:: IT Security Neophyte Investigator's MEMO ::: 25日水曜日、赤口

2012年7月25日水曜日

25日水曜日、赤口

+ Wireshark 1.8.1 released
http://www.wireshark.org/docs/relnotes/wireshark-1.8.1.html

+ BIND 9.9.1-P2, 9.8.3-P2, 9.7.6-P2, 9.6-ESV-R7-P2 released
https://kb.isc.org/article/AA-00718
https://kb.isc.org/article/AA-00719
https://kb.isc.org/article/AA-00720
https://kb.isc.org/article/AA-00721

+ DHCP 4.2.4-P1, 4.1-ESV-R6 released
https://kb.isc.org/article/AA-00736
https://kb.isc.org/article/AA-00735

+ Heavy DNSSEC Validation Load Can Cause a "Bad Cache" Assertion Failure in BIND9
https://www.isc.org/software/aftr/advisories/cve-2012-3817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

+ An Error in the Handling of Malformed Client Identifiers can Cause a Denial-of-Service Condition in Affected Servers
https://www.isc.org/software/dhcp/advisories/cve-2012-3571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3571

+ An Error in the Handling of an Unexpected Client Identifiers can Cause Server Crash When Serving DHCPv6
https://www.isc.org/software/dhcp/advisories/cve-2012-3570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3570

+ High TCP Query Load Can Trigger a Memory Leak in BIND 9
https://www.isc.org/software/bind/advisories/cve-2012-3868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868

+ Memory Leaks Found in ISC DHCP
https://www.isc.org/software/dhcp/advisories/cve-2012-3954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954

+ Microsoft Security Advisory (2737111) Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution
http://technet.microsoft.com/en-us/security/advisory/2737111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3110

+ Advisory: Upgrade to Sophos Anti-Virus for Mac, version 8
http://www.sophos.com/en-us/support/knowledgebase/116709.aspx

+ Advisory: Sophos Endpoint v 9.5 and 9.7: automatic upgrade to v 10, reboot required
http://www.sophos.com/en-us/support/knowledgebase/117480.aspx

+ Wireshark PPP and NFS Dissector Denial of Service Vulnerabilities
http://secunia.com/advisories/49971/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049

+ ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868

+ ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

プレス発表
情報セキュリティ対策支援サイト「iSupport」の公開
～中小企業の対策水準引き上げ支援サイト公開とセキュリティプレゼンターの登録開始～
http://www.ipa.go.jp/about/press/20120724.html

ソフォスが「スパム送信国ワースト12」最新版を発表、1位はインドで半数がアジア発
http://itpro.nikkeibp.co.jp/article/NEWS/20120724/411141/?ST=security

JVNVU#309979 Resin に複数の脆弱性
http://jvn.jp/cert/JVNVU309979/index.html

JVN#88643450 Sleipnir Mobile for Android における WebView クラスに関する脆弱性
http://jvn.jp/jp/JVN88643450/index.html

JVNDB-2012-001735 OpenSSL の CMS および PKCS #7 の実装におけるデータを復号化される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001735.html

JVNDB-2012-002643 MIT Kerberos の kadmind のcheck_1_6_dummy 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002643.html

JVNDB-2012-002094 Apache HTTP Server の envvars における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002094.html

JVNDB-2012-001323 PHP の php_variables.c 内の php_register_variable_ex 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001323.html

JVNDB-2012-003276 AccountsService の /usr/libexec/accounts-daemon における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003276.html

JVNDB-2012-003275 libtiff の tiff2pdf における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003275.html

JVNDB-2012-003274 libtiff の tif_dirread.c における整数符号エラーの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003274.html

JVNDB-2012-003273 libpng の pngerror.c におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003273.html

JVNDB-2012-003272 Linux-PAM の modules/pam_env/pam_env.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003272.html

JVNDB-2012-003271 Linux-PAM の modules/pam_env/pam_env.c におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003271.html

JVNDB-2012-003270 OpenStack Compute (Nova) における任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003270.html

JVNDB-2012-003269 OpenStack Compute (Nova) Folsom および Essex におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003269.html

JVNDB-2012-003268 ViewVC の SVN のリビジョン表示における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003268.html

JVNDB-2012-003267 ViewVC のリモート SVN ビュー機能におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003267.html

JVNDB-2012-003265 ModSecurity におけるフィルタリングルールを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003265.html

JVNDB-2012-003264 ModSecurity におけるフィルタリングルールを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003264.html

JVNDB-2012-003263 Moodle の moodle/calendar:manageownentries 機能の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003263.html

JVNDB-2012-003262 Moodle の mod/data/preset.php における任意のデータベースアクティビティのプリセットが上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003262.html

JVNDB-2012-003261 Moodle におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003261.html

JVNDB-2012-003260 Moodle の lib/filelib.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003260.html

JVNDB-2012-003259 Moodle のカレンダーの実装における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003259.html

JVNDB-2012-003258 Moodle のブログの実装におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003258.html

JVNDB-2012-003257 Moodle の Web サービスの実装におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003257.html

JVNDB-2012-003256 Moodle の Wiki サブシステムにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003256.html

JVNDB-2012-003255 Moodle の admin/roles/override.php における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003255.html

JVNDB-2012-003254 Moodle におけるアクティビティの読み取り専用の状態を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003254.html

JVNDB-2012-003253 Moodle の auth/cas/cas_form.html 内のマルチ認証機能における資格情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003253.html

JVNDB-2012-003252 Moodle の question-bank 機能における機能制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003252.html

JVNDB-2012-003251 Moodle における question:use* 機能の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003251.html

JVNDB-2012-003250 Moodle における moodle/site:readallmessages 機能の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003250.html

JVNDB-2012-003249 Moodle における非表示フィールドから重要なユーザ情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003249.html

JVNDB-2012-003248 Winamp の bmp.w5s におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003248.html

JVNDB-2012-003247 WordPress における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003247.html

JVNDB-2012-003246 WordPress のカスタマイザにおけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003246.html

JVNDB-2012-003245 WordPress におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003245.html

JVNDB-2012-000071 (JVN#88643450) Sleipnir Mobile for Android における WebView クラスに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000071.html

Android DNS poisoning: Randomness gone bad (CVE-2012-2808)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00137.html

[ MDVSA-2012:110 ] mozilla
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00136.html

[ MDVSA-2012:109 ] libxslt
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00134.html

Report of spike in DNS Queries gd21.net
http://isc.sans.edu/diary.html?storyid=13774

Joomla! OS Property Component Arbitrary File Upload Vulnerability
http://www.securiteam.com/securitynews/5YP3G157PI.html

Wireshark PPP and NFS Dissector Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1027293

Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache
http://www.securitytracker.com/id/1027291

VU#108471 Symantec Web Gateway contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/108471

Android <= 4.0.4 DNS poisoning (youtube tutorial)
http://cxsecurity.com/issue/WLB-2012070171

MyWebFTP 5.3.3 & OurWebFTP 5.3.4 Remote PHP Code Execution Vulnerability
http://cxsecurity.com/issue/WLB-2012070170

Yourplace 1.0.3 Credentials Dislcosure and Session Poisoning Vulnerabilities
http://cxsecurity.com/issue/WLB-2012070169

SpiceWorks 5.3.75941 Stored XSS and SQL Injection
http://cxsecurity.com/issue/WLB-2012070168

AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012070167

Simple Web Server Connection Header Buffer Overflow
http://cxsecurity.com/issue/WLB-2012070166

MyMP3 Player .m3u Stack Buffer Overflow
http://cxsecurity.com/issue/WLB-2012070165

Atmail Webmail Control Panel SQL root Password Disclosure
http://cxsecurity.com/issue/WLB-2012070164

Symantec Web Gateway 5.0.3.18 Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012070163

Symantec Web Gateway 5.0.2 Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012070162

Nessus On Android 1.0.1 credential disclosure
http://cxsecurity.com/issue/WLB-2012070161

EGallery PHP File Upload Vulnerability
http://cxsecurity.com/issue/WLB-2012070160

WordPress Flexi Quote Rotator Plugin Cross-Site Request Forgery and SQL Injection Vulnerabilities
http://secunia.com/advisories/49910/

SUSE update for pidgin
http://secunia.com/advisories/50023/

Spiceworks snmpd.conf Script Insertion Vulnerabilities
http://secunia.com/advisories/49978/

SolarWinds Network Performance Monitor Script Insertion and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/50004/

Invensys Wonderware Products Insecure Library Loading Vulnerability
http://secunia.com/advisories/50028/

Siemens SIMATIC STEP 7 / PCS 7 Insecure Library Loading Vulnerability
http://secunia.com/advisories/50039/

SUSE update for libexif
http://secunia.com/advisories/50026/

SUSE update for libexif
http://secunia.com/advisories/50043/

Ubuntu update for libexif
http://secunia.com/advisories/50029/

Wireshark PPP and NFS Dissector Denial of Service Vulnerabilities
http://secunia.com/advisories/49971/

REMOTE: Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit
http://www.exploit-db.com/exploits/20064

Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53951

Oracle Java SE CVE-2012-1711 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53949

Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53952

Oracle Java SE CVE-2012-1716 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53947

Oracle Java SE CVE-2012-1724 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53958

Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53950

Oracle Java SE CVE-2012-1725 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53954

Multiple Siemens SIMATIC Products DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/54651

Siemens SIMATIC WinCC Default Password Security Bypass Vulnerability
http://www.securityfocus.com/bid/41753

Linux Kernel IPv6 'nf_ct_frag6_reasm()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54367

Symantec Web Gateway Password Change Security Bypass Vulnerability
http://www.securityfocus.com/bid/54430

Symantec Web Gateway CVE-2012-2957 Local File Manipulation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/54429

Symantec Web Gateway CVE-2012-2976 Code Injection Vulnerability
http://www.securityfocus.com/bid/54427

Symantec Web Gateway CVE-2012-2574 SQL Injection Vulnerability
http://www.securityfocus.com/bid/54424

Symantec Web Gateway CVE-2012-2961 SQL Injection Vulnerability
http://www.securityfocus.com/bid/54425

Symantec Web Gateway CVE-2012-2953 Remote Shell Command Execution Vulnerability
http://www.securityfocus.com/bid/54426

libpng Out of Bound Read Denial of Service Vulnerability
http://www.securityfocus.com/bid/54652

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1957 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54583

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1955 Location Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/54586

Mozilla Firefox, SeaMonkey, and Thunderbird Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/54578

Mozilla Firefox/Thunderbird/Seamonkey MFSA 2012-42 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/54580

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1960 Out of Bounds Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54572

Mozilla Firefox CVE-2012-1965 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54579

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1967 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54573

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1961 Clickjacking Vulnerability
http://www.securityfocus.com/bid/54584

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1964 Clickjacking Vulnerability
http://www.securityfocus.com/bid/54581

Mozilla Firefox, SeaMonkey, and Thunderbird Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54582

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1962 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54575

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1959 Security Bypass Vulnerability
http://www.securityfocus.com/bid/54576

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1958 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54574

Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/54585

Mozilla Firefox CVE-2012-1966 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54577

AlienVault Open Source SIEM (OSSIM) SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53331

phpProfiles Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54660

ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54659

ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54658

Open Handset Alliance Android Remote DNS Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/54657

WordPress Flexi Quote Rotator Plugin SQL Injection and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/54656

WordPress Front End Upload Plugin Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/54655

:: IT Security Neophyte Investigator's MEMO ::

2012年7月25日水曜日

25日水曜日、赤口

0 件のコメント:

コメントを投稿

2012年7月25日水曜日

25日 水曜日、赤口

0 件のコメント:

コメントを投稿

25日水曜日、赤口