UPDATE: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120215-nxos
UPDATE: Cisco IOS Software Smart Install Remote Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-smart-install
UPDATE: Cisco 10000 Series Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-c10k
UPDATE: Cisco IOS Software Network Address Translation Vulnerabilities
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-nat
JVN#20083397 Movable Type におけるセッションハイジャックが可能な脆弱性
http://jvn.jp/jp/JVN20083397/index.html
JVN#92683325 Movable Type における OS コマンドインジェクションの脆弱性
http://jvn.jp/jp/JVN92683325/index.html
JVN#49836527 Movable Type におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN49836527/index.html
JVN#70683217 Movable Type におけるクロスサイトリクエストフォージェリの脆弱性
http://jvn.jp/jp/JVN70683217/index.html
+ Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52103
CentOS alert CESA-2012:0321 (cvs)
http://lwn.net/Alerts/483052/
CentOS alert CESA-2012:0324 (libxml2)
http://lwn.net/Alerts/483053/
CentOS alert CESA-2012:0317 (libpng)
http://lwn.net/Alerts/483054/
http://lwn.net/Alerts/482793
http://lwn.net/Alerts/482794
http://lwn.net/Alerts/482795
[ANNOUNCE] Commons NET 3.1 released
http://www.apache.org/dist/commons/net/RELEASE-NOTES.txt
OpenJPA 2.2.0 Released
http://openjpa.apache.org/
[ANNOUNCE] Npgsql 2.0.12 beta 3 (2.0.11.93) released!
http://www.npgsql.org/
[ANNOUNCEMENT] HttpComponents HttpAsyncClient 4.0-beta1 Released (corrected)
http://www.apache.org/dist/httpcomponents/httpasyncclient/RELEASE_NOTES.txt
UPDATE: HPSBMU02739 SSRT100280 rev.2 - HP Data Protector Storage Media Operations (SMO), Remote Execution of Arbitrary Code
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/action.process/public/kb/docDisplay/?javax.portlet.action=true&spf_p.tpst=kbDocDisplay&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.prp_kbDocDisplay=wsrp-interactionState%3DdocId%253Demr_na-c03179046%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.endCacheTok=com.vignette.cachetoken
UPDATE: HPSBUX02737 SSRT100747 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/action.process/public/kb/docDisplay/?javax.portlet.action=true&spf_p.tpst=kbDocDisplay&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.prp_kbDocDisplay=wsrp-interactionState%3DdocId%253Demr_na-c03169289%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.endCacheTok=com.vignette.cachetoken
シマンテック、統合セキュリティソフト「ノートン 360」の新版を発表
ウイルス対策やバックアップなどを装備、新版では管理機能などを充実
http://itpro.nikkeibp.co.jp/article/NEWS/20120223/382663/?ST=security
JVNTA12-045A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-045A/index.html
JVNVU#273502 EasyVista に認証回避の脆弱性
http://jvn.jp/cert/JVNVU273502/index.html
JVN#25731073 複数のクックパッド製 Android アプリケーションにおける WebView クラスに関する脆弱性
http://jvn.jp/jp/JVN25731073/index.html
JVNDB-2012-001540 pluck の admin.php におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001540.html
JVNDB-2012-001539 GAzie の modules/config/admin_utente.php におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001539.html
JVNDB-2012-001538 freelancerKit におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001538.html
JVNDB-2012-001537 freelancerKit における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001537.html
JVNDB-2012-001536 Zenphoto におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001536.html
JVNDB-2012-001535 Zenphoto の Manage Albums 機能における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001535.html
JVNDB-2012-001534 Zenphoto の viewer_size_image.php における任意の PHP コードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001534.html
JVNDB-2012-001533 IBM solidDB のサーバにおけるサービス運用妨害 (デーモンクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001533.html
JVNDB-2011-003688 IBM solidDB のサーバにおけるサービス運用妨害 (デーモンクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003688.html
JVNDB-2012-001532 STHS v2 Web Portal におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001532.html
JVNDB-2012-001531 PBBoard の admin.php におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001531.html
JVNDB-2012-001530 Dolibarr CMS におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001530.html
JVNDB-2012-001529 Dolibarr CMS における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001529.html
JVNDB-2012-001528 ContentLion Alpha の system/classes/login.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001528.html
JVNDB-2012-001527 RabidHamster R2/Extreme における PIN number を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001527.html
JVNDB-2012-001526 RabidHamster R2/Extreme におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001526.html
JVNDB-2012-001525 RabidHamster R2/Extreme の telnet サーバにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001525.html
JVNDB-2012-000014 複数のクックパッド製 Android アプリケーションにおける WebView クラスに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000014.html
JVNDB-2012-001524 Firefox 用 Yoono エクステンションの Add friends モジュールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001524.html
JVNDB-2012-001523 Yoono Desktop Application の Add friends モジュールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001523.html
[ MDVSA-2012:023 ] libxml2
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00121.html
Multiple XSS in Chyrp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00120.html
[ MDVSA-2012:022 ] libpng
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00119.html
Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00118.html
[SECURITY] [DSA 2415-1] libmodplug security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00117.html
[SECURITY] [DSA 2414-1] fex security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00116.html
How to test OS X Mountain Lion's Gatekeeper in Lion
http://isc.sans.edu/diary.html?storyid=12631
Apache 2.4 Features
http://isc.sans.edu/diary.html?storyid=12643
ISC Feature of the Week: Handler Diaries
http://isc.sans.edu/diary.html?storyid=12646
Blackberry PlayBook Samba File Sharing Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026723
Libxml2 Hash Table Collision Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026723
Novell GroupWise Messenger Client Stack Overflow Lets Remote USers Execute Arbitrary Code
http://www.securitytracker.com/id/1026718
EasyVista SSO Authentication Bypass Vulnerability
http://secunia.com/advisories/48124/
Unity Web Player File Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/48103/
LimeSurvey "fieldnames" SQL Injection Vulnerability
http://secunia.com/advisories/48051/
SocialCMS Enterprise Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/48082/
Chyrp "content" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48097/
Chyrp "body" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48112/
TestLink Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/48054/
WordPress SB Uploader Plugin Arbitrary File Upload Vulnerability
http://secunia.com/advisories/48076/
Dolphin Privacy Settings Security Bypass Vulnerability
http://secunia.com/advisories/48046/
Fork CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/48067/
BlackBerry Tablet OS Samba File Sharing Vulnerability
http://secunia.com/advisories/48116/
PowerDNS Recursor Deleted Domain Record Cache Persistence Vulnerability
http://secunia.com/advisories/48132/
Debian update for libmodplug
http://secunia.com/advisories/48058/
Pale Moon libpng Integer Overflow Vulnerability
http://secunia.com/advisories/48110/
Pale Moon Two Vulnerabilities
http://secunia.com/advisories/48110/
Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/48125/
Red Hat update for ibutils
http://secunia.com/advisories/48038/
Red Hat update for libxml2
http://secunia.com/advisories/48060/
Red Hat update for httpd
http://secunia.com/advisories/48062/
Red Hat update for cvs
http://secunia.com/advisories/48063/
Debian update for fex
http://secunia.com/advisories/48066/
libxml2 Hash Collision Denial of Service Vulnerability
http://secunia.com/advisories/48000/
Gentoo update for quagga
http://secunia.com/advisories/48106/
Unity 3D Web Player <= 3.2.0.61061 Denial of Service
http://www.exploit-db.com/exploits/18512/
DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC
http://www.exploit-db.com/exploits/18507/
Microsoft Internet Explorer CVE-2012-0155 VML Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51935
Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51933
Microsoft Windows ASX File Parsing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51913
Pointdev IDEAL Migration & IDEAL Administration '.ipj' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39729
Advantech WebAccess Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/52051
Mozilla Firefox/Thunderbird/SeaMonkey 'ReadPrototypeBindings()' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51975
libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52049
Mozilla Firefox IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51786
Mozilla Firefox/Thunderbird/SeaMonkey Ogg Vorbis Files Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51753
Mozilla Firefox/SeaMonkey/Thunderbird XSLT Stylesheets Denial of Service Vulnerability
http://www.securityfocus.com/bid/51754
Mozilla Firefox/Thunderbird/SeaMonkey nsDOMAttribute Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51755
Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/50802
Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51706
Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/51869
Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/50494
libxml2 Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52107
Yoono Extension 'create' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/51970
CubeCart Multiple URI Redirection Vulnerabilities
http://www.securityfocus.com/bid/51966
Dolibarr 'adherents/fiche.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/51956
RabidHamster R4 File Disclosure and Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/51967
freelancerKit SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/51946
IBM solidDB 'SELECT' Statement Denial of Service Vulnerability
http://www.securityfocus.com/bid/51629
Zenphoto Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51916
WordPress Relocate Upload Plugin 'abspath' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/49693
STHS v2 Web Portal 'team' parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/51991
Hancom Office Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/51892
SMW+ 'target' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/51980
Zimbra 'view' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51974
pfile Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/51982
Fork CMS Cross Site Scripting and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/51972
CVS CVE-2012-0804 'proxy_connect()' Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51943
libmodplug Multiple Buffer Overflow and Off-By-One Vulnerabilities
http://www.securityfocus.com/bid/48979
libmodplug 'load_abc.cpp' Remote Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47624
Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52103
Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194
Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018
Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014
Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/51407
Oracle Virtual Desktop Infrastructure (VDI) CVE-2011-3571 Remote Vulnerability
http://www.securityfocus.com/bid/51467
Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012
Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017
Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011
Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009
Oxwall 'plugin' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52125
Apple iPhone Missed Call Notification Lock Screen Security Bypass Vulnerability
http://www.securityfocus.com/bid/52124
ABB WebWare Server 'RobNetScanHost.exe' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52123
SystemTap DWARF Expression Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52121
BRIM 'field' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52120
WebcamXP and Webcam7 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/52119
DAMN Hash Calculator Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52118
Chyrp 'error.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/52117
Unity Web Player Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52116
Chyrp 'ajax.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/52115
LimeSurvey 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/52114
Dolibarr Multiple Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/52113
ContentLion Alpha 'login.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52112
P-Chat 'index.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52108
0 件のコメント:
コメントを投稿