2013年2月7日木曜日
7日 木曜日、友引
+ Mozilla Firefox 18.0.2 released
http://www.mozilla.org/en-US/firefox/18.0.2/releasenotes/
+ Apache HTTP Server 2.2.23 x86 and x64 Windows Installers
http://www.anindya.com/apache-http-server-2-2-23-x86-and-x64-windows-installers/
+ Apache HTTP Server 2.4.3 x86 and x64 Windows Installers
http://www.anindya.com/apache-http-server-2-4-3-x86-and-x64-windows-installers/
+ CESA-2013:0223 Moderate CentOS 6 kernel Update
http://lwn.net/Alerts/536528/
+ Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130206-ata187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1111
+ HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03661318-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3285
+ curl and libcurl 7.29.0 released
http://curl.haxx.se/changes.html#7_29_0
+ Linux kernel 3.2.38 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.38
Advisory: Unexpected BOPs and HIPs alerts after installing the G-Buster banking security plugin
http://www.sophos.com/en-us/support/knowledgebase/118656.aspx
チェックしておきたい脆弱性情報<2013.02.07>
http://itpro.nikkeibp.co.jp/article/COLUMN/20130206/454563/?ST=security
トレンドマイクロ、SaaS型企業用セキュリティサービスの新ブランドを発表
http://itpro.nikkeibp.co.jp/article/NEWS/20130206/454783/?ST=security
外務省にサイバー攻撃、「国民の権利が侵害されるおそれ」がある情報など約20通流出の疑い
http://itpro.nikkeibp.co.jp/article/NEWS/20130206/454501/?ST=security
Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00034.html
DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00033.html
Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00030.html
SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00029.html
[ MDVSA-2013:008 ] mysql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00032.html
[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00031.html
[CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00028.html
Intel Network Card (82574L) Packet of Death
https://isc.sans.edu/diary.html?storyid=15109
HTTP Range Header and Partial Downloads
https://isc.sans.edu/diary.html?storyid=15100
Are you losing system logging information (and don't know it)?
https://isc.sans.edu/diary.html?storyid=15106
REMOTE: VMWare OVF Tools Format String Vulnerability
http://www.exploit-db.com/exploits/24460
Sony Playstation Vita Addressbar Spoofing
http://cxsecurity.com/issue/WLB-2013020026
Wordpress wp-forum plugin SQL Injection
http://cxsecurity.com/issue/WLB-2013020035
Lorex LNC116 / LNC104 IP Camera Authentication Bypass
http://cxsecurity.com/issue/WLB-2013020034
Hiverr 2.2 Shell Upload & SQL Injection
http://cxsecurity.com/issue/WLB-2013020033
DataLife Engine 9.7 Session Fixation
http://cxsecurity.com/issue/WLB-2013020032
Linksys E1500 / E2500 CSRF / XSS / Command Execution / Traversal
http://cxsecurity.com/issue/WLB-2013020031
ezStats2 Serverviewer 0.62 Local File Inclusion
http://cxsecurity.com/issue/WLB-2013020030
ezStats2 For Medal Of Honor Warfighter 1.0 Local File Inclusion
http://cxsecurity.com/issue/WLB-2013020029
ezStats For Battlefield 3 0.91 XSS & Local File Inclusion
http://cxsecurity.com/issue/WLB-2013020028
ezStats2 For Playstation Network 1.10 Local File Inclusion
http://cxsecurity.com/issue/WLB-2013020027
Cisco IOS Catalyst Switches HTTP Server Feature Denial of Service Vulnerability
http://secunia.com/advisories/52026/
Xen "pciback_enable_msi()" Log Message Flooding Denial of Service Vulnerability
http://secunia.com/advisories/52059/
Nagios XI Multiple Vulnerabilities
http://secunia.com/advisories/52011/
Xen netback Two Denial of Service Vulnerabilities
http://secunia.com/advisories/52056/
OpenSSL Information Disclosure and Denial of Service Vulnerabilities
http://secunia.com/advisories/52036/
IBM System Storage SAN Volume Controller and Storwize V7000 Authentication Bypass Vulnerability
http://secunia.com/advisories/52115/
IntegraXor ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/52073/
Ubuntu update for xserver-xorg-video-qxl
http://secunia.com/advisories/52098/
Cisco Nexus 7000 Series NX-OS High Availability Policy CDP Denial of Service Vulnerability
http://secunia.com/advisories/52094/
EMC RSA Archer SmartSuite Framework Multiple Vulnerabilities
http://secunia.com/advisories/52067/
EMC RSA Archer GRC Multiple Vulnerabilities
http://secunia.com/advisories/52102/
WordPress WP ecommerce Shop Styling Plugin "dompdf" Remote File Inclusion Vulnerability
http://secunia.com/advisories/51707/
Qt Shared Memory Segment Manipulation Weakness
http://secunia.com/advisories/52040/
SUSE update for apache2
http://secunia.com/advisories/52113/
SUSE update for apache2
http://secunia.com/advisories/52111/
SUSE update for v8
http://secunia.com/advisories/52049/
Red Hat update for kernel
http://secunia.com/advisories/52105/
Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57710
Oracle Java SE CVE-2013-1476 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57696
Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57712
Oracle Java SE CVE-2013-0434 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57730
Oracle Java SE CVE-2013-0441 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57692
Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57702
Oracle Java SE CVE-2013-0442 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57687
Oracle Java SE CVE-2013-0435 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57729
Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57727
WordPress WP-Table Reloaded Plugin 'id' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57664
Oracle Java SE CVE-2013-1475 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57694
Oracle Java SE CVE-2013-0428 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57713
Oracle Java SE CVE-2013-0450 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57703
Oracle Java SE CVE-2013-0424 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57715
Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57711
Oracle Java SE CVE-2013-0427 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57724
Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57709
Oracle Java SE CVE-2013-1480 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57691
GnuTLS TLS And DTLS Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57736
Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
http://www.securityfocus.com/bid/53911
Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/55120
Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56769
libvirt 'virNetMessageFree()' Function Use After Free Code Execution Vulnerability
http://www.securityfocus.com/bid/57578
Cisco NX-OS CVE-2012-2469 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54833
Linux Kernel 'request_module() OOM' Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/55361
Linux Kernel 'binfmt_script.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55878
OpenStack Keystone CVE-2013-0247 Denial of Service Vulnerability
http://www.securityfocus.com/bid/57747
Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
http://www.securityfocus.com/bid/57385
Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
http://www.securityfocus.com/bid/57400
Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
http://www.securityfocus.com/bid/57334
Oracle MySQL Server Heap Overflow Vulnerability
http://www.securityfocus.com/bid/56768
Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
http://www.securityfocus.com/bid/57417
Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
http://www.securityfocus.com/bid/57415
Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
http://www.securityfocus.com/bid/57412
Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
http://www.securityfocus.com/bid/57391
Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
http://www.securityfocus.com/bid/57397
Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
http://www.securityfocus.com/bid/57414
Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
http://www.securityfocus.com/bid/57405
Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
http://www.securityfocus.com/bid/57416
Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
http://www.securityfocus.com/bid/57410
Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
http://www.securityfocus.com/bid/57408
Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
http://www.securityfocus.com/bid/57411
Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
http://www.securityfocus.com/bid/57418
Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
http://www.securityfocus.com/bid/57388
QEMU KVM QXL Denial of Service Vulnerability
http://www.securityfocus.com/bid/57637
Oracle Java SE CVE-2013-1478 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57686
xNBD '/tmp/xnbd.log' Insecure Temporary File Handling Vulnerability
http://www.securityfocus.com/bid/57784
Cisco ATA 187 Analog Telephone Adapter Unauthorized Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/57782
PolarSSL MAC Check CVE-2013-1622 Security Vulnerability
http://www.securityfocus.com/bid/57781
Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57778
WordPress Wysija Newsletters Plugin Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/57775
Bouncy Castle TLS CVE-2013-1624 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57774
Opera Web Browser TLS CVE-2013-1618 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57773
WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57771
CubeCart PHP 'shipping' Parameter PHP Object Injection Vulnerability
http://www.securityfocus.com/bid/57770
IBM SAN Volume Controller and Storwize V7000 Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/57769
Wordpress WP ecommerce Shop Styling Plugin 'dompdf' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/57768
D-Link DIR-300 Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/57763
Sony Playstation Vita Browser 'window.open()' URI Spoofing Vulnerability
http://www.securityfocus.com/bid/57762
Lorex LNC116 and LNC104 IP Cameras Remote Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/57761
Cisco Linksys E1500/E2500 Router Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57760
ezStats for Battlefield 3 Multiple Cross Site Scripting and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/57759
ezStats2 'style.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/57757
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿