2012年4月3日火曜日
3日 火曜日、先負
+ HPSBUX02760 SSRT100805 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03266681%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ HPSBUX02758 SSRT100774 rev.1 - HP-UX running DCE, Remote Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03261413%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ Linux kernel 3.2.14, 3.3.1 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.14
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1
UPDATE: Multiple Vulnerabilities in Cisco Unity Connection
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc
UPDATE: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucm
HPSBMU02753 SSRT100782 rev.1 - HP Business Availability Center (BAC) Running Apache, Remote Execution of Arbitrary Commands, Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03236227%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
HPSBMU02759 SSRT100817 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access, Unauthorized Information Disclosure, Denial of Service (DoS), URL Redirection
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03263573%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
UPDATE: HPSBUX02757 SSRT100779 rev.2 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/action.process/public/kb/docDisplay/?javax.portlet.action=true&spf_p.tpst=kbDocDisplay&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.prp_kbDocDisplay=wsrp-interactionState%3DdocId%253Demr_na-c03254184%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.endCacheTok=com.vignette.cachetoken
Flash Playerの最新版が公開、自動更新機能を搭載
ユーザーが何もしなくて最新に、2件の脆弱性も修正
http://itpro.nikkeibp.co.jp/article/NEWS/20120403/388861/?ST=security
中国ミニブログ大手2サイトが書き込み機能を一時停止、「うわさ流布の処罰」で
http://itpro.nikkeibp.co.jp/article/NEWS/20120402/388502/?ST=security
米電子決済サービス大手に不正アクセス、MasterCardやVisaカード情報流出の可能性
http://itpro.nikkeibp.co.jp/article/NEWS/20120402/388461/?ST=security
SHA 1-2-3
http://isc.sans.edu/diary.html?storyid=12880
IBM Cognos TM1 Admin Server Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026881
IBM Tivoli Directory Server Input Validation Flaw in Web Admin Tool Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026880
VU#232979 Multiple vulnerabilities in Intuit QuickBooks
http://www.kb.cert.org/vuls/id/232979
VU#928795 Netgear FVS318N router default remote management vulnerability
http://www.kb.cert.org/vuls/id/928795
VU#834723 TP-Link 8840T DSL router default remote management vulnerability
http://www.kb.cert.org/vuls/id/834723
Invensys Products ActiveX Control Buffer Overflow Vulnerabilities
http://secunia.com/advisories/48675/
IBM Cognos TM1 Admin Server Buffer Overflow Vulnerability
http://secunia.com/advisories/48568/
Landshop Multiple Vulnerabilities
http://secunia.com/advisories/48661/
WordPress BuddyPress Plugin "exclude" SQL Injection Vulnerability
http://secunia.com/advisories/48671/
Check Point Multiple Products Hash Collision Denial of Service Vulnerability
http://secunia.com/advisories/48662/
ManageEngine Firewall Analyzer Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/48657/
PHP Agenda Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/48685/
IBM Tivoli Directory Server Web Admin Tool Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48694/
Gentoo update for chromium and v8
http://secunia.com/advisories/48691/
Debian update for typo3-src
http://secunia.com/advisories/48647/
util-linux Package 'mount' and 'umount' Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/50941
cronie 'crontab' Symbolic Link Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38391
SQLAlchemy 'limit' and 'offset' Parameters SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/52330
Drupal Date Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/51378
JRuby Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51233
Todd Miller Sudo Group ID Change Security Vulnerability
http://www.securityfocus.com/bid/45774
libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52049
Asterisk 'ast_parse_digest()' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52815
Asterisk 'Milliwatt()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52523
Asterisk SIP Endpoints NAT Settings User Enumeration Weakness
http://www.securityfocus.com/bid/50990
Asterisk SIP 'automon' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/50989
phpCAS Proxy Authorization Security Bypass Vulnerability
http://www.securityfocus.com/bid/52279
phpCAS Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/52280
libpng 'png_inflate()' Function Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52453
Nagios 'layer' Parameter Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/46826
Google Chrome Prior to 17.0.963.83 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52674
Google Chrome Prior to 18.0.1025.142 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52762
Mutt SMTP TLS Certificate Security Bypass Vulnerability
http://www.securityfocus.com/bid/46803
TYPO3 Core TYPO3-CORE-SA-2012-001 Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/52771
FreeRADIUS Revoked Certificate Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/48880
libpng 'png_set_text_2()' Function Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52830
SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49778
ioQuake3 Engine Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/52719
Aptdaemon CVE-2012-0944 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/52855
Intuit QuickBooks 'HelpAsyncPluggableProtocol.dll' File Disclosure Vulnerability
http://www.securityfocus.com/bid/52854
NetGear ProSafe Wireless-N 8-port Gigabit VPN Firewall FVS318N Router Security Bypass Vulnerability
http://www.securityfocus.com/bid/52853
TP-Link 8840T DSL Router Security Bypass Vulnerability
http://www.securityfocus.com/bid/52852
Invensys Wonderware Information Server Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52851
CMS Made Simple 'email' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/52850
DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/52848
IBM Cognos TM1 Admin Server Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52847
JBMC Software DirectAdmin 'domain' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52845
MailMax 'USER' POP3 Command Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52838
Flatnux Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52846
SnackAmp '.aiff' File Denial of Service Vulnerability
http://www.securityfocus.com/bid/52842
Firewall Analyzer Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/52841
FoxMediaTools FoxPlayer '.m3u' File Denial of Service Vulnerability
http://www.securityfocus.com/bid/52839
Samedia LandShop Multiple SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52843
WordPress BuddyPress 'page' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52837
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿