:: IT Security Neophyte Investigator's MEMO ::: 11日火曜日、先勝

2012年12月11日火曜日

11日火曜日、先勝

+ Squid 3.2.5 released
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html

+ HPSBOV02834 SSRT101055 rev.1 - HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03599086-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3277

+ SYM12-019 Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Management Consoles Multiple Issues
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121210_00
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4349

+ Linux kernel 3.6.10, 3.4.23, 3.0.56 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.10
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.23
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.56

+ Samba 3.6.10 released
http://samba.org/samba/history/samba-3.6.10.html

Trend Micro Control Managerで、InterScan VirusWall スタンダードエディションまたは InterScan Gateway Security Applianceの管理を行っているお客様へ
http://www.trendmicro.co.jp/support/news.asp?id=1873

PGDG apt repository for Debian/Ubuntu
http://www.postgresql.org/about/news/1432/

JALインフォテック、クライアント管理と情報漏えい対策のセット製品を出荷
http://itpro.nikkeibp.co.jp/article/NEWS/20121210/443189/?ST=security

チェックしておきたい脆弱性情報＜2012.12.10＞
http://itpro.nikkeibp.co.jp/article/COLUMN/20121204/441741/?ST=security

JVNVU#98427683 Qualcomm 製 Android 端末に複数の脆弱性
http://jvn.jp/cert/JVNVU98427683/

JVN#74829345 Android OS を搭載した複数の端末におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/jp/JVN74829345/

Call for Papers: DIMVA 2013
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00075.html

Snare for Linux Password Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00078.html

[SECURITY] [DSA 2584-1] iceape security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00067.html

Snare for Linux Cross-Site Request Forgery
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00077.html

Snare for Linux Cross-Site Scripting via Log Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00076.html

[SECURITY] [DSA 2583-1] iceweasel security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00066.html

Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00074.html

SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00073.html

[ MDVSA-2012:178 ] mysql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00068.html

DIMIN Viewer 5.4.0 <= WriteAV Arbitrary Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00072.html

FreeVimager 4.1.0 <= WriteAV Arbitrary Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00071.html

Centrify Deployment Manager v2.1.0.283 local root
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00070.html

Android Kernel 2.6 Local DoS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00069.html

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00063.html

Your CPA License has not been revoked
http://isc.sans.edu/diary.html?storyid=14674

Joomla (and WordPress) Bulk Exploit Going on
http://isc.sans.edu/diary.html?storyid=14677

IBM eDiscovery Manager Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027848

Android Kernel 2.6 Denial Of Service
http://cxsecurity.com/issue/WLB-2012120082

MyBB Kingchat Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012120081

DIMIN Viewer 5.4.0 WriteAV Arbitrary Code Execution
http://cxsecurity.com/issue/WLB-2012120080

FreeVimager 4.1.0 WriteAV Arbitrary Code Execution
http://cxsecurity.com/issue/WLB-2012120079

Dolphin3D web browser ActiveX Remote Command Execution
http://cxsecurity.com/issue/WLB-2012120078

FreeFloat FTP Server Buffer Overflow
http://cxsecurity.com/issue/WLB-2012120077

Cisco DPC2420 Cross Site Scripting & File Disclosure
http://cxsecurity.com/issue/WLB-2012120076

Havalite 1.1.7 Cross Site Scripting & Shell Upload
http://cxsecurity.com/issue/WLB-2012120075

SUSE update for wireshark
http://secunia.com/advisories/51513/

ClipBucket Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/51460/

IBM WebSphere Application Server Java Multiple Vulnerabilities
http://secunia.com/advisories/51504/

Debian update for iceweasel
http://secunia.com/advisories/51353/

Debian update for iceape
http://secunia.com/advisories/51403/

Debian update for xen
http://secunia.com/advisories/51468/

IBM Tivoli Directory Integrator Apache Axis SSL Certificate Verification Security Issue
http://secunia.com/advisories/51541/

IBM eDiscovery Manager Unspecified Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/51530/

IBM Rational Service / Performance Tester Java Multiple Vulnerabilities
http://secunia.com/advisories/51535/

Rockwell Automation Controllers Denial of Service Vulnerability
http://secunia.com/advisories/51534/

Spring Security DaoAuthenticationProvider Username Enumeration Weakness
http://secunia.com/advisories/51496/

Oracle Java SE CVE-2012-5076 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56054

Oracle Java SE CVE-2012-5087 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56043

Oracle Java SE CVE-2012-5086 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56039

Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56071

Oracle Java SE CVE-2012-3143 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56055

Oracle Java SE CVE-2012-5079 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56082

Oracle Java SE CVE-2012-3216 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56075

Oracle Java SE CVE-2012-5071 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56061

Oracle Java SE CVE-2012-5088 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56057

Oracle Java SE CVE-2012-5073 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56080

Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56059

Oracle Java SE CVE-2012-5069 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56065

Oracle Java SE CVE-2012-5074 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56056

Oracle Java SE CVE-2012-1533 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56046

Oracle Java SE CVE-2012-1532 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56051

Oracle Java SE CVE-2012-1531 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56033

Oracle Java SE CVE-2012-5083 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56025

Oracle Java Virtual Machine (JVM) CVE-2012-4416 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55501

Oracle Java SE CVE-2012-5084 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56063

Oracle Java SE CVE-2012-5077 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56058

Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56081

Oracle Java SE CVE-2012-5067 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56070

Oracle Java SE CVE-2012-5070 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56079

Oracle Java SE CVE-2012-5068 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56076

Oracle Java SE CVE-2012-5072 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56083

Oracle Java SE CVE-2012-3159 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56072

Arctic Torrent Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55833

HCView Remote Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55819

JPEGsnoop Remote Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55791

Snack Sound Toolkit 'GetWavHeader()' Function Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54419

IBM Java Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/55495

GOM Player 'avi' File NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55840

Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/56408

GIMP XWD File Handling Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56647

Havalite CMS SQL Injection and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/52825

Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56769

Havalite Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53199

Nagios XI 'visApi.php' Multiple Command Injection Vulnerabilities
http://www.securityfocus.com/bid/54263

ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56817

Maxthon Browser Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56845

Google Chrome Prior to 21.0.1180.89 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55331

Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54203

Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51911

libxslt 'generate-id()' Function Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47668

Google Chrome prior to 10.0.648.127 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46785

GNOME System Log CVE-2012-5535 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56859

Smartphone Pentest Framework Multiple Remote Command Execution Vulnerabilities
http://www.securityfocus.com/bid/56881

Havalite CMS 'data/havalite.db3' File Database Information Disclosure
http://www.securityfocus.com/bid/56878

IBM eDiscovery Manager Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56876

Multiple Rockwell Automation Products CVE-2012-46590 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56872

KDE kde-settings '/run tmpfs' Filesystem Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56867

Symantec Network Access Control CVE-2012-4349 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56847

Symantec Endpoint Protection Manager CVE-2012-4348 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56846

:: IT Security Neophyte Investigator's MEMO ::

2012年12月11日火曜日

11日火曜日、先勝

0 件のコメント:

コメントを投稿

2012年12月11日火曜日

11日 火曜日、先勝

0 件のコメント:

コメントを投稿

11日火曜日、先勝