2012年10月19日金曜日
19日 金曜日、先勝
+ CESA-2012:1385 Important CentOS 5 java-1.6.0-openjdk Update
http://lwn.net/Alerts/520373/
+ CESA-2012:1384 Critical CentOS 6 java-1.6.0-openjdk Updat
http://lwn.net/Alerts/520374/
+ CESA-2012:1386 Important CentOS 6 java-1.7.0-openjdk Update
http://lwn.net/Alerts/520375/
+ Ubuntu 12.10 released
http://www.ubuntu.com/download/help/install-desktop-latest
+ UPDATE: Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-dhcpv6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4623
+ UPDATE: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4655
+ HPSBUX02824 SSRT100970 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03533078%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681
+ PHP 5.4.8 and PHP 5.3.18 released
http://www.php.net/archive/2012.php#id2012-10-18-1
http://www.php.net/ChangeLog-5.php
OpenOffice Graduates from the Apache Incubator
https://blogs.apache.org/OOo/entry/openoffice_graduates_from_the_apache
Multiple Vulnerabilities in Campaign Enterprise <= 11.0.538
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00102.html
CA20121018-01: Security Notice for CA ARCserve Backup
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00101.html
Internet Explorer 9 XSS Filter Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00100.html
ジャストシステム、「JUSTインターネットセキュリティ」をWindows 8対応
http://itpro.nikkeibp.co.jp/article/NEWS/20121019/430981/?ST=security
JVNVU#603276 OTRS にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU603276/
「第8回IPA情報セキュリティ標語・ポスター・4コマ漫画コンクール」の入選候補作品決定とご意見募集
http://www.ipa.go.jp/about/pubcomme/201210/index.html
脆弱性対策情報データベースJVN iPediaの登録状況
[2012年第3四半期(7月~9月)]
http://www.ipa.go.jp/security/vuln/report/JVNiPedia2012q3.html
Cyber Security Awareness Month - Day 18 - Vendor Standards: The vSphere Hardening Guide
http://isc.sans.edu/diary.html?storyid=14341
Novell ZENworks Asset Management Discloses Arbitrary Files to Remote Users
http://www.securitytracker.com/id/1027682
Unirgy uStoreLocator Magento Extension SQL Injection
http://cxsecurity.com/issue/WLB-2012100154
ModSecurity 2.6.8 multipart/invalid part ruleset bypass
http://cxsecurity.com/issue/WLB-2012100153
jCore 1.0pre Cross Site Scripting & SQL Injection
http://cxsecurity.com/issue/WLB-2012100152
ATutor AContent 1.2 XSS & Authentication & SQL Injection
http://cxsecurity.com/issue/WLB-2012100151
Subrion CMS 2.2.1 XSS / CSRF / SQL Injection
http://cxsecurity.com/issue/WLB-2012100150
Pmsme SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012100149
SanaNet Remote Sql Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012100148
Legrand-003598 / Bticino-F454 SCS Web Gateway Credentials leaks
http://cxsecurity.com/issue/WLB-2012100147
Wordpress Social Discussions Plugin Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012100146
Oracle WebCenter Sites Multiple vulnerabilities
http://cxsecurity.com/issue/WLB-2012100145
Subrion CMS Cross-Site Scripting and SQL Injection vulnerabilities
http://secunia.com/advisories/51013/
AContent Security Bypass and SQL Injection Vulnerabilities
http://secunia.com/advisories/51014/
AContent Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/51034/
FFmpeg Multiple Vulnerabilities
http://secunia.com/advisories/50963/
Steam TGA Image Processing Integer Overflow Vulnerability
http://secunia.com/advisories/50979/
OTRS Email Body Script Insertion Vulnerability
http://secunia.com/advisories/51031/
IBM OS/400 Java Multiple Vulnerabilities
http://secunia.com/advisories/51038/
Debian update for libexif
http://secunia.com/advisories/51039/
Drupal OpenID Module DOCTYPE Handling File Disclosure Vulnerability
http://secunia.com/advisories/50955/
BTicino / Legrand Home Gateway Credentials Disclosure Security Issue
http://secunia.com/advisories/51020/
Novell ZENworks Asset Management Hardcoded Credentials Two Security Issues
http://secunia.com/advisories/50967/
radsecproxy Client Certificate Verification Security Issue
http://secunia.com/advisories/50925/
ModSecurity Multipart Message Parsing Security Bypass Vulnerability
http://secunia.com/advisories/49853/
Ubuntu update for python2.4
http://secunia.com/advisories/51040/
Ubuntu update for python2.5
http://secunia.com/advisories/51024/
Red Hat update for java-1.7.0-openjdk
http://secunia.com/advisories/51029/
Red Hat update for java-1.6.0-openjdk
http://secunia.com/advisories/51028/
LOCAL: Oracle Database Authentication Protocol Security Bypass
http://www.exploit-db.com/exploits/22069
QEMU KVM CVE-2012-0029 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51642
QEMU CVE-2012-2652 Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/53725
QEMU KVM 'virtio_queue_notify()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/48499
QEMU PIIX4 Hotplug Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/47927
QEMU KVM Virtio Component 'virtqueue' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/48574
rdesktop Disk Redirection Directory Traversal Vulnerability
http://www.securityfocus.com/bid/47419
W3M NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/40837
MoinMoin 'TextCha' Protection Security Bypass Vulnerability
http://www.securityfocus.com/bid/39327
MoinMoin 'Despam' Action HTML Injection Vulnerability
http://www.securityfocus.com/bid/39110
MoinMoin 'refuri' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/46476
MoinMoin Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/38023
MoinMoin 'PageEditor.py' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/40549
Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702
Linux Kernel dl2k Network Driver IOCTL Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53965
Linux Kernel 'mmap()' Failure Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53668
Linux Kernel SFC Driver CVE-2012-3412 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54763
ModSecurity POST Parameters Security Bypass Vulnerability
http://www.securityfocus.com/bid/56096
FreeRADIUS Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55483
Gitolite CVE-2012-4506 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55853
OpenStack Swift 'loads()' Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55420
hostapd CVE-2012-4445 Message Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55826
Oracle Java SE CVE-2012-5068 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56076
Oracle Java SE CVE-2012-5077 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56058
Oracle Java Virtual Machine (JVM) CVE-2012-4416 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55501
Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56081
Oracle Java SE CVE-2012-5079 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56082
Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56071
Oracle Java SE CVE-2012-3216 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56075
Oracle Java SE CVE-2012-5073 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56080
Oracle Java SE CVE-2012-5086 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56039
Oracle Java SE CVE-2012-5069 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56065
Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56059
Oracle Java SE CVE-2012-5084 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56063
Oracle Java SE CVE-2012-5072 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56083
Mozilla Firefox/SeaMonkey/Thunderbird NSS Parsing Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/53798
Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011
Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017
Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014
Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018
Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53946
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012
Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53952
Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016
Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53950
Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53951
Oracle Java SE CVE-2012-5087 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56043
Oracle Java SE CVE-2012-5088 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56057
Oracle Java SE CVE-2012-5076 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56054
Oracle Java SE CVE-2012-5070 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56079
Oracle Java SE CVE-2012-5074 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56056
Oracle Database Authentication Protocol CVE-2012-3137 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55651
Ruby CVE-2012-4522 Local File Creation Vulnerability
http://www.securityfocus.com/bid/56115
Mcrypt Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56114
Real Networks RealPlayer Write Access Violation Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/56113
Steam 'vgui2_s.dll' Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56111
Amateur Photographer's Image Gallery Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56110
BSW Gallery 'uploadpic.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/56109
radsecproxy Client Certificate Verification Security Bypass Vulnerability
http://www.securityfocus.com/bid/56105
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿