2012年11月6日火曜日
6日 火曜日、先勝
+ Linux kernel 3.6.6, 3.4.18, 3.0.51 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.6
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.18
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.51
+ Samba 3.5.19 Available for Download
http://samba.org/samba/history/samba-3.5.19.html
+ VU#985625 Symantec Antivirus products fail to properly handle CAB files
http://www.kb.cert.org/vuls/id/985625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4953
+ SA51175 McAfee Email and Web Security Appliance NTP OpenSSL "EVP_VerifyFinal()" Spoofing Vulnerability
http://secunia.com/advisories/51175/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021
+ Android SMS Spoofing Vulnerability
http://www.securityfocus.com/bid/56392
インターネットバンキング利用者の金融情報の入力を求める不正画面を表示するとみられるウイルスの検出対応について
http://www.trendmicro.co.jp/support/news.asp?id=1859
Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
Advisory: Upgrade to Sophos Anti-Virus for Mac, version 8
http://www.sophos.com/en-us/support/knowledgebase/116709.aspx
パフォーマンスカウンタ監視で取得する値の演算について
http://www.say-tech.co.jp/support/bom-for-windows/post-60/index.shtml
チェックしておきたい脆弱性情報<2012.11.06>
http://itpro.nikkeibp.co.jp/article/COLUMN/20121105/434841/?ST=security
シマンテックがVMware向けのセキュリティ機能を説明、要塞化とスキャン効率化を強化
http://itpro.nikkeibp.co.jp/article/NEWS/20121105/435090/?ST=security
JVNVU#111708 FortiGate Unified Threat Management (UTM) の CA 証明書の取扱いに問題
http://jvn.jp/cert/JVNVU111708/
JVNVU#802596 Pattern Insight 製品に複数の脆弱性
http://jvn.jp/cert/JVNVU802596/
[SECURITY] [DSA 2572-1] iceape security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00020.html
[CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00025.html
VideoLAN VLC Media Player <= 2.0.4 Crash Bug
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00024.html
[SECURITY] [DSA 2571-1] libproxy security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00019.html
XSS in answer my question plugin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00023.html
[ MDVSA-2012:170 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00018.html
Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00022.html
JVNDB-2012-004894 複数の Mozilla 製品におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004894.html
JVNDB-2012-004895 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004895.html
JVNDB-2012-004896 複数の Mozilla 製品におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004896.html
JVNDB-2012-004897 複数の Mozilla 製品におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004897.html
JVNDB-2012-004898 複数の Mozilla 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004898.html
JVNDB-2012-004899 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004899.html
JVNDB-2012-004900 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004900.html
JVNDB-2012-004901 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004901.html
JVNDB-2012-004902 複数の Mozilla 製品におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004902.html
JVNDB-2012-004903 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004903.html
JVNDB-2012-004904 複数の Mozilla 製品の IsCSSWordSpacingSpace 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004904.html
JVNDB-2012-004905 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004905.html
JVNDB-2012-004906 複数の Mozilla 製品における任意の JavaScript コードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004906.html
JVNDB-2012-004907 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004907.html
JVNDB-2012-004908 複数の Mozilla 製品における同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004908.html
JVNDB-2012-004909 複数の Mozilla 製品の IME State Manager の実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004909.html
JVNDB-2012-004911 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004911.html
JVNDB-2012-004891 複数の Mozilla 製品におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004891.html
JVNDB-2012-004887 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004887.html
JVNDB-2012-005201 日立の JP1/File Transmission Server/FTP における複数の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005201.html
JVNDB-2012-005200 Cisco Prime Data Center Network Manager における任意のコマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005200.html
JVNDB-2012-005199 Cisco Unified MeetingPlace Web Conferencing におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005199.html
Reminder: Ongoing SMTP Brute Forcing Attacks
http://isc.sans.edu/diary.html?storyid=14452
Webmin Input Validation Hole in Real Name Field Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027722
VU#662243 Sophos Antivirus contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/662243
VU#985625 Symantec Antivirus products fail to properly handle CAB files
http://www.kb.cert.org/vuls/id/985625
OpenVZ update for kernel
http://secunia.com/advisories/51193/
Ubuntu update for mysql-5.1, mysql-5.5, and mysql-dfsg-5.1
http://secunia.com/advisories/51177/
WordPress AJAX Post Search Plugin SQL Injection Vulnerability
http://secunia.com/advisories/51205/
McAfee Email and Web Security Appliance NTP OpenSSL "EVP_VerifyFinal()" Spoofing Vulnerability
http://secunia.com/advisories/51175/
Zenphoto Information Disclosure and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/51211/
Parallels Plesk Panel Unspecified Vulnerability
http://secunia.com/advisories/51204/
SUSE update for deb and update-alternatives
http://secunia.com/advisories/51189/
SUSE update for kernel
http://secunia.com/advisories/51188/
IBM Rational Products Java Font Parsing Vulnerability
http://secunia.com/advisories/51169/
IBM WebSphere DataPower and eXtreme Scale Hard-Coded Credentials Security Issue
http://secunia.com/advisories/51161/
Splunk Two Denial of Service Vulnerabilities
http://secunia.com/advisories/51150/
vBulletin YUI SWF Unspecified Vulnerability
http://secunia.com/advisories/51208/
IBM Tivoli Federated Identity Manager Management Console Access Vulnerability
http://secunia.com/advisories/51163/
Tivoli Federated Identity Manager OpenID Attribute Validation Bypass Vulnerability
http://secunia.com/advisories/51212/
Webmin Change Passwords Module Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51201/
YUI SWF Unspecified Vulnerability
http://secunia.com/advisories/51137/
Debian update for iceape
http://secunia.com/advisories/51181/
Debian update for libproxy
http://secunia.com/advisories/51180/
PG Dating Pro "id_event" SQL Injection Vulnerability
http://secunia.com/advisories/51159/
Sophos Products Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110022
Zenphoto 1.4.3.3 Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110021
ZPanel <= 10.0.1 CSRF, XSS, SQLi, Password Reset
http://cxsecurity.com/issue/WLB-2012110020
AwAuctionScript Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110019
REMOTE: Sophos Products - Multiple Vulnerabilities
http://www.exploit-db.com/exploits/22509
DoS/PoC: Adobe Reader 11.0.0 Stack Overflow Crash PoC
http://www.exploit-db.com/exploits/22464
DoS/PoC: KMPlayer v3.3.0.33 Multiple Vulnerabilities
http://www.exploit-db.com/exploits/22467
Multiple Symantec Products CAB Files Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56399
YUI 'SWF' File Unspecified Security Vulnerability
http://www.securityfocus.com/bid/56385
Munin CVE-2012-3512 Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/55698
Munin Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/53031
Mesa 'visit_field()' Method CVE-2012-2864 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55135
Invision Power Board 'core.php' PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/56288
Linux Kernel SFC Driver CVE-2012-3412 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54763
Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
http://www.securityfocus.com/bid/56036
Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
http://www.securityfocus.com/bid/56041
Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
http://www.securityfocus.com/bid/56017
Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
http://www.securityfocus.com/bid/56006
Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
http://www.securityfocus.com/bid/56003
Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
http://www.securityfocus.com/bid/56013
Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
http://www.securityfocus.com/bid/56022
Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
http://www.securityfocus.com/bid/56018
Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
http://www.securityfocus.com/bid/56028
Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
http://www.securityfocus.com/bid/56008
Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
http://www.securityfocus.com/bid/56021
Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
http://www.securityfocus.com/bid/56005
Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
http://www.securityfocus.com/bid/55990
OpenSSL 'EVP_VerifyFinal' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33150
Python Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51239
Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53946
Drupal Custom Publishing Options HTML Injection Vulnerability
http://www.securityfocus.com/bid/55037
Drupal Announcements Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/55283
Drupal Location Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/54676
Drupal Mime Mail Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/54914
Drupal Secure Login Module Open Redirection Vulnerability
http://www.securityfocus.com/bid/54675
Drupal Shorten URLs Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54911
Drupal Shibboleth authentication Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/54913
Ubercart SecureTrading Payment Method Drupal Module Security Bypass Vulnerability
http://www.securityfocus.com/bid/54395
ManageEngine Support Center Plus Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53019
Drupal Monthly Archive by Node Type Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/54768
Drupal Gallery Formatter Module Unspecified HTML Injection Vulnerability
http://www.securityfocus.com/bid/54674
Drupal Excluded Users Module Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54766
Drupal Campaign Monitor Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/54603
Drupal Email Field Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/55286
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3982 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55924
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4180 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56126
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3990 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56131
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4188 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56123
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4186 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56135
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4179 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56129
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4182 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56121
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3991 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55930
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3986 Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55922
libproxy CVE-2012-4505 Heap-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55910
BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37520
Sophos Antivirus Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56401
Android SMS Spoofing Vulnerability
http://www.securityfocus.com/bid/56392
IBM Tivoli Federated Identity Manager Management Console Access Bypass Vulnerability
http://www.securityfocus.com/bid/56391
IBM Tivoli Federated Identity Manager 'OpenID' Attribute Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/56390
Zenphoto Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56389
Webmin 'real name' Field Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56387
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿