2012年11月1日木曜日
1日 木曜日、友引
+ CESA-2012:1418 Critical CentOS 6 kdelibs Update
http://lwn.net/Alerts/522163/
+ CESA-2012:1416 Critical CentOS 6 kdelibs Update
http://lwn.net/Alerts/522166/
+ Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-mp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5416
+ Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5417
+ Linux kernel 3.6.5, 3.4.17, 3.2.33, 3.0.50 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.5
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.17
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.33
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.50
+ Linux Kernel 'tcp_illinois_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56346
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4565
Check Point response to PASTEBIN claim that Check Point Firewalls are vulnerable to simple SYN flooding
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk86721&src=securityAlerts
[BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00146.html
[slackware-security] seamonkey (SSA:2012-304-02)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00145.html
[slackware-security] mozilla-thunderbird (SSA:2012-304-01)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00144.html
[waraxe-2012-SA#095] - Multiple Vulnerabilities in Wordpress FoxyPress Plugin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00143.html
チェックしておきたい脆弱性情報<2012.11.01>
http://itpro.nikkeibp.co.jp/article/COLUMN/20121029/433142/?ST=security
国内DLP市場、2011年の市場規模は29億円、2016年には3倍の90億円に
http://itpro.nikkeibp.co.jp/article/NEWS/20121031/433902/?ST=security
JVNVU#971035 Simple Certificate Enrollment Protocol (SCEP) の実装に問題
http://jvn.jp/cert/JVNVU971035/
JVNVU#408099 CA ARCserve Backup にサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU408099/
JVNVU#936363 CA ARCserve Backup において任意のコードが実行可能な脆弱性
http://jvn.jp/cert/JVNVU936363/
JVNVU#207540 TomatoCart の PayPal Express Checkout モジュールに検証不備の脆弱性
http://jvn.jp/cert/JVNVU207540/
JVNDB-2012-005167 TomatoCart の PayPal Express Checkout モジュールに検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005167.html
JVNDB-2012-005166 複数の Cisco 製品におけるサービス運用妨害 (デバイスリロード) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005166.html
JVNDB-2012-005165 複数の Cisco 製品におけるサービス運用妨害 (デバイスリロード) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005165.html
JVNDB-2012-005164 複数の Cisco 製品におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005164.html
JVNDB-2012-005163 Cisco ASA 5500 シリーズおよび Catalyst 6500 シリーズデバイスにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005163.html
JVNDB-2012-005162 Cisco ASA 5500 シリーズおよび Catalyst 6500 シリーズデバイスにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005162.html
JVNDB-2012-005161 Cisco ASA 5500 シリーズおよび Catalyst 6500 シリーズデバイスにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005161.html
JVNDB-2012-000095 Mac OS X の OpenSSH におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000095.html
JVNDB-2012-005160 複数の Mozilla 製品における同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005160.html
JVNDB-2012-005159 複数の Mozilla 製品の nsLocation::CheckURL 関数におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005159.html
JVNDB-2012-005158 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005158.html
JVNDB-2012-003589 MySQLDumper におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003589.html
JVNDB-2012-001379 RealNetworks RealPlayer および RealPlayer SP の RV40 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001379.html
JVNDB-2012-001382 複数の RealNetworks 製品の ATRAC コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001382.html
JVNDB-2012-001377 RealNetworks RealPlayer および RealPlayer SP の RV20 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001377.html
JVNDB-2011-003049 RealNetworks RealPlayer の RV20 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003049.html
JVNDB-2012-005157 LibTIFF におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005157.html
Cyber Security Awareness Month - Day 31 - Business Continuity and Disaster Recovery
http://isc.sans.edu/diary.html?storyid=14425
Apache Axis2 XML Signature Wrapping Security Vulnerability
http://www.securiteam.com/securitynews/6M03Q0A5PA.html
Cisco Unified MeetingPlace Web Conferencing Bugs Let Remote Users Inject SQL Commands and Deny Service
http://www.securitytracker.com/id/1027713
Cisco Prime Data Center Network Manager JBoss RMI Services Let Remote Users Execute Arbitrary Commands
http://www.securitytracker.com/id/1027712
mod_security Multipart Processing Flaw Lets Remote Users Bypass Security Restrictions
http://www.securitytracker.com/id/1027706
VU#203844 SolarWinds Orion IPAM web interface reflected xss vulnerability
http://www.kb.cert.org/vuls/id/203844
VU#586556 Axigen Mail Server directory traversal vulnerability
http://www.kb.cert.org/vuls/id/586556
NetCat "search_query" and "redirect_url" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/51119/
AXIGEN Mail Server "fileName" Arbitrary File Disclosure and Deletion Vulnerabilities
http://secunia.com/advisories/51118/
WordPress FoxyPress Plugin Multiple Vulnerabilities
http://secunia.com/advisories/51109/
SolarWinds IP Address Manager "q" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51120/
World of Phaos Cross-Site Scripting and Script Insertion Vulnerabilities
http://secunia.com/advisories/51124/
Red Hat update for kdelibs
http://secunia.com/advisories/51145/
KDE kdelibs Multiple Vulnerabilities
http://secunia.com/advisories/51097/
Grails Data Binding Security Bypass Vulnerability
http://secunia.com/advisories/51113/
Pale Moon "Location" Object Multiple Vulnerabilities
http://secunia.com/advisories/51125/
Plone Security Bypass and Code Execution Vulnerabilities
http://secunia.com/advisories/51126/
Oracle Solaris Adobe Flash Player Multiple Vulnerabilities
http://secunia.com/advisories/51131/
Visual Chile SQL Injection & Cross-Site Scripting Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110004
CMS Etiko Arbitrary File Upload Vulnerability
http://cxsecurity.com/issue/WLB-2012110003
Opera 12.02 Local files disclosure (0day)
http://cxsecurity.com/issue/WLB-2012100252
UMPlayer 0.98 DLL Hijacking wintab32.dll Exploit
http://cxsecurity.com/issue/WLB-2012110002
bloofoxCMS 0.3.5 XSS Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110001
Endpoint Protector Persistent Cross-Site Scripting
http://cxsecurity.com/issue/WLB-2012100262
Citrix XenServer 6.0.2 Privilege Escalation
http://cxsecurity.com/issue/WLB-2012100261
NetCat CMS v5.0.1 Multiple Web Vulnerabilities
http://cxsecurity.com/issue/WLB-2012100260
Joomla com_quiz sql/xss Vulnerability
http://cxsecurity.com/issue/WLB-2012100259
PG Dating Pro CMS 1.0 Cross Site Scripting & SQL Injection
http://cxsecurity.com/issue/WLB-2012100258
Oracle Java SE CVE-2012-5079 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56082
Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56071
Oracle Java SE CVE-2012-5072 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56083
Oracle Java SE CVE-2012-5073 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56080
Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56081
Oracle Java SE CVE-2012-5084 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56063
Oracle Java SE CVE-2012-3216 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56075
Oracle Java SE CVE-2012-5068 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56076
Oracle Java SE CVE-2012-5071 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56061
Oracle Java SE CVE-2012-5086 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56039
Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56059
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4195 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56302
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4194 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56301
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4196 Cross-Origin Security Bypass Vulnerability
http://www.securityfocus.com/bid/56306
Siemens SiPass Integrated 'SiPass server' Component Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55835
Oracle Java SE CVE-2012-5069 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56065
Oracle Java SE CVE-2012-5087 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56043
LetoDMS Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/55823
radsecproxy Client Certificate Verification Security Bypass Vulnerability
http://www.securityfocus.com/bid/56105
NetCat CMS Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/56340
LetoDMS Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/55822
Oracle Java SE CVE-2012-5070 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56079
Oracle Java SE CVE-2012-5085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56067
Oracle Java SE CVE-2012-5077 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56058
Oracle Java SE CVE-2012-5074 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56056
Oracle Java SE CVE-2012-5076 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56054
Oracle Java SE CVE-2012-5088 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56057
cgit 'Author' Field Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55724
Python keyring 'CryptedFileKeyring' component Password Encryption Weakness
http://www.securityfocus.com/bid/55815
TP-LINK TL-WR841N Router Local File Include Vulnerability
http://www.securityfocus.com/bid/56320
Mozilla Firefox/Thunderbird CVE-2012-3974 Local Code Execution Vulnerability
http://www.securityfocus.com/bid/55312
Oracle Java SE CVE-2012-0547 Remote Java Runtime Environment Weakness
http://www.securityfocus.com/bid/55339
KDE Konqueror Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55879
Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/52748
Adobe Flash Player CVE-2012-0725 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52914
Adobe Flash Player CVE-2012-0768 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52297
Adobe Flash Player CVE-2012-0769 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52299
Adobe Flash Player CVE-2012-0724 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52916
Django 'HttpRequest.get_host()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56146
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-3972 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55310
Net-SNMP SNMP GET Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/53255
Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56285
OptiPNG Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55566
bloofoxCMS Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/56353
LibreOffice and OpenOffice Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56352
Drupal Password Policy Module Password Hash Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56350
Cisco Unified MeetingPlace Web Conferencing SQL Injection and Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/56349
Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/56348
World of Phaos SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/56347
Linux Kernel 'tcp_illinois_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56346
Axigen Mail Server 'fileName' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/56343
SolarWinds Orion IP Address Manager (IPAM) 'search.aspx' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56342
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿