29日 木曜日、先勝

+ Wireshark 1.8.4 released
http://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html

InterScan Messaging Security製品用クロスサイトリクエストフォージェリ(CSRF)の脆弱性対応Critical Patchリリースのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1849

「偽画面型」詐欺マルウエアが猛威
http://itpro.nikkeibp.co.jp/article/COLUMN/20121116/437987/?ST=security

Google Docsを悪用するマルウエア「Backdoor.Makadocs」
http://itpro.nikkeibp.co.jp/article/COLUMN/20121127/440067/?ST=security

[SECURITY] [DSA 2578-1] rssh security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00098.html

McAfee releases extraDAT for W32/Autorun.worm.aaeb-h
http://isc.sans.edu/diary.html?storyid=14584

Debian update for rssh
http://secunia.com/advisories/51307/

SUSE update for kdelibs4
http://secunia.com/advisories/51375/

rssh Commands Filter Security Bypass Vulnerability
http://secunia.com/advisories/51343/

IBM Tivoli Management Framework OpenSSL Denial of Service Vulnerability
http://secunia.com/advisories/51312/

SUSE update for weechat
http://secunia.com/advisories/51377/

IBM Rational Developer for System z SSL Certificate Password Disclosure Security Issue
http://secunia.com/advisories/51401/

OpenStack Keystone EC2 Credentials Validation Security Issue
http://secunia.com/advisories/51423/

SBLIM "cmpi-base" UnixProcessProvider Shell Command Injection Vulnerability
http://secunia.com/advisories/51093/

MediaWiki Security Bypass Vulnerabilities
http://secunia.com/advisories/51424/

OpenVZ update for kernel
http://secunia.com/advisories/51420/

REMOTE: Apple QuickTime 7.7.2 MIME Type Buffer Overflow
http://www.exploit-db.com/exploits/22973

Samsung Dell printers firmware backdoor administrator account (VU#281284)
http://cxsecurity.com/issue/WLB-2012110212

Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit
http://cxsecurity.com/issue/WLB-2012050056

X7 Chat 2.0.5.1 Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012050073

M-Player 0.4 Local Denial of Service Vulnerability
http://cxsecurity.com/issue/WLB-2012010061

Joomla Component com_jstore LFI Vulnerability
http://cxsecurity.com/issue/WLB-2010100065

Joomla Community Builder Enhenced (CBE) Component LFI/RCE
http://cxsecurity.com/issue/WLB-2012110213

OpenText LiveLink 9.7.1 cross site request forgeryd cross site scripting
http://cxsecurity.com/issue/WLB-2010090115

Collabtive Multiple XSS Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110194

Apple WGT Dictionnaire 1.3 Script Code Injection
http://cxsecurity.com/issue/WLB-2012110211

Gleamtech FileVista & FileUltimate 4.6 Directory Traversal
http://cxsecurity.com/issue/WLB-2012110210

WordPress Newstimes Package SQL Injection
http://cxsecurity.com/issue/WLB-2012110209

WordPress myflash Local File Inclusion
http://cxsecurity.com/issue/WLB-2012110208

WordPress starmark Theme Local File Inclusion
http://cxsecurity.com/issue/WLB-2012110207

Wordpress asm theme SQL injection
http://cxsecurity.com/issue/WLB-2012110206

WordPress yaren Tema SQL Injection
http://cxsecurity.com/issue/WLB-2012110205

Spotify Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012110204

Linux Kernel 'madvise_remove()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55151

Linux Kernel UDF Filesystem Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54279

Linux Kernel ASLR Security Bypass Weakness
http://www.securityfocus.com/bid/52687

Linux Kernel Hugepages CVE-2012-2133 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53233

libotr2 Package Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54907

rssh CVE-2012-3478 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53430

Tor Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56675

LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56715

MediaWiki Multiple Security Bypass and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56714

rssh Command Line Filtering Multiple Remote Arbitrary Command Execution Vulnerabilities
http://www.securityfocus.com/bid/56708