2013年8月30日金曜日

30日 金曜日、赤口

+ CESA-2013:1182 Important CentOS 6 389-ds-base Update
http://lwn.net/Alerts/565263/

+ CESA-2013:1173 Important CentOS 6 kernel Update
http://lwn.net/Alerts/565264/

+ HPSBNS02920 rev.1 - HP NonStop Servers running Java 6.0, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03909126-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3545
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3554
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1717
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2457

+ SQL Select 1.3.0.32 released
http://www.postgresql.org/about/news/1479/

+ REMOTE: HP LoadRunner lrFileIOService ActiveX Remote Code Execution
http://www.exploit-db.com/exploits/27939
http://cxsecurity.com/issue/WLB-2013080229

+ REMOTE: Firefox XMLSerializer Use After Free
http://www.exploit-db.com/exploits/27940
http://cxsecurity.com/issue/WLB-2013080230

+ REMOTE: SPIP connect Parameter PHP Injection
http://www.exploit-db.com/exploits/27941

+ REMOTE: Oracle Java ByteComponentRaster.verify() Memory Corruption
http://www.exploit-db.com/exploits/27943

+ LOCAL: VMWare Setuid vmware-mount Unsafe popen(3)
http://www.exploit-db.com/exploits/27938
http://cxsecurity.com/issue/WLB-2013080228

+ LOCAL: Mac OS X Sudo Password Bypass
http://www.exploit-db.com/exploits/27944

+ Google Docs Information Disclosure
http://cxsecurity.com/issue/WLB-2013080224

+ Linux Kernel CVE-2013-2899 NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/62046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899

+ Linux Kernel CVE-2013-2897 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/62044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897

トレンドマイクロアカウントで発生している事象について
http://www.trendmicro.co.jp/support/news.asp?id=2003

世界のセキュリティ・ラボから
世界で広がる様々なAndroid向け脅威
http://itpro.nikkeibp.co.jp/article/COLUMN/20130828/500789/?ST=security

ロリポップ!レンタルサーバーに大規模攻撃、WordPress利用中のサイト8438件が改ざん
http://itpro.nikkeibp.co.jp/article/NEWS/20130829/501062/?ST=security

IPAが“出口対策ガイドライン”の続編を公表、標的型攻撃に絞って詳細に
http://itpro.nikkeibp.co.jp/article/NEWS/20130829/501005/?ST=security

日本セーフネットと日本RAが提携、PKIベースUSB認証トークンの月額サービス提供へ
http://itpro.nikkeibp.co.jp/article/NEWS/20130829/500865/?ST=security

New York Timesサイトがほぼ復旧、Twitterも攻撃されていた---米メディアが報道
http://itpro.nikkeibp.co.jp/article/NEWS/20130829/500822/?ST=security

DoS/PoC: AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities
http://www.exploit-db.com/exploits/27942

0 件のコメント:

コメントを投稿