:: IT Security Neophyte Investigator's MEMO ::: 19日火曜日、仏滅

2013年2月19日火曜日

19日火曜日、仏滅

+ HS13-003 Multiple Vulnerabilities in Hitachi Tuning Manager, JP1/Performance Management - Web Console, and JP1/Performance Management - Manager Web Option
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-003/index.html

+ HS13-003 Hitachi Tuning Manager，JP1/Performance Management - Web Console，JP1/Performance Management - Manager Web Optionにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-003/index.html

+ Tomcat 7.0.37 Released
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

+ Apple iOS Code Lock Security Bypass Vulnerability
http://www.securityfocus.com/bid/57990

Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00084.html

Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00083.html

[SECURITY] [DSA 2628-1] nss-pam-ldapd security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00082.html

Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00076.html

[SECURITY] [DSA 2627-1] nginx security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00075.html

[SECURITY] [DSA 2626-1] lighttpd security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00074.html

Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00073.html

[SECURITY] [DSA 2625-1] wireshark security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00072.html

[IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00079.html

Multiple Vulnerabilities in Netgear DGN2200B
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00078.html

[SECURITY] [DSA 2624-1] ffmpeg security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00071.html

SI6 Networks IPv6 Toolkit v1.3 released!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00070.html

PHP-Fusion 7.02.05 SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00080.html

CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00069.html

チェックしておきたい脆弱性情報＜2013.02.19＞
http://itpro.nikkeibp.co.jp/article/COLUMN/20130218/456663/?ST=security

JIPDEC、行政書士が確認した企業情報DB「ROBINS」を開始
http://itpro.nikkeibp.co.jp/article/NEWS/20130218/456945/?ST=security

MBSD、ボット感染をレポートする月額制のマルウエア対策サービスを開始
http://itpro.nikkeibp.co.jp/article/NEWS/20130218/456741/?ST=security

FacebookがJava脆弱性悪用した攻撃の標的に、「ユーザー情報は無事」と発表
http://itpro.nikkeibp.co.jp/article/NEWS/20130218/456661/?ST=security

Cisco Unity Connection TCP Flood Memory Leak Lets Remote Users Deny Service
http://www.securitytracker.com/id/1028150

SAP NetWeaver Message Server Service Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1028148

linux kernel Btrfs CRC32C infinite loop and privilege boundaries
http://cxsecurity.com/issue/WLB-2012120107

nss-pam-ldapd FD_SET array index error (stack-based buffer overflow)
http://cxsecurity.com/issue/WLB-2013020125

Piwigo 2.4.6 (install.php) Remote Arbitrary File Read/Delete Vulnerability
http://cxsecurity.com/issue/WLB-2013020126

Photodex ProShow Producer 5.0.3297 PXT File title Value Handling Buffer Overflow
http://cxsecurity.com/issue/WLB-2013020124

chichen-tech CMS XSS/SQL Vulnerabilities
http://cxsecurity.com/issue/WLB-2013020123

Demandware Store XSS Vulnerability
http://cxsecurity.com/issue/WLB-2013020116

Scripts Genie Domain Trader SQL Injection
http://cxsecurity.com/issue/WLB-2013020120

Scripts Genie Games Site SQL Injection
http://cxsecurity.com/issue/WLB-2013020119

Scripts Genie Gallery Personals SQL Injection
http://cxsecurity.com/issue/WLB-2013020122

Scripts Genie Top Sites SQL Injection
http://cxsecurity.com/issue/WLB-2013020121

0101SHOP CMS SQL Injection
http://cxsecurity.com/issue/WLB-2013020118

Smoke Loader LFI / File Deletion
http://cxsecurity.com/issue/WLB-2013020117

Scripts Genie Pet Rate Pro SQL Injection and PHP Code Execution Vulnerabilities
http://secunia.com/advisories/52265/

Cisco Unity Connection Memory Leak Flooding Denial of Service Vulnerability
http://secunia.com/advisories/52237/

Scripts Genie Domain Trader "id" SQL Injection Vulnerability
http://secunia.com/advisories/52262/

mora Downloader File Search Path Insecure File Loading Vulnerability
http://secunia.com/advisories/52232/

Gallery Personals "L" SQL Injection Vulnerability
http://secunia.com/advisories/52260/

Games Site Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/52258/

IBM Multiple Products Multiple Vulnerabilities
http://secunia.com/advisories/52132/

IBM Data Studio Help System Multiple Vulnerabilities
http://secunia.com/advisories/52175/

Linux Kernel ptrace Privilege Escalation Vulnerability
http://secunia.com/advisories/52269/

Linux Kernel "xen_iret()" IRET Handling Vulnerability
http://secunia.com/advisories/52270/

chillyCMS Security Bypass Security Issue and Arbitrary File Upload Vulnerability
http://secunia.com/advisories/52185/

Hitachi Multiple Products Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/52263/

Debian update for ffmpeg
http://secunia.com/advisories/52213/

HP NonStop Server Multiple Vulnerabilities
http://secunia.com/advisories/52230/

Jenkins Multiple Vulnerabilities
http://secunia.com/advisories/52236/

Debian update for wireshark
http://secunia.com/advisories/52211/

Debian update for lighttpd
http://secunia.com/advisories/52233/

RoundCube Webmail Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57849

Linux Kernel '__skb_recv_datagram()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57964

Dnsmasq Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54353

Dnsmasq Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57458

OpenStack Keystone CVE-2013-0247 Denial of Service Vulnerability
http://www.securityfocus.com/bid/57747

PostgreSQL 'enum_recv()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/57844

GnuTLS TLS And DTLS Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57736

Xen AMD IOMMU CVE-2013-0153 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57745

Xen OXenstored Daemon CVE-2013-0215 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57742

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0743 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57258

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0745 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57244

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0747 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57240

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0752 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57241

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0758 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57232

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0744 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57218

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0748 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57234

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0755 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57213

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0749 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57205

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0771 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57198

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0769 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57203

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0763 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57197

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0768 Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57204

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0754 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57217

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0764 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57211

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0770 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57207

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0766 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57194

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0756 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57215

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0760 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57199

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5829 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56636

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0762 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57193

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0750 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57235

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0753 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57209

Boost UTF-8 'utf_traits::decode()' Function Input Validation Vulnerability
http://www.securityfocus.com/bid/57675

Oracle Sun Products Suite CVE-2013-0400 Local Solaris Vulnerability
http://www.securityfocus.com/bid/57398

Microsoft Windows CSRSS CVE-2013-0076 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57821

Microsoft DirectShow CVE-2013-0077 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57857

IBM Eclipse Help System Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53884

Oracle Java SE CVE-2012-3213 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57717

Oracle Java SE CVE-2013-0428 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57713

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57702

Oracle Java SE CVE-2013-0434 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57730

Oracle Java SE CVE-2013-0435 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57729

Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57727

Linux Kernel CVE-2013-0228 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57940

Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57710

Oracle Java SE CVE-2013-0423 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57716

Oracle Java SE CVE-2013-1473 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57731

Oracle Java SE CVE-2013-0446 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57699

Oracle Java SE CVE-2013-0351 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57720

Oracle Java SE CVE-2012-3342 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57700

Oracle Java SE CVE-2013-0427 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57724

Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57711

Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57709

Oracle Java SE CVE-2013-0424 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57715

Oracle Java SE CVE-2013-0450 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57703

Oracle Java SE CVE-2013-0442 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57687

Oracle Java SE CVE-2013-0433 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57719

Oracle Java SE CVE-2013-1480 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57691

Oracle Java SE CVE-2013-1481 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57718

Oracle Java SE CVE-2013-0438 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57708

Oracle Java SE CVE-2012-1541 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57697

Oracle Java SE CVE-2013-0409 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57728

Oracle Java SE CVE-2013-0430 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57722

Oracle Java SE CVE-2013-0441 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57692

Oracle Java SE CVE-2013-0419 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57714

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57712

Oracle Java SE CVE-2013-1476 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57696

Oracle Java SE CVE-2013-1475 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57694

Oracle Java SE CVE-2013-0445 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57689

libxml2 Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52107

Microsoft Windows Kernel CVE-2013-1280 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57854

Microsoft Windows Kernel CVE-2013-1278 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57855

Microsoft Windows Kernel CVE-2013-1279 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57856

Oracle Java SE CVE-2013-1478 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57686

Microsoft Internet Explorer CDispNode Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57828

Microsoft Internet Explorer CObjectElem Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57834

Microsoft Internet Explorer CPasteComma Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57831

Microsoft Internet Explorer pasteHTML Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57829

Microsoft Internet Explorer InsertEleme Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57832

Microsoft Internet Explorer COmWindowProxy Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57824

Microsoft Internet Explorer CHTML Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57833

Microsoft Internet Explorer SLayoutRun Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57830

Microsoft Internet Explorer LsGetTrailInfo Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57827

Microsoft Internet Explorer Shift JIS Character CVE-2013-0015 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57822

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57825

Microsoft Internet Explorer vtable Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57826

Microsoft Internet Explorer SetCapture Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57823

Microsoft Windows NFS Server NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57853

Microsoft Windows TCP/IP TCP FIN WAIT CVE-2013-0075 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57858

Oracle Sun Products Suite CVE-2013-0415 Local Solaris Vulnerability
http://www.securityfocus.com/bid/57403

Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/56814

Oracle Solaris CVE-2013-0407 Local Vulnerability
http://www.securityfocus.com/bid/57393

QEMU KVM QXL Denial of Service Vulnerability
http://www.securityfocus.com/bid/57637

Red Hat Sos CVE-2012-2664 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54116

Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54283

Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
http://www.securityfocus.com/bid/56812

OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/51281

pyrad Password Hash Information Disclosure Vulnerability and Packet Spoofing Vulnerability
http://www.securityfocus.com/bid/57984

pigz Insecure File Permissions Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57971

FFmpeg Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/51307

FFmpeg Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/55355

TLS Protocol CVE-2012-4929 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55704

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935

Wireshark DTLS Dissector Denial of Service Vulnerability
http://www.securityfocus.com/bid/57621

Wireshark CLNP Dissector Denial of Service Vulnerability
http://www.securityfocus.com/bid/57625

Wireshark DCP-ETSI Dissector Denial of Service Vulnerability
http://www.securityfocus.com/bid/57615

Wireshark NTLMSSP Dissector Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57618

nss-pam-ldapd 'FD_SET()' Function Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/58007

NetGear DGN2200B Wireless Router Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57998

Apple iOS Code Lock Security Bypass Vulnerability
http://www.securityfocus.com/bid/57990

USB Sharp HTML Injection and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/57988

:: IT Security Neophyte Investigator's MEMO ::

2013年2月19日火曜日

19日火曜日、仏滅

0 件のコメント:

コメントを投稿

2013年2月19日火曜日

19日 火曜日、仏滅

0 件のコメント:

コメントを投稿

19日火曜日、仏滅