:: IT Security Neophyte Investigator's MEMO ::: 3日水曜日、先勝

2012年10月3日水曜日

3日水曜日、先勝

+ RHSA-2012:1326 Moderate: freeradius security update
http://rhn.redhat.com/errata/RHSA-2012-1326.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547

+ nginx 1.3.7 development version released
http://nginx.org/en/download.html

+ Wireshark 1.8.3 released
http://www.wireshark.org/docs/relnotes/wireshark-1.8.3.html

+ RHSA-2012:1327 Moderate: freeradius2 security update
http://rhn.redhat.com/errata/RHSA-2012-1327.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547

+ Linux kernel 3.5.5, 3.4.12, 3.0.44 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.5
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.12
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44

+ Samba 4.0.0rc2 Available for Download
https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt

[更新]ウイルスバスターコーポレートエディション 10.6 Service Pack 1 build 2239 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1839

Shh/Updater-B: Identifying and fixing affected non-Sophos applications
http://www.sophos.com/en-us/support/knowledgebase/118348.aspx

Using ProcessLogs.vbs to generate a report of applications affected across multiple endpoints
http://www.sophos.com/en-us/support/knowledgebase/118346.aspx

Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx

チェックしておきたい脆弱性情報＜2012.10.03＞
http://itpro.nikkeibp.co.jp/article/COLUMN/20121001/426546/?ST=security

データ漏洩の実態～フォレンジック調査で見た真実
［第6回］金銭目的の犯罪組織は中小企業をターゲットに
http://itpro.nikkeibp.co.jp/article/COLUMN/20120930/426342/?ST=security

[security bulletin] HPSBUX02814 SSRT100930 rev.1 - HP-UX Running OpenSSL, Remote Denial of S
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00003.html

[security bulletin] HPSBST02818 SSRT100960 rev.1 - HP IBRIX X9000 Storage, Remote Disclosure of
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00002.html

XSS Vulnerabilities in phpFreeChat
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00014.html

[ MDVSA-2012:155-1 ] xinetd
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00006.html

[ MDVSA-2012:156 ] inn
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00005.html

[ MDVSA-2012:152-1 ] bind
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00004.html

phptax 0.8 <= Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00013.html

Reminder: ClubHack2012 Call for Papers Closing Soon
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00012.html

Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00011.html

CA20121001-01: Security Notice for CA License
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00010.html

[ MDVSA-2012:154-1 ] apache
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00001.html

Better WP Security v3.4.3 Wordpress - Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00009.html

Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00008.html

GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00007.html

CVE-2012-3819: Stack Overflow in DartWebserver.dll <= 1.9
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00000.html

PCI Security Standard: Mobile Payment Acceptance Security Guidelines
http://isc.sans.edu/diary.html?storyid=14206

HP IBRIX X9000 Storage Discloses Information to Remote Users
http://www.securitytracker.com/id/1027590

CA License Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027588

LOCAL: soapbox <= 0.3.1 Local Root Exploit
http://www.exploit-db.com/exploits/21666

CA Multiple Products Licensing Component Two Vulnerabilities
http://secunia.com/advisories/50791/

Ubuntu update for eglibc and glibc
http://secunia.com/advisories/50831/

Frei-Chat "upload.php" Arbitrary File Upload Vulnerability
http://secunia.com/advisories/50809/

WordPress CSS Plus Plugin Unspecified Vulnerabilities
http://secunia.com/advisories/50793/

Ubuntu update for software-properties
http://secunia.com/advisories/50819/

HP IBRIX X9000 Network Storage Unspecified Information Disclosure Vulnerability
http://secunia.com/advisories/50837/

Citrix NetScaler SDX Multiple Vulnerabilities
http://secunia.com/advisories/50814/

Mambo 4.6.4 Remote File Inclusion
http://cxsecurity.com/issue/WLB-2012100023

Xoops 2.3.2 Remote Code Execution
http://cxsecurity.com/issue/WLB-2012100022

Zabbix 1.6.2 Remote Code Execution
http://cxsecurity.com/issue/WLB-2012100021

IBM Lotus Notes Traveler 8.5.3 XSS & CSRF & Brute Force
http://cxsecurity.com/issue/WLB-2012100020

Switchvox Asterisk 5.1.2 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100019

OPlayer 2.0.05 iOS Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100018

GTA UTM Firewall GB 6.0.3 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100017

DM FileManager Remote File Inclusion
http://cxsecurity.com/issue/WLB-2012100016

Soapbox 0.3.1 Local Root
http://cxsecurity.com/issue/WLB-2012100015

Google Chrome Prior to 13.0.782.215 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49279

Xen 'GNTTABOP_swap_grant_ref' CVE-2012-3516 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55411

Xen CVE-2012-3515 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55413

Citrix XenServer CVE-2012-4606 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55432

Xen 'XENMEM_populate_physmap' CVE-2012-3496 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55412

Xen 'physdev_get_free_pirq' CVE-2012-3495 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55406

Xen 'PHYSDEVOP_map_pirq' Index CVE-2012-3498 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55414

Xen 'set_debugreg' CVE-2012-3494 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55400

Xen HVM Guest User Mode MMIO Emulation Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54691

Xen CVE-2012-3433 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54942

GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982

GNU glibc Formatted Printing Functionality Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54374

DM FileManager 'album.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/43805

OPlayer Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55743

Global Technology Associates GB-OS Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55742

Switchvox Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55739

:: IT Security Neophyte Investigator's MEMO ::

2012年10月3日水曜日

3日水曜日、先勝

0 件のコメント:

コメントを投稿

2012年10月3日水曜日

3日 水曜日、先勝

0 件のコメント:

コメントを投稿

3日水曜日、先勝