:: IT Security Neophyte Investigator's MEMO ::: 14日火曜日、友引

2012年8月14日火曜日

14日火曜日、友引

+ Google Chrome 21.0.1180.77 released
http://googlechromereleases.blogspot.jp/2012/08/stable-channel-update_13.html

+ HPSBHF02804 SSRT100631 rev.1 - HP Integrity Server rx2800 i2, BL860c i2, BL870c i2, BL890c i2, Potential Denial of Service (DoS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03450553%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3247

+ HPSBMU02803 SSRT100926 rev.1 - HP Service Manager and HP Service Center Web Tier, Remote Cross Site Scripting (XSS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03450382%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3251

+ HPSBMU02800 SSRT100921 rev.1 - HP Service Manager and HP Service Center Server, Remote Denial of Service (DoS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03447828%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3250

+ HPSBMU02802 SSRT100923 rev.1 - HP Fortify Software Security Center, Remote Disclosure of Privileged Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03447895%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3249

+ HPSBMU02801 SSRT100879 rev.1 - HP Fortify Software Security Center, Remote Unauthenticated Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03447824%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3248

+ HPSBUX02805 SSRT100919 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03441075%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1726

+ Security Bulletin: Sametime Client Vulnerability
http://www-01.ibm.com/support/docview.wss?uid=swg21607903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3308

+ Struts 2.3.4.1 General Availability Release
http://struts.apache.org/2.x/docs/version-notes-2341.html

+ Perl 5.16.1 released
http://www.perl.org/get.html

+ Samba 3.5.17 Available for Download
http://samba.org/samba/history/samba-3.5.17.html

+ Sudo 1.8.5p3 released
http://www.sudo.ws/sudo/stable.html#1.8.5p3

+ Glibc stdlib Buffer Overflows May Let Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027374

+ LOCAL: OS X Local Root Exploit for Viscosity OpenVPN Client
http://www.exploit-db.com/exploits/20485

+ GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982

Detection by Sophos of Mal/Behav-104 / Trojan.MulDrop3.62656
http://www.sophos.com/en-us/support/knowledgebase/118078.aspx

シマンテック、法人向けで初めてのAndroid用マルウエア対策ソフトを出荷
http://itpro.nikkeibp.co.jp/article/NEWS/20120807/414702/?ST=security

[security bulletin] HPSBHF02804 SSRT100631 rev.1 - HP Integrity Server rx2800 i2, BL860c i2, BL8
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00075.html

[SECURITY] [DSA 2527-1] php5 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00074.html

[ MDVSA-2012:131 ] libotr
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00073.html

Last reminder for Passwords^12 : Call for Presentations
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00072.html

[SECURITY] [DSA 2526-1] libotr security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00070.html

[ MDVSA-2012:130 ] openldap
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00070.html

[ MDVSA-2012:129-1 ] busybox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00069.html

[ MDVSA-2012:129 ] busybox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00068.html

Interesting scan for medical certification information...
http://isc.sans.edu/diary.html?storyid=13891

Apache QPID NullAuthenticator Authentication Bypass Vulnerability
http://www.securiteam.com/securitynews/5KP380U81Q.html

Glibc stdlib Buffer Overflows May Let Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027374

IBM WebSphere MQ File Transfer Edition Bug Permits Cross-Site Requeset Forgery Attacks
http://www.securitytracker.com/id/1027373

IBM WebSphere MQ File Transfer Edition Bug Lets Remote Authenticated Users Access Other File Transfers
http://www.securitytracker.com/id/1027372

Cisco IOS SSL VPN Portal Page Bug Lets Remote Authenticated Users Deny Service
http://www.securitytracker.com/id/1027371

Cisco Emergency Responder UDP Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027370

Ubuntu update for kernel
http://secunia.com/advisories/50242/

Cisco Emergency Responder UDP Processing Denial of Service Vulnerability
http://secunia.com/advisories/50266/

IBM WebSphere MQ Cross-Site Request Forgery and Security Bypass Vulnerabilities
http://secunia.com/advisories/50225/

ProQuiz Multiple Vulnerabilities
http://secunia.com/advisories/50215/

GNU Emacs "enable-local-variables" Variable Processing Vulnerability
http://secunia.com/advisories/50157/

Cisco IOS SSL VPN Portal Reloading Denial of Service Vulnerability
http://secunia.com/advisories/50264/

WordPress Mz-jajak Plugin "id" SQL Injection Vulnerability
http://secunia.com/advisories/50217/

Flynax General Classifieds Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50211/

Siemens COMOS Unspecified Security Bypass Security Issue
http://secunia.com/advisories/50249/

Ubuntu update for kernel
http://secunia.com/advisories/50250/

Ubuntu update for kernel
http://secunia.com/advisories/50187/

SUSE update for icedtea-web
http://secunia.com/advisories/50258/

Ubuntu update for kernel
http://secunia.com/advisories/50262/

Ubuntu update for kernel
http://secunia.com/advisories/50224/

McAfee FireWall Enterprise ISC BIND Vulnerabilities
http://secunia.com/advisories/50261/

Total Shop UK eCommerce Generic Cross-Site Scripting
http://cxsecurity.com/issue/WLB-2012080111

TCExam Edit SQL Injection
http://cxsecurity.com/issue/WLB-2012080110

TCExam Edit Cross-Site Scripting
http://cxsecurity.com/issue/WLB-2012080109

IBM WebSphere MQ Web Gateway CSRF Vulnerability
http://cxsecurity.com/issue/WLB-2012080108

IBM WebSphere MQ Web Gateway Insufficient Access Control
http://cxsecurity.com/issue/WLB-2012080107

Pure-FTPd Crash PoC (Null Pointer Dereference)
http://cxsecurity.com/issue/WLB-2012080106

NeoInvoice Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012080105

7sepehr CMS 2012 Multiple SQL Injection Vulnerabilities
http://cxsecurity.com/issue/WLB-2012080104

GNU Emacs file-local variables Vulnerability
http://cxsecurity.com/issue/WLB-2012080103

Viscosity OpenVPN Client OS X Local Root Exploit
http://cxsecurity.com/issue/WLB-2012080102

DoS/PoC: Pure-FTPd v1.0.21 (centos 6.2, ubuntu 8.04) Crash PoC (Null Pointer Dereference)
http://www.exploit-db.com/exploits/20479

DoS/PoC: Spytech NetVizor v6.1 (services.exe) DoS
http://www.exploit-db.com/exploits/20464

Django Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54742

LibreOffice and OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54769

Bugzilla Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/54708

Debian 'libotr2' Package Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54907

Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
http://www.securityfocus.com/bid/53911

PHP '_php_stream_scandir()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54638

PHP PDO Memory Access Violation Denial of Service Vulnerability
http://www.securityfocus.com/bid/54777

JBoss 'mod_cluster' CVE-2012-1154 Security Bypass Vulnerability
http://www.securityfocus.com/bid/54086

Puppet Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54399

Cisco Emergency Responder UDP Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/54827

JBoss Enterprise Application Platform Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/54915

TCExam Prior 11.3.008 Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/54861

Cisco IOS CVE-2012-1344 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54835

ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54658

ISC BIND CVE-2012-1033 Security Bypass Vulnerability
http://www.securityfocus.com/bid/51898

rssh CVE-2012-3478 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53430

Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54283

Linux Kernel CVE-2012-2373 Race Condition Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53614

MacVTap Device Driver Local Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53165

Linux Kernel KVM 'kvm_set_irq()' Function Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54063

Linux Kernel Reliable Datagram Sockets (RDS) CVE-2012-2372 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54062

Linux kernel NCI Multiple Remote Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54966

Linux Kernel UDF Filesystem Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54279

IcedTea-Web Multiple Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/54762

Linux Kernel NFS Client 'decode_getacl()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50655

Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166

Linux Kernel HFS Plus Filesystem Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53401

Linux Kernel NFS Client 'decode_getacl()' Incomplete Fix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53615

Linux Kernel dl2k Network Driver IOCTL Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53965

Linux Kernel 'sock_alloc_send_pskb()' Function Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53721

Linux Kernel 'mmap()' Failure Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53668

OpenLDAP LDAP Search Request Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/52404

Fetchmail NTLM Authentication Debug Mode Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54987

Total Shop UK eCommerce CodeIgniter Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54985

HP Integrity Servers Multiple Models Unspecified Denial of Service Vulnerability
http://www.securityfocus.com/bid/54984

GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982

Spytech NetVizor Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54981

Pure-FTPd NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/54979

Siemens COMOS Unspecified Security Bypass Vulnerability
http://www.securityfocus.com/bid/54978

PHPList Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54975

GNU Emacs 'enable-local-variables' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54969

:: IT Security Neophyte Investigator's MEMO ::

2012年8月14日火曜日

14日火曜日、友引

0 件のコメント:

コメントを投稿

2012年8月14日火曜日

14日 火曜日、友引

0 件のコメント:

コメントを投稿

14日火曜日、友引