:: IT Security Neophyte Investigator's MEMO ::: 17日水曜日、仏滅

2013年4月17日水曜日

17日水曜日、仏滅

+ Oracle Critical Patch Update Advisory - April 2013
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

+ Oracle Java SE Critical Patch Update Advisory - April 2013
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html

+ RHSA-2013:0748 Moderate: krb5 security update
http://rhn.redhat.com/errata/RHSA-2013-0748.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416

+ RHSA-2013:0747 Moderate: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2013-0747.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1826

+ About the security content of Java for OS X 2013-003 and Mac OS X v10.6 Update 15
http://support.apple.com/kb/HT5734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2440

+ About the security content of Safari 6.0.4
http://support.apple.com/kb/HT5701
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912

+ nginx-1.3.16 development version released
http://nginx.org/en/download.html

+ CESA-2013:0742 Low CentOS 6 389-ds-base Update
http://lwn.net/Alerts/547394/

+ PDFCreator 1.7.0 released
http://www.pdfforge.org/blog/pdfcreator-170-released

+ HPSBUX02867 SSRT101103 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03735640-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1493

+ Java SE 7 Update 21 Released
http://www.oracle.com/technetwork/java/javase/7u21-relnotes-1932873.html

+ Java SE 6 Update 45 Released
http://www.oracle.com/technetwork/java/javase/6u45-relnotes-1932876.html

+ Oracle Solaris Lets Remote Users Access and Modify Data and Local Users Gain Elevated Privileges and Deny Service
http://www.securitytracker.com/id/1028436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0404
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1530

+ Oracle Database Bugs Let Remote Users Execute Arbitrary Code, Modify Data, and Deny Service
http://www.securitytracker.com/id/1028435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1554

+ Oracle Java Multiple Flaws Let Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1028434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2440

+ Linux kernel cifs NULL pointer dereference
http://cxsecurity.com/issue/WLB-2013040113

+ Linux kernel tracing NULL pointer dereference
http://cxsecurity.com/issue/WLB-2013040112

+ Linux Kernel Multiple Local Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/59052

コンピュータウイルス・不正アクセス届出状況および相談受付状況
[2013年第1四半期(1月～3月)]
http://www.ipa.go.jp/security/txt/2013/q1outline.html

Google検索の「サジェスト機能」を巡る訴訟でGoogle敗訴
東京地裁が名誉棄損を認め、「無関係の犯罪行為」表示の差し止め命じる
http://itpro.nikkeibp.co.jp/article/NEWS/20130417/471481/?ST=security

「サポートが終了したXPは狙われる」、マイクロソフトのセキュリティ担当
ウイルス対策をしていないパソコンの感染率は5.5倍
http://itpro.nikkeibp.co.jp/article/NEWS/20130417/471461/?ST=security

記者の眼
標的型攻撃の「攻撃者」を特定するサービス、日本上陸
http://itpro.nikkeibp.co.jp/article/Watcher/20130415/470941/?ST=security

セイコーソリューションズ、WAF用途の負荷分散装置を出荷
http://itpro.nikkeibp.co.jp/article/NEWS/20130416/471331/?ST=security

チェック・ポイント、企業の支社・支店向けを狙ったセキュリティアプライアンス発売
http://itpro.nikkeibp.co.jp/article/NEWS/20130416/471341/?ST=security

パロアルトネットワークス、マルウエア解析サービスを国内データセンターから提供
http://itpro.nikkeibp.co.jp/article/NEWS/20130416/471250/?ST=security

ジュニパー、データセンター狙うサイバー攻撃者を特定できるクラウドサービス
http://itpro.nikkeibp.co.jp/article/NEWS/20130416/471226/?ST=security

Facebook、若者向けオンライン安全性向上プログラムで全米州司法長官協会と協力
http://itpro.nikkeibp.co.jp/article/NEWS/20130416/471125/?ST=security

JVNVU#94324985 Plesk Panel に権限昇格の脆弱性
http://jvn.jp/cert/JVNVU94324985/

JVNVU#98254993 pd-admin にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU98254993/

JVNVU#94295396 AV1355DN にサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU94295396/

:: IT Security Neophyte Investigator's MEMO ::

2013年4月17日水曜日

17日水曜日、仏滅

0 件のコメント:

コメントを投稿

2013年4月17日水曜日

17日 水曜日、仏滅

0 件のコメント:

コメントを投稿

17日水曜日、仏滅