:: IT Security Neophyte Investigator's MEMO ::: 18日金曜日、赤口

2013年1月18日金曜日

18日金曜日、赤口

+ Red Hat Enterprise Linux 5.9 released
https://access.redhat.com/knowledge/docs/ja-JP/Red_Hat_Enterprise_Linux/5/html-single/5.9_Release_Notes/index.html

+ CentOS 5.9 released
http://lists.centos.org/pipermail/centos-announce/2013-January/019205.html

+ CESA-2013:0165 Important CentOS 5 java-1.7.0-openjdk Update
http://lwn.net/Alerts/532987/

+ CESA-2013:0165 Important CentOS 6 java-1.7.0-openjdk Update
http://lwn.net/Alerts/532988/

+ UPDATE: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone

+ Tomcat 7.0.35 Released
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

+ Linux kernel 3.7.3, 3.4.26, 3.0.59, 2.6.34.14 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.26
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.59
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.34/ChangeLog-2.6.34.14

+ PHP 5.4.11, 5.3.21 released
http://php.net/ChangeLog-5.php

パスワードマネージャーあんしん自動更新メンテナンスのお知らせ（2013年1月17日）
http://www.trendmicro.co.jp/support/news.asp?id=1891

ウイルスバスタービジネスセキュリティサービスバージョンアップ用メンテナンスのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1889

「脆弱性体験学習ツールAppGoatハンズオンセミナー」開催のご案内
http://www.ipa.go.jp/security/vuln/seminar/lab_semi_appgoat_2013_1.html

Secunia Research: Oracle Outside In Technology Paradox Database Handling Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00072.html

Secunia Research: Oracle Outside In Technology Paradox Database Handling Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00071.html

Cisco Security Advisory Update v1.1: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00070.html

NSOADV-2013-002: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/sgms/)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00074.html

NSOADV-2013-001: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/appliance/)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00073.html

[SECURITY] [DSA 2609-1] rails security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00069.html

認証“改革”待ったなし
認証連携でビジネス創出
http://itpro.nikkeibp.co.jp/article/COLUMN/20121227/447066/?ST=security

動かないコンピュータ
［世界の金融機関］国内3銀行で不正送金420万円、欧米では2000億円の被害
http://itpro.nikkeibp.co.jp/article/COLUMN/20130112/449262/?ST=security

農水省がサイバー攻撃調査の初会合、「全通信記録を徹底検証」
http://itpro.nikkeibp.co.jp/article/NEWS/20130117/450104/?ST=security

世界のセキュリティ・ラボから
セキュリティ対策費の出し惜しみはかえって損
http://itpro.nikkeibp.co.jp/article/COLUMN/20130116/449843/?ST=security

PHP 5.4.11 and PHP 5.3.21 released
https://isc.sans.edu/diary.html?storyid=14968

Drupal Mark Complete 7.x Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2013010143

Drupal Core 6.x / 7.x Cross Site Scripting & Access Bypass
http://cxsecurity.com/issue/WLB-2013010142

Drupal Live CSS 6.x / 7.x PHP Code Execution
http://cxsecurity.com/issue/WLB-2013010141

Schneider Electric Interactive Graphical SCADA System Data Collector Buffer Overflow Vulnerability
http://secunia.com/advisories/51819/

Drupal Multiple Vulnerabilities
http://secunia.com/advisories/51717/

Pale Moon Multiple Vulnerabilities
http://secunia.com/advisories/51866/

Schneider Electric Multiple Products SESU Update Spoofing Vulnerability
http://secunia.com/advisories/51849/

php-Charts Arbitrary PHP Code Execution Vulnerability
http://secunia.com/advisories/51844/

Drupal Live CSS Module Arbitrary File Upload Vulnerability
http://secunia.com/advisories/51882/

Drupal Mark Complete Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/51883/

Cydia REPO Management Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/51843/

Drupal RESTful Web Services Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/51896/

Ubuntu update for qemu-kvm
http://secunia.com/advisories/51861/

Red Hat update for java-1.7.0-openjdk
http://secunia.com/advisories/51858/

Xen Qemu "e1000_receive()" Buffer Overflow Vulnerability
http://secunia.com/advisories/51798/

Adobe Acrobat and Reader CVE-2013-0613 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/57287

Adobe Acrobat and Reader CVE-2013-0604 Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57283

Adobe Acrobat and Reader CVE-2013-0609 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/57286

Adobe Acrobat and Reader CVE-2013-0610 Remote Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57284

Adobe Acrobat and Reader CVE-2013-0616 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57274

Adobe Acrobat and Reader CVE-2013-0611 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57292

Adobe Acrobat and Reader CVE-2013-0612 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57265

Adobe Acrobat and Reader CVE-2013-0617 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57269

Adobe Acrobat and Reader CVE-2013-0615 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57268

Adobe Acrobat and Reader CVE-2013-0614 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57293

Adobe Acrobat and Reader CVE-2013-0605 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57273

Adobe Acrobat and Reader CVE-2013-0606 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57263

Adobe Acrobat and Reader CVE-2013-0608 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57291

Adobe Acrobat and Reader CVE-2013-0602 Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57289

Adobe Acrobat and Reader CVE-2012-1530 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57264

Adobe Acrobat and Reader CVE-2013-0601 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57272

Adobe Acrobat and Reader CVE-2013-0607 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57290

Adobe Acrobat and Reader CVE-2013-0626 Remote Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57285

Adobe Acrobat and Reader CVE-2013-0620 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57276

Adobe Acrobat and Reader CVE-2013-0618 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57294

Adobe Acrobat and Reader CVE-2013-0621 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57270

Adobe Acrobat and Reader CVE-2013-0627 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57297

Adobe Acrobat and Reader CVE-2013-0619 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57275

Adobe Acrobat and Reader CVE-2013-0622 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/57295

Adobe Acrobat and Reader CVE-2013-0624 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/57296

Adobe Acrobat and Reader CVE-2013-0623 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57277

RPM Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/52865

rpm-python RPM File Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/49799

Piwik Multiple Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/57427

Oracle Outside In Technology CVE-2013-0418 Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57364

Oracle Outside In Technology CVE-2013-0393 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/57357

Oracle Java Runtime Environment CVE-2012-3174 Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57312

Oracle Java Runtime Environment CVE-2013-0422 Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/57246

RPM CVE-2012-6088 Signature Verification Security Bypass Vulnerability
http://www.securityfocus.com/bid/57138

Conga luci '__ac' Session Cookie Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57322

Red Hat Enterprise Linux Sos Private Information Disclosure Vulnerability
http://www.securityfocus.com/bid/50936

Red Hat Security Advisory RHSA-2012:0103 for SquirrelMail Denial of Service Vulnerability
http://www.securityfocus.com/bid/57201

Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55131

Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/27409

Red Hat autofs utility Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57183

FreeRADIUS CVE-2011-4966 Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/57177

Neon 'ne_xml*' expat XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/36080

Net-SNMP SNMP GET Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/53255

Wireshark Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/51368

Wireshark Buffer Underflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/51710

Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/48066

Wireshark Versions Prior to 1.8.2 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55035

Wireshark ERF File Parser Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50486

Wireshark ANSI A MAP Files Denial of Service Vulnerability
http://www.securityfocus.com/bid/49071

HP Linux Imaging and Printing Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/48892

libvirt CVE-2012-2693 Multiple Local Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/54126

Linux DiskQuota 'hosts_ctl()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/55066

gdk-pixbuf 'read_bitmap_file_data()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/53548

Ruby '#to_s' Method Incomplete Fix Security Bypass Vulnerability
http://www.securityfocus.com/bid/55813

Ruby CVE-2012-4522 Local File Creation Vulnerability
http://www.securityfocus.com/bid/56115

OpenIPMI 'ipmievd' Daemon PID Files Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/51036

PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/27163

MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55715

GNOME Gnome-keyring 'gnome_keyring_lock_all_sync()' Security Vulnerability
http://www.securityfocus.com/bid/57266

php-Charts 'url.php' Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/57448

Multiple SonicWALL Products CVE-2013-1360 Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/57446

Multiple SonicWALL Products CVE-2013-1359 Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/57445

IP.Gallery 'img' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/57444

:: IT Security Neophyte Investigator's MEMO ::

2013年1月18日金曜日

18日金曜日、赤口

0 件のコメント:

コメントを投稿

2013年1月18日金曜日

18日 金曜日、赤口

0 件のコメント:

コメントを投稿

18日金曜日、赤口