:: IT Security Neophyte Investigator's MEMO ::: 13日木曜日、先負

2012年9月13日木曜日

13日木曜日、先負

+ RHSA-2012:1259 Moderate: quagga security update
http://rhn.redhat.com/errata/RHSA-2012-1259.htmlCVE-2011-3323CVE-2011-3324CVE-2011-3325CVE-2011-3326CVE-2011-3327CVE-2012-0249CVE-2012-0250CVE-2012-0255CVE-2012-1820

+ About the security content of iTunes 10.7
http://support.apple.com/kb/HT5485CVE-2011-3016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3958
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3966
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3968
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0683
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3589
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3592
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3593
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3596
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3602
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3604
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3607
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3609
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3610
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3611
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3614
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3616
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3617
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3618
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3620
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3622
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3623
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3628
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3629
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3630
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3631
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3633
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3634
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3635
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3636
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3637
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3648
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3649
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3657
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3671
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3675
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3681
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3683
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3699
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3700
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3701
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3706
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3708
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3712

+ Google Chrome for Andriod 18.0.1025308 released
http://googlechromereleases.blogspot.jp/2012/09/chrome-for-android-update.html

+ nginx 1.3.6 development version released
http://nginx.org/en/download.html

+ CESA-2012:1255 Moderate CentOS 6 libexif Update
http://lwn.net/Alerts/515815/

+ CESA-2012:1255 Moderate CentOS 5 libexif Update
http://lwn.net/Alerts/515816/

+ CESA-2012:1256 Moderate CentOS 6 ghostscript Update
http://lwn.net/Alerts/515817/

+ CESA-2012:1256 Moderate CentOS 5 ghostscript Update
http://lwn.net/Alerts/515818/

+ BIND 9.9.1-P3, 9.8.3-P3. 9.7.6-P3, 9.6-ESV-R7-P3
https://kb.isc.org/article/AA-00788
https://kb.isc.org/article/AA-00789
https://kb.isc.org/article/AA-00790
https://kb.isc.org/article/AA-00791

+ DHCP 4.2.4-P2, 4.1-ESV-R7
https://kb.isc.org/article/AA-00792
https://kb.isc.org/article/AA-00793

+ Reducing the Expiration Time for an IPv6 Lease May Cause the Server to Crash
https://www.isc.org/software/dhcp/advisories/cve-2012-3955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955

+ A Specially Crafted Resource Record Could Cause named to Terminate
https://www.isc.org/software/bind/advisories/cve-2012-4244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244

+ Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx

+ Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp

+ patch 2.7 released
http://ftp.gnu.org/gnu/patch/?C=M;O=D

+ Check Point response to "Check Point GO Vulnerabilities report"
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk79500&src=securityAlerts

+ PSN-2012-09-715 2012-09: Security, Access, and Acceleration: Security Advisories Released
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-09-715&viewMode=view

+ PSN-2012-09-712 2012-09 Security Bulletin: Junos Pulse Secure Access (SSL VPN): Multiple OpenSSL vulnerabilities
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-09-712&viewMode=view
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110

+ RHSA-2012:1258 Moderate: quagga security update
http://rhn.redhat.com/errata/RHSA-2012-1258.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3323
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3326
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3327
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0250

+ Zimbra Collaboration Suite Open Source Edition 7.2.1 GA Released
http://files2.zimbra.com/website/docs/7.2/Zimbra_OS_Release_Notes_7.2.1.pdf

+ Linux kernel 3.2.29 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.29

+ Sudo 1.8.6p1, 1.7.10p1 released
http://www.sudo.ws/sudo/stable.html#1.8.6p1
http://www.sudo.ws/sudo/stable.html#1.7.10p1

+ ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244

「Trend Micro InterScan WebManager 8.0」サポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1838

Vulnerability in Citrix Receiver with Online Plug-in for Windows could result in arbitrary code execution
http://support.citrix.com/article/CTX134681

Sophos SafeGuard Disk Encryption for Mac - Compatibility with OS X 10.8 (Mountain Lion)
http://www.sophos.com/en-us/support/knowledgebase/118132.aspx

[ MDVSA-2012:151 ] ghostscript
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00050.html

US-CERT Alert TA12-255A - Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2012-09/msg00001.html

[SECURITY] [DSA 2546-1] freeradius security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00049.html

Nitro攻撃とJavaゼロデイ脆弱性の関連性
http://itpro.nikkeibp.co.jp/article/COLUMN/20120911/421982/?ST=security

ビッグデータ時代のセキュリティ対策
http://itpro.nikkeibp.co.jp/article/Watcher/20120912/422287/?ST=security

虚偽の情報確認を要求する詐欺メール、みずほ銀行が注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20120912/422366/?ST=security

チェックしておきたい脆弱性情報＜2012.09.12＞
http://itpro.nikkeibp.co.jp/article/COLUMN/20120911/421981/?ST=security

JVNTA12-255A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-255A/

JVN#03015214 KUNAI Browser for Remote Service β における WebView クラスに関する脆弱性
http://jvn.jp/jp/JVN03015214/index.html

TCP Fuzzing with Scapy
http://isc.sans.edu/diary.html?storyid=14080

Citrix XenApp Plug-in for Windows Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027522

Citrix Receiver Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027521

Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027520

Cisco ASA-CX Context-Aware Security Appliance Logging Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027519

IBM Java 7 Multiple Vulnerabilities
http://secunia.com/advisories/50607/

Citrix XenApp Online Plug-in / Receiver Code Execution Vulnerability
http://secunia.com/advisories/50536/

Akcms Logfiles Information Disclosure Security Issue
http://secunia.com/advisories/50558/

TCExam Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/50539/

Atlassian Confluence Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50606/

Debian update for freeradius
http://secunia.com/advisories/50584/

Red Hat update for libexif
http://secunia.com/advisories/50587/

IceWarp Mail Server Information Disclosure Security Issue
http://secunia.com/advisories/50441/

McAfee Firewall Enterprise Quagga Vulnerabilities
http://secunia.com/advisories/50593/

Smarty "SmartyException" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50589/

Bacula Console ACL Bypass Security Issue
http://secunia.com/advisories/50535/

SUSE update for compat-openssl097g
http://secunia.com/advisories/50594/

Python trytond Module Button Model Security Bypass Vulnerability
http://secunia.com/advisories/50529/

RSA BSAFE Micro Edition Suite SSL/TLS Initialization Vector Selection Weakness
http://secunia.com/advisories/50605/

RSA BSAFE SSL-C Multiple Vulnerabilities
http://secunia.com/advisories/50601/

Webify business directory Delete Arbitrary File Vulnerability
http://cxsecurity.com/issue/WLB-2012090127

Webify photo gallery Delete Arbitrary File Vulnerability
http://cxsecurity.com/issue/WLB-2012090126

Webify eDownloads Delete Arbitrary File Vulnerability
http://cxsecurity.com/issue/WLB-2012090125

Ezylog Photovoltaic Management SQL Injection and Command Injection
http://cxsecurity.com/issue/WLB-2012090124

RSA BSAFE SSL-C 2.8.6 BEAST Buffer Overflow Fixes
http://cxsecurity.com/issue/WLB-2012090123

RSA BSAFE Micro Edition Suite Security Update for BEAST Attacks
http://cxsecurity.com/issue/WLB-2012090122

MachForm Remote Shell Upload
http://cxsecurity.com/issue/WLB-2012090121

Quagga Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/52531

Quagga Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/49784

PHP 'header()' HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/55297

Siemens SIMATIC WinCC Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55492

Quagga BGP Daemon Null Pointer Deference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46942

Quagga bgpd 'bgp_capability_orf()' BGP OPEN Message Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53775

Oracle Java Runtime Environment CVE-2012-3136 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55337

Oracle Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55213

Oracle Java Runtime Environment CVE-2012-1682 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55336

Oracle Java SE CVE-2012-0547 Remote Java Runtime Environment Weakness
http://www.securityfocus.com/bid/55339

Oracle Java SE CVE-2012-1726 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53948

ICCLIB CVE-2012-4405 Out-of-Bounds Memory Write Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55494

Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53952

Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53951

Oracle Java SE CVE-2012-1722 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53953

Oracle Java SE CVE-2012-1725 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53954

Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53950

Oracle Java SE CVE-2012-1716 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53947

Oracle Java SE CVE-2012-1721 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53959

Oracle GlassFish Server Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53136

RocketTheme RokModule Joomla! Component 'module' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/55477

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158

Multiple Products CVE-2012-3500 Temporary File Handling Security Vulnerability
http://www.securityfocus.com/bid/55358

PNP4Nagios 'process_perfdata.cfg' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54863

RocketTheme RokModule Joomla! Component 'moduleid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39378

Dnsmasq Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54353

libexif Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/54437

OpenStack Keystone Token Validation CVE-2012-4413 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55524

Google Chrome for Android Prior to 18.0.1025308 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55523

ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522

Knowledge Base Enterprise Edition 'category' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/55520

Tor Denial of Service and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55519

Citrix Receiver and Online Plug-in Unspecified Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55518

Cisco ASA CX Context-Aware Security and Prime Security Manager Denial of Service Vulnerability
http://www.securityfocus.com/bid/55515

Cisco Unified Presence and Jabber XCP CVE-2012-3935 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55514

TCExam Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/55513

Webify Photo Gallery Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/55512

Webify Business Directory Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/55511

Webify eDownloads Cart Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/55510

Atlassian Confluence Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55509

Apache Axis2 XML Signature Wrapping Security Vulnerability
http://www.securityfocus.com/bid/55508

IceWarp Mail Server 'raw.php' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55507

Smarty 'SmartyException' Class Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55506

Bacula Console ACL Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/55505

:: IT Security Neophyte Investigator's MEMO ::

2012年9月13日木曜日

13日木曜日、先負

0 件のコメント:

コメントを投稿

2012年9月13日木曜日

13日 木曜日、先負

0 件のコメント:

コメントを投稿

13日木曜日、先負