2012年10月5日金曜日
5日 金曜日、先負
+ Microsoft Security Bulletin Advance Notification for October 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-oct
+ UPDATE: Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-bgp
+ CVE-2010-2761 Code Injection Vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2010_2761_code_injection
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2761
+ SA50790 Linux Kernel "compat_put_timeval()" Argument Passing Weakness
http://secunia.com/advisories/50790/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4467
+ Linux Kernel 'COMPAT_USE_64BIT_TIME' Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55785
Advisory: Upgrade to Sophos Anti-Virus for Mac, version 8
http://www.sophos.com/en-us/support/knowledgebase/116709.aspx
Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by Ogg DirectShow filters
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00025.html
XnView JLS File Decompression Heap Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00024.html
ANNOUNCE: RFIDIOt v1.0d released and code migration
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00023.html
世界のセキュリティ・ラボから
フェイスブック、欧州で顔認証機能を無効に
http://itpro.nikkeibp.co.jp/article/COLUMN/20121001/426547/?ST=security
ソリトンシステムズ、ネット不正接続をブロックする機器の認証サーバーを簡略化
http://itpro.nikkeibp.co.jp/article/NEWS/20121004/427667/?ST=security
IIJ、仮想デスクトップサービスにセキュリティ強化オプションを追加
http://itpro.nikkeibp.co.jp/article/NEWS/20121004/427561/?ST=security
東大など国内5大学のサーバーから情報漏洩、ハッカー集団が犯行声名残す
http://itpro.nikkeibp.co.jp/article/NEWS/20121004/427502/?ST=security
And the SHA-3 title goes to .....Keccak
http://isc.sans.edu/diary.html?storyid=14224
Cyber Security Awareness Month - Day 4: Crypto Standards
http://isc.sans.edu/diary.html?storyid=14227
Microsoft October Patch Pre-Announcement
http://isc.sans.edu/diary.html?storyid=14236
HP Network Node Manager i Discloses Potentially Sensitive Information to Remote Users
http://www.securitytracker.com/id/1027605
VU#989684 Cerberus FTP Server web interface cross-site request forgery vulnerability
http://www.kb.cert.org/vuls/id/989684
DoS/PoC: Cyme ChartFX Client Server ActiveX Control Array Indexing Vulnerability
http://www.exploit-db.com/exploits/21737
DoS/PoC: JPEGsnoop <= 1.5.2 WriteAV Arbitrary Code Execution
http://www.exploit-db.com/exploits/21739
DoS/PoC: XnView 1.99.1 JLS File Decompression Heap Overflow
http://www.exploit-db.com/exploits/21741
Zenphoto "date" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50799/
Linux Kernel "compat_put_timeval()" Argument Passing Weakness
http://secunia.com/advisories/50790/
WordPress Spider Calendar Plugin Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/50812/
OSSIM Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50865/
Red Hat update for JBoss Operations Network
http://secunia.com/advisories/50863/
XnView JPEG-LS Image Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/50825/
Ubuntu update for kernel
http://secunia.com/advisories/50846/
Joomla! MijoFTP Component Unspecified Vulnerability
http://secunia.com/advisories/50841/
Template CMS Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/50803/
Drupal Commerce extra panes Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/50802/
McAfee Firewall Enterprise BIND Resource Record Denial of Service Vulnerability
http://secunia.com/advisories/50852/
Omnistar Mailer "form_id" SQL Injection Vulnerabilities
http://secunia.com/advisories/50792/
HP Network Node Manager i Unspecified Information Disclosure Weakness
http://secunia.com/advisories/50861/
Apple OS X Server Multiple Vulnerabilities
http://secunia.com/advisories/50859/
Oracle Identity Management 10g XSS Vulnerability
http://cxsecurity.com/issue/WLB-2012100042
Omnistar Mailer 7.2 SQL Injection & Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100041
Drupal Commerce Extra Panes 7.x Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012100040
Drupal Twitter Pull 6.x & 7.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012100039
NCMedia Sound Editor Pro v7.5.1 SEH&DEP Buffer Overflow
http://cxsecurity.com/issue/WLB-2012100038
WordPress Spider 1.0.1 SQL Injection & XSS
http://cxsecurity.com/issue/WLB-2012100037
23rdweb Studio SQL Injection
http://cxsecurity.com/issue/WLB-2012100036
Novell Sentinel Log Manager <= 1.2.0.2 retention policy vulnerability
http://cxsecurity.com/issue/WLB-2012100035
Namo WebEditor v5.0 Remote File Uploader
http://cxsecurity.com/issue/WLB-2012100034
XnView JLS File Decompression Heap Overflow
http://cxsecurity.com/issue/WLB-2012100033
phpMyBitTorrent 2.04 Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012100032
Google Chrome Prior to 21.0.1180.89 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55331
Google Chrome Prior to 22.0.1229.79 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55676
Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54203
libxslt 'generate-id()' Function Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47668
Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51911
ICCLIB CVE-2012-4405 Out-of-Bounds Memory Write Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55494
libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55517
WordPress CSS Plus Plugin Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/55745
Cerberus FTP Server CVE-2012-2999 Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/55788
Linux Kernel SFC Driver CVE-2012-3412 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54763
Linux Kernel 'taskstats' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55144
Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702
Linux Kernel HFS Plus Filesystem Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53401
Drupal Security Questions Module Security Bypass Vulnerability
http://www.securityfocus.com/bid/54409
Drupal Listhandler Module Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/54376
Drupal Colorbox Node Module Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54406
Drupal Hashcash Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/54219
Drupal Drag & Drop Gallery Module Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/54380
Drupal Search Autocomplete Module Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/54379
Drupal Restrict Node Page View Module Security Bypass Vulnerability
http://www.securityfocus.com/bid/54407
Drupal Privatemsg Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54110
GNU Automake Local Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/54418
OpenStack Keystone Token Validation Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55716
libgio CVE-2012-4425 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55555
OpenStack Keystone CVE-2012-3542 Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/55326
OpenStack Keystone Token Validation CVE-2012-4413 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55524
InduSoft Web Studio 'CEServer.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/50675
ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522
FreeRADIUS Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55483
Microsoft October 2012 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/55794
phpMyChat Plus Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/55792
JPEGsnoop Remote Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55791
Joomla! MijoFTP Component Unspecified Security Vulnerability
http://www.securityfocus.com/bid/55789
XnView JPEG-LS Image Processing Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55787
Linux Kernel 'COMPAT_USE_64BIT_TIME' Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55785
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿