+ About the security content of Apple TV 6.0
http://support.apple.com/kb/HT5935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3950
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5128
+ CESA-2013:1274 Important CentOS 6 hplip Update
http://lwn.net/Alerts/567677/
+ CESA-2013:1272 Important CentOS 6 libvirt Update
http://lwn.net/Alerts/567678/
+ CESA-2013:1270 Important CentOS 6 polkit Update
http://lwn.net/Alerts/567679/
+ CESA-2013:1273 Important CentOS 6 spice-gtk Update
http://lwn.net/Alerts/567680/
+ phpMyAdmin 4.0.7 is released
http://sourceforge.net/p/phpmyadmin/news/2013/09/phpmyadmin-407-is-released/
+ UPDATE: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-dcnm
+ HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03918632-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ HS13-020 Multiple vulnerabilities in Java bundled with JP1/Cm2/Network Node Manager i
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-020/index.html
+ HS13-019 Multiple vulnerabilities in JP1/Cm2/Network Node Manager i
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-019/index.html
+ HS13-020 JP1/Cm2/Network Node Manager iが同梱するJavaにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-020/index.html
+ HS13-019 JP1/Cm2/Network Node Manager iにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-019/index.html
+ libpng 1.6.6 released
http://www.libpng.org/pub/png/src/libpng-1.6.6-README.txt
+ MySQL 5.1.72 released
http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-72.html
+ PHP 5.4.20 released
http://php.net/archive/2013.php#id2013-09-19-2
+ Tcl/Tk 8.6.1 released
http://www.tcl.tk/software/tcltk/8.6.html
+ Apple iOS Lets Local Users Bypass Passcode Lock to Access Photos
http://www.securitytracker.com/id/1029072
+ BIND 9.9.4、9.8.6、9.6-ESV-R10 released
http://article.gmane.org/gmane.network.dns.bind.announce/459/match=
http://article.gmane.org/gmane.network.dns.bind.announce/457/match=
http://article.gmane.org/gmane.network.dns.bind.announce/458/match=
+ REMOTE: CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow
http://www.exploit-db.com/exploits/28480
+ REMOTE: MS13-069 Microsoft Internet Explorer CCaret Use-After-Free
http://www.exploit-db.com/exploits/28481
+ REMOTE: MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution
http://www.exploit-db.com/exploits/28482
+ Apache Struts 2.3.15.2 released
http://struts.apache.org/release/2.3.x/docs/version-notes-23152.html
+ Apache Struts "action:" Action Mapping Security Bypass Vulnerability
http://secunia.com/advisories/54919/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4310
+ Microsoft Internet Explorer CCaret Use-After-Free
http://cxsecurity.com/issue/WLB-2013090151
+ Microsoft Windows Theme File Handling Arbitrary Code Execution
http://cxsecurity.com/issue/WLB-2013090150
+ Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/62587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4316
+ Apache Struts CVE-2013-4310 Security Bypass Vulnerability
http://www.securityfocus.com/bid/62584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4310
+ Apple iOS 7 for iPhone Emergency Calling Function Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/62599
PostgreSQL Code Factory 13.9 released
http://www.postgresql.org/about/news/1483/
JVNDB-2013-000092 SEIL シリーズにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000092.html
JVNDB-2013-000091 SEIL シリーズにおける RADIUS 認証に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000091.html
JVNDB-2013-000090 D-Link DES-3810 シリーズにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000090.html
JVNDB-2013-000089 D-Link DWL-2100AP におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000089.html
世界のセキュリティ・ラボから
高度なAndroidマルウエア「Obad.a」、ボットネットで拡散
http://itpro.nikkeibp.co.jp/article/COLUMN/20130917/504843/?ST=security
3万円台の低価格Raspberry Piロボット「ラピロ」
[1]歩いて物をつかめるかわいいロボット
http://itpro.nikkeibp.co.jp/article/COLUMN/20130917/504908/?ST=security
クライアントソフトウエアの脆弱性対策
第1回 基本対策を取らないユーザーたち、狙われるクライアント
http://itpro.nikkeibp.co.jp/article/COLUMN/20130917/505093/?ST=security
拡大する「バックドア」問題、RSAが暗号ツールへの注意を呼びかけ
http://itpro.nikkeibp.co.jp/article/NEWS/20130920/506064/?ST=security
MDMのMobileIronがiOS 7に対応へ
http://itpro.nikkeibp.co.jp/article/NEWS/20130920/506063/?ST=security
テレコムスクエアのサーバーに不正アクセス、10万件近くのカード情報が流出した可能性
http://itpro.nikkeibp.co.jp/article/NEWS/20130920/505983/?ST=security
インタビュー&トーク
標的型攻撃の攻撃者を特定し、攻撃のコストを上げて顧客を守る---これが我々のミッションだ
米クラウドストライク
バイスプレジデント インテリジェンス
アダム・メイヤーズ氏
http://itpro.nikkeibp.co.jp/article/Interview/20130913/504663/?ST=security
VU#521348 KnowledgeView Editorial and Management application cross-site scripting vulnerability
http://www.kb.cert.org/vuls/id/521348
VU#705004 NETELLER Direct Payment API vulnerable to parameter manipulation
http://www.kb.cert.org/vuls/id/705004
VU#920038 Dell iDRAC 6 is vulnerable to a cross-site scripting (XSS) attack
http://www.kb.cert.org/vuls/id/920038
REMOTE: GLPI install.php Remote Command Execution
http://www.exploit-db.com/exploits/28483
REMOTE: Linksys WRT110 Remote Command Execution
http://www.exploit-db.com/exploits/28484
DoS/PoC: SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow
http://www.exploit-db.com/exploits/28463
DoS/PoC: Share KM 1.0.19 - Remote Denial Of Service
http://www.exploit-db.com/exploits/28451
0 件のコメント:
コメントを投稿