2012年8月7日火曜日
7日 火曜日、先勝
+ squid 3.2.0.19 released
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html
+ FreeBSD-SA-12:05.bind
http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817
+ Samba 3.6.7 Available for Download
http://samba.org/samba/history/samba-3.6.7.html
+ PostgreSQL 9.2 Beta 3 Now Available
http://www.postgresql.org/about/news/1405/
+ Cisco IOS CVE-2012-1361 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1361
+ Cisco Emergency Responder UDP Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/54827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1346
+ Cisco AnyConnect Secure Mobility Client Certificate Validation Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/54826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2500
ウイルスバスター for Mac 最新版公開およびサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1820
Advisory: Release of PureMessage for Microsoft Exchange, v 3.1.2
http://www.sophos.com/en-us/support/knowledgebase/117962.aspx
[2]作成編:例えば歌詞や座右の銘を“マスターキー”としてアレンジ
http://itpro.nikkeibp.co.jp/article/COLUMN/20120802/413686/?ST=security
NRIセキュア、DBファイアウォール「SecureSphere」の導入・運用サービスを提供
http://itpro.nikkeibp.co.jp/article/NEWS/20120806/414461/?ST=security
JVNVU#174119 Solarwinds Network Performance Monitor に脆弱性
http://jvn.jp/cert/JVNVU174119/index.html
JVNDB-2012-001840 NetMechanica NetDecision の Traffic Grapher Server におけるソースコードを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001840.html
[SECURITY] [DSA 2522-1] fckeditor security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00032.html
[security bulletin] HPSBMU02798 SSRT100908 rev.1 - HP Network Node Manager i (NNMi) for HP-U
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00030.html
[ MDVSA-2012:125 ] wireshark
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00037.html
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00034.html
iAuto Mobile Application 2012 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00035.html
Inout Mobile Webmail APP - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00036.html
Joomla com_photo - SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00038.html
Joomla com_package - SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00031.html
BeneficialBank Business v4.13.1 - Auth Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00039.html
Dir2web3 Mutiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00044.html
[SECURITY] [DSA 2521-1] libxml2 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00028.html
[ MDVSA-2012:124 ] openoffice.org
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00029.html
[SECURITY] [DSA 2519-2] isc-dhcp regression
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00033.html
[ MDVSA-2012:123 ] libreoffice
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00027.html
[CVE-2012-3873] Openconstructor CMS 3.12.0 id parameter multiple SQL injection vulnerabiliti
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00043.html
[CVE-2012-3871] Openconstructor CMS 3.12.0 data/hybrid/i_hybrid.php, header parameter Stored
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00042.html
[CVE-2012-3872] Openconstructor CMS 3.12.0 Multiple Reflected Cross-site Scrpting vulner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00041.html
[CVE-2012-3870] Openconstructor CMS 3.12.0 createobject.php, name and description parameters
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00040.html
ZDI-12-135 : Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00026.html
ZDI-12-134 : IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00025.html
ZDI-12-133 : GE Proficy Historian ihDataArchiver.exe Multiple Opcode Parsing Remote Code Exe
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00024.html
ZDI-12-132 : IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerab
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00023.html
ZDI-12-131 : Microsoft .NET Framework Undersized Glyph Buffer Remote Code Execution Vulnerab
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00022.html
ZDI-12-130 : Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnera
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00021.html
ZDI-12-129 : Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability (Re
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00020.html
ZDI-12-128 : Mozilla Firefox nsHTMLSelectElement Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00019.html
Phishing for Payroll with unpatched Java
http://isc.sans.edu/diary.html?storyid=13840
VU#960468 HP Arcsight Logger and Connector appliances cross-site scripting vulnerability
http://www.kb.cert.org/vuls/id/960468
HP Network Node Manager i Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027345
Android HTC Mail insecure password management
http://cxsecurity.com/issue/WLB-2012080051
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
http://cxsecurity.com/issue/WLB-2012080050
AOL Products downloadUpdater2 Plugin Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080049
CoolPlayer+ Portable 2.19.2 Buffer Overflow ASLR Bypass 2
http://cxsecurity.com/issue/WLB-2012080048
CoolPlayer+ Portable 2.19.2 Buffer Overflow ASLR bypass 1
http://cxsecurity.com/issue/WLB-2012080047
PolarisCMS Remote URI Based Cross-Site Scripting Vulnerability
http://cxsecurity.com/issue/WLB-2012080046
WordPress WP Lead Management Plugin Script Insertion Vulnerabilities
http://secunia.com/advisories/50166/
Islam Forum Script "style_default" SQL Injection Vulnerability
http://secunia.com/advisories/50169/
SUSE update for tiff
http://secunia.com/advisories/50104/
gnome-screensaver Lock Screen Bypass Weakness
http://secunia.com/advisories/50129/
IBM WebSphere Application Server Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50180/
DataWatch Monarch BI Server Multiple Vulnerabilities
http://secunia.com/advisories/50083/
HP Network Node Manager Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50197/
HP Network Node Manager Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50195/
Debian update for fckeditor
http://secunia.com/advisories/50136/
Palo Alto Networks PAN-OS "inputStr" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50174/
WordPress Featured Post with thumbnail Plugin Unspecified timthumb Vulnerability
http://secunia.com/advisories/50161/
Debian update for libxml2
http://secunia.com/advisories/50131/
Apache Libcloud Hostname Verification Security Issue
http://secunia.com/advisories/50148/
REMOTE: Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
http://www.exploit-db.com/exploits/20297
LOCAL: CoolPlayer+ Portable 2.19.2 Buffer Overflow ASLR Bypass (Large Shellcode)
http://www.exploit-db.com/exploits/20296
CoolPlayer Portable 2.19.2 Buffer Overflow ASLR bypass
http://www.exploit-db.com/exploits/20262
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution
http://www.exploit-db.com/exploits/20295
Expat XML Parsing Multiple Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/52379
OpenTTD 'Water Clearing' Feature Denial Of Service Vulnerability
http://www.securityfocus.com/bid/54720
OpenTTD 'pause on join' Feature Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51331
Globus Toolkit GridFTP 'getpwnam_r()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/53778
MIT Kerberos 5 Uninitialized Pointer Dereference Remote Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/54750
Oracle Supply Chain Products Suite CVE-2012-0549 Remote Oracle AutoVue Office Vulnerability
http://www.securityfocus.com/bid/53077
Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702
Xen HVM Guest User Mode MMIO Emulation Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54691
PHP '_php_stream_scandir()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54638
NVIDIA UNIX Driver VGA Window Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54772
GLPI Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/54416
Wireshark Versions Prior to 1.8.1 Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/54649
Apache Libcloud Man In The Middle Vulnerability
http://www.securityfocus.com/bid/54798
FCKEditor 'spellchecker.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54188
ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54658
ISC DHCP Regular Expressions Denial of Service Vulnerability
http://www.securityfocus.com/bid/50971
IBM Lotus iNotes Upload Module ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53879
Cisco IOS CVE-2012-1361 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54828
Cisco Emergency Responder UDP Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/54827
Cisco AnyConnect Secure Mobility Client Certificate Validation Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/54826
Multiple Cisco Nexus Devices CVE-2012-1357 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54825
HP Arcsight Multiple Products HTML Injection Vulnerability
http://www.securityfocus.com/bid/54824
AuditLogKeeper 'auditlog-keeper.conf' Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/54821
IBM WebSphere Application Server Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54819
AOL downloadUpdater2 Plugin 'SRC' Parameter Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54818
HP Network Node Manager i CVE-2012-2022 Unspecified Cross Site Scripting vulnerability
http://www.securityfocus.com/bid/54815
Joomla! 'com_photo' module Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/54814
Joomla com_package Module 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/54813
Worksforweb iAuto Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54812
BeneficialBank Business Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/54811
GNOME ScreenSaver Lock Bypass Vulnerability
http://www.securityfocus.com/bid/54810
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿