2012年5月15日火曜日

15日 火曜日、先負


+ PHP 5.4.3 and PHP 5.3.13 x64 (64 bit) for Windows
http://www.anindya.com/php-5-4-3-and-php-5-3-13-x64-64-bit-for-windows/

+ UPDATE: Cisco IOS Software Network Address Translation Vulnerabilities
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-nat

+ HS12-014: Multiple vulnerabilities in Hitachi IT Operations Director
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-014/index.html

+ HS12-013: Security Vulnerabilities in COBOL GUI Option
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-013/index.html

+ HS12-012: Vulnerability in CA ARCserve Backup
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-012/index.html

+ HS12-011: Multiple vulnerabilities in JP1/IT Desktop Management - Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-011/index.html

+ HS12-014: Hitachi IT Operations Directorにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-014/index.html

+ Tomcat Connectors 1.2.36 Released
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

Windows 8 operating system does not boot or install on ESXi or ESX
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=2006859&sliceId=2&docTypeID=DT_KB_1_1

vHBAs and other PCI devices may stop responding in ESX/ESXi 4.1 and ESXi 5.0 when using Interrupt Remapping
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1030265&sliceId=2&docTypeID=DT_KB_1_1

Advisory: Release of Endpoint Security v. 10.0.2
http://www.sophos.com/en-us/support/knowledgebase/116786.aspx

Advisory: Release of PureMessage for Exchange 3.1.1
http://www.sophos.com/en-us/support/knowledgebase/117193.aspx

Advisory: Considerations for customers running Endpoint Security and Control 10 in advance of May maintenance release
http://www.sophos.com/en-us/support/knowledgebase/117226.aspx

PostgreSQL 9.2 Beta 1 Available for Testing
http://www.postgresql.org/about/news/1395/

Liferay users can assign themselves to organizations, leading to possible privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00067.html

Universal Reader Filename Denial Of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00066.html

[SECURITY] [DSA 2670-1] wordpress security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00065.html

b2ePMS 1.0 Authentication Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00064.html

依然猛威の「Conficker」ウイルス、弱いパスワードのPCが餌食に
企業環境では最悪の脅威、全世界で2億件以上検出
http://itpro.nikkeibp.co.jp/article/NEWS/20120515/396521/?ST=security

“標的型攻撃で人生終了”だってあり得る、ネットエージェントがその怖さを実演デモ
http://itpro.nikkeibp.co.jp/article/NEWS/20120514/396301/?ST=security

Facebook、プライバシーポリシー改定を発表、実施例や説明を追加
http://itpro.nikkeibp.co.jp/article/NEWS/20120514/396284/?ST=security

Laptops at Security Conferences
http://isc.sans.edu/diary.html?storyid=13207

Got packets? Interested in TCP/8909, TCP/6666, TCP/9415, TCP/27977 and UDP/7
http://isc.sans.edu/diary.html?storyid=13210

Smarty Input Validation Flaw in {html_options} Function Plugin Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027061

IBM WebSphere Application Server for z/OS Unspecified Vulnerability
http://secunia.com/advisories/49078/

Smarty "smarty_function_html_options_optoutput()" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49164/

Bytemark Symbiosis Mailbox Password Check Security Bypass Security Issue
http://secunia.com/advisories/48993/

Hitachi COBOL GUI Run Time System Code Execution Vulnerability
http://secunia.com/advisories/49158/

Debian update for wordpress
http://secunia.com/advisories/49138/

Hitachi IT Operations Director Cross-Site Scripting and Denial of Service Vulnerabilities
http://secunia.com/advisories/49144/

Sympa Multiple Security Bypass Vulnerabilities
http://secunia.com/advisories/49045/

Debian update for ffmpeg
http://secunia.com/advisories/49089/

NetBill Script Insertion and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/49109/

WordPress WP-FaceThumb Plugin "pagination_wp_facethumb" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49143/

Kronolith Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/49147/

Travelon Express "hid" Two SQL Injection Vulnerabilities
http://secunia.com/advisories/49118/

Proman Xpress "cl_comments" Script Insertion Vulnerability
http://secunia.com/advisories/49127/

FreeRealty Multiple Vulnerabilities
http://secunia.com/advisories/49132/

Sockso "name" Script Insertion Vulnerability
http://secunia.com/advisories/49148/

GetSimple CMS "path" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49137/

DoS/PoC: FlexNet License Server Manager Stack Overflow In lmgrd
http://www.exploit-db.com/exploits/18877

DoS/PoC: Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
http://www.exploit-db.com/exploits/18878

Galette 'picture.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/53463

Cisco IOS Network Address Translation Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/49822

IBM WebSphere Application Server for z/OS JAX-RPC Unspecified Remote Security Vulnerability
http://www.securityfocus.com/bid/52250

FFmpeg libavcodec CAVS File Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/49118

FFmpeg Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/50555

FFmpeg Prior to 0.7.8 and 0.8.7 Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/50760

FFmpeg libavcodec 'vmd decode()' Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50880

FFmpeg libavcodec CAVS File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49115

Google Chrome Prior to 15.0.874.120 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/50642

FFmpeg SVQ1 Stream File Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51290

Linux Kernel KVM 'create_pit_timer()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51172

Linux Kernel epoll Subsystem 'eventpoll.c' Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/46630

Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274

Linux Kernel CVE-2012-1090 CIFS 'umount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52197

Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51945

Linux Kernel 'Clone()' Function 'CLONE_IO' Flag Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52152

Linux Kernel KVM CVE-2012-0045 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51389

Linux Kernel Hugepages CVE-2012-2133 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53233

OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/51281

FlexNet License Server Manager 'lmgrd' Component Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52718

WikkaWiki Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/50866

Distinct Intranet Servers Directory Traversal Vulnerability
http://www.securityfocus.com/bid/52938

Mozilla Firefox/Thunderbird/SeaMonkey nsDOMAttribute Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51755

socat 'xioscan_readline()' Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53510

Liferay Portal 'updateOrganizations()' Method Security Bypass Vulnerability
http://www.securityfocus.com/bid/53509

Universal Reader 'uread.exe' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53508

Smarty 'smarty_function_html_options_optoutput()' Function Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53507

Hitachi COBOL GUI Run Time System Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53506

Hitachi IT Operations Director Cross-Site Scripting and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/53504

Sympa Archive Management Permissions Security Bypass Vulnerability
http://www.securityfocus.com/bid/53503

Belkin N150 Wireless Router 'login.stm' Administrator Password Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53502

0 件のコメント:

コメントを投稿