2012年5月25日金曜日
25日 金曜日、友引
+ curl and libcurl 7.26.0 released
http://curl.haxx.se/changes.html#7_26_0
+ SA49286 Apache Ant Bzip2 Compression Denial of Service Vulnerability
http://secunia.com/advisories/49286/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098
+ SA49255 Apache Commons Compress bzip2 Denial of Service Vulnerability
http://secunia.com/advisories/49255/
http://www.securityfocus.com/bid/53676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098
+ SA49191 Linux Kernel Huge Pages Memory Leak Denial of Service Vulnerability
http://www.securityfocus.com/bid/53676
http://secunia.com/advisories/49191/
+ IBM Lotus Quickr 'qp2.cab' ActiveX Control Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53678
Advisory: Sophos Endpoint v 9.5 and 9.7: automatic upgrade to v 10, reboot required
http://www.sophos.com/en-us/support/knowledgebase/117480.aspx
Changes to the Monthly Supplementary CD
http://www.sophos.com/en-us/support/knowledgebase/116933.aspx
Sudo 1.7.10b1 released
http://www.sudo.ws/sudo/devel.html#1.7.10b1
確認画面が「黒」になったら注意、不審なAndroidアプリに気を付けろ
個人情報を盗むアプリが再び出現、公式マーケット以外で配布
http://itpro.nikkeibp.co.jp/article/NEWS/20120524/399027/?ST=security
IBMが『Siri』を禁止:社内情報漏洩を懸念
http://itpro.nikkeibp.co.jp/article/NEWS/20120524/399026/?ST=security
JVNVU#515283 Seagate BlackArmor NAS に脆弱性
http://jvn.jp/cert/JVNVU515283/index.html
[SECURITY] [DSA 2480-1] request-tracker3.8 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00125.html
[ MDVSA-2012:081 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00124.html
[SECURITY] [DSA 2479-1] libxml2 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00123.html
[SECURITY] [DSA 2478-1] sudo security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00122.html
[ MDVSA-2012:080 ] wireshark
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00121.html
[CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00129.html
Multiple vulnerabilities in LogAnalyzer
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00128.html
Multiple vulnerabilities in Pligg CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00127.html
Multiple XSS in pragmaMx
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00126.html
IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc...
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00120.html
ESA-2012-020: EMC AutoStart Multiple Buffer Overflow Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00119.html
Social Engine Multiple XSS and CSRF Vulnerabilities
http://www.securiteam.com/securitynews/5YP3H1575W.html
Multiple vBulletin Products Unspecified Security Vulnerability
http://www.securiteam.com/securitynews/5XP3G1575E.html
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027098
Lotus Quickr for Domino ActiveX Control Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027097
Apache Commons Compress BZip2CompressorOutputStream() Sorting Algorithm Lets Remote or Local Users Deny Service
http://www.securitytracker.com/id/1027096
Citrix XenApp Unspecified Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027095
Wireshark Multiple Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1027094
Symantec Endpoint Protection Bugs Let Remote Users Delete Files and Execute Arbitrary Code and Let Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027093
ISC Feature of the Week: Country Report
http://isc.sans.edu/diary.html?storyid=13291
Symantec End Point Protection Network Access Control 11 Code Execution
http://cxsecurity.com/issue/WLB-2012050181
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
http://cxsecurity.com/issue/WLB-2012050180
Mod_Auth_OpenID Session Stealing
http://cxsecurity.com/issue/WLB-2012050179
appRain CMF Arbitrary PHP File Upload Vulnerability
http://cxsecurity.com/issue/WLB-2012050178
PHPCollab 2.5 Unauthenticated Access
http://cxsecurity.com/issue/WLB-2012050177
PHPCollab 2.5 Unauthenticated File Upload
http://cxsecurity.com/issue/WLB-2012050176
YDFramework 2.0-Beta1 File Disclosure
http://cxsecurity.com/issue/WLB-2012050175
Drupal Search API 7.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050174
Drupal Taxonomy List 6.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050173
Drupal BrowserID 7.x Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012050172
Jaow CMS "add_ons" SQL Injection Vulnerability
http://secunia.com/advisories/49266/
Drupal Search API Module Script Insertion Vulnerabilities
http://secunia.com/advisories/49236/
SocialEngine Multiple Vulnerabilities
http://secunia.com/advisories/49271/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/49277/
Apache Ant Bzip2 Compression Denial of Service Vulnerability
http://secunia.com/advisories/49286/
Apache Commons Compress bzip2 Denial of Service Vulnerability
http://secunia.com/advisories/49255/
IBM Lotus Quickr for Domino qp2.cab ActiveX Control Vulnerability
http://secunia.com/advisories/49285/
Linux Kernel Huge Pages Memory Leak Denial of Service Vulnerability
http://secunia.com/advisories/49191/
Drupal Taxonomy List Module Taxonomy Information Script Insertion Vulnerability
http://secunia.com/advisories/49238/
Debian update for libxml2
http://secunia.com/advisories/49243/
Debian update for sudo
http://secunia.com/advisories/49244/
Ubuntu update for net-snmp
http://secunia.com/advisories/49279/
LOCAL: Mod_Auth_OpenID Session Stealing Vulnerability
http://www.exploit-db.com/exploits/18917
DoS/PoC: Wireshark Misaligned Memory Denial of Service Vulnerability
http://www.exploit-db.com/exploits/18920
DoS/PoC: Wireshark Multiple Dissector Denial of Service Vulnerabilities
http://www.exploit-db.com/exploits/18919
DoS/PoC: Wireshark DIAMETER Dissector Denial of Service
http://www.exploit-db.com/exploits/18918
Request Tracker Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53660
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0474 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53228
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0473 Out of Bounds Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53231
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0478 Denial of Service Vulnerability
http://www.securityfocus.com/bid/53227
Mozilla Firefox/Thunderbird/SeaMonkey 'cairo-dwrite' CVE-2012-0472 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53218
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0467 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53223
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0477 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53229
Mozilla Firefox/SeaMonkey/Thunderbird Site Identity Spoofing Vulnerability
http://www.securityfocus.com/bid/53224
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-0470 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53225
OpenType Sanitizer Off By One Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53222
Mozilla Firefox/Thunderbird/SeaMonkey IDBKeyRange Use-After-Free Vulnerability
http://www.securityfocus.com/bid/53220
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0468 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53221
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0471 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53219
xArrow Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/52307
OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/28819
Symantec Endpoint Protection Manager Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50358
appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/51576
EMC AutoStart CVE-2012-0409 Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/53682
Measuresoft ScadaPro DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/53681
SocialEngine Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/53680
Google Chrome Prior to 19.0.1084.52 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53679
IBM Lotus Quickr 'qp2.cab' ActiveX Control Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53678
Apache Commons Compress and Apache Ant CVE-2012-2098 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53676
phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/53675
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿