JVNVU#551715 Quagga に複数の脆弱性
http://jvn.jp/cert/JVNVU551715/index.html
JVNVU#668534 Quagga に複数の脆弱性
http://jvn.jp/cert/JVNVU668534/index.html
JVNVU#212651 InspIRCd にメモリ破損の脆弱性
http://jvn.jp/cert/JVNVU212651/index.html
個人情報3200万人分が流出したRockYou、25万ドルでFTCと和解
http://itpro.nikkeibp.co.jp/article/NEWS/20120328/388140/?ST=security
GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52668
OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52428
GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50609
GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52667
Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274
Linux Kernel 'memcg' NULL Pointer Deference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52324
Linux Kernel 'SG_IO IOCTL' SCSI Request Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51176
Linux Kernel KVM CVE-2012-0045 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51389
Linux Kernel CVE-2012-1090 CIFS 'umount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52197
Red Hat Linux Kernel CVE-2011-3347 VLAN Packets Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50312
Linux Kernel CVE-2011-4347 Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/50811
Linux Kernel 'Clone()' Function 'CLONE_IO' Flag Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52152
Oracle Java SE CVE-2012-0498 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52019
Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012
+ RHSA-2012:0428 Important: gnutls security update
http://rhn.redhat.com/errata/RHSA-2012-0428.html
+ RHSA-2012:0426 Moderate: openssl security and bug fix update
http://rhn.redhat.com/errata/RHSA-2012-0426.html
+ Apache POI 3.8 released
http://www.apache.org/dist/poi/release/RELEASE-NOTES.txt
http://poi.apache.org/changes.html
+ iptables 1.4.13 released
http://www.iptables.org/news.html#c
http://www.iptables.org/projects/iptables/files/changes-iptables-1.4.13.txt
+ GnuPG 2.0.19 released
http://lists.gnupg.org/pipermail/gnupg-announce/2012q1/000314.html
+ Linux Kernel ASLR Security Bypass Weakness
http://www.securityfocus.com/bid/52687
++ HP WBEM Discloses Diagnostic Data to Remote and Local Users
http://www.securitytracker.com/id/1026849
[Announce] GnuPG 2.0.19 released
ftp://ftp.gnupg.org/gcrypt/gnupg/
[ANNOUNCE] Netfilter releases: iptables 1.4.13, nfacct 1.0.0 and libnetfilter_acct 1.0.0
ftp://ftp.netfilter.org/pub/iptables/
[announce] The Apache Software Foundation Announces Apache Rave as a Top-Level Project
http://rave.apache.org/
[ANNOUNCE] Apacle Flume 1.1.0-incubating Released
http://www.apache.org/dyn/closer.cgi/incubator/flume/
RHSA-2012:0429 Important: gnutls security update
http://rhn.redhat.com/errata/RHSA-2012-0429.html
RHSA-2012:0427 Important: libtasn1 security update
http://rhn.redhat.com/errata/RHSA-2012-0427.html
RHSA-2012:0426 Moderate: openssl security and bug fix update
http://rhn.redhat.com/errata/RHSA-2012-0426.html
Memory disclosure with specially crafted backend responses
http://nginx.org/en/security_advisories.html
http://nginx.org/download/patch.2012.memory.txt
Wireshark 1.6.6 released
http://www.wireshark.org/docs/relnotes/wireshark-1.6.6.html
HPSBMU02747 SSRT100771 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache Tomcat, Remote Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03231290%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
Check Point Response to Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk65222&src=securityAlerts
[ MDVSA-2012:041 ] expat
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00138.html
[ MDVSA-2012:040 ] gnutls
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00136.html
[waraxe-2012-SA#080] - Multiple Vulnerabilities in NextBBS 0.6.0
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00134.html
[ MDVSA-2012:039 ] libtasn1
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00133.html
[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00132.html
[SECURITY] [DSA 2443-1] linux-2.6 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00131.html
[SECURITY] [DSA 2442-1] openarena security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00130.html
[ MDVSA-2012:038 ] openssl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00128.html
Matthew1471s ASP BlogX - XSS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00129.html
Traffic amplification via Quake 3-based servers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00127.html
PcwRunAs Password Obfuscation Design Flaw
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00135.html
[SECURITY] [DSA 2441-1] gnutls26 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00126.html
SQL injection attack possible when connecting to PostgreSQL 9.1 with version 8.1 JDBC driver
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00125.html
[SECURITY] [DSA 2440-1] libtasn1-3 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00124.html
CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00123.html
プレス発表
ファジングによる脆弱性検出の有効性の実証結果の公開
~「ファジング活用の手引き」を活用し、ソフトウェア開発にファジングの導入を~
http://www.ipa.go.jp/about/press/20120327.html
NTTデータ先端技術、標的型サイバー攻撃への耐性強化サービスを提供
http://itpro.nikkeibp.co.jp/article/NEWS/20120327/388105/?ST=security
Microsoft、金融業界と協力してZeusボットネットのサーバーを押収
http://itpro.nikkeibp.co.jp/article/NEWS/20120327/388045/?ST=security
JVNVU#743555 AtMail に複数の脆弱性
http://jvn.jp/cert/JVNVU743555/index.html
JVNVU#542123 複数の DNS ネームサーバの実装に問題
http://jvn.jp/cert/JVNVU542123/index.html
Firefox 3.6 EOL
http://isc.sans.edu/diary.html?storyid=12844
ISC Feature of the Week: ISC Poll
http://isc.sans.edu/diary.html?storyid=12850
Wireshark 1.6.6 and 1.4.2 Released
http://isc.sans.edu/diary.html?storyid=12853
Minify And Related Plugins DOM-Based XSS Vulnerability
http://www.securiteam.com/securitynews/5TP3G1P6KK.html
Opera Multiple Vulnerabilities
http://secunia.com/advisories/48535/
Ubuntu update for kernel
http://secunia.com/advisories/48565/
Ubuntu update for kernel
http://secunia.com/advisories/48544/
IBM 31-bit SDK for z/OS Multiple Vulnerabilities
http://secunia.com/advisories/48546/
Ubuntu update for linux-lts-backport-oneiric
http://secunia.com/advisories/48536/
Ubuntu update for linux
http://secunia.com/advisories/48545/
Ruby Zip/Ruby Gem Zip File Parsing Vulnerabilities
http://secunia.com/advisories/48534/
Ubuntu update for linux-ti-omap4
http://secunia.com/advisories/48547/
vBulletin vBShop Module Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/48560/
Event Calendar PHP "cal_year" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48539/
Debian update for linux-2.6
http://secunia.com/advisories/48523/
SUSE update for gnash
http://secunia.com/advisories/48540/
SUSE update for MozillaFirefox and MozillaThunderbird
http://secunia.com/advisories/48553/
SUSE update for libzip
http://secunia.com/advisories/48562/
vBulletin vbShout Module "message" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48531/
Family Connections Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/48569/
Google Talk Credentials Disclosure Security Issue
http://secunia.com/advisories/48448/
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
2012-03-28
http://www.securityfocus.com/bid/52012
Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194
Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013
Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016
Oracle Java SE CVE-2012-0504 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52020
Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017
Oracle Virtual Desktop Infrastructure (VDI) CVE-2011-3571 Remote Vulnerability
http://www.securityfocus.com/bid/51467
Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014
Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009
Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018
Oracle JavaFX CVE-2012-0508 Remote Vulnerability
http://www.securityfocus.com/bid/52010
Oracle Java SE CVE-2012-0500 Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52015
Raptor XML External Entity Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52681
Oracle Java SE CVE-2011-3557 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50234
SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49778
Oracle Java SE CVE-2011-3560 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50236
Oracle Java SE CVE-2012-0507 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52161
Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011
Oracle Java SE CVE-2012-0498 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52019
Expat XML Parsing Multiple Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/52379
phpMyVisites 'phpmv2/index.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/52377
Red Hat Linux Kernel CVE-2011-3347 VLAN Packets Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50312
Linux Kernel CVE-2011-4347 Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/50811
libzip Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/52658
Linux Kernel 'Clone()' Function 'CLONE_IO' Flag Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52152
GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52668
PHP 'php_register_variable_ex()' Function Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/51830
GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52667
Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274
Linux Kernel KVM CVE-2012-0045 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51389
Linux Kernel 'memcg' NULL Pointer Deference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52324
Linux Kernel eCryptfs Multiple Vulnerabilities
http://www.securityfocus.com/bid/49108
Linux Kernel CVE-2012-1090 CIFS 'umount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52197
Pidgin 'msn_oim_report_to_user()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/52475
Pidgin XMPP Protocol Denial of Service Vulnerability
http://www.securityfocus.com/bid/52476
OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52428
WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38684
IBM WebSphere Application Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51441
IBM WebSphere Application Server 'iscdeploy' Script Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/51420
PHP Web Form Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51193
PHP CVE-2012-0057 Security Bypass Vulnerability
http://www.securityfocus.com/bid/51806
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0462 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52467
taglib Memory Corruption and Infinite Loop Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52290
Linux Kernel '__split_huge_page()' Race Condition Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52533
Linux Kernel ASLR Security Bypass Weakness
http://www.securityfocus.com/bid/52687
GNU Gnash 'GnashImage::size()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52446
systemd 'systemd-logind' Insecure Temporary File Handling Vulnerability
http://www.securityfocus.com/bid/52538
Wireshark IEEE 802.11 Dissector Infinite Loop Denial of Service Vulnerability
http://www.securityfocus.com/bid/52738
Wireshark 'ERF' data Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52737
Wireshark MP2T Dissector Denial of Service Vulnerability
http://www.securityfocus.com/bid/52736
Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52735
HP-UX WBEM CVE-2012-0126 Remote Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/52734
python 'distutils' Component '~/.pypirc' File Local Race Condition Vulnerability
http://www.securityfocus.com/bid/52732
Opera Web Browser 11.62 prior Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52731
Matthew1471 BlogX Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/52730
vBulletin vBShop Module Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52729
NextBBS Multiple Input Validation Security Vulnerabilities
http://www.securityfocus.com/bid/52728
Geeklog 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/52725
0 件のコメント:
コメントを投稿