2012年10月4日木曜日
4日 木曜日、友引
+ CESA-2012:1327 Moderate CentOS 5 freeradius2 Update
http://lwn.net/Alerts/518431/
+ CESA-2012:1326 Moderate CentOS 6 freeradius Update
http://lwn.net/Alerts/518433/
+ CESA-2012:1323 Important CentOS 5 kernel Update
http://lwn.net/Alerts/518435/
+ UPDATE: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-sip
+ Linux Kernel 'taskstats' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55144
ウイルスバスターコーポレートエディション 10.6 Service Pack 1 適用済版 公開停止のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1845
Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
Advisory: Upgrade to Sophos Anti-Virus for Mac, version 8
http://www.sophos.com/en-us/support/knowledgebase/116709.aspx
Shh/Updater-B: Identifying and fixing affected non-Sophos applications
http://www.sophos.com/en-us/support/knowledgebase/118348.aspx
[security bulletin] HPSBMU02817 SSRT100950 rev.1 - HP Network Node Manager i (NNMi) for HP-U
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00020.html
Multiple vulnerabilities in Template CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00018.html
[ MDVSA-2012:158 ] gc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00017.html
[ MDVSA-2012:157 ] openjpeg
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00016.html
Omnistar Mailer v7.2 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00019.html
[ MDVSA-2012:153-1 ] dhcp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00015.html
政府がサイバー攻撃対策に250億円
専門捜査官を任命、大規模演習も実施
http://itpro.nikkeibp.co.jp/article/COLUMN/20120924/424663/?ST=security
日立らが爆発物探知装置つき自動改札機を試作、カード付着微粒子を採取
http://itpro.nikkeibp.co.jp/article/NEWS/20121003/427242/?ST=security
ウェブルート、クラウド型の軽量ウイルス対策ソフトに企業向け版を追加
http://itpro.nikkeibp.co.jp/article/NEWS/20121002/426924/?ST=security
Standard Sudo - Part One
http://isc.sans.edu/diary.html?storyid=14218
Fake Support Calls Reported
http://isc.sans.edu/diary.html?storyid=14215
Wireshark HSRP/PPP/LDP Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1027604
Novell Sentinel Log Manager Bug Lets Remote Users Modify Retention Policy
http://www.securitytracker.com/id/1027603
Linux Kernel Use-After-Free in xacct_add_tsk() Lets Local Users Deny Service
http://www.securitytracker.com/id/1027602
CYME ChartFX Client Server ActiveX Control Array Indexing Vulnerability
http://secunia.com/advisories/48430/
TurboFTP Server PORT Command Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/50595/
Red Hat update for kernel
http://secunia.com/advisories/50811/
PowerTCP WebServer for ActiveX Request Processing Denial of Service Vulnerability
http://secunia.com/advisories/50839/
ProjectPier "upload.php" File Upload Vulnerability
http://secunia.com/advisories/50826/
Ubuntu update for xdiagnose
http://secunia.com/advisories/50854/
Ubuntu update for devscripts
http://secunia.com/advisories/50851/
Ubuntu update for python
http://secunia.com/advisories/50850/
Ubuntu update for qemu
http://secunia.com/advisories/50860/
Red Hat update for freeradius2
http://secunia.com/advisories/50813/
libxslt Multiple Vulnerabilities
http://secunia.com/advisories/50864/
Wireshark Multiple Vulnerabilities
http://secunia.com/advisories/50843/
Oracle Solaris Perl CGI.pm "header()" HTTP Header Injection Vulnerability
http://secunia.com/advisories/50845/
Novell Sentinel Log Manager <= 1.2.0.2 retention policy vulnerability
http://cxsecurity.com/issue/WLB-2012100035
Namo WebEditor v5.0 Remote File Uploader
http://cxsecurity.com/issue/WLB-2012100034
XnView JLS File Decompression Heap Overflow
http://cxsecurity.com/issue/WLB-2012100033
phpMyBitTorrent 2.04 Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012100032
Microsoft Windows AfdJoinLeaf Privilege Escalation (MS11-080)
http://cxsecurity.com/issue/WLB-2012100031
Dart Communications Stack Overflow
http://cxsecurity.com/issue/WLB-2012100030
ProjectPier <= 0.8.8 Remote Code Execution
http://cxsecurity.com/issue/WLB-2012100029
PhpTax 0.8 Remote Code Execution
http://cxsecurity.com/issue/WLB-2012100028
TP-LINK TD-W8151N Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012100027
Zenphoto 1.4.3.2 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100026
phpFreeChat 1.4 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100025
Handshakes Professional 4.1 SQL Injection
http://cxsecurity.com/issue/WLB-2012100024
LOCAL: Exploit: NCMedia Sound Editor Pro v7.5.1 SEH&DEP
http://www.exploit-db.com/exploits/21713
Oracle Sun Products Suite CVE-2012-3126 Local Solaris Cluster Vulnerability
http://www.securityfocus.com/bid/54505
libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55517
Apache Tomcat Parameter Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/51447
Linux Kernel KVM 'kvm_set_irq()' Function Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54063
PostgreSQL 'xml_parse()' Function Arbitrary File Access Vulnerability
http://www.securityfocus.com/bid/55074
jabberd XMPP Server Dialback Protection Bypass Component Security Bypass Vulnerability
http://www.securityfocus.com/bid/55167
PostgreSQL 'xslt_process()' Function Arbitrary File Creation or Overwrite Vulnerability
http://www.securityfocus.com/bid/55072
Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53950
Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53946
Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53952
Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53951
FreeRADIUS Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55483
ocPortal 'redirect' Parameter URI Redirection Vulnerability
http://www.securityfocus.com/bid/54715
Drupal Stickynote Module Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51558
Joomla! Quickl Form Component Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51704
WordPress Slideshow Gallery Plugin 'border' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51678
xClick Cart 'shopping_url' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51699
miniCMS Multiple Remote PHP Code Injection Vulnerabilities
http://www.securityfocus.com/bid/51612
PHPList 'testtarget' Parameter Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/51681
vBSEO 'proc_deutf()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51647
Drupal Commerce Module Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/51668
vBadvanced CMPS 'vba_cmps_include_bottom.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/51672
PEEL SHOPPING SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/51700
Joomla! JE Story Submit Unspecified Security Vulnerability
http://www.securityfocus.com/bid/51679
NextBBS Multiple Input Validation Security Vulnerabilities
http://www.securityfocus.com/bid/52728
CPE17 Autorun Killer Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53286
Fetchmail NTLM Authentication Debug Mode Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54987
WinCDEmu 'BazisVirtualCDBus.sys' Driver Denial of Service Vulnerability
http://www.securityfocus.com/bid/51658
OneOrZero AIMS 'index.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51549
ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55530
Boehm GC malloc()' and 'calloc()' Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54227
Linux Kernel SFC Driver CVE-2012-3412 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54763
Oracle Java SE CVE-2012-0547 Remote Java Runtime Environment Weakness
http://www.securityfocus.com/bid/55339
Oracle Java Runtime Environment CVE-2012-1682 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55336
Debian devscripts Multiple Arbitrary File Deletion and Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/55564
OptiPNG Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55566
Linux Kernel 'taskstats' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55144
Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702
Linux Kernel HFS Plus Filesystem Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53401
Google Chrome Prior to 22.0.1229.79 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55676
Google Chrome Prior to 21.0.1180.89 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55331
Python Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51239
python 'distutils' Component '~/.pypirc' File Local Race Condition Vulnerability
http://www.securityfocus.com/bid/52732
Python SimpleXMLRPCServer Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51996
Python 'urllib' and 'urllib2' Modules Information Disclosure and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/47024
Python SimpleHTTPServer 'list_directory()' Function Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54083
Multiple Products CVE-2012-3500 Temporary File Handling Security Vulnerability
http://www.securityfocus.com/bid/55358
Debian devscripts 'debdiff' Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/52029
OpenJPEG Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55214
InterNetNews 'STARTTLS' Implementation Plaintext Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/55146
Xinetd CVE-2012-0862 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53720
ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522
Perl CGI.pm Header Values Newline Handling Unspecified Security Vulnerability
http://www.securityfocus.com/bid/45145
GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982
Xen CVE-2012-3515 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55413
Microsoft Windows AFD Driver CVE-2011-2005 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/49941
Drupal Commerce Extra Panes Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/55776
HP Network Node Manager i CVE-2012-3267 Unspecified Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55773
Drupal Hostip Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55772
JBoss Web Services W3C XML Encryption Standard Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55770
Drupal Twitter Pull Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55768
Novell Sentinel Log Manager Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/55767
Template CMS Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/55766
CYME ChartFX Client Server ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55765
TurboFTP Server 'PORT' Command Processing Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55764
SpringSource Grails CVE-2012-1833 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55763
ProjectPier 'upload.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/55758
Ruby 'error.c' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55757
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿