:: IT Security Neophyte Investigator's MEMO ::: 30日火曜日、大安

2013年4月30日火曜日

30日火曜日、大安

+ RHSA-2013:0772 Important: mysql security update
http://rhn.redhat.com/errata/RHSA-2013-0772.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5614
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2392

+ RHSA-2013:0771 Moderate: curl security update
http://rhn.redhat.com/errata/RHSA-2013-0771.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944

+ RHSA-2013:0770 Important: java-1.6.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2013-0770.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2431

+ RHSA-2013:0744 Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2013-0744.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1827

+ CESA-2013:0772 Important CentOS 6 mysql Update
http://lwn.net/Alerts/548646/

+ CESA-2013:0744 Important CentOS 6 kernel Update
http://lwn.net/Alerts/548303/

+ CESA-2013:0771 Moderate CentOS 5 curl Update
http://lwn.net/Alerts/548453/

+ CESA-2013:0771 Moderate CentOS 6 curl Update
http://lwn.net/Alerts/548454/

+ CESA-2013:0770 Important CentOS 5 java-1.6.0-openjdk Update
http://lwn.net/Alerts/548455/

+ CESA-2013:0770 Important CentOS 6 java-1.6.0-openjdk Update
http://lwn.net/Alerts/548456/

+ CESA-2013:0769 Low CentOS 5 glibc Update
http://lwn.net/Alerts/548457/

+ PMASA-2013-5 Global variables overwrite in "export.php"
http://www.phpmyadmin.net/home_page/security/PMASA-2013-5.php

+ Squid Proxy 3.3.4, 3.2.10 released
http://www.squid-cache.org/Versions/v3/3.3/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html

+ UPDATE: Multiple Vulnerabilities in Cisco NX-OS-Based Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti

+ Cisco Device Manager Command Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1192

+ Multiple Vulnerabilities in Cisco Unified Computing System
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1186

+ HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03727435-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5218

+ HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03748875-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2321

+ HPSBMU02873 SSRT101182 rev.1 - HP Service Manager, Apache Tomcat Security Update
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03748878-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534

+ HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE) Security Update
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03748879-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4301
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1543
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1489

+ UPDATE: HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03570121-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03737200-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5219

+ HPSBPI02869 SSRT100936 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03744742-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5221

+ セキュリティ情報：IBM Notes 8.5.x の脆弱性の問題 (CVE-2011-3026, CVE-2012-6349, CVE-2012-6277)
http://www-01.ibm.com/support/docview.wss?uid=swg21632104

+ セキュリティ情報：IBM Domino および IBM Domino Designer 8.5.x の脆弱性の問題 (CVE-2013-0487, CVE-2012-2161, CVE-2012-2159, CVE-2013-0486, CVE-2012-6277, CVE-2013-0488, CVE-2013-0489)
http://www-01.ibm.com/support/docview.wss?uid=swg21632130

+ [CPUApr2013] Oracle Critical Patch Update Advisory - April 2013
http://www.oracle.com/technetwork/jp/topics/ojkb163273-1935620-ja.html

+ RHSA-2013:0769 Low: glibc security and bug fix update
http://rhn.redhat.com/errata/RHSA-2013-0769.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914

+ VMSA-2013-0006 VMware security updates for vCenter Server
http://www.vmware.com/security/advisories/VMSA-2013-0006.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431

+ HS13-010 Multiple Vulnerabilities in Cosminexus
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-010/index.html
+ HS13-010 Cosminexusにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-010/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2440

+ HS13-009 Vulnerability about SSL Encryption in Cosminexus HTTP Server and Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-009/index.html
+ HS13-009 Cosminexus HTTP Server, Hitachi Web ServerにおけるSSLの暗号に関する脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-009/index.html

+ HS13-008 Vulnerability about SSL Encryption in Cosminexus HTTP Server and Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-008/index.html
+ HS13-008 Cosminexus HTTP Server, Hitachi Web ServerにおけるSSLの暗号に関する脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-008/index.html

+ HS13-007 Cross-site Scripting Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-007/index.html
+ HS13-007 Cosminexus HTTP Server, Hitachi Web Serverにおけるクロスサイトスクリプティングの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-007/index.html

+ FreeBSD-SA-13:05.nfsserver Insufficient input validation in the NFS server
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:05.nfsserver.asc

+ libpng 1.6.2 released
http://www.libpng.org/pub/png/src/libpng-1.6.2-README.txt

+ Samba 3.6.14 Available for Download
http://samba.org/samba/history/samba-3.6.14.html

+ Sendmail 8.14.7 is available.
http://sendmail.com/sm/open_source/download/8.14.7/

+ zlib 1.2.8 released
http://www.zlib.net/ChangeLog.txt

+ VU#209131 McAfee ePolicy Orchestrator 4.6.4 and earlier pre-authenticated SQL injection and directory path traversal vulnerabilities
http://www.kb.cert.org/vuls/id/209131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0141

+ SA53174 Linux Kernel KVM Multiple Vulnerabilities
http://secunia.com/advisories/53174/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1798

+ Linux Kernel Virtual Ethernet Driver Denial of Service Vulnerability
http://www.securityfocus.com/bid/59549

+ Linux Kernel CVE-2013-1959 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/59537

+ Linux Kernel ext4 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/59512

パターンファイル番号の桁上がりにより発生する表示上の問題について
http://www.trendmicro.co.jp/support/news.asp?id=1949

プレス発表
「情報漏えいを防ぐためのモバイルデバイス等設定マニュアル」を公開
～Windows、iOS、Android等の主要製品を画面遷移にあわせて紹介～
http://www.ipa.go.jp/about/press/20130426.html

「制御システムのセキュリティ人材育成に関する調査及びモデルカリキュラム等の作成」報告書について
　　～4コースのモデルカリキュラムを策定～
http://www.ipa.go.jp/security/fy24/reports/jinzai/index.html

【注意喚起】ゴールデンウィーク前に対策を
http://www.ipa.go.jp/security/topics/alert250424.html

ソフトウェア等の脆弱性関連情報に関する届出状況
[2013年第1四半期（1月～3月）]
http://www.ipa.go.jp/security/vuln/report/vuln2013q1.html

NTTドコモの米子会社から、クレジットカード情報を含む403人分の個人情報が流出
http://itpro.nikkeibp.co.jp/article/NEWS/20130427/474141/?ST=security

サイファー・テックが暗号化PDF閲覧管理サービスを強化、iOS版のビューアを追加
http://itpro.nikkeibp.co.jp/article/NEWS/20130426/473953/?ST=security

IDとパスワードの棚卸し、この連休を逃すな！
http://itpro.nikkeibp.co.jp/article/COLUMN/20130419/472321/?ST=security

世界のセキュリティ・ラボから
Androidマルウエア、発展と古いタブー
http://itpro.nikkeibp.co.jp/article/COLUMN/20130425/473503/?ST=security

最新サイバー攻撃に備える
現実的なパスワード管理を考える
http://itpro.nikkeibp.co.jp/article/COLUMN/20130425/473581/?ST=security

JVNVU#95943552 NetScaler Access Gateway Enterprise Edition に脆弱性
http://jvn.jp/cert/JVNVU95943552/

JVN#55074201 Yahoo!ブラウザーにおけるアドレスバー偽装の脆弱性
http://jvn.jp/jp/JVN55074201/

JVN#01313594 Android 版 jigbrowser+ におけるアドレスバー偽装の脆弱性
http://jvn.jp/jp/JVN01313594/

VU#948155 Henry Schein Dentrix G5 uses hard-coded database credentials shared across multiple installations
http://www.kb.cert.org/vuls/id/948155

VU#521612 Citrix NetScaler and Access Gateway Enterprise Edition unauthorized access to network resources vulnerability
http://www.kb.cert.org/vuls/id/521612

:: IT Security Neophyte Investigator's MEMO ::

2013年4月30日火曜日

30日火曜日、大安

0 件のコメント:

コメントを投稿

2013年4月30日火曜日

30日 火曜日、大安

0 件のコメント:

コメントを投稿

30日火曜日、大安