2012年7月10日火曜日

10日 火曜日、先勝


+ CentOS 6.3 released
http://lists.centos.org/pipermail/centos-announce/2012-July/018706.html

+ HS12-019: Hitachi IT Operations AnalyzerにおけるDoS脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-019/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4858

2013年上半期(1月~6月)のサポートサービス終了予定製品のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1805

[SECURITY] [DSA 2509-1] pidgin security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00043.html

GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00053.html

Checkpoint Abra - Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00051.html

Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00050.html

[CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00048.html

BookNux 0.2 <= Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00049.html

BookNux 0.2 <= Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00047.html

日本IBMとセコムが情報セキュリティ分野で業務提携
http://itpro.nikkeibp.co.jp/article/NEWS/20120709/407921/?ST=security

CGアニメ映画「シュレック」の技術者が“マルネット”をわかりやすく可視化した
http://itpro.nikkeibp.co.jp/article/Interview/20120709/407876/?ST=security

チェックしておきたい脆弱性情報<2012.07.09>
http://itpro.nikkeibp.co.jp/article/COLUMN/20120706/407644/?ST=security

「DNS Changer」感染マシンはネットアクセスできない恐れ、FBIが改めて注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20120709/407782/?ST=security

JVNDB-2012-002053 Wireshark の wiretap/pcap-common.c 内の pcap_process_pseudo_header 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002053.html

JVNDB-2012-002054 Wireshark の mp2t_process_fragmented_payload 関数 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002054.html

JVNDB-2012-002051 Wireshark の ANSI A 解析機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002051.html

JVNDB-2012-002929 Sielco Sistemi Winlog の RunTime.exe におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002929.html

JVNDB-2012-002975 389 Directory Server におけるパスワードを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002975.html

JVNDB-2012-003025 IrfanView PlugIns の JPEG_LS プラグインにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003025.html

JVNDB-2012-003024 HP Network Node Manager i におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003024.html

JVNDB-2012-003023 EMC RSA Access Manager Server および RSA Access Manager Agent におけるリプレイ攻撃の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003023.html

JVNDB-2012-003022 FreeBSD の crypt_des 関数におけるアクセス権を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003022.html

JVNDB-2012-002860 Ruby on Rails の Active Record コンポーネントにおける SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002860.html

JVNDB-2012-002859 Ruby on Rails におけるデータベースのクエリ制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002859.html

JVNDB-2012-003021 Symantec Message Filter の Brightmail Control Center におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003021.html

JVNDB-2012-003020 Symantec Message Filter の Brightmail Control Center におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003020.html

JVNDB-2012-003019 Symantec Message Filter の Brightmail Control Center における Web セッションをハイジャックされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003019.html

JVNDB-2012-003018 Symantec Message Filter の Brightmail Control Center におけるバージョン情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003018.html

The FBI will turn off the Internet on Monday (or not)
http://isc.sans.edu/diary.html?storyid=13630

Internet Storm Center panel tonight at SANSFIRE 2012!
http://isc.sans.edu/diary.html?storyid=13636

VU#763795 Netsweeper Internet Filter WebAdmin Portal multiple vulnerabilities
http://www.kb.cert.org/vuls/id/763795

VU#154307 Synel SY-780/A terminal denial-of-service vulnerability
http://www.kb.cert.org/vuls/id/154307

KingHistorian Memory Corruption Vulnerability
http://secunia.com/advisories/49765/

WebsitePanel "ReturnUrl" Redirection Weakness
http://secunia.com/advisories/49813/

WordPress Flip Book Plugin Arbitrary File Upload Vulnerability
http://secunia.com/advisories/49687/

Netsweeper Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/49801/

Avaya Products PostgreSQL Brute Force Weakness
http://secunia.com/advisories/49852/

Mono "ProcessRequest()" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49838/

Apache Sling @CopyFrom Denial of Service Vulnerability
http://secunia.com/advisories/49840/

WordPress Leaflet Maps Marker Plugin Multiple Vulnerabilities
http://secunia.com/advisories/49845/

IBM WebSphere Portal Dojo Module Directory Traversal Vulnerability
http://secunia.com/advisories/49855/

Debian update for pidgin
http://secunia.com/advisories/49777/

WordPress Artiss Code Embed Plugin "suffix" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49848/

eZ Publish eZOE Flash Player Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/49812/

MGB Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/49804/

Hitachi IT Operations Analyzer Hash Collision Denial of Service Vulnerability
http://secunia.com/advisories/49829/

VLC Media Player OGG Demuxer Buffer Overflow Vulnerability
http://secunia.com/advisories/49835/

LOCAL: Python Untrusted Search Path/Code Execution Vulnerability
http://www.exploit-db.com/exploits/19693

OpenSSL DTLS CVE-2012-2333 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53476

Pidgin 'Libpurple' Cipher API Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46307

WellinTech KingView Multiple Memory Corruption And Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/54280

Pidgin 'msn_oim_report_to_user()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/52475

Pidgin XMPP Protocol Denial of Service Vulnerability
http://www.securityfocus.com/bid/52476

Pidgin OSCAR Protocol UTF-8 Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/51010

Pidgin Jingle Extension XMPP Protocol Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/51070

Pidgin 'mxit_show_message()' Function Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54322

Pidgin XMPP Protocol File Transfer Request Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/53706

Pidgin SILC (Secure Internet Live Conferencing) Protocol Denial of Service Vulnerability
http://www.securityfocus.com/bid/51074

Pidgin MSN Denial of Service Vulnerability
http://www.securityfocus.com/bid/53400

Asterisk Uncompleted Re-invite Transactions Denial Of Service Vulnerability
http://www.securityfocus.com/bid/54327

Cobbler Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/53666

PostgreSQL 'SECURITY DEFINER' and 'SET' Attributes Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53812

libcrypt 'crypt()' Password Encryption Weakness
http://www.securityfocus.com/bid/53729

Tiki Wiki CMS Groupware 'unserialize()' Multiple PHP Code Execution Vulnerabilities
http://www.securityfocus.com/bid/54298

Basilic 'diff.php' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/54234

Linux Kernel NFS Client 'decode_getacl()' Incomplete Fix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53615

BookNux Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/54357

Synel SY-780/A CVE-2012-2970 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54356

Netsweeper Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/54355

Flogr 'tag' Parameter Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54354

Dnsmasq Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54353

PHPList 'footer' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54352

Umbraco CMS 'codeEditorSave.asmx' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/54351

WordPress Leaflet Maps Marker Plugin Multiple Unspecified Input Validation Vulnerabilities
http://www.securityfocus.com/bid/54350

IBM WebSphere Portal Dojo Module Directory Traversal Vulnerability
http://www.securityfocus.com/bid/54349

MGB Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/54348

WordPress Artiss Code Embed Plugin Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54347

WebsitePanel 'ReturnUrl' Parameter URI Redirection Vulnerability
http://www.securityfocus.com/bid/54346

VLC Media Player 'OGG' File Remote Heap-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54345

Check Point Abra Security Bypass and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/54360

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)