:: IT Security Neophyte Investigator's MEMO ::: 18日火曜日、仏滅

2012年12月18日火曜日

18日火曜日、仏滅

+ SQUID-2012:1 Denial of service in cachemgr.cgi
http://www.squid-cache.org/Advisories/SQUID-2012_1.txt

+ Linux kernel 3.7.1, 3.6.11, 3.4.24, 3.0.57 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.1
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.11
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.24
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.57

+ Samba 3.5.20 Available for Download
http://samba.org/samba/history/samba-3.5.20.html

InterScan for Lotus Domino 5.0 windows版 Critical Patch build 3151 32bit/64bit版公開停止のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1878

ServerProtect for Windows 5.8 Patch 4 build 1330 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1875

Trend Micro Mobile Security 8.0 Service Pack 1 適用済み版公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1876

年末年始の営業に関するご案内(2013年）
http://www.trendmicro.co.jp/support/news.asp?id=1870

InterScan Messaging Security製品用クロスサイトリクエストフォージェリ(CSRF)の脆弱性対応Critical Patchリリースのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1849

JVNDB-2012-005493 Xen におけるサービス運用妨害 (無限ループおよびハングアップまたはクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005493.html

JVNDB-2012-005524 Xen の HVMOP_pagetable_dying ハイパーコールにおけるサービス運用妨害 (ハイパーバイザークラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005524.html

JVNDB-2012-005492 Xen におけるサービス運用妨害 (メモリ消費および表明違反) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005492.html

JVNDB-2012-005490 Xen におけるサービス運用妨害 (Xen の無限ループおよび物理 CPU の消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005490.html

JVNDB-2012-000110 (JVN#66596216) WikkaWiki におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000110.html

JVNDB-2012-005695 (JVNTA12-346A) 複数の Microsoft Windows 製品におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005695.html

JVNDB-2012-005692 (JVNTA12-346A) 複数の Microsoft 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005692.html

JVNDB-2012-005696 (JVNTA12-346A) Microsoft Windows Server 2008 R2 および Windows Server 2012 におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005696.html

JVNDB-2012-005691 (JVNTA12-346A) 複数の Microsoft Windows 製品のカーネルモードドライバにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005691.html

JVNDB-2012-005694 (JVNTA12-346A) Microsoft Windows における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005694.html

JVNDB-2012-005687 (JVNTA12-346A) Microsoft Internet Explorer 6 から 10 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005687.html

JVNDB-2012-005688 (JVNTA12-346A) Microsoft Internet Explorer 9 および 10 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005688.html

JVNDB-2012-005690 (JVNTA12-346A) 複数の Microsoft Windows 製品のカーネルモードドライバにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005690.html

JVNDB-2012-005689 (JVNTA12-346A) Microsoft Internet Explorer 9 および 10 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005689.html

JVNDB-2012-005693 (JVNTA12-346A) Microsoft Exchange Server 2007 および 2010 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005693.html

JVNDB-2012-005700 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005700.html

JVNDB-2012-005699 Adobe Flash Player および Adobe AIR における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005699.html

JVNDB-2012-005698 Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005698.html

IPv6 Neighbor Discovery security (new documents)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00108.html

[ MDVSA-2012:180 ] perl-CGI
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00104.html

[SECURITY] [DSA 2589-1] tiff security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00103.html

[SECURITY] [DSA 2588-1] icedove security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00102.html

Foswiki Security Alert CVE-2012-6329, CVE-2012-6330 Remote code execution and oth
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00105.html

Watch for Newtown Connecticut scam sites
http://isc.sans.edu/diary.html?storyid=14716

Reminder: Java 6 end-of-live February 2013
http://isc.sans.edu/diary.html?storyid=14719

Squid Input Validation Bug in 'cachemgr.cgi' Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027890

Adobe Flash Player 11.5.502.135 memory corruption
http://cxsecurity.com/issue/WLB-2012120127

Foswiki Remote code execution and other vulnerabilities in MAKETEXT
http://cxsecurity.com/issue/WLB-2012120126

Apex Software Authentication Bypass Vulnerability
http://cxsecurity.com/issue/WLB-2012120125

tristar Sql Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012120119

intelligent Soft Solutions Sql Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012120124

pulse solutions Cross-Site Scripting Vulnerability
http://cxsecurity.com/issue/WLB-2012120123

Pro-Service Cross-Site Scripting Vulnerability
http://cxsecurity.com/issue/WLB-2012120122

studioumbrella Sql Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012120121

toto communications Cross-Site Scripting Vulnerability
http://cxsecurity.com/issue/WLB-2012120120

WebConnection Cross-Site Scripting Vulnerability
http://cxsecurity.com/issue/WLB-2012120118

OpenPegasus CIM Server Denial of Service Vulnerability
http://secunia.com/advisories/51488/

SUSE update for bogofilter
http://secunia.com/advisories/51570/

TWiki "%MAKETEXT{}%" Macro Denial of Service Vulnerability
http://secunia.com/advisories/51548/

Foswiki "%MAKETEXT{}%" Macro Denial of Service Vulnerability
http://secunia.com/advisories/51516/

SUSE update for bind
http://secunia.com/advisories/51571/

IBM InfoSphere Information Server Multiple Vulnerabilities
http://secunia.com/advisories/51605/

MyBB "posthash" SQL Injection Vulnerability
http://secunia.com/advisories/51592/

IBM Advanced Settings Utility (ASU) / Bootable Media Creator (BoMC) Insecure Files
http://secunia.com/advisories/51525/

Axway SecureTransport Directory Traversal Vulnerability
http://secunia.com/advisories/51558/

Centrify Deployment Manager Insecure Temporary File Security Issue
http://secunia.com/advisories/51611/

Squid cachemgr.cgi Memory Leak Denial of Service Vulnerability
http://secunia.com/advisories/51545/

RealPlayer Two Vulnerabilities
http://secunia.com/advisories/51589/

Debian update for icedove
http://secunia.com/advisories/51514/

Debian update for tiff
http://secunia.com/advisories/51490/

SUSE update for flash-player
http://secunia.com/advisories/51609/

PHP Address Book 'group' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56937

Symantec Endpoint Protection Manager CVE-2012-4348 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56846

Symantec Network Access Control CVE-2012-4349 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56847

TWiki Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56950

bogofilter CVE-2012-5468 Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56804

HP Intelligent Management Centre 'uam.exe' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55271

Perl CGI.pm 'Set-Cookie' and 'P3P' Headers HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/56562

GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982

Xen 'HVMOP_set_mem_access' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56799

Xen CVE-2012-5514 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56803

Xen 'XENMEM_exchange' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56797

Xen 'extent_order' Values Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56798

Xen Bitmap Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56796

Xen Grant Table Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56794

Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56769

librdmacm 'ib_acm' Service Port Connection Security Vulnerability
http://www.securityfocus.com/bid/55896

MATE mate-settings-daemon CVE-2012-5560 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/56709

Google Chrome Prior to 23.0.1271.91 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56684

Red Hat Certificate System Multiple Cross-Site Scripting and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56843

bogofilter Base64 Encoding '=' Character Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41339

JW Player Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/48214

JW Player HTML Injection And Content Spoofing Vulnerability
http://www.securityfocus.com/bid/53876

Adobe Flash Player and AIR CVE-2012-5678 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56898

Adobe Flash Player and AIR CVE-2012-5676 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56892

Adobe Flash Player and AIR CVE-2012-5677 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/56896

LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56715

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4216 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56634

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5829 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56636

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5842 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/56611

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-4201 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56618

Mozilla Firefox, SeaMonkey, and Thunderbird HZ-GB-2312 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56632

Inkscape XML External Entity Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56965

phpwcms Multiple 'preg_replace()' Remote PHP Code Injection Vulnerabilities
http://www.securityfocus.com/bid/56964

Fail2ban CVE-2012-5642 Arbitrary Log Content Injection Vulnerability
http://www.securityfocus.com/bid/56963

MyBB 'posthash' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56960

Ubuntu Aptdaemon PPA GPG Key Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/56959

Squid 'cachemgr.cgi' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56957

WordPress TimThumb Plugin Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56953

Samsung SmartPhones Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56955

:: IT Security Neophyte Investigator's MEMO ::

2012年12月18日火曜日

18日火曜日、仏滅

0 件のコメント:

コメントを投稿

2012年12月18日火曜日

18日 火曜日、仏滅

0 件のコメント:

コメントを投稿

18日火曜日、仏滅