11日 木曜日、仏滅

+ CESA-2013:0727 Important CentOS 5 kvm Update
http://lwn.net/Alerts/546793/

+ UPDATE: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000

+ Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-mp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1169

+ Cisco Prime Network Control Systems Database Default Credentials Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-ncs
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1170

+ Multiple Vulnerabilities in Cisco Firewall Services Module Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1149

+ Multiple Vulnerabilities in Cisco ASA Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa

+ Multiple vulnerabilities in Python
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_python
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150

+ CVE-2012-3817 Denial of Service (DoS) vulnerability in Bind
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3817_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817

+ CVE-2011-0419 Denial of Service (DoS) vulnerability in Solaris C Library
https://blogs.oracle.com/sunsecurity/entry/cve_2011_0419_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419

+ FreeBSD-8.4 RC1 released
http://lists.freebsd.org/pipermail/freebsd-stable/2013-April/073070.html

+ MacOSX 10.8.3 ftpd Resource Exhaustion *youtube
http://cxsecurity.com/issue/WLB-2013040082

+ phpMyAdmin 3.5.7 Reflected XSS
http://cxsecurity.com/issue/WLB-2013040071

+ Internet Explorer CSS Denial of Service Vulnerability
http://cxsecurity.com/issue/WLB-2013040081

+ JBoss Enterprise Portal Platform GateIn Portal Multiple Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/59015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3532

ウイルスバスター クラウド プログラムアップデートのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1943

Adobe Flash Player の脆弱性対策について
(APSB13-11)(CVE-2013-1378等)
http://www.ipa.go.jp/security/ciadr/vul/20130410-adobeflashplayer.html

チェックしておきたい脆弱性情報＜2013.04.11＞
http://itpro.nikkeibp.co.jp/article/COLUMN/20130408/469102/?ST=security

WindowsやIEなどに危険な脆弱性、標的型攻撃への悪用も確認
日本マイクロソフトはパッチを公開、SP未適用のWindows 7向けは今回が最後
http://itpro.nikkeibp.co.jp/article/NEWS/20130411/470101/?ST=security

世界のセキュリティ・ラボから
Androidマルウエアを用いた標的型攻撃
http://itpro.nikkeibp.co.jp/article/COLUMN/20130410/469882/?ST=security

バッファロー、ラックマウント型NASにウイルス対策を付けた新モデル
http://itpro.nikkeibp.co.jp/article/NEWS/20130410/469961/?ST=security

eBook Japanの不正ログイン被害、「他社サービスのIDとパスワードが使われた可能性」
http://itpro.nikkeibp.co.jp/article/NEWS/20130410/469917/?ST=security

Adobe Flash Player の脆弱性 (APSB13-11) に関する注意喚起
http://www.jpcert.or.jp/at/2013/at130020.html

2013年4月 Microsoft セキュリティ情報 (緊急 2件含) に関する注意喚起
http://www.jpcert.or.jp/at/2013/at130019.html

VU#310500 Plesk Panel 11.0.9 privilege escalation vulnerabilities
http://www.kb.cert.org/vuls/id/310500

REMOTE: BigAnt Server 2.97 - DDNF Username Buffer Overflow
http://www.exploit-db.com/exploits/24943

REMOTE: Linksys WRT54GL apply.cgi Command Execution
http://www.exploit-db.com/exploits/24945

REMOTE: Adobe ColdFusion APSB13-03 Remote Exploit
http://www.exploit-db.com/exploits/24946