+ Perl 5.16.0 released
http://www.perl.org/get.html
+ Linux kernel 3.4 released
http://www.kernel.org/
+ SYM12-008: Symantec Endpoint Protection Multiple Issues
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0295
+ SYM12-007: Symantec Endpoint Protection Manager 11.x Denial of Service
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1821
+ DBI 1.621 released
http://search.cpan.org/~timb/DBI-1.621/
+ PHP Windows com_print_typeinfo() Buffer Overflow Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027089
http://www.securityfocus.com/bid/53621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2376
+ Wireshark Misaligned Memory Denial of Service Vulnerability
http://www.securityfocus.com/bid/53653
+ PHP Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/53643
DHCP 4.2.4rc2 released
https://deepthought.isc.org/article/AA-00688
CentOS alert CESA-2012:0677 (postgresql)
http://lwn.net/Alerts/498083/
CentOS alert CESA-2012:0678 (postgresql84)
http://lwn.net/Alerts/498084/
CentOS alert CESA-2012:0676 (kvm)
http://lwn.net/Alerts/498085/
CentOS alert CESA-2012:0678 (postgresql)
http://lwn.net/Alerts/498195/
CentOS alert CESA-2012:0683 (bind-dyndb-ldap)
http://lwn.net/Alerts/498196/
ウイルスバスター ビジネスセキュリティ7.0公開とサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1783
ウイルスバスター コーポレートエディション 10.5 Patch 3 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1782
Reporting Security Vulnerabilities to Citrix
http://support.citrix.com/article/CTX081743
MySQL 5.5.26 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-26.html
[ MDVSA-2012:079 ] sudo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00109.html
DC4420 - London DEFCON - May meet - Tuesday May 22nd 2012
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00117.html
Tftpd32 DHCP Server Denial Of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00118.html
[Announcement] CHMags Issue 28, May 2012 Released
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00116.html
[SECURITY] [DSA 2477-1] sympa security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00115.html
PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00114.html
Acuity CMS 2.6.x <= Arbitrary File Upload
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00113.html
Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00112.html
[SECURITY] [DSA 2476-1] pidgin-otr security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00111.html
Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00110.html
ネット接続できなくなる「DNS Changer」ウイルス、感染確認サイトが公開
サイトにアクセスするだけで感染の有無を判定、JPCERT/CCが構築
http://itpro.nikkeibp.co.jp/article/NEWS/20120523/398383/?ST=security
JVNVU#464683 MobileTrack に複数の脆弱性
http://jvn.jp/cert/JVNVU464683/index.html
JVNDB-2012-002470 ConnMan の dhcpv6_get_option 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002470.html
JVNDB-2012-002469 ConnMan の loopback プラグインにおける任意のコマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002469.html
JVNDB-2012-002468 ConnMan におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002468.html
JVNDB-2012-002467 X.Org X11 の os/log.c 内の LogVHdrMessageVerb 関数におけるフォーマットストリングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002467.html
JVNDB-2012-002466 Gajim の src/common/latex.py における任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002466.html
JVNDB-2012-002465 texlive-extra-utils の latex2man における任意のファイルを上書される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002465.html
JVNDB-2012-002464 PHP の com_print_typeinfo 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002464.html
JVNDB-2012-002463 RealNetworks RealPlayer におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002463.html
JVNDB-2012-002462 RealNetworks RealPlayer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002462.html
JVNDB-2012-002461 sudo におけるコマンドの制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002461.html
JVNDB-2012-002460 Drupal 用 Take Control モジュールにおけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002460.html
JVNDB-2012-002459 HP OpenVMS の ACMELOGIN の実装における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002459.html
Oracle Database Server Remote Enterprise Manager Base Platform Vulnerability
http://www.securiteam.com/securitynews/5LP3J0A75A.html
Apple Safari 5.1.7 Arbitrary Code Execution Vulnerability
http://www.securiteam.com/securitynews/5KP3I0A75A.html
Apple Quicktime Arbitrary Code Execution Vulnerability
http://www.securiteam.com/securitynews/5JP3H0A75A.html
Apple OS X Lion Bluetooth Arbitrary Code Execution Vulnerability
http://www.securiteam.com/securitynews/5IP3G0A75A.html
nmap 6 released
http://isc.sans.edu/diary.html?storyid=13267
The "Do Not Track" header
http://isc.sans.edu/diary.html?storyid=13273
When factors collapse and two factor authentication becomes one.
http://isc.sans.edu/diary.html?storyid=13276
Xen PV Bootloader Bug Lets Local Guest Users Crash the System
http://www.securitytracker.com/id/1027090
Linux Kernel KVM Memory Slot Management Flaw Lets Local Guest Users Deny Service on the Guest Operating System
http://www.securitytracker.com/id/1027083
Serendipity Input Validation Flaw in 'functions_trackbacks.inc.php' Lets Remote Users Inject SQL Commands
http://www.securitytracker.com/id/1027079
Nmap Port Scanner 6.00 Released
http://cxsecurity.com/issue/WLB-2012050164
PHP <= 5.4.3 (com_event_sink) Code Execution Proof of Concept
http://cxsecurity.com/issue/WLB-2012050163
Yandex.Server 2010 9.0 Enterprise Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050162
Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
http://cxsecurity.com/issue/WLB-2012050161
HP StorageWorks P4000 Virtual SAN Appliance Command Execution
http://cxsecurity.com/issue/WLB-2012050160
CHICCO SnoopyClub Cross Site Scripting / SQL Injection
http://cxsecurity.com/issue/WLB-2012050159
FlexNet License Server Manager lmgrd Buffer Overflow
http://cxsecurity.com/issue/WLB-2012050158
Plogger Photo Gallery SQL Injection
http://cxsecurity.com/issue/WLB-2012050157
Active Collab "chat module" 2.3.8 Remote PHP Code Injection
http://cxsecurity.com/issue/WLB-2012050156
phAlbum PHP Gallery Script Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050155
LOCAL: Novell Client 4.91 SP4 Privilege Escalation Exploit
http://www.exploit-db.com/exploits/18914
Xen PyGrub Kernel Decompression Denial of Service Vulnerability
http://secunia.com/advisories/49184/
Red Hat update for JBoss Enterprise Web Server
http://secunia.com/advisories/49270/
Red Hat update for bind-dyndb-ldap
http://secunia.com/advisories/49269/
Red Hat update for postgresql
http://secunia.com/advisories/49272/
Red Hat update for postgresql and postgresql84
http://secunia.com/advisories/49273/
Mosh Escape Sequence Denial of Service Vulnerability
http://secunia.com/advisories/49260/
HAProxy Trash Buffer Overflow Vulnerability
http://secunia.com/advisories/49261/
Vanilla Forums FirstLastNames Plugin Profile Two Script Insertion Vulnerabilities
http://secunia.com/advisories/49215/
Astaro update for openssl
http://secunia.com/advisories/49214/
Ubuntu update for libxml2
http://secunia.com/advisories/49258/
PHP 'php-cgi' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53388
KVM CVE-2012-2121 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53162
Linux Kernel KVM 'kvm_apic_accept_pic_intr()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53488
Bind DynDB LDAP 'bind-dyndb-ldap' Package Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53236
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52188
PHP Versions Prior to 5.3.7 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49241
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0458 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52460
Symantec Endpoint Protection Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51795
Apache Tomcat Request Object Security Bypass Vulnerability
http://www.securityfocus.com/bid/51442
Apache Tomcat Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51200
Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48456
Apache Tomcat Parameter Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/51447
Apache Tomcat AJP Protocol Security Bypass Vulnerability
http://www.securityfocus.com/bid/49353
Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
http://www.securityfocus.com/bid/49762
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48667
Perl Config::IniFiles Module Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/53361
Moodle Multiple Access Permissions Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/52631
Novell Client for Windows 'nicm.sys 'Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/27209
PHP 'com_print_typeinfo()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53621
FlexNet License Server Manager 'lmgrd' Component Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52718
Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51945
SuperNews 'noticia' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38988
feedparser CVE-2012-2921 Denial of Service Vulnerability
http://www.securityfocus.com/bid/53654
Wireshark Misaligned Memory Denial of Service Vulnerability
http://www.securityfocus.com/bid/53653
HAProxy Trash Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53647
Mosh Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53646
Plogger Photo Gallery SQL Injection Vulnerability
http://www.securityfocus.com/bid/53644
PHP Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/53643
Symantec Endpoint Protection CVE-2012-0295 File Include Vulnerability
http://www.securityfocus.com/bid/53183
Symantec Endpoint Protection CVE-2012-0294 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/53182
Symantec Endpoint Protection Manager Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50358
0 件のコメント:
コメントを投稿