2012年8月1日水曜日

1日 水曜日、先勝












+ RHSA-2012:1123 Important: bind security update
http://rhn.redhat.com/errata/RHSA-2012-1123.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

+ RHSA-2012:1132 Important: icedtea-web security update
http://rhn.redhat.com/errata/RHSA-2012-1132.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423

+ RHSA-2012:1131 Important: krb5 security update
http://rhn.redhat.com/errata/RHSA-2012-1131.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015

+ Google Chrome 21.0.1180.60 released
http://googlechromereleases.blogspot.jp/2012/07/stable-channel-release.html

+ PHP 5.4.5 and PHP 5.3.15 x64 (64 bit) for Windows
http://www.anindya.com/php-5-4-5-and-php-5-3-15-x64-64-bit-for-windows/

+ CESA-2012:1123 Important CentOS 6 bind Update
http://lwn.net/Alerts/508934/

+ CESA-2012:1123 Important CentOS 5 bind Update
http://lwn.net/Alerts/508935/

+ CESA-2012:1122 Important CentOS 5 bind97 Update
http://lwn.net/Alerts/508936/

+ UPDATE: Multiple Vulnerabilities in Cisco TelePresence Recording Server
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs

+ RHSA-2012:1130 Moderate: xen security update
http://rhn.redhat.com/errata/RHSA-2012-1130.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625

+ RHSA-2012:1122 Important: bind97 security update
http://rhn.redhat.com/errata/RHSA-2012-1122.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

+ OpenLDAP 2.4.32 released
http://www.openldap.org/software/download/

+ ProFTPD 1.3.4b released
http://www.proftpd.org/docs/RELEASE_NOTES-1.3.4b

+ iptables 1.4.15 released
http://www.iptables.org/projects/iptables/downloads.html#iptables-1.4.15

MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012&#
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00171.html

主要クラウドの調査結果(前編)
http://itpro.nikkeibp.co.jp/article/COLUMN/20120625/405111/?ST=security

ソリトン、資産管理/ソフト配布から集中管理できる標的型対策ソフト
http://itpro.nikkeibp.co.jp/article/NEWS/20120731/413042/?ST=security

フォーティネット、50万円でGbE×22の中小規模向けUTM
http://itpro.nikkeibp.co.jp/article/NEWS/20120731/412941/?ST=security

SQL injection, lilupophilupop-style
http://isc.sans.edu/diary.html?storyid=13813

Hitachi JP1 Multiple Products Unspecified Privilege Escalation Vulnerability
http://www.securiteam.com/securitynews/5GP3R007SE.html

MIT Kerberos Key Distribution Center Heap Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027326

Ipswitch WhatsUp Gold Input Validation Flaw in 'WrVMwareHostList.asp' Lets Remote Users Inject SQL Commands
http://www.securitytracker.com/id/1027325

Django Bugs Permit Cross-Site Scripting and Denial of Service Attacks
http://www.securitytracker.com/id/1027324

Firefox 14.0.1 Memory Corruption PoC
http://cxsecurity.com/issue/WLB-2012070216

Spark IM Client Local Password Decryption
http://cxsecurity.com/issue/WLB-2012070215

Dr. Web Control Center 6.00.3.201111300 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012070214

LedgerSMB 1.3 Denial Of Service
http://cxsecurity.com/issue/WLB-2012070213

Limny v 3.3.1 Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012070212

Microsoft Office SharePoint Server 2007 Remote Code Execution
http://cxsecurity.com/issue/WLB-2012070211

Develoweb SQL Injection
http://cxsecurity.com/issue/WLB-2012070210

JW Player / SVFP / Poodll / RokBox Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012070209

ocPortal CMS 7.1.5 Open Redirect
http://cxsecurity.com/issue/WLB-2012070208

phpBB3 SQL Error
http://cxsecurity.com/issue/WLB-2012070207

ICONICS GENESIS32 / BizViz Privilege Escalation Vulnerability
http://secunia.com/advisories/50116/

Scrutinizer NetFlow and sFlow Analyzer Database User Accounts Default Password Weakness
http://secunia.com/advisories/50074/

Django Cross-Site Scripting and Two Denial of Service Vulnerabilities
http://secunia.com/advisories/50021/

Ushahidi Multiple Vulnerabilities
http://secunia.com/advisories/50022/

IBM Rational Directory Server GSKit Certificate Object Spoofing Security Issue
http://secunia.com/advisories/50069/

WordPress Backend Localization Plugin Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50099/

LedgerSMB System Settings Security Bypass Vulnerability
http://secunia.com/advisories/50114/

Moodle PoodLL Plugins JW Player Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50063/

SocialEngine "tags" Two Script Insertion Vulnerabilities
http://secunia.com/advisories/50095/

Joomla! Simple Video Flash Player Module Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50016/

Sysax Multi Server Folder Creation Buffer Overflow Vulnerability
http://secunia.com/advisories/50079/

Ipswitch WhatsUp Gold "sGroupList" SQL Injection Vulnerability
http://secunia.com/advisories/50002/

Debian update for bind9
http://secunia.com/advisories/50073/

Red Hat update for bind
http://secunia.com/advisories/50053/

Red Hat update for bind97
http://secunia.com/advisories/50057/

Siemens SIMATIC S7-400 Products ICMP Processing Denial of Service Vulnerability
http://secunia.com/advisories/50115/

SUSE update for xulrunner
http://secunia.com/advisories/50113/

REMOTE: Microsoft Office SharePoint Server 2007 Remote Code Execution
http://www.exploit-db.com/exploits/20122

MIT Kerberos 5 'check_1_6_dummy()' Function NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53784

Xen PyGrub Kernel Decompression Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53650

JRuby Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51233

Oracle OpenSSO CVE-2011-3517 Remote Vulnerability
http://www.securityfocus.com/bid/50208

Oracle OpenSSO CVE-2012-0079 Remote Security Vulnerability
http://www.securityfocus.com/bid/51492

RESTEasy JaxB XML Entity References Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51766

RESTEasy XML Entity References Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51748

JBoss Enterprise Application Platform CVE-2011-4605 Security Bypass Vulnerability
http://www.securityfocus.com/bid/54644

Oracle Sun Products Suite CVE-2011-3506 Remote Oracle OpenSSO Vulnerability
http://www.securityfocus.com/bid/50252

JBoss Enterprise BRMS Platform JGroups Diagnostics Service Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54183

Raptor XML External Entity Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52681

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1961 Clickjacking Vulnerability
http://www.securityfocus.com/bid/54584

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1955 Location Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/54586

Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/54585

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1957 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54583

Mozilla Firefox, SeaMonkey, and Thunderbird Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54582

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1958 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54574

Mozilla Firefox CVE-2012-1966 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54577

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1962 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54575

Mozilla Firefox, SeaMonkey, and Thunderbird Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/54578

Mozilla Firefox/Thunderbird/Seamonkey MFSA 2012-42 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/54580

Mozilla Firefox CVE-2012-1965 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54579

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1959 Security Bypass Vulnerability
http://www.securityfocus.com/bid/54576

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1960 Out of Bounds Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54572

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1967 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54573

Joomla RSGallery2 Component Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/54752

MIT Kerberos 5 'Kadmin protocol' Remote Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/54751

MIT Kerberos 5 Uninitialized Pointer Dereference Remote Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/54750

Google Chrome Prior to 21 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54749

libvirt Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/54748

Backend Localization Plugin For WordPress Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54746

Ushahidi Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54744

Dr. Web Enterprise Security Suite 'username' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54735

DataWatch Monarch Business Intelligence Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/54733

0 件のコメント:

コメントを投稿