+ CESA-2012:1139 Important CentOS 6 bind-dyndb-ldap Update
http://lwn.net/Alerts/509616/
+ CESA-2012:1140 Moderate CentOS 5 dhcp Update
http://lwn.net/Alerts/509617/
+ CESA-2012:1141 Moderate CentOS 6 dhcp Update
http://lwn.net/Alerts/509618/
+ phpMyAdmin 3.5.2.1 is released
http://sourceforge.net/news/?group_id=23067&id=308863
+ Linux kernel 3.2.26 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.26
+ MySQL 5.5.27 released
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-27.html
+ FreeBSD SCTP NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54797
[1]自分を守る!パスワードの4大鉄則
http://itpro.nikkeibp.co.jp/article/COLUMN/20120802/413685/?ST=security
スターネット、マトリックス型のワンタイムパスワード認証をSaaS型で提供
http://itpro.nikkeibp.co.jp/article/NEWS/20120803/414108/?ST=security
JVNVU#520430 BreakingPoint System Storm CTM に脆弱性
http://jvn.jp/cert/JVNVU520430/index.html
JVNDB-2011-005054 X.Org xserver の os/utils.c における任意のファイルのアクセス権を 444 に変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005054.html
JVNDB-2011-005053 X.Org xserver の os/utils.c における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005053.html
JVNDB-2012-003235 PostgreSQL におけるサービス運用妨害 (サーバクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003235.html
JVNDB-2012-003022 FreeBSD の crypt_des 関数におけるアクセス権を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003022.html
29C3: Call for Participation for 29th Chaos Communication Congress
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00018.html
[SECURITY] [DSA 2520-1] openoffice.org security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00016.html
Drupal Security Questions Module Security Bypass Vulnerability
http://www.securiteam.com/securitynews/5OP2X0U80U.html
Phishing for Payroll with unpatched Java
http://isc.sans.edu/diary.html?storyid=13840
ISC Feature of the Week: Handler Select News Feed
http://isc.sans.edu/diary.html?storyid=13834
Vendors: More Patch-Release Options Please
http://isc.sans.edu/diary.html?storyid=13837
Novell Remote Manager Off-by-one Error in 'httpstkd' Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027343
bind-dyndb-ldap DN Escaping Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027341
WordPress XVE Various Embed Plugin JW Player Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50173/
meetOneToGo Plaintext Account Credentials Information Disclosure Security Issue
http://secunia.com/advisories/50070/
Zenoss Multiple Vulnerabilities
http://secunia.com/advisories/50139/
BlackBerry Tablet OS Flash Player Multiple Vulnerabilities
http://secunia.com/advisories/50164/
ntop "arbfile" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50147/
Red Hat update for dhcp
http://secunia.com/advisories/50158/
Red Hat update for dhcp
http://secunia.com/advisories/50175/
Red Hat update for bind-dyndb-ldap
http://secunia.com/advisories/50159/
ACD Systems Canvas Outside In Library Multiple Vulnerabilities
http://secunia.com/advisories/50122/
EnCase Forensic Outside In Library Multiple Vulnerabilities
http://secunia.com/advisories/50078/
AccessData FTK Outside In Library Multiple Vulnerabilities
http://secunia.com/advisories/50126/
Debian update for openoffice.org
http://secunia.com/advisories/50135/
Portspoof service signature obfuscator (more pain for port scanners)
http://cxsecurity.com/issue/WLB-2012080045
WP Lead Management v3.0.0 Persistent XSS
http://cxsecurity.com/issue/WLB-2012080044
Tickets CAD 2.20G Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012080043
Joomla com_agileplmform file upload vulnerability
http://cxsecurity.com/issue/WLB-2012080042
Power Bulletin Board < 2.1.4 Authentication Bypass
http://cxsecurity.com/issue/WLB-2012080041
Islamnt <= Remote Blind SQL Injection Exploit
http://cxsecurity.com/issue/WLB-2012080040
Mozilla Firefox nsHTMLSelectElement Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080039
Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080038
Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080037
Microsoft Windows TrueType Font Parsing Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080036
Microsoft .NET Framework Undersized Glyph Buffer Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080035
IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080034
IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080033
GE Proficy Historian ihDataArchiver.exe Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080032
Elefant CMS 1.2.0 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012080031
Am4ss 1.2 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012080030
Am4ss 1.2 PHP Code Injection
http://cxsecurity.com/issue/WLB-2012080029
FreeBSD kernel SCTP remote NULL pointer dereference
http://cxsecurity.com/issue/WLB-2012080028
Apache Libcloud 0.11.1 Possible Man In The Middle (MITM)
http://cxsecurity.com/issue/WLB-2012080027
Liferay JSON Server API Authentication
http://cxsecurity.com/issue/WLB-2012080026
Ntop 4.0.3 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012080025
Cisco Linksys PlayerPT ActiveX Control SetSource sURL Buffer Overflow
http://cxsecurity.com/issue/WLB-2012080024
Zenoss 3 showDaemonXMLConfig Command Execution
http://cxsecurity.com/issue/WLB-2012080023
Dell SonicWALL Scrutinizer 9 SQL Injection
http://cxsecurity.com/issue/WLB-2012080022
VLC 2.0.2 Division By Zero
http://cxsecurity.com/issue/WLB-2012080021
Psexec Via Current User Token
http://cxsecurity.com/issue/WLB-2012080020
CoolPlayer Portable 2.19.2 Buffer Overflow ASLR bypass
http://www.exploit-db.com/exploits/20262
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1961 Clickjacking Vulnerability
2012-08-04
http://www.securityfocus.com/bid/54584
Apple Mac OS X CVE-2012-0661 Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53466
IBM Lotus Quickr 'qp2.cab' ActiveX Control Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53678
Microsoft .NET Framework Serialization CVE-2012-0162 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53358
IBM Lotus iNotes Upload Module ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53879
Apple Mac OS X CVE-2011-3458 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51809
GE Proficy Historian Data Archiver Service Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52437
Microsoft Windows TrueType Font Engine CVE-2012-0159 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53335
Mozilla Firefox/Thunderbird/SeaMonkey 'nsHTMLSelectElement' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54080
Adobe Flash Player CVE-2012-0779 Object Type Confusion Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53395
Adobe Flash Player CVE-2012-0768 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52297
Adobe Flash Player CVE-2012-0755 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/52035
Adobe Flash Player CVE-2012-0767 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52040
Adobe Flash Player CVE-2012-0754 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52034
Adobe Flash Player CVE-2012-0753 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52033
Debian 'openvswitch-pki' Package Multiple Insecure File Permissions Vulnerabilities
http://www.securityfocus.com/bid/54789
Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/52748
Adobe Flash Player CVE-2012-0769 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52299
Adobe Flash Player CVE-2012-0756 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/52036
Adobe Flash Player CVE-2012-0752 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52032
SolarWinds Orion Network Performance Monitor (NPM) Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54624
ISC DHCP Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/54665
JW Player Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/48214
JW Player 'player.swf' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54739
LongTail JW Player 'debug' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53554
LongTail JW Player CVE-2012-3351 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54101
Apache POI CVE-2012-0213 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53487
PHP CVE-2012-1172 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/53403
PHP CVE-2012-0789 Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52043
PHP CVE-2012-0057 Security Bypass Vulnerability
http://www.securityfocus.com/bid/51806
PHP 'php-cgi' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53388
PHP 'zend_strndup()' Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/51417
Oracle Outside In Technology CVE-2012-1767 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54511
Oracle Outside In Technology CVE-2012-1771 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54543
Oracle Outside In Technology CVE-2012-1768 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54536
Oracle Outside In Technology CVE-2012-1770 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54541
eCryptfs CVE-2012-3409 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54634
Oracle Outside In Technology CVE-2012-1766 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54531
Oracle Outside In Technology CVE-2012-1773 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54548
Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/54331
Oracle Outside In Technology CVE-2012-3110 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54506
Oracle Outside In Technology CVE-2012-3109 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54554
Oracle Outside In Technology CVE-2012-3108 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54550
Oracle Outside In Technology CVE-2012-3107 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54504
Oracle Outside In Technology CVE-2012-3106 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54546
Oracle Outside In Technology CVE-2012-1772 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54497
Oracle Outside In Technology CVE-2012-1769 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54500
Bind DynDB LDAP CVE-2012-3429 Package Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54787
Dell SonicWALL Scrutinizer 'q' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/54625
Debian 'logol' Package Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/54802
Debian 'extplorer' Package Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/54801
am4ss 'pages.php' PHP Code Injection Vulnerability
http://www.securityfocus.com/bid/54800
Am4ss Multiple HTML Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54799
Apache Libcloud Man In The Middle Vulnerability
http://www.securityfocus.com/bid/54798
FreeBSD SCTP NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54797
Liferay Portal JSON Service API Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/54796
meetOneToGo Plaintext Credentials Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54795
ntop 'arbfile' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54792
0 件のコメント:
コメントを投稿