2013年8月1日木曜日

1日 木曜日、赤口

+ CESA-2013:1119 Moderate CentOS 6 389-ds-base Update
http://lwn.net/Alerts/561598/

+ CESA-2013:1120 Moderate CentOS 6 haproxy Update
http://lwn.net/Alerts/561599/

+ CESA-2013:1121 Low CentOS 5 sos Update
http://lwn.net/Alerts/561600/

+ Cisco WAAS Central Manager Remote Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3443

+ Authenticated Command Injection Vulnerability in Multiple Cisco Content Network and Video Delivery Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3444

+ HPSBMU02902 rev.1 - HP Integrated Lights-Out iLO3, iLO4 IPMI Cipher Suite 0 Authentication Bypass Vulnerability
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03844348-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4805

+ UPDATE: HPSBPI02887 rev.2 - Certain HP LaserJet Pro Printers, Remote Information Disclosure
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03825817-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ HPSBUX02907 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03868911-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ HPSBUX02908 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03874547-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ IE9/10 information disclosure vulnerability
http://cxsecurity.com/issue/WLB-2013070232

+ phpMyAdmin 3.5.x/4.0.x self-XSS
http://cxsecurity.com/issue/WLB-2013070229

+ phpMyAdmin 3.5.x/4.0.x privilege escalation
http://cxsecurity.com/issue/WLB-2013070230

世界のセキュリティ・ラボから日経コミュニケーション
UI redressの新たな手法、キージャッキング
http://itpro.nikkeibp.co.jp/article/COLUMN/20130725/494202/?ST=security

第4回 国を超え行き交うアプリ、通じない日本の常識
http://itpro.nikkeibp.co.jp/article/COLUMN/20130725/494093/?ST=security

RSA、オンラインバンキングを狙ったトロイの木馬の新定番「KINS」を報告
http://itpro.nikkeibp.co.jp/article/NEWS/20130731/495740/?ST=security

三和コムテックがマルウエア119番サービス、ツールの短期ライセンスを新設し安価に提供
http://itpro.nikkeibp.co.jp/article/NEWS/20130731/495605/?ST=security

0 件のコメント:

コメントを投稿