2012年11月28日水曜日
28日 水曜日、赤口
+ nginx 1.3.9 develpment version released
http://nginx.org/en/download.html
+ UPDATE: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-mp
+ rssh v2.3.4 released
http://www.pizzashack.org/rssh/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2252
Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
Advisory: Tavis Ormandy finds vulnerabilities in Sophos Anti-Virus products
http://www.sophos.com/en-us/support/knowledgebase/118424.aspx
Advisory: SafeGuard Configuration Protection - a tool to avoid potential issues after upgrading clients running Sophos Anti-Virus has now been released
http://www.sophos.com/en-us/support/knowledgebase/118461.aspx
[SE-2011-01] Additional materials released for SAT TV research
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00097.html
NTTソフト、「標的型攻撃メールの即時検知」が可能なセキュリティソフト
http://itpro.nikkeibp.co.jp/article/NEWS/20121127/440241/?ST=security
委託社員の逮捕についてNTTデータが経緯を説明
http://itpro.nikkeibp.co.jp/article/NEWS/20121127/440222/?ST=security
「家宅捜索の事実はない」、ゼロが2ちゃんねる遠隔操作ウイルス関連報道を否定
http://itpro.nikkeibp.co.jp/article/NEWS/20121127/440033/?ST=security
NECが「サイバーセキュリティ・ファクトリー」設置、サイバー攻撃対策を支援
http://itpro.nikkeibp.co.jp/article/NEWS/20121127/440021/?ST=security
UPDATE: JVNVU#405811 Apache HTTPD サーバにサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU405811/index.html
UPDATE: JVNVU#864819 Apple Safari における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU864819/
JVNVU#281284 Samsung 製プリンタに SNMP コミュニティ文字列がハードコードされている問題
http://jvn.jp/cert/JVNVU281284/
Can users' phish emails be a security admin's catch of the day?
http://isc.sans.edu/diary.html?storyid=14578
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027815
OpenBSD libc RPC Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027814
EMC Smarts Network Configuration Manager Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027812
phpCAS SSL Certificate Verification Security Issue
http://secunia.com/advisories/51368/
Greenstone Information Disclosure and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/51398/
Piwik Compromised Source Package Backdoor Security Issue
http://secunia.com/advisories/51304/
ClassifiedScript PHP "eval()" Code Execution Vulnerability
http://secunia.com/advisories/51395/
WordPress WooCommerce Predictive Search Plugin "rs" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51385/
WordPress WP e-Commerce Predictive Search Plugin "rs" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51384/
Beat Websites "id" SQL Injection Vulnerability
http://secunia.com/advisories/51406/
Smartphone Pentest Framework frameworkgui Multiple Vulnerabilities
http://secunia.com/advisories/51415/
Smartphone Pentest Framework frameworkgui Multiple Vulnerabilities
http://secunia.com/advisories/51414/
Ubuntu update for libssh
http://secunia.com/advisories/51407/
RSA Adaptive Authentication Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51394/
EMC Smarts Network Configuration Manager Database Authentication Bypass Vulnerability
http://secunia.com/advisories/51408/
Symfony Arbitrary File Disclosure Vulnerability
http://secunia.com/advisories/51372/
Joomla! sh404SEF Component Unspecified Vulnerability
http://secunia.com/advisories/51376/
SUSE update for xen
http://secunia.com/advisories/51413/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/51437/
Piwik 1.9.2 backdoor remote code execution
http://cxsecurity.com/issue/WLB-2012110196
BugTracker.Net 3.5.8 XSS & SQL Injection & File Disclosure
http://cxsecurity.com/issue/WLB-2012110203
WordPress wp-imagezoon SQL Injection
http://cxsecurity.com/issue/WLB-2012110202
WordPress cstardesign SQL Injection
http://cxsecurity.com/issue/WLB-2012110201
WordPress oberliga SQL Injection
http://cxsecurity.com/issue/WLB-2012110200
WordPress st_newsletter SQL Injection
http://cxsecurity.com/issue/WLB-2012110199
WordPress weddingsatwork SQL Injection
http://cxsecurity.com/issue/WLB-2012110198
WordPress Shai-Saul SQL Injection
http://cxsecurity.com/issue/WLB-2012110197
Forescout NAC 6.3.4.1 Multiple Vulns
http://cxsecurity.com/issue/WLB-2012110195
MurmurHash Algorithm Collision Denial Of Service
http://cxsecurity.com/issue/WLB-2012110193
Collabtive Multiple XSS Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110194
GPSMapEdit 1.1.73.2 Denial Of Service
http://cxsecurity.com/issue/WLB-2012010070
YABSoft Advanced Image Hosting Script SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012010093
razorCMS 1.2 Path Traversal Vulnerability
http://cxsecurity.com/issue/WLB-2012010077
CMScout 2.0 TinyMCE plugin IBrowser local file inclusion vulnerability
http://cxsecurity.com/issue/WLB-2010090078
OpenText LiveLink 9.7.1 cross site request forgeryd cross site scripting
http://cxsecurity.com/issue/WLB-2010090115
Advanced Digital Broadcast Digital Satellite TV Platform Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/51251
Bugzilla Multiple Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56504
YUI 'SWF' File Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/56385
Debian 'android-tools' Package Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/56653
Symfony CVE-2012-5574 Arbitrary File Access Vulnerability
http://www.securityfocus.com/bid/56685
Moodle Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56505
libssh Multiple Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56604
GNU libiberty '_objalloc_alloc()' Function CVE-2012-3509 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/55281
WeeChat 'hook_process()' Function Remote Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/56584
Linux Kernel KVM CVE-2012-4461 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56414
MantisBT SOAP API Security Bypass Vulnerability
http://www.securityfocus.com/bid/53907
MantisBT Prior To 1.2.12 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56520
MantisBT 'delete_attachments_threshold()' Function Security Bypass Vulnerability
http://www.securityfocus.com/bid/53921
MantisBT Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/52313
WordPress WooCommerce Predictive Search Plugin 'rs' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56703
WordPress WP e-Commerce Predictive Search Plugin 'rs' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56702
Spotify Playlists HTML Injection Vulnerability
http://www.securityfocus.com/bid/56701
PHP-Nuke 'sid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56700
RSA Adaptive Authentication (On Premise) Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56699
WordPress CStar Design 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56694
WebSite X5 Evolution 9 Cross Site Scripting and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/56693
Joomla! sh404SEF Component Unspecified Security Vulnerability
http://www.securityfocus.com/bid/56690
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿