:: IT Security Neophyte Investigator's MEMO ::: 22日金曜日、先勝

2013年2月22日金曜日

22日金曜日、先勝

+ Google Chrome 25.0.1364.97 released
http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_21.html

+ Linux kernel 3.4.33, 3.0.66 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.33
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.66

+ PHP 5.4.12 and PHP 5.3.22 released
http://php.net/archive/2013.php#id2013-02-21-1

Anti-Virus / Anti-Bot / Application Control / URL Filtering update might fail on R75.40/R75.40VS/R75.45
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk90700&src=securityAlerts

Advisory: Sophos Anti-Virus for UNIX - Process memory limit recommendations on AIX systems
http://www.sophos.com/en-us/support/knowledgebase/118805.aspx

日本電気製「Universal RAID Utility」の脆弱性対策について
http://www.ipa.go.jp/about/press/20130221.html

アドビがPDFリーダーの修正版、既知の致命的な脆弱性に対応
http://itpro.nikkeibp.co.jp/article/NEWS/20130221/457821/?ST=security

JVNVU#92991067 Adobe Reader および Acrobat に脆弱性
http://jvn.jp/cert/JVNVU92991067/

JVN#75585394 NEC Universal RAID Utility におけるアクセス制限不備の脆弱性
http://jvn.jp/jp/JVN75585394/

JVNTA13-051A Oracle Java に複数の脆弱性
http://jvn.jp/cert/JVNTA13-051A/

JVNDB-2013-001632 IBM WebSphere Message Broker におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001632.html

JVNDB-2013-001631 複数の IBM 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001631.html

JVNDB-2013-001630 複数の IBM 製品における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001630.html

JVNDB-2013-001629 複数の IBM 製品における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001629.html

JVNDB-2013-001628 複数の IBM 製品における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001628.html

JVNDB-2013-001627 IBM WebSphere Message Broker におけるサービス運用妨害 (無限ループ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001627.html

JVNDB-2013-001626 IBM WebSphere Message Broker における認証されていないメッセージの送信を誘発される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001626.html

JVNDB-2013-001027 (JVNTA13-010A) Oracle Java 7 に脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001027.html

JVNDB-2013-001625 IBM Netezza の WebAdmin アプリケーションにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001625.html

JVNDB-2013-001624 IBM Netezza の WebAdmin アプリケーションにおける認証情報を発見される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001624.html

JVNDB-2013-001145 Oracle MySQL の MySQL Server における Server Optimizer の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001145.html

JVNDB-2013-001623 IBM SAN Volume Controller および Storwize の管理 GUI における認証を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001623.html

JVNDB-2013-001141 Oracle MySQL の MySQL Server における Server Replication の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001141.html

JVNDB-2013-001146 Oracle MySQL の MySQL Server における Information Schema の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001146.html

JVNDB-2013-001150 Oracle MySQL の MySQL Server における Server Locking の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001150.html

JVNDB-2013-001148 Oracle MySQL の MySQL Server における Server Replication の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001148.html

JVNDB-2013-001622 Cisco Unity Connection におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001622.html

JVNDB-2013-001621 複数の Cisco 製品のコマンドラインインターフェイスにおける root 権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001621.html

JVNDB-2013-001620 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001620.html

JVNDB-2013-001619 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001619.html

JVNDB-2013-001618 複数の Mozilla 製品におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001618.html

JVNDB-2013-001617 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001617.html

JVNDB-2013-001616 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001616.html

JVNDB-2013-001615 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001615.html

JVNDB-2013-001614 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001614.html

JVNDB-2013-001613 複数の Mozilla 製品の nsDisplayBoxShadowOuter::Paint 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001613.html

JVNDB-2013-001612 複数の Mozilla 製品におけるアドレスバーを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001612.html

JVNDB-2013-001611 複数の Mozilla 製品の nsImageLoadingContent::OnStopContainer 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001611.html

JVNDB-2013-001610 複数の Mozilla 製品における脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001610.html

JVNDB-2013-001609 複数の Mozilla 製品の COW および SOW の実装における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001609.html

JVNDB-2013-001608 複数の Mozilla 製品におけるプロセスメモリから重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001608.html

JVNDB-2013-001607 複数の Mozilla 製品におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001607.html

JVNDB-2013-001606 Linux Kernel の net/core/datagram.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001606.html

JVNDB-2013-000012 (JVN#75585394) NEC Universal RAID Utility におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000012.html

TeamSHATTER Security Advisory: Oracle 11g Stealth Password Cracking Vulnerability (CVE-2012-
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00104.html

TeamSHATTER Security Advisory: SQL Injection in Oracle Alter FBA Table (CVE-2012-1751)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00103.html

[security bulletin] HPSBMU02836 SSRT101056 rev.1 - HP ArcSight Connector Appliance and ArcSight
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00102.html

NBC site redirecting to Exploit kit
https://isc.sans.edu/diary.html?storyid=15223

Fake Mandiant APT Report Used as Malware Lure
https://isc.sans.edu/diary.html?storyid=15226

SSHD rootkit in the wild
https://isc.sans.edu/diary.html?storyid=15229

It's a Dangerous Web Out There
https://isc.sans.edu/diary.html?storyid=15232

Red Hat Directory Server Bug in ACI with Certificate Groups Lets Remote Authenticated Users Deny Service
http://www.securitytracker.com/id/1028190

OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1028187

Red Hat update for openssh
http://secunia.com/advisories/52312/

SAP NetWeaver GRMGApp XML External Entity and Security Bypass Vulnerabilities
http://secunia.com/advisories/52272/

Red Hat update for kernel
http://secunia.com/advisories/52328/

Drupal Ubercart Module "full name" Script Insertion Vulnerability
http://secunia.com/advisories/52298/

Drupal Ubercart Views Module "full name" Script Insertion Vulnerability
http://secunia.com/advisories/52299/

Linux Kernel Extended Verification Module NULL Pointer Dereference Local Denial of Service
http://secunia.com/advisories/52202/

SAP NetWeaver Exportability Check Service Directory Traversal Vulnerability
http://secunia.com/advisories/52256/

WordPress Contact Form Plugin "cntctfrm_contact_email" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/52250/

WordPress Contact Form Plugin "cntctfrm_contact_message" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/52179/

Red Hat update for JBoss Enterprise SOA Platform
http://secunia.com/advisories/52306/

WordPress Pretty Link Lite Plugin "get-file" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/52246/

SUSE update for postgresql91
http://secunia.com/advisories/52290/

Red Hat update for openchange
http://secunia.com/advisories/52317/

Red Hat update for httpd
http://secunia.com/advisories/52319/

Debian update for postgresql
http://secunia.com/advisories/52287/

Red Hat update for pam
http://secunia.com/advisories/52291/

Red Hat update for squid
http://secunia.com/advisories/52324/

Red Hat update for pcsc-lite
http://secunia.com/advisories/52281/

Red Hat update for pki-core
http://secunia.com/advisories/52313/

Red Hat update for 389-ds-base
http://secunia.com/advisories/52323/

Red Hat update for samba4
http://secunia.com/advisories/52321/

Red Hat update for dhcp
http://secunia.com/advisories/52322/

Piwigo Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/52228/

NEC Universal RAID Utility Unrestricted Access Permissions Security Issue
http://secunia.com/advisories/52241/

Red Hat update for sssd
http://secunia.com/advisories/52315/

Red Hat update for dovecot
http://secunia.com/advisories/52311/

Drupal Display Suite Module Script Insertion Vulnerability
http://secunia.com/advisories/52297/

Red Hat update for java-1.7.0-oracle
http://secunia.com/advisories/52121/

Red Hat update for java-1.6.0-sun
http://secunia.com/advisories/52307/

Ubuntu update for keystone
http://secunia.com/advisories/52288/

Drupal Taxonomy Manager Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/52300/

Drupal Varnish HTTP Accelerator Integration Module Script Insertion Vulnerabilities
http://secunia.com/advisories/52295/

Drupal Menu Reference Module Menu Link Title Script Insertion Vulnerability
http://secunia.com/advisories/52296/

Drupal Image Derivatives Generation Denial of Service Vulnerability
http://secunia.com/advisories/52302/

Outlook web design SQL injection Vulnerability
http://cxsecurity.com/issue/WLB-2013020154

OpenEMR 4.1.1 (site param) Remote XSS Vulnerability
http://cxsecurity.com/issue/WLB-2013020153

E107 CMS Persistant XSS vulnerability
http://cxsecurity.com/issue/WLB-2013020152

phpMyRecipes 1.2.2 SQL Injection
http://cxsecurity.com/issue/WLB-2013020144

glFusion 1.2.2 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013020145

WordPress Pretty Link 1.6.3 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013020151

Alt-N MDaemon WorldClient Credential Disclosure
http://cxsecurity.com/issue/WLB-2013020150

Alt-N MDaemon WebAdmin Remote Code Execution
http://cxsecurity.com/issue/WLB-2013020149

Alt-N MDaemon WorldClient / WebAdmin Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2013020148

Alt-N MDaemon Email Body Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013020147

Alt-N MDaemon WorldClient Username Enumeration
http://cxsecurity.com/issue/WLB-2013020146

REMOTE: BigAnt Server 2 SCH And DUPF Buffer Overflow
http://www.exploit-db.com/exploits/24527

REMOTE: BigAnt Server DUPF Command Arbitrary File Upload
http://www.exploit-db.com/exploits/24528

REMOTE: OpenEMR PHP File Upload Vulnerability
http://www.exploit-db.com/exploits/24529

Multiple OpenStack Products Information Disclosure and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/58022

Red Hat CloudForms Multiple Insecure File Permissions and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/56819

Ruby on Rails Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/57084

Oracle Database Server CVE-2012-1751 SQL Injection Vulnerability
http://www.securityfocus.com/bid/55950

RDoc CVE-2013-0256 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57785

Rack Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57430

Adobe Acrobat And Reader CVE-2013-0641 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57947

Adobe Acrobat And Reader CVE-2013-0640 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57931

ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57556

389 Directory Server Certificate Groups Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/52044

Oracle Java SE CVE-2013-1486 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/58029

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57778

libvirt 'virNetMessageFree()' Function Use After Free Code Execution Vulnerability
http://www.securityfocus.com/bid/57578

IBM Netezza WebAdmin Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57839

Ruby on Rails CVE-2013-0276 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/57896

libupnp Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/57602

OpenSSL Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57755

JSON Denial of Service and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/57899

Ruby CVE-2012-5371 Hash Collision Denial of Service Vulnerability
http://www.securityfocus.com/bid/56484

Xen Linux PCI Backend Drivers Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57740

GIMP XWD File Handling Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56647

Ruby on Rails CVE-2013-0277 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57898

Jenkins Cross-Site Scripting, Security Bypass, and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57994

ibacm Denial of Service And Insecure File Permissions Vulnerabilities
http://www.securityfocus.com/bid/55890

ZoneMinder 'view' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/48949

SSSD Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57539

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52973

ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55530

HP Linux Imaging and Printing Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/48892

Oracle Java SE CVE-2013-1485 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/58028

Oracle Java SE CVE-2013-1484 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/58027

Linux Kernel CVE-2013-0311 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/58053

Linux Kernel CVE-2013-0309 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/58046

Xen 'xen_failsafe_callback()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57433

Linux Kernel CVE-2013-0310 NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/58052

Linux Kernel 'ext4_convert_unwritten_exten()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56238

Dnsmasq Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54353

Xinetd CVE-2012-0862 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53720

util-linux Package 'mount' and 'umount' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57168

Red Hat Certificate System Multiple Cross-Site Scripting and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56843

Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/27409

Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55131

Apache Apache HTTP Server 'mod_proxy_ajp Module Denial Of Service Vulnerability
http://www.securityfocus.com/bid/56753

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0775 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58042

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0782 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58047

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0776 URI Spoofing Vulnerability
http://www.securityfocus.com/bid/58044

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0780 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58043

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0783 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/58037

389 Directory Server Access Bypass Vulnerability
http://www.securityfocus.com/bid/55690

Oracle Java SE CVE-2013-0423 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57716

Oracle Java SE CVE-2013-0419 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57714

Oracle Java SE CVE-2013-0438 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57708

Oracle Java SE CVE-2013-1473 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57731

Oracle Java SE CVE-2012-3342 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57700

Oracle Java SE CVE-2013-0446 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57699

Oracle Java SE CVE-2013-0409 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57728

Oracle Java SE CVE-2012-3213 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57717

Oracle Java SE CVE-2013-1480 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57691

Oracle Java SE CVE-2013-0351 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57720

Oracle Java SE CVE-2013-0428 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57713

Oracle Java SE CVE-2013-1481 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57718

Oracle Java SE CVE-2013-0427 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57724

Oracle Java SE CVE-2013-0424 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57715

Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57711

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57702

Oracle Java SE CVE-2013-0435 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57729

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57712

Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57709

Oracle Java SE CVE-2013-1476 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57696

Oracle Java SE CVE-2013-0434 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57730

Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57710

Oracle Java SE CVE-2013-0450 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57703

Oracle Java SE CVE-2013-0441 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57692

Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57727

Oracle Java SE CVE-2013-0433 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57719

Oracle Java SE CVE-2013-0445 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57689

Oracle Java SE CVE-2013-1478 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57686

Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/58073

Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/56408

Drupal Banckle Chat Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/57942

Drupal Core Image Derivatives Denial of Service Vulnerability
http://www.securityfocus.com/bid/58069

Drupal Ubercart Views and Ubercart Modules 'full name' field HTML Injection Vulnerability
http://www.securityfocus.com/bid/58065

Drupal Menu Reference Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/58067

Drupal Manager Change For Organic Groups Module 'autocomplete' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57941

Drupal Taxonomy Manager Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/58068

Drupal Yandex.Metrics Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/58064

Drupal Display Suite Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/58066

Drupal Varnish HTTP Accelerator Integration Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/58062

SSH Tectia Server Unauthorized Password Change Security Bypass Vulnerability
http://www.securityfocus.com/bid/56783

Google Chrome Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/58101

Katello CVE-2012-6116 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/58098

Katello CVE-2012-5561 Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/58096

phpMyRecipes 'r_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/58094

WordPress Contact Form Plugin 'cntctfrm_contact_emai' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/58093

Web Cookbook SQL Injection and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/58092

WordPress Contact Form Plugin 'contact_form.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/58089

NEC Universal RAID Utility CVE-2013-0706 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/58087

OpenEMR 'site' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/58085

Alt-N MDaemon WebAdmin Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/58084

FreeIPA CVE-2012-4546 Certificate Revocation List Security Vulnerability
http://www.securityfocus.com/bid/58083

XFree86 x11perf CVE-2011-2504 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/58082

Alt-N MDaemon WorldClient User Enumeration Weakness
http://www.securityfocus.com/bid/58075

Alt-N MDaemon WorldClient Authentication Credentials Information Disclosure Vulnerability
http://www.securityfocus.com/bid/58074

:: IT Security Neophyte Investigator's MEMO ::

2013年2月22日金曜日

22日金曜日、先勝

0 件のコメント:

コメントを投稿

2013年2月22日金曜日

22日 金曜日、先勝

0 件のコメント:

コメントを投稿

22日金曜日、先勝