2013年3月21日木曜日

21日 木曜日、大安


+ RHSA-2013:0663 Moderate: sssd security and bug fix update
http://rhn.redhat.com/errata/RHSA-2013-0663.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0287

+ About the security content of Apple TV 5.2.1
http://support.apple.com/kb/HT5702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0981

+ About the security content of iOS 6.1.3
http://support.apple.com/kb/HT5704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912

+ CESA-2013:0663 Moderate CentOS 6 sssd Update
http://lwn.net/Alerts/543597/

+ CESA-2013:0656 Moderate CentOS 6 krb5 Update
http://lwn.net/Alerts/543414/

+ Multiple vulnerabilities in yaSSL
https://blogs.oracle.com/sunsecurity/entry/cve_2013_1623_timing_side
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1623
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929

+ Multiple cross-site scripting (XSS) vulnerabilities in JFreeChart
https://blogs.oracle.com/sunsecurity/entry/multiple_cross_site_scripting_xss
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6306
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6307

+ CVE-2008-4316 Numeric Errors vulnerability in Glib
https://blogs.oracle.com/sunsecurity/entry/cve_2008_4316_numeric_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316

+ CVE-2013-1492 Buffer Overflow vulnerability in yaSSL
https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1492

+ CVE-2012-0553 Buffer Overflow vulnerability in yaSSL
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0553_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0553

+ SYM13-002 Security Advisories Relating to Symantec Products - Symantec NetBackup Management Console Directory Traversal File Download
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130320_00

+ Samba 4.0.4 Available for Download
http://samba.org/samba/history/samba-4.0.4.html

+ Apple iOS Bugs Let Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1028314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0981

+ Samba Active Directory Domain Controller File Permission Flaw Lets Remote Authenticated Users Access Files
http://www.securitytracker.com/id/1028312
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1863

+ McAfee Vulnerability Manager Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1028311

+ SA52661 Linux Kernel ext3 Message Logging Format String Vulnerabilities
http://secunia.com/advisories/52661/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1848

+ SA52685 Apple TV Two Security Bypass Vulnerabilities
http://secunia.com/advisories/52685/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0981

+ SA52305 Linux Kernel User Namespace Sharing Privilege Escalation Vulnerability
http://secunia.com/advisories/52305/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1858

+ SA52665 FreeBSD i915 DRM Driver Privilege Escalation Vulnerability
http://secunia.com/advisories/52665/

+ Linux Kernel kvm Multiple Vulns
http://cxsecurity.com/issue/WLB-2013030175

+ Linux Kernel ext3 format string issues
http://cxsecurity.com/issue/WLB-2013030174

+ Microsoft Windows USB RNDIS Overflow
http://cxsecurity.com/issue/WLB-2013030154

+ Linux Kernel 'cdc-wdm' USB Device Driver Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/58510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1860

+ Linux Kernel KVM CVE-2013-1796 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/58607
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1796

+ Linux Kernel Netlink Interface CVE-2013-1873 Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/58597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1873

+ Samba CVE-2013-1863 Insecure Permissions Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/58596
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1863

+ Symantec NetBackup Appliance Management Console CVE-2013-1608 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/58542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1608

+ Apple iPhone/iPad/iPod touch Prior to iOS 6.1.3 CVE-2013-0978 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/58590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0978

+ Apple iPhone/iPad/iPod touch Prior to iOS 6.1.3 Local Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/58589
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0981

+ Apple iPhone/iPad/iPod touch Prior to iOS 6.1.3 CVE-2013-0979 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/58588
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0979

+ Apple iPhone/iPad/iPod touch Prior to iOS 6.1.3 CVE-2013-0977 Security Bypass Vulnerability
http://www.securityfocus.com/bid/58586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977

Anti-Virus / Anti-Bot / Application Control / URL Filtering update might fail on R75.40/R75.40VS/R75.45/R75.46/E80.41
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk90700&src=securityAlerts

国内Webサイトの改ざん相次ぐ、アクセスするとウイルス感染の恐れ
環境省の「CO2みえ~るツール」は氷山の一角、管理者は早急に確認を
http://itpro.nikkeibp.co.jp/article/NEWS/20130321/464622/?ST=security

チェックしておきたい脆弱性情報<2013.03.21>
http://itpro.nikkeibp.co.jp/article/COLUMN/20130319/464321/?ST=security

スマホで安全に企業ネット接続
[リモートアクセス]社外からVPNトンネルでLANへ
携帯電話網限定のサービスも
http://itpro.nikkeibp.co.jp/article/COLUMN/20130308/462015/?ST=security

韓国で大規模サイバー攻撃か、放送局や銀行のシステムがダウン
http://itpro.nikkeibp.co.jp/article/NEWS/20130320/464581/?ST=security

「服が透けるカメラアプリ」、ダウンロードすると2万9000円の請求---シマンテックが警告
http://itpro.nikkeibp.co.jp/article/NEWS/20130319/464475/?ST=security

「パケットとログのビッグデータ分析でいつもと違う攻撃を検知」、RSA会長
http://itpro.nikkeibp.co.jp/article/NEWS/20130319/464470/?ST=security

「アノニマスとの共謀」でロイター編集者を起訴
http://itpro.nikkeibp.co.jp/article/NEWS/20130319/464283/?ST=security

「NTTデータへの信頼が崩れた」
岩本社長がカード偽造事件の再発防止誓う
http://itpro.nikkeibp.co.jp/article/COLUMN/20130315/463743/?ST=security

JVN#59503133 複数の NEC 製モバイルルータにおけるクロスサイトリクエストフォージェリの脆弱性
http://jvn.jp/jp/JVN59503133/

VU#406596 Askiaweb survey application contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/406596

LOCAL: EastFTP ActiveX Control 0Day
http://www.exploit-db.com/exploits/24863

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)