012-001372 Google Chrome におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001372.html
JVNDB-2012-001371 Google Chrome におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001371.html
JVNDB-2012-001370 Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001370.html
JVNDB-2012-001369 Google Chrome におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001369.html
JVNDB-2012-001368 Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001368.html
JVNDB-2012-001367 Google Chrome における URL バーを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001367.html
JVNDB-2012-001366 Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001366.html
JVNDB-2012-001365 Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001365.html
JVNDB-2012-001364 Google Chrome における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001364.html
JVNDB-2012-001363 Google Chrome におけるサービス運用妨害 (out-of-bounds read) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001363.html
JVNDB-2012-001362 Google Chrome のロケールの実装におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001362.html
JVNDB-2012-001361 Google Chrome におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001361.html
JVNDB-2012-001360 Google Chrome のガベージコレクション機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001360.html
JVNDB-2012-001359 Google Chrome の拡張機能の実装における同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001359.html
JVNDB-2012-001358 Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001358.html
JVNDB-2012-001357 Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001357.html
JVNDB-2012-001356 Google Chrome における詳細不明な脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001356.html
[SECURITY] [DSA 2408-1] php5 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00071.html
[ MDVSA-2012:018 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00069.html
[ MDVSA-2012:017 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00068.html
sqlinjection bug in nova cms
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00067.html
[Suspected Spam] eFront Community++ v3.6.10 - SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00066.html
Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00065.html
OWASP AppSec USA 2011 Video & Slides Posted
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00064.html
[Announcement] ClubHack Mag - Call for Articles
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00070.html
Mozilla Thunderbird Use After Free in nsXBLDocumentInfo::ReadPrototypeBindings() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026665
Mozilla Seamonkey Use After Free in nsXBLDocumentInfo::ReadPrototypeBindings() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026664
Mozilla Firefox Use After Free in nsXBLDocumentInfo::ReadPrototypeBindings() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026663
Horde Groupware Webmail Edition Multiple Vulnerabilities
http://secunia.com/advisories/48024/
Horde Groupware Two Vulnerabilities
http://secunia.com/advisories/47972/
NetSurf Cookie Disclosure Security Issue
http://secunia.com/advisories/48021/
D-Link DAP-1150 Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/47798/
TWIDROYD Legacy for Twitter for Android Security Bypass Security Issue
http://secunia.com/advisories/47914/
PBBoard Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/47948/
UberSocial for Twitter for Android Security Bypass Security Issue
http://secunia.com/advisories/47845/
Slackware update for proftpd
http://secunia.com/advisories/48017/
Zero Install Common Name Verification Security Issue
http://secunia.com/advisories/47935/
Mozilla Firefox / Thunderbird / SeaMonkey XBL Binding Use-After-Free Vulnerability
http://secunia.com/advisories/48008/
ALFTP Insecure Executable Loading Vulnerability
http://secunia.com/advisories/48027/
GNU glibc Timezone Parsing Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/50898
GNU glibc 'svc_run()' EMFILE Error Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/51439
GNU glibc 'fnmatch()' Function Stack Corruption Vulnerability
http://www.securityfocus.com/bid/46563
GNU glibc 'addmntent()' Mount Helper Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/46740
'glibc' Library 'locale/programs/locale.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/47370
GNU glibc 'ld.so' ELF Header Parsing Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40063
OverlayFS inode Security Checks 'inode.c' Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/51529
Linux Kernel 'net/ipv4/igmp.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/51343
Linux Kernel CVE-2012-0056 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51625
Linux Kernel XFS Filesystem 'fs/xfs/xfs_acl.c' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/51380
Linux Kernel KVM 'create_pit_timer()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51172
Linux Kernel DRM 'drivers/gpu/drm/crm_crtc.c' IOCTL Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51371
Linux Kernel 'FUSE_NOTIFY_INVAL_ENTRY' Message Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/49527
Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51526
Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
http://www.securityfocus.com/bid/51515
Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
http://www.securityfocus.com/bid/51524
Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
http://www.securityfocus.com/bid/51509
Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
http://www.securityfocus.com/bid/51520
Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
http://www.securityfocus.com/bid/51505
Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
http://www.securityfocus.com/bid/51502
Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51706
Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/50494
Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/51407
Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/51869
Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51511
Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51516
Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51521
PHP 'zend_strndup()' Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/51417
PEAR Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/46605
PHP PDORow Object Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51952
PHP CVE-2012-0831 'magic_quotes_gpc' Directive Security Bypass Weakness
http://www.securityfocus.com/bid/51954
Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51519
Oracle MySQL CVE-2012-0493 Remote Vulnerability
http://www.securityfocus.com/bid/51525
Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
http://www.securityfocus.com/bid/51523
Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
http://www.securityfocus.com/bid/51522
Oracle MySQL CVE-2012-0115 Remote Vulnerability
http://www.securityfocus.com/bid/51504
Oracle MySQL CVE-2012-0119 Remote Vulnerability
http://www.securityfocus.com/bid/51512
Oracle MySQL CVE-2012-0120 Remote Vulnerability
http://www.securityfocus.com/bid/51517
Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
http://www.securityfocus.com/bid/51514
Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51508
Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51488
Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
http://www.securityfocus.com/bid/51518
Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51510
Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
http://www.securityfocus.com/bid/51507
Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51503
Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
http://www.securityfocus.com/bid/51513
Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51493
Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51506
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51945
cURL/libcURL Remote Input Validation Vulnerability
http://www.securityfocus.com/bid/51665
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/51281
Mozilla Firefox/Thunderbird/SeaMonkey 'ReadPrototypeBindings()' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51975
Apache Tomcat Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51200
Apache Tomcat Parameter Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/51447
Apache Tomcat Request Object Security Bypass Vulnerability
http://www.securityfocus.com/bid/51442
Linux Kernel 'exec()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51947
Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50322
Linux Kernel 'SG_IO IOCTL' SCSI Request Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51176
Adobe Flash Player CVE-2011-2140 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49083
PHP 'tidy_diagnose()' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51992
STHS v2 Web Portal 'team' parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/51991
PBBoard 'index.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/51990
Horde Groupware Source Packages Backdoor Vulnerability
http://www.securityfocus.com/bid/51989
Skype Chat Logs Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51988
D-Link DAP-1150 Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/51985
ALFTP Insecure Excutable File Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/51984
Zero Install 'Common Name' Field Security Bypass Vulnerability
http://www.securityfocus.com/bid/51983
pfile Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/51982
NetSurf 'netsurf/Cookies' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51981
SMW+ 'target' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/51980
Zimbra 'view' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51974
Fork CMS Cross Site Scripting and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/51972
0 件のコメント:
コメントを投稿