[ANNOUNCE] Apache Hive 0.8.1 Released
http://hive.apache.org/releases.html
squid 3.1.19, 3.2.0.15 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
CESA-2012:0095 ghostscript
http://lwn.net/Alerts/479335
CESA-2012:0096 ghostscript
http://lwn.net/Alerts/479336
CESA-2012:0093 php
http://lwn.net/Alerts/479338
CESA-2012:0092 php53
http://lwn.net/Alerts/479341
[ANNOUNCE] MyJSQLView Version 3.31 Released
http://dandymadeproductions.com/projects/MyJSQLView/
InterScan WebManager SCCにおいて、マイクロソフトのセキュリティパッチMS12-006を適用後、HTTPS規制が正しく行われなくなる可能性がある問題について
http://www.trendmicro.co.jp/support/news.asp?id=1735
ハッカー集団Anonymous、米英当局の電話捜査会議を盗聴
http://itpro.nikkeibp.co.jp/article/NEWS/20120206/380175/?ST=security
Googleのプライバシーポリシー改訂に欧州当局が追加情報の提出要請
http://itpro.nikkeibp.co.jp/article/NEWS/20120206/380167/?ST=security
JVNVU#732115 Project Open にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU732115/index.html
JVNDB-2011-003567 Oracle Glassfish におけるサービス運用妨害 (CPU 資源の消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003567.html
JVNDB-2011-003493 Invensys Wonderware InBatch の ActiveX コントロールにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003493.html
JVNDB-2011-003491 Invensys Wonderware Information Server におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003491.html
JVNDB-2011-003199 InduSoft Web Studio の CEServer.exe におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003199.html
JVNDB-2011-003191 InduSoft Web Studio の CEServer.exe における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003191.html
JVNDB-2011-002761 GE Intelligent Platforms Proficy Historian におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002761.html
JVNDB-2011-002757 GE Intelligent Platforms Proficy Applications におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002757.html
JVNDB-2011-002756 GE Intelligent Platforms Proficy Historian におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002756.html
JVNDB-2011-002277 Cogent DataHub の Web サーバにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002277.html
JVNDB-2011-002275 Cogent DataHub の DH_OneSecondTick 関数におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002275.html
JVNDB-2011-002269 Beckhoff TwinCAT におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002269.html
JVNDB-2011-003039 Microsoft Windows の TrueType フォント解析処理に脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003039.html
JVNDB-2012-001279 Novell Open Enterprise Server におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001279.html
JVNDB-2012-001278 EMC Documentum Content Server におけるスーパーユーザの最高権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001278.html
JVNDB-2012-001277 Linux kernel の net/sched/sch_api.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001277.html
JVNDB-2012-001276 Linux kernel の net/sctp/sm_make_chunk.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001276.html
JVNDB-2011-003662 PHP における任意のファイルを作成される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003662.html
JVNDB-2012-001275 HP Network Automation における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001275.html
JVNDB-2012-001274 Mozilla Firefox および SeaMonkey における Firefox Sync キーを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001274.html
JVNDB-2012-001273 複数の Mozilla 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001273.html
JVNDB-2012-001272 複数の Mozilla 製品における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001272.html
JVNDB-2012-001271 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001271.html
JVNDB-2012-001270 複数の Mozilla 製品における HTML5 のフレームナビゲーションポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001270.html
JVNDB-2012-001269 複数の Mozilla 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001269.html
JVNDB-2012-001268 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001268.html
JVNDB-2012-001267 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001267.html
JVNDB-2012-001266 複数の Mozilla 製品における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001266.html
JVNDB-2012-001265 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001265.html
JVNDB-2011-003169 Novell Open Enterprise Server 2 の GetDriverSettings 関数 におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003169.html
+ Linux kernel 3.2.4, 3.0.19, 2.6.32.56 released
http://www.kernel.org/
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.2.4
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.19
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.56
+ Postfix 2.7.8, 2.6.14, 2.5.17 released
http://mirror.postfix.jp/postfix-release/index.html
http://mirror.postfix.jp/postfix-release/official/postfix-2.7.8.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.14.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.5.17.HISTORY
+- PHP 'htmlspecialchars()' Function Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51860
++ Symantec pcAnywhere Session Closure Access Violation Vulnerability
http://www.securityfocus.com/bid/51862
- Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability
http://www.securityfocus.com/bid/51861
MySQL Connector/ODBC 3.51.30 is available!
http://dev.mysql.com/downloads/connector/odbc/3.51.html
[ANNOUNCE] Apache Commons Validator-1.4.0 released!
http://people.apache.org/~simonetripodi/
[ANNOUNCEMENT] Commons Configuration 1.8 Released
http://commons.apache.org/configuration/
ウイルスバスター モバイル for Android 修正プログラム公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1734
SMSで「9万9800円払え!」、スマホを狙ったワンクリ詐欺に注意
動画再生アプリに見せかけてウイルスを配布、電話番号を盗み出す
http://itpro.nikkeibp.co.jp/article/NEWS/20120206/380161/?ST=security
MOTEX、社員の行動を把握できるAndroid管理ソフト「LanScope An」を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20120203/380084/?ST=security
[ MDVSA-2012:013 ] mozilla
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00020.html
[SECURITY] [DSA 2403-1] php5 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00017.html
ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00019.html
[security bulletin] HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager, Operations Agent, Perf
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00013.html
RFC 6528 on Defending against Sequence Number Attacks
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00018.html
[SECURITY] [DSA 2402-1] iceape security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00016.html
[SECURITY] [DSA 2400-1] iceweasel security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00015.html
[SECURITY] [DSA 2401-1] tomcat6 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00014.html
Hewlett-Packard : [HPSBMU02739 SSRT100280] HP Data Protector Media Operations - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37566
Mandriva : [MDVSA-2012:012] Apache - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37560
Red Hat : [RHSA-2012:0086-01] OpenSSL - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37558
Ubuntu Security Notice : [USN-1354-1] Usbmuxd - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37557
Cybersecurity Legislation Components
http://isc.sans.edu/diary.html?date=2012-02-05
Apple Security Advisory 2012-001 v1.1
http://isc.sans.edu/diary.html?storyid=12532
RealNetworks RealPlayer Invalid Codec Name Code Execution Vulnerability
http://www.securiteam.com/securitynews/5BP2V0U6AM.html
RealNetworks RealPlayer RV30 Uninitialized Index Value Code Execution Vulnerability
http://www.securiteam.com/securitynews/5CP2W0U6AG.html
RealNetworks RealPlayer IVR MLTI Chunk Length Parsing Code Execution Vulnerability
http://www.securiteam.com/securitynews/5DP2X0U6AA.html
RealNetworks RealPlayer RV10 Sample Height Parsing Code Execution Vulnerability
http://www.securiteam.com/securitynews/5EP2Y0U6AG.html
IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026640
EMC Documentum xPlore Search Lets Remote Authenticated Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1026639
HP Operations Manager Unspecified Bug Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026638
HTC Andriod Phone Grants Local Applications Access to Wi-Fi Passwords
http://www.securitytracker.com/id/1026637
VU#732115 Project Open cross-site scripting vulnerability
http://www.kb.cert.org/vuls/id/732115
2X ApplicationServer TuxSystem ActiveX Control "ExportSettings()" Insecure Method
http://secunia.com/advisories/47657/
DotNetNuke Multiple Vulnerabilities
http://secunia.com/advisories/47872/
Foswiki Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/47849/
Joomla! Multiple Information Disclosure Vulnerabilities
http://secunia.com/advisories/47847/
TYPO3 RTG Files Extension Two Vulnerabilities
http://secunia.com/advisories/47842/
project-open "message" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/47854/
Sphinx Mobile Web Server "comment" Blog Comment Script Insertion Vulnerability
http://secunia.com/advisories/47876/
HP Products OpenSSL Race Condition Vulnerability
http://secunia.com/advisories/47868/
Red Hat update for JBoss Enterprise Portal Platform
http://secunia.com/advisories/47866/
WordPress WP-RecentComments Plugin "id" SQL Injection Vulnerability
http://secunia.com/advisories/47870/
Debian update for php5
http://secunia.com/advisories/47801/
Debian update for tomcat6
http://secunia.com/advisories/47794/
Debian update for iceweasel
http://secunia.com/advisories/47788/
Debian update for iceape
http://secunia.com/advisories/47770/
Red Hat update for php53
http://secunia.com/advisories/47813/
Red Hat update for ghostscript
http://secunia.com/advisories/47817/
Red Hat update for php
http://secunia.com/advisories/47824/
Red Hat update for ghostscript
http://secunia.com/advisories/47846/
PHP "php_register_variable_ex()" Code Execution Vulnerability
http://secunia.com/advisories/47806/
Skype Unspecified Vulnerability
http://secunia.com/advisories/47856/
Drupal Forward Module Security Bypass Vulnerability
http://secunia.com/advisories/47851/
Xen Qemu e1000 Privilege Escalation Vulnerability
http://secunia.com/advisories/47859/
Apple Mac OS X Multiple Vulnerabilities
http://secunia.com/advisories/47843/
DoS/PoC: PDF Viewer Component ActiveX DoS
http://www.exploit-db.com/exploits/18463
DoS/PoC: Edraw Diagram Component 5 ActiveX buffer overflow DoS
http://www.exploit-db.com/exploits/18461
DoS/PoC: PHP 5.4SVN- htmlspecialchars/entities Buffer Overflow
http://www.exploit-db.com/exploits/18458
DoS/PoC: torrent-stats httpd.c Denial of Service
http://www.exploit-db.com/exploits/18457
Mozilla Firefox/Thunderbird/SeaMonkey SVG Parsing Remote Code Execution Vulnerability
2012-02-05
http://www.securityfocus.com/bid/48357
Joomla! Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/51857
QEMU KVM CVE-2012-0029 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51642
Mozilla Firefox/SeaMonkey/Thunderbird XPConnect Security Check Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/51752
project-open 'account-closed.tcl' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51842
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0447 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51757
Mozilla Firefox/SeaMonkey/Thunderbird XSLT Stylesheets Denial of Service Vulnerability
http://www.securityfocus.com/bid/51754
Mozilla Firefox/Thunderbird/SeaMonkey nsDOMAttribute Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51755
Mozilla Firefox/Thunderbird/SeaMonkey Ogg Vorbis Files Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51753
Mozilla Firefox and SeaMonkey 'Firefox Recovery Key.html' Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/51787
Mozilla Firefox/SeaMonkey/Thunderbird Cross Domain Security Bypass Vulnerability
http://www.securityfocus.com/bid/51765
Mozilla Firefox IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51786
Mozilla Firefox/Thunderbird/Seamonkey Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/51756
C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability
http://www.securityfocus.com/bid/29519
Mozilla Firefox and Thunderbird CVE-2011-2365 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/48368
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2011-2377 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/48369
Ghostscript 'gs_init.ps' With '-P-' Flag Search Path Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/40467
Ghostscript TrueType Bytecode Interpreter Heap-Based Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42640
Ghostscript 'gs_type2_interpret()' Function NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/43932
PHP 'php_register_variable_ex()' Function Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/51830
FreeType Font Document Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/50155
Apple iOS FreeType CVE-2011-3439 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/50643
IBM AIX TCP Stack Denial of Service Vulnerability
http://www.securityfocus.com/bid/51864
EMC Documentum xPlore Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51863
Symantec pcAnywhere Session Closure Access Violation Vulnerability
http://www.securityfocus.com/bid/51862
Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability
http://www.securityfocus.com/bid/51861
PHP 'htmlspecialchars()' Function Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51860
WordPress WP-RecentComments Plugin 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/51859
DotNetNuke Cross Site Scripting and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/51858
2X ApplicationServer TuxSystem ActiveX Control 'ExportSettings()' Insecure Method Vulnerability
http://www.securityfocus.com/bid/51856
Foswiki Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/51841
0 件のコメント:
コメントを投稿