2013年1月22日火曜日

22日 火曜日、仏滅


+ RHSA-2013:0169 Moderate: vino security update
http://rhn.redhat.com/errata/RHSA-2013-0169.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4429

+ Linux kernel 3.7.4, 3.4.27, 3.0.60 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.4
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.27
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.60

+ Samba 3.6.11 Available for Download
http://samba.org/samba/history/samba-3.6.11.html

+ Google Chrome Cross Site Scripting Filter Security Bypass Vulnerability
http://www.securityfocus.com/bid/57474

Check Point response to XSS and CSRF vulnerabilities in Mobile Access Blade portal
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk91000&src=securityAlerts

ウイルス対策製品検出用検索エンジン 3.5.5614 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1888

脆弱性対策情報データベースJVN iPediaの登録状況
[2012年第4四半期(10月~12月)]
http://www.ipa.go.jp/security/vuln/report/JVNiPedia2012q4.html

チェックしておきたい脆弱性情報<2013.01.22>
http://itpro.nikkeibp.co.jp/article/COLUMN/20130121/450629/?ST=security

JVNがJavaアップデートの不完全性を指摘、Java無効化を改めて推奨
http://itpro.nikkeibp.co.jp/article/NEWS/20130121/450703/?ST=security

スマホや指輪でログイン、Googleが新たな認証技術を開発中---米メディアの報道
http://itpro.nikkeibp.co.jp/article/NEWS/20130121/450601/?ST=security

Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00086.html

(AUSCERT#20131775e) AusCERT 2013 Call For Presentations - closing in 10 days
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00083.html

NoSuchCon CFP / 15-17 May 2013 / Paris, France
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00082.html

Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS0
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00081.html

[SECURITY] [DSA 2605-2] asterisk regression update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00080.html

CA20121220-01: Security Notice for CA IdentityMinder [updated]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00079.html

ESA-2013-008: EMC AlphaStor Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00078.html

[SE-2012-01] Java 7 Update 11 confirmed to be vulnerable
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00077.html

Multiple Vulnerabilities in Linksys WRT54GL
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00084.html

Recently-revised IETF I-Ds about IPv6 security
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00076.html

Moodle Multiple Vulnerabilities
http://secunia.com/advisories/51842/

WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/50674/

git-extras Two Insecure Temporary File Security Issues
http://secunia.com/advisories/51911/

Zabbix "cnf" LDAP Authentication Security Bypass Vulnerability
http://secunia.com/advisories/51910/

Zabbix "cnf" LDAP Authentication Security Bypass Vulnerability
http://secunia.com/advisories/51909/

Classified Ultra "cname" Cross-Site Scripting and "c" SQL Injection Vulnerabilities
http://secunia.com/advisories/51903/

Aloaha PDF Saver Credential Provider Service Insecure File Permissions Security Issue
http://secunia.com/advisories/51885/

WordPress Events Manager Plugin Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/51869/

Haskell tls-extra Library SSL Certificate Verification Security Issue
http://secunia.com/advisories/51870/

Linksys WRT54GL Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/51809/

WordPress DVS Custom Notification Plugin Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/51531/

OpenVZ update for kernel
http://secunia.com/advisories/51915/

Snort "rule20275eval()" Buffer Overflow Vulnerability
http://secunia.com/advisories/51901/

Avaya Experience Portal Two Vulnerabilities
http://secunia.com/advisories/51742/

IBM Informix Genero libpng Integer Overflow Vulnerability
http://secunia.com/advisories/51905/

Avaya Aura Session Manager Multiple Vulnerabilities
http://secunia.com/advisories/51920/

SUSE update for MozillaFireFox
http://secunia.com/advisories/51922/

Artak Solutions XSS/SQL Vulnerabilities
http://cxsecurity.com/issue/WLB-2013010166

Google Chrome 24 Anti-XSS Filter Bypass
http://cxsecurity.com/issue/WLB-2013010165

Linksys WRT54GL 1.1 XSS / OS Command Injection
http://cxsecurity.com/issue/WLB-2013010163

Firefox and IE stall when using workaround from MS06-020 or MS06-069
http://cxsecurity.com/issue/WLB-2013010162

Adobe Experience Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010161

WordPress Ripe HD FLV Player SQL Injection & Path Disclosure
http://cxsecurity.com/issue/WLB-2013010160

Joomla Collector Shell Upload
http://cxsecurity.com/issue/WLB-2013010159

Classified Ultra ScriptsGenie Cross Site Scripting / SQL Injection
http://cxsecurity.com/issue/WLB-2013010158

REMOTE: Jenkins Script-Console Java Execution
http://www.exploit-db.com/exploits/24272

REMOTE: PHP-Charts v1.0 PHP Code Execution Vulnerability
http://www.exploit-db.com/exploits/24273

Ganglia Unspecified PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/54699

EMC Avamar Backup Client Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/57005

libTIFF TIFF Image CVE-2012-2088 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54270

Todd Miller Sudo Host_List Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/53569

LibTIFF 'tiff2pdf' Utility Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/54076

Google Chrome Prior to 16.0.912.75 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51300

libxml2 Unspecified Out-of-Bounds Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/51084

Cisco Linksys WRT54GL Router Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57459

GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982

Linux Kernel CVE-2012-5517 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56527

Linux Kernel EXT4 'ext4_fill_flex_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53414

Linux Kernel 'tcp_illinois_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56346

Linux Kernel NFS Client 'decode_getacl()' Incomplete Fix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53615

Linux Kernel IPv6 CVE-2012-4444 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56891

Firefox Foxit Reader Plugin 'npFoxitReaderPlugin.dll' Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57174

php-Charts 'url.php' Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/57448

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0760 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57199

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0769 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57203

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0754 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57217

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0756 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57215

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0743 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57258

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0764 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57211

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0755 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57213

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0767 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57195

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0766 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57194

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0768 Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57204

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0753 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57209

Drupal Mark Complete Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/57443

Drupal Live CSS Module Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/57436

Drupal RESTful Web Services Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/57442

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0746 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57238

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52049

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0750 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57235

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0748 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57234

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0763 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57197

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0757 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57236

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0771 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57198

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0747 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57240

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0759 Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/57228

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0749 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57205

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0770 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57207

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0761 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57196

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0758 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57232

Schneider Electric Interactive Graphical SCADA System 'dc.exe' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57449

Novell eDirectory Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57038

Xen 'xen_failsafe_callback()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57433

MoinMoin CVE-2012-6081 Multiple Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/57082

MoinMoin wiki CVE-2012-6080 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/57076

MoinMoin CVE-2012-6082 Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/57089

Ruby on Rails CVE-2013-0155 Unsafe SQL Query Generation Vulnerability
http://www.securityfocus.com/bid/57192

Ruby on Rails CVE-2013-0156 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57187

Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities
http://www.securityfocus.com/bid/56993

GnuPG CVE-2012-6085 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/57102

Zend Framework 'Zend_Feed' Component Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56982

Oracle Java Runtime Environment Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/57467

git-extras Multiple Insecure Temporary File Creation Vulnerabilities
http://www.securityfocus.com/bid/57480

WordPress Poll Plugin Multiple SQL Injection and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/57479

WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/57478

WordPress Events Manager Plugin Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/57477

Moodle Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/57475

Google Chrome Cross Site Scripting Filter Security Bypass Vulnerability
http://www.securityfocus.com/bid/57474

0 件のコメント:

コメントを投稿