+ RHSA-2012:1361 Critical: xulrunner security update
http://rhn.redhat.com/errata/RHSA-2012-1361.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
+ RHSA-2012:1363 Important: bind security update
http://rhn.redhat.com/errata/RHSA-2012-1363.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
+ RHSA-2012:1362 Critical: thunderbird security update
http://rhn.redhat.com/errata/RHSA-2012-1362.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
+ CESA-2012:1359 Moderate CentOS 6 libvirt Update
http://lwn.net/Alerts/519607/
+ PMASA-2012-7: Fetching the version information from a non-SSL site is vulnerable to a MITM attack.
http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5368
+ RHSA-2012:1364 Important: bind97 security update
http://rhn.redhat.com/errata/RHSA-2012-1364.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
+ Linux kernel 3.6.2, 3.5.7, 3.4.14, 3.0.46 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.2
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.7
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.14
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.46
定期サーバメンテナンスのお知らせ(2012年10月19日)
http://www.trendmicro.co.jp/support/news.asp?id=1848
Shh/Updater-B: Identifying and fixing affected non-Sophos applications
http://www.sophos.com/en-us/support/knowledgebase/118348.aspx
Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
犯罪予告の「遠隔操作ウイルス」、プログラムに日本語
掲示板経由で攻撃者の命令を受信、セキュリティ企業が解析を進める
http://itpro.nikkeibp.co.jp/article/NEWS/20121015/429681/?ST=security
JVNDB-2012-004886 Eduserv におけるメッセージを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004886.html
JVNDB-2012-004885 Java Open Single Sign-On Project Home におけるメッセージを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004885.html
JVNDB-2012-004884 Apache Axis2 におけるメッセージを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004884.html
JVNDB-2012-004883 複数の製品で使用される dracut における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004883.html
JVNDB-2012-004882 Apache Axis2 におけるメッセージを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004882.html
JVNDB-2012-004877 WordPress 用 Pay With Tweet プラグインにおける SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004877.html
JVNDB-2012-004876 WordPress 用 Pay With Tweet プラグインにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004876.html
JVNDB-2012-004875 MangosWeb Enhanced における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004875.html
JVNDB-2012-004874 TinyWebGallery における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004874.html
JVNDB-2012-004873 WordPress 用 WP Live.php モジュールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004873.html
JVNDB-2012-004872 IPtools の Remote command server におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004872.html
JVNDB-2012-004871 IPtools の WebServer におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004871.html
JVNDB-2012-004870 Limny の admin/login.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004870.html
JVNDB-2012-004869 SenseSites CommonSense CMS における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004869.html
JVNDB-2012-004868 Otterware StatIt におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004868.html
JVNDB-2012-004867 MySQL における権限チェックを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004867.html
JVNDB-2012-004866 ISC BIND におけるサービス運用妨害 (named デーモンハング) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004866.html
JVNDB-2012-004865 tinyproxy におけるサービス運用妨害 (CPU およびメモリ消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004865.html
JVNDB-2012-004864 OpenStack Keystone におけるテナントのリソースにアクセスされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004864.html
JVNDB-2012-004863 OpenStack Keystone における任意のユーザのロールを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004863.html
JVNDB-2012-004862 Limny の admin/preview.php におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004862.html
JVNDB-2012-004861 GraphicsClone Script におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004861.html
JVNDB-2012-004860 FreeBSD におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004860.html
Cyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1
http://isc.sans.edu/diary.html?storyid=14302
Cyber Security Awareness Month - Day 12 PCI DSS
http://isc.sans.edu/diary.html?storyid=14278
Mozilla Firefox Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027653
Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027652
Mozilla Seamonkey Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027651
libvirt Flaw in virNetServerProgramDispatchCall() Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027649
Omnistar Document Manager Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50847/
vBSEO "u" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50842/
WordPress eShop Magic Plugin "file" Arbitrary File Disclosure Vulnerability
http://secunia.com/advisories/50933/
ServersCheck Monitoring Software Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/50908/
ServersCheck Monitoring Software Two Script Insertion Vulnerabilities
http://secunia.com/advisories/50959/
Ubuntu update for kernel
http://secunia.com/advisories/50952/
Ubuntu update for kernel
http://secunia.com/advisories/50961/
Ubuntu update for firefox
http://secunia.com/advisories/50929/
EMC NetWorker Module for Microsoft Applications Two Vulnerabilities
http://secunia.com/advisories/50957/
BigPond Wireless Broadband Gateway 3G21WB Undocumented Account and Command Injection
http://secunia.com/advisories/50951/
Mozilla Firefox / Thunderbird "defaultValue" Check Bypass Vulnerability
http://secunia.com/advisories/50964/
Ubuntu update for quagga
http://secunia.com/advisories/50941/
Red Hat update for libvirt
http://secunia.com/advisories/50958/
Opera 12.10b Cross Site Scripting 0day PoC *youtube
http://cxsecurity.com/issue/WLB-2012100119
rtscom CMS Local File Include Vulnerability
http://cxsecurity.com/issue/WLB-2012100123
traildumont CMS Local File Include Vulnerability
http://cxsecurity.com/issue/WLB-2012100122
moto-plus CMS Local File Include Vulnerability
http://cxsecurity.com/issue/WLB-2012100121
maxparts CMS Local File Include Vulnerability
http://cxsecurity.com/issue/WLB-2012100120
Metasploit pcap_log Local Privilege Escalation
http://cxsecurity.com/issue/WLB-2012100118
BigPond 3G21WB Hardcoded Credentials / Command Injection
http://cxsecurity.com/issue/WLB-2012100117
Atarim SQL Injection
http://cxsecurity.com/issue/WLB-2012100116
libproxy 0.4.9 PAC downloading buffer overflow
http://cxsecurity.com/issue/WLB-2012100115
Zenphoto 1.4.3.2 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100026
CADDO pl <= SQL Injection
http://cxsecurity.com/issue/WLB-2012100114
Project Pier Arbitrary File Upload
http://cxsecurity.com/issue/WLB-2012100113
Pre Printing Press SQL Injection
http://cxsecurity.com/issue/WLB-2012030152
REMOTE: Metasploit < v4.4 pcap_log Plugin Privilege Escalation Exploit
http://www.exploit-db.com/exploits/21927
Microsoft Windows Kernel 'Win32k.sys' Integer Overflow Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55793
ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522
ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55852
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-88/89 Multiple Vulnerabilities
http://www.securityfocus.com/bid/55889
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-74 through -87 Multiple Vulnerabilities
http://www.securityfocus.com/bid/55856
GraphicsMagick 'png_IM_malloc()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/54716
cgit 'Author' Field Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55724
Bacula Console ACL Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/55505
Ubuntu Software Properties PPA GPG Keys Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/55736
MetaSploit Framework 'pcap_log' Plugin Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54472
BackWPup Plugin for WordPress Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/46610
IBM Lotus Notes Traveler Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/55740
Linux Kernel Netlink Message Handling Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55152
Linux Kernel KVM 'kvm_set_irq()' Function Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54063
ProjectPier 'upload.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/55758
cups-pk-helper 'cupsGetFile()' and 'cupsPutFile()' Local Security Vulnerabilities
http://www.securityfocus.com/bid/55911
libproxy CVE-2012-4505 Heap-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55910
libproxy CVE-2012-4504 Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55909
BigPond Wireless Broadband Gateway Command Injection and Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/55907
WordPress eShop Magic Plugin 'File' Parameter Arbitrary File Disclosure Vulnerability
http://www.securityfocus.com/bid/55906
Monkey HTTP Daemon '/var/run/monkey.pid' Symlink Attack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55905
librdmacm 'ib_acm' Service Port Connection Security Vulnerability
http://www.securityfocus.com/bid/55896
0 件のコメント:
コメントを投稿