2012年4月12日木曜日
12日 木曜日、赤口
+ RHSA-2012:0475 Moderate: tomcat6 security update
http://rhn.redhat.com/errata/RHSA-2012-0475.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022
+ RHSA-2012:0474 Moderate: tomcat5 security update
http://rhn.redhat.com/errata/RHSA-2012-0474.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022
+ Samba Buffer Overflow in NDR Marshalling Code Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026913
http://www.securityfocus.com/bid/52973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
CentOS alert CESA-2012:0467 (freetype)
http://lwn.net/Alerts/491672/
http://lwn.net/Alerts/491678
CentOS alert CESA-2012:0468 (libtiff)
http://lwn.net/Alerts/491673/
http://lwn.net/Alerts/491679
CentOS alert CESA-2012:0466 (samba3x)
http://lwn.net/Alerts/491674/
CentOS alert CESA-2012:0465 (samba)
http://lwn.net/Alerts/491680/
http://lwn.net/Alerts/491675
phpMyAdmin 3.4.11-rc1 released
http://sourceforge.net/news/?group_id=23067&id=307201
トレンドマイクロ オンラインストレージ SafeSync アップデートのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1764
MySQL 5.6.5 (10 April 2012, Milestone 8)
http://dev.mysql.com/doc/refman/5.6/en/news-5-6-5.html
Samba 4.0α19が出ました。CVE-2012-1182対応のセキュリティリリースです。
http://wiki.samba.gr.jp/mediawiki/index.php?title=%E3%83%A1%E3%82%A4%E3%83%B3%E3%83%9A%E3%83%BC%E3%82%B8
Webページやファイルを開くだけで被害、Officeなどに危険な脆弱性
悪用した標的型攻撃が出現、IEにも「緊急」の脆弱性
http://itpro.nikkeibp.co.jp/article/NEWS/20120412/390722/?ST=security
Microsoft Office等の脆弱性について(MS12-027)(CVE-2012-0158)
http://www.ipa.go.jp/security/ciadr/vul/20120411-Windows.html
JVNTA12-101A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-101A/index.html
JVNTA12-101B Adobe 製品における複数の脆弱性
http://jvn.jp/cert/JVNTA12-101B/index.html
JVNVU#400619 Pluck SiteLife にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU400619/index.html
Backtrack 5 R2 priv escalation 0day found in CTF exercise
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00072.html
[ MDVSA-2012:055 ] samba
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00068.html
Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00070.html
Android information leak
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00069.html
US-CERT Alert TA12-101B -- Adobe Reader and Acrobat Security Updates and Architectur
http://www.derkeiler.com/Mailing-Lists/Cert/2012-04/msg00001.html
[security bulletin] HPSBPV02754 SSRT100803 rev.1 - HP ProCurve 5400 zl Switch, Compact flash car
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00067.html
US-CERT Alert TA12-101A -- Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2012-04/msg00000.html
JVNDB-2012-002027 IBM Tivoli Event Pump における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002027.html
JVNDB-2012-002026 Novell ZENworks Configuration Management におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002026.html
JVNDB-2012-002025 Novell iManager の jclient 内の Create Attribute 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002025.html
JVNDB-2012-002024 Novell ZENworks Configuration Management におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002024.html
JVNDB-2012-002023 Novell ZENworks Configuration Management におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002023.html
Challenge: What can you do with funky directory names?
http://isc.sans.edu/diary.html?storyid=12958
Windows XPとOffice 2003のサポート終了まで2年、Vistaは延長サポート期間に
http://www.itmedia.co.jp/news/articles/1204/11/news015.html
HP ProCurve 5400 zl Switch Includes Malware Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026916
Samba Buffer Overflow in NDR Marshalling Code Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026913
HP ProCurve 5400 zl Switch Malware Infected Compact Flash Card
http://secunia.com/advisories/48738/
WordPress Image News slider Plugin Unspecified Vulnerabilities
http://secunia.com/advisories/48747/
Novell Sentinel "filename" Arbitrary File Download Vulnerability
http://secunia.com/advisories/48760/
FlightGear "Rotor::getValueforFGSet()" Buffer Overflow Vulnerability
http://secunia.com/advisories/48780/
Horizon Quick CMS "username" SQL Injection Vulnerability
http://secunia.com/advisories/48764/
Red Hat update for acroread
http://secunia.com/advisories/48756/
Ubuntu update for puppet
http://secunia.com/advisories/48748/
Astaro Security Gateway CRL and OCSP Bypass Vulnerability
http://secunia.com/advisories/48750/
Fujitsu Interstage List Works Archived Forms Security Bypass Weakness
http://secunia.com/advisories/48745/
F5 Products PHP Multiple Vulnerabilities
http://secunia.com/advisories/48737/
Red Hat update for freetype
http://secunia.com/advisories/48758/
Red Hat update for libtiff
http://secunia.com/advisories/48757/
Red Hat update for samba3x
http://secunia.com/advisories/48754/
Red Hat update for samba
http://secunia.com/advisories/48751/
Gentoo update for chromium
http://secunia.com/advisories/48749/
Puppet Multiple Vulnerabilities
http://secunia.com/advisories/48743/
Pluck SiteLife Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/48778/
Samba RPC Network Data Representation Marshalling Vulnerability
http://secunia.com/advisories/48742/
HP System Management Homepage Cross-Site Request Forgery
http://secunia.com/advisories/43012/
Adobe Reader/Acrobat Multiple Vulnerabilities
http://secunia.com/advisories/48733/
Samba Remote Procedure Call Remote Memory Corruption Vulnerability
http://www.vupen.com/english/ADV-2012-0203.php
Adobe Reader and Acrobat Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/ADV-2012-0202.php
Microsoft Windows and Office Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/ADV-2012-0201.php
RealNetworks Helix Server Multiple Remote Code Executon Vulnerabilities
http://www.vupen.com/english/ADV-2012-0200.php
REMOTE: Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution
http://www.exploit-db.com/exploits/18730/
Wicd 'SetWirelessProperty()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/52987
Siemens Scalance Firewall Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52923
Siemens Scalance X Switches 'HTTP' Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/52933
Koyo ECOM100 Ethernet Module Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51634
Certec atvise webMI2ADS Web Server Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/50048
Adobe Acrobat and Reader 'msiexec.exe' Search Path Remote Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/52952
Apache Tomcat Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51200
Apache Tomcat Parameter Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/51447
Ruby on Rails Security Bypass and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/46292
FreeType Versions Prior to 2.4.9 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/52318
OpenSSL S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52764
OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52428
Ilient SysAid Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52356
GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50609
GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52667
Microsoft Windows Authenticode Signature Verification Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52868
Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52973
Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52911
WordPress All-in-One Event Calendar Plugin Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/52986
Drupal Autosave Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/52985
Drupal Fivestar Module Remote Input Validation Vulnerability
http://www.securityfocus.com/bid/52984
BGS CMS Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52983
Cisco IronPort Web Security Appliance Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/52981
Horizon Quick CMS 'username' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52980
Fujitsu Interstage List Works Archive Folder Security Bypass Vulnerability
http://www.securityfocus.com/bid/52978
WordPress Image News slider Plugin Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/52977
Puppet Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52975
HP System Management Homepage CVE-2011-3846 Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/52974
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿