2013年1月25日金曜日
25日 金曜日、先勝
+ CESA-2013:0188 Important CentOS 6 ipa Update
http://lwn.net/Alerts/533939/
+ CESA-2013:0189 Important CentOS 5 ipa-client Update
http://lwn.net/Alerts/533938/
+ Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx
+ UPDATE: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone
+ UPDATE: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc
+ Sudo 1.8.6p5 released
http://www.sudo.ws/sudo/stable.html#1.8.6p5
ServerProtect for Linux 3.0 Critical Patch build 1366 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1894
AIU保険がサイバーリスク保険発売、攻撃・不正に包括対応
http://itpro.nikkeibp.co.jp/article/NEWS/20130124/451744/?ST=security
SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Networks Products
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00107.html
IPv6: How to avoid security issues with VPN leaks on dual-stack networks
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00106.html
New Blog Post: Attacking the Windows 7/8 Address Space Randomization
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00105.html
CVE ID Syntax Change - Call for Public Feedback
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00101.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00100.html
CVE-2013-0805 / CSNC-2013-001
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00102.html
SQL Injection Vulnerability in ImageCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00104.html
Cross-Site Scripting (XSS) vulnerability in gpEasy
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00103.html
JVNDB-2012-005749 Apache Tomcat における security-constraint のチェックを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005749.html
JVNDB-2013-001237 Movable Type の mt-upgrade.cgi における eval インジェクションおよび SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001237.html
JVNDB-2013-001236 Nagios Core の history.cgi におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001236.html
JVNDB-2013-001235 Apache CloudStack および Citrix CloudPlatform における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001235.html
JVNDB-2013-001234 iOS 用 Call of Duty Elite における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001234.html
JVNDB-2012-005913 Linux Kernel の KVM サブシステムにおけるサービス運用妨害 (カーネル OOPS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005913.html
JVNDB-2013-001233 Oracle MySQL および MariaDB における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001233.html
JVNDB-2013-001232 Linux Kernel の Reliable Datagram Sockets プロトコルの実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001232.html
JVNDB-2013-001231 Microsoft Internet Explorer におけるファイルの存在についての重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001231.html
JVNDB-2012-005912 Linux Kernel の Near Field Communication Controller Interface におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005912.html
JVNDB-2012-005911 Linux Kernel の KVM サブシステムにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005911.html
JVNDB-2012-005910 Linux Kernel の macvtap デバイスドライバにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005910.html
JVNDB-2012-005467 複数の Mozilla 製品の nsWindow::OnExposeEvent 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005467.html
Barracuda "Back Door"
https://isc.sans.edu/diary.html?storyid=15004
Barracuda Web Filter SSH Backdoor Lets Remote Users Access the System
http://www.securitytracker.com/id/1028038
Barracuda Web Application Firewall SSH Backdoor Lets Remote Users Access the System
http://www.securitytracker.com/id/1028037
Barracuda SSL VPN SSH Backdoor Lets Remote Users Access the System
http://www.securitytracker.com/id/1028036
Barracuda Link Balancer SSH Backdoor Lets Remote Users Access the System
http://www.securitytracker.com/id/1028035
Xen Nested HVM Memory Leak Lets Local Users Deny Service
http://www.securitytracker.com/id/1028032
Red Hat Enterprise IPA Certificate Validation Flaw Lets Remote Users Access the System in Certain Cases
http://www.securitytracker.com/id/1028028
REMOTE: Java Applet Method Handle Remote Code Execution
http://www.exploit-db.com/exploits/24308
REMOTE: Java Applet AverageRangeStatisticImpl Remote Code Execution
http://www.exploit-db.com/exploits/24309
REMOTE: ZoneMinder Video Server packageControl Command Execution
http://www.exploit-db.com/exploits/24310
REMOTE: SonicWALL GMS 6 Arbitrary File Upload
http://www.exploit-db.com/exploits/24322
REMOTE: Novell eDirectory 8 Buffer Overflow
http://www.exploit-db.com/exploits/24323
DoS/PoC: Aloaha PDF Crypter (3.5.0.1164) ActiveX Arbitrary File Overwrite
http://www.exploit-db.com/exploits/24319
SUSE update for tomcat6 and libtcnative
http://secunia.com/advisories/51960/
SUSE update for Multiple Packages
http://secunia.com/advisories/51817/
SUSE update for tomcat
http://secunia.com/advisories/51972/
SUSE update for Multiple Packages
http://secunia.com/advisories/51898/
Cisco Wireless LAN Controllers Multiple Vulnerabilities
http://secunia.com/advisories/51965/
Drupal Search API Sorts Module Field Labels Script Insertion Vulnerability
http://secunia.com/advisories/51977/
Red Hat update for ipa
http://secunia.com/advisories/51871/
Drupal User Relationships Module Relationship Names Script Insertion Vulnerability
http://secunia.com/advisories/51979/
SUSE update for flash-player
http://secunia.com/advisories/51946/
SUSE update for icinga
http://secunia.com/advisories/51944/
FreeIPA Two Information Disclosure Security Issues
http://secunia.com/advisories/51907/
FreeIPA Insecure CA Certificate Handling Security Issue
http://secunia.com/advisories/51756/
SSSD Multiple Denial of Service Vulnerabilities
http://secunia.com/advisories/51928/
SUSE update for libqt4
http://secunia.com/advisories/51952/
SUSE update for mysql-community-server
http://secunia.com/advisories/51961/
Red Hat update for JBoss Operations Network
http://secunia.com/advisories/51966/
TripAdvisor for iOS Login Credentials Disclosure Security Issue
http://secunia.com/advisories/51410/
GE Intelligent Platforms Products Two Vulnerabilities
http://secunia.com/advisories/51936/
Google Web Toolkit Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51941/
SAP NetWeaver SPML XML Entity References Information Disclosure Vulnerability
http://secunia.com/advisories/51573/
SUSE update for libtiff
http://secunia.com/advisories/51973/
SUSE update for squid3
http://secunia.com/advisories/51974/
Windows 7/8 Attacking the Address Space Randomization
http://cxsecurity.com/issue/WLB-2013010194
Drupal CurvyCorners Cross-site Scripting
http://cxsecurity.com/issue/WLB-2013010193
php_chat Remote File inclusion Vulnerability
http://cxsecurity.com/issue/WLB-2013010192
webingroup CMS SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010191
Chisimba SQL Injection
http://cxsecurity.com/issue/WLB-2013010190
PHP Weby directory 1.2 Blind SQL injection && CSRF
http://cxsecurity.com/issue/WLB-2013010189
Drupal Video 7.x PHP Code Execution
http://cxsecurity.com/issue/WLB-2013010188
Drupal Search API Sorts 7.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010187
Drupal User Relationships 6.x / 7.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010186
Drupal CurvyCorners 6.x / 7.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010185
iTop Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010184
Drupal Keyboard Shortcut Utility 7.x Access Bypass
http://cxsecurity.com/issue/WLB-2013010183
WordPress Chocolate Theme XSS & Denial Of Service & Shell Upload
http://cxsecurity.com/issue/WLB-2013010182
Weboptima CMS Add Administrator & Shell Upload
http://cxsecurity.com/issue/WLB-2013010181
ircd-ratbox 'm_capab.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/57085
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0759 Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/57228
Adobe Shockwave Player CVE-2012-0759 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52006
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0757 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57236
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0771 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57198
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0770 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57207
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0767 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57195
Mozilla Firefox and SeaMonkey CVE-2013-0751 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57260
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0749 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57205
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0769 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57203
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5829 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56636
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0760 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57199
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0768 Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57204
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0747 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57240
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0743 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57258
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0748 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57234
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0750 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57235
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0746 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57238
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0758 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57232
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0766 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57194
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0753 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57209
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0744 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57218
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0761 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57196
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0756 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57215
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0764 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57211
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0754 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57217
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0755 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57213
Novell eDirectory Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57038
Multiple SonicWALL Products CVE-2013-1359 Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/57445
PLIB 'ulSetError()' Function Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51152
PLIB 'ssgParser.cxx' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55839
Adobe Flash Player and AIR CVE-2012-5676 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56892
Adobe Flash Player and AIR CVE-2012-5678 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56898
Adobe Flash Player and AIR CVE-2012-5677 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/56896
MariaDB CVE-2012-4414 Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/55498
Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56769
FreeIPA CVE-2012-5484 Man in The Middle Security Vulnerability
http://www.securityfocus.com/bid/57529
Adobe Flash Player and AIR CVE-2012-5280 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56546
Adobe Flash Player and AIR CVE-2012-5278 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56547
Adobe Flash Player and AIR CVE-2012-5274 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56542
Adobe Flash Player and AIR CVE-2012-5279 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56554
Adobe Flash Player and AIR CVE-2012-5276 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56544
Adobe Flash Player and AIR CVE-2012-5277 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56545
Adobe Flash Player and AIR CVE-2012-5275 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56543
Linux Kernel IPv6 CVE-2012-4444 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56891
Xen 'extent_order' Values Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56798
Linux Kernel ASLR Security Bypass Weakness
http://www.securityfocus.com/bid/52687
ADP and H-designer CVE-2013-4696 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57546
Aloaha PDF Crypter ActiveX Arbitrary File Overwrite Vulnerability
http://www.securityfocus.com/bid/57543
FreeIPA Cross-Realm Trust key Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57542
Barracuda SSL VPN Multiple Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/57540
SSSD Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57539
Google Web Toolkit CVE-2012-5920 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57538
Multiple Barracuda Products Security Bypass and Backdoor Unauthorized Access Vulnerabilities
http://www.securityfocus.com/bid/57537
TripAdvisor for iOS Man in the Middle Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57535
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿