2012年4月26日木曜日
26日 木曜日、友引
+ RHSA-2012:0523 Moderate: libpng security update
http://rhn.redhat.com/errata/RHSA-2012-0523.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048
+ CentOS alert CESA-2012:0518 (openssl)
http://lwn.net/Alerts/494457/
http://lwn.net/Alerts/494459/
+ CentOS alert CESA-2012:0515 (firefox)
http://lwn.net/Alerts/494460/
http://lwn.net/Alerts/494462
+ CentOS alert CESA-2012:0516 (thunderbird)
http://lwn.net/Alerts/494466/
http://lwn.net/Alerts/494464/
+ CentOS alert CESA-2012:0523 (libpng)
http://lwn.net/Alerts/494468/
+ PostgreSQL JDBC driver 9.1-902 released
http://jdbc.postgresql.org/download.html#jdbcselection
+ SA48962 Microsoft Visual Studio Linker Integer Overflow Vulnerability
http://secunia.com/advisories/48962/
ウイルスバスター コーポレートエディション 8.0 Service Pack 1をご利用中のお客さまへ
- バージョンアップのお願い -
http://www.trendmicro.co.jp/support/news.asp?id=1757
[SECURITY] [DSA 2460-1] asterisk security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00196.html
Multiple vulnerabilities in Piwigo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00195.html
linux privileged and arbitrary chdir() (fixed at 5.4 cifs release)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00194.html
[SECURITY] [DSA 2454-2] openssl incomplete fix
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00193.html
[SECURITY] [DSA 2548-1] iceape security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00192.html
[SECURITY] [DSA 2457-1] iceweasel security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00191.html
[SECURITY] [DSA 2456-1] dropbear security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00190.html
【注意喚起】ゴールデンウィーク前に対策を
http://www.ipa.go.jp/security/topics/alert240425.html
日産ネットワークに攻撃、標的はEV技術か (WIRED.jp)
http://itpro.nikkeibp.co.jp/article/NEWS/20120426/393602/?ST=security
Adobe Readerが政府の電子署名に対応、PDF悪用のサイバー攻撃対策
GPKIの電子証明書を自動配信、手動でもインストール可能
http://itpro.nikkeibp.co.jp/article/NEWS/20120426/393601/?ST=security
「標的型攻撃も検知できる」、トレンドマイクロが専用機器を発表
企業ネットワークのデータを監視、ウイルスや攻撃を報告
http://itpro.nikkeibp.co.jp/article/NEWS/20120425/393242/?ST=security
Blacole's obfuscated JavaScript
http://isc.sans.edu/diary.html?storyid=13051
Blacole's shell code
http://isc.sans.edu/diary.html?storyid=13057
VU#889195 RuggedCom Rugged Operating System (ROS) contains a hard-coded user account with a predictable password
http://www.kb.cert.org/vuls/id/889195
Samsung TV Bug in Remote Control Feature Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026976
Mozilla Thunderbird Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof Web Sites, Obtain Information, and Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026973
Mozilla Seamonkey Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof Web Sites, Obtain Information, and Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026972
Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof Web Sites, Obtain Information, and Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026971
Piwigo Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/48903/
RuggedCom Rugged Operating System Undocumented Account Security Issue
http://secunia.com/advisories/48963/
IBM Rational Products Multiple Vulnerabilities
http://secunia.com/advisories/48968/
IBM Rational Products Multiple Vulnerabilities
http://secunia.com/advisories/48967/
Microsoft Visual Studio Linker Integer Overflow Vulnerability
http://secunia.com/advisories/48962/
Red Hat update for thunderbird
http://secunia.com/advisories/48952/
Red Hat update for firefox
http://secunia.com/advisories/48944/
Debian update for iceape
http://secunia.com/advisories/48920/
Debian update for iceweasel
http://secunia.com/advisories/48922/
Red Hat update for java-1.6.0-ibm
http://secunia.com/advisories/48950/
bind-dyndb-ldap DNS Query Processing Denial of Service Vulnerability
http://secunia.com/advisories/48901/
WordPress ShareYourCart Plugin Path Disclosure Weaknesses
http://secunia.com/advisories/48960/
Mozilla Firefox Mobile FreeType Multiple Vulnerabilities
http://secunia.com/advisories/48973/
Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities
http://secunia.com/advisories/48972/
Mozilla Firefox / Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/48932/
Argyll Color Management System icclib Use-After-Free Vulnerability
http://secunia.com/advisories/48921/
Joomla! ccNewsletter Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/48934/
Red Hat update for openssl
http://secunia.com/advisories/48942/
Red Hat update for JBoss Enterprise Portal Platform
http://secunia.com/advisories/48954/
Debian update for dropbear
http://secunia.com/advisories/48929/
Ubuntu update for openssl
http://secunia.com/advisories/48956/
REMOTE: MS12-027 MSCOMCTL ActiveX Buffer Overflow
http://www.exploit-db.com/exploits/18780
LOCAL: Shadow Stream Recorder 3.0.1.7 Buffer Overflow
http://www.exploit-db.com/exploits/18781
Linux Kernel CVE-2012-1090 CIFS 'umount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52197
Linux Kernel 'Clone()' Function 'CLONE_IO' Flag Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52152
Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274
Oracle Solaris CVE-2012-1692 Local Vulnerability
http://www.securityfocus.com/bid/53125
Oracle Sun Products Suite CVE-2012-1694 Remote Solaris Vulnerability
http://www.securityfocus.com/bid/53126
Oracle Sun Products Suite CVE-2012-1683 Local Solaris Vulnerability
http://www.securityfocus.com/bid/53130
Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51702
Rugged Operating System Backdoor Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/53215
Chilkat Zip ChilkatZip2.DLL Multiple Arbitrary File Overwrite Vulnerabilities
http://www.securityfocus.com/bid/24806
Joomla CCNewsLetter Module 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/53208
OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158
systemd 'systemd-logind' Insecure Temporary File Handling Vulnerability
http://www.securityfocus.com/bid/52538
Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52911
libpng 'png_set_text_2()' Function Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52830
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0467 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53223
Drupal Linkit Module Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/53253
Drupal Spaces and Spaces OG Modules Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/53252
Drupal Ubercart Module Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53251
Drupal RealName Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53250
Drupal Site Documentation Module Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53249
Drupal Creative Commons Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53248
IBM Rational Products Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53247
GNU Common Internet File System (CIFS) setuid 'mount.cifs' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53246
Piwigo Multiple Cross Site Scripting and Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/53245
Microsoft Visual Studio Linker Integer Overflow Vulnerability
http://www.securityfocus.com/bid/53243
Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/53242
WordPress ShareYourCart plugin Path-Disclosure Vulnerability
http://www.securityfocus.com/bid/53241
ICCLIB CVE-2012-1616 Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53240
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿