2013年8月20日火曜日

20日 火曜日、友引

+ UPDATE: HPSBMU02902 rev.2 - HP Integrated Lights-Out iLO3, iLO4, and iLO CM IPMI, Cipher Suite 0 Authentication Bypass Vulnerabilit
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03844348-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ OpenLDAP 2.4.36 released
http://www.openldap.org/software/release/

+ Linux Kernel ARM perf_event_open() Bug Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1028926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4254

+ PHP May Let Remote Users Hijack User Sessions
http://www.securitytracker.com/id/1028925

+ PHP OpenSSL subjectAltName Null Byte Processing Flaw Lets Remote Users Spoof SSL Servers
http://www.securitytracker.com/id/1028924

+ REMOTE: Mozilla Firefox 3.6 - Integer Overflow Exploit
http://www.exploit-db.com/exploits/27698

+ REMOTE: Mozilla Firefox 3.5.4 - Local Color Map Exploit
http://www.exploit-db.com/exploits/27699

+ REMOTE: PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit
http://www.exploit-db.com/exploits/27703

+ REMOTE: Cogent DataHub HTTP Server Buffer Overflow
http://www.exploit-db.com/exploits/27704

+ REMOTE: Java storeImageArray() Invalid Array Indexing Vulnerability
http://www.exploit-db.com/exploits/27705

+ REMOTE: IBM 1754 GCM 1.18.0.22011 - Remote Command Execution
http://www.exploit-db.com/exploits/27706

+ DoS/PoC: VLC Player 2.0.8 (.m3u) - Local Crash PoC
http://www.exploit-db.com/exploits/27700

+ Mozilla Firefox 3.6 Integer Overflow Exploit
http://cxsecurity.com/issue/WLB-2013080154

+ glibc ld-2.5.so security
http://cxsecurity.com/issue/WLB-2013080153

+ SA54494 Linux Kernel ARM Perf Event Privilege Escalation Vulnerability
http://secunia.com/advisories/54494/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4254

+ SA54099 Linux Kernel ARM Perf Event Denial of Service Vulnerability
http://secunia.com/advisories/54099/

+ SA54562 PHP SSL Client Certificate Verification and Session Fixation Vulnerabilities
http://secunia.com/advisories/54562/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248

JVNDB-2013-000079 Android 版 Yahoo!ショッピングにおける SSL サーバ証明書の検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000079.html

JVNDB-2013-000078 ヤフオク! における SSL サーバ証明書の検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000078.html

【スマホ少女の憂鬱、スマホ少年の暴走~今、10代が危ない】
第11回 鍵になる「ルール作り」、親は子供のスマホ利用にどう向き合う?(前編)
http://itpro.nikkeibp.co.jp/article/COLUMN/20130819/498685/?ST=security

「Web改ざんと不正アクセス急増」と注意喚起、トレンドマイクロが13年上期の脅威動向を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20130819/498862/?ST=security

0 件のコメント:

コメントを投稿