+ RHSA-2013:1282 Important: rtkit security update
http://rhn.redhat.com/errata/RHSA-2013-1282.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4326
+ Multiple vulnerabilities in Wireshark
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4920
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4921
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4923
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4932
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4936
+ CVE-2012-6139 Denial of Service (DoS) vulnerability in LibXSLT
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5581_denial_of1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139
+ CVE-2013-4073 Cryptographic Issues vulnerability in Ruby
https://blogs.oracle.com/sunsecurity/entry/cve_2013_4073_cryptographic_issues
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073
+ Multiple vulnerabilities in Ruby
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_ruby
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4481
+ Multiple vulnerabilities in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_http4
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862
+ CVE-2013-1896 Denial of Service (DoS) vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2013_1896_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896
+ Multiple vulnerabilities in Tomcat
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_tomcat
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067
+ Multiple vulnerabilities in ImageMagick
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_imagemagick2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798
+ CVE-2011-0284 Resource Management Errors vulnerability in kerberos
https://blogs.oracle.com/sunsecurity/entry/cve_2011_0284_resource_management
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0284
+ CVE-2010-1322 Improper Input Validation vulnerability in kerberos
https://blogs.oracle.com/sunsecurity/entry/cve_2010_1322_improper_input
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1322
+ Multiple vulnerabilities in kerberos
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_kerberos
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4021
+ CVE-2012-5195 Buffer Errors vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5195_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5195
+ Multiple vulnerabilities in Perl 5.8
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_perl_5
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2939
+ CVE-2012-5526 Configuration vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5526_configuration_vulnerability1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5526
+ CVE-2012-6095 Race Conditions vulnerability in ProFTPD
https://blogs.oracle.com/sunsecurity/entry/cve_2012_6095_race_conditions
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6095
+ CVE-2013-2116 Input Validation vulnerability in GnuTLS
https://blogs.oracle.com/sunsecurity/entry/cve_2013_2116_input_validation
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116
+ CVE-2013-1619 Cryptographic Issues vulnerability in GnuTLS
https://blogs.oracle.com/sunsecurity/entry/cve_2013_1619_cryptographic_issues
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
+ Multiple vulnerabilities in MySQL
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_mysql
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1861
+ Multiple vulnerabilities in Wireshark
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark5
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4083
+ CVE-2012-5581 Denial of Service vulnerability in LibTIFF
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5581_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581
+ Multiple vulnerabilities in Poppler
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_poppler
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790
+ CVE-2007-4460 Symlink attack vulnerability in id3lib (aka libid3)
https://blogs.oracle.com/sunsecurity/entry/cve_2007_4460_symlink_attack
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460
+ CVE-2002-2443 Denial of Service vulnerability in Kerberos
https://blogs.oracle.com/sunsecurity/entry/cve_2002_2443_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
+ Multiple vulnerabilities in the PKINIT implementation in the Key Distribution Center (KDC)
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_the_pkinit
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415
+ Multiple vulnerabilities in X.org
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062
+ Multiple vulnerabilities in X.org
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983
+ Apache Struts Dynamic Method Invocation Flaw Has Unspecified Impact
http://www.securitytracker.com/id/1029078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4316
+ Apache Struts 'action:' Parameter Flaw Lets Remote Users Bypass Security Constraints
http://www.securitytracker.com/id/1029077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4310
+ VU#895524 HP System Management Homepage vulnerable to a denial-of-service condition
http://www.kb.cert.org/vuls/id/895524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4821
+ LOCAL: IBM AIX 6.1 / 7.1 - Local root Privilege Escalation
http://www.exploit-db.com/exploits/28507
+ SA54753 Linux Kernel "free_netdev()" Use-After-Free Vulnerability
http://secunia.com/advisories/54753/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4343
+ SA54922 McAfee Application Control / Change Control Write Protection Security Bypass Vulnerability
http://secunia.com/advisories/54922/
+ SA54822 Linux Kernel SCTP IPv6 IPsec Unencrypted Traffic Weakness
http://secunia.com/advisories/54822/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4350
+ IBM AIX 6.1 / 7.1 local root privilege escalation
http://cxsecurity.com/issue/WLB-2013090166
ウイルスバスタービジネスセキュリティサービス 5.3公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=2013
チェックしておきたい脆弱性情報<2013.09.25>
http://itpro.nikkeibp.co.jp/article/COLUMN/20130923/506202/?ST=security
3万円台の低価格Raspberry Piロボット「ラピロ」
[2]PS3コントローラーをラピロのリモコンに!
http://itpro.nikkeibp.co.jp/article/COLUMN/20130917/504909/?ST=security
クライアントソフトウエアの脆弱性対策
第2回 攻撃を受けても被害は最小限に、「緩和策」で身を守る
http://itpro.nikkeibp.co.jp/article/COLUMN/20130917/505094/?ST=security
NRIセキュア、セキュアなアプリ開発のためのeラーニングを提供開始
http://itpro.nikkeibp.co.jp/article/NEWS/20130924/506506/?ST=security
サイボウズが自社クラウドの脆弱性発見大会を開催、賞金総額300万円
http://itpro.nikkeibp.co.jp/article/NEWS/20130924/506503/?ST=security
セキュリティ・ホットトピックス
「偽の指」で認証を突破、iPhone 5sの指紋認証「Touch ID」はどこまで信頼できる
http://itpro.nikkeibp.co.jp/article/COLUMN/20130924/506416/?ST=security
NEC、オフィスに最大3日間分の電力を供給できる蓄電システムを発表
http://itpro.nikkeibp.co.jp/article/NEWS/20130924/506348/?ST=security
iPhone 5sの指紋認証機能、「迂回に成功」と独ハッキング集団が声明
http://itpro.nikkeibp.co.jp/article/NEWS/20130924/506302/?ST=security
JVNVU#93784365 KnowledgeView 製品にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU93784365/index.html
JVNVU#99975381 NETELLER Direct に HTTP リクエストの検証不備の脆弱性
http://jvn.jp/cert/JVNVU99975381/index.html
JVNVU#96078234 iDRAC にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU96078234/index.html
REMOTE: Raidsonic NAS Devices Unauthenticated Remote Command Execution
http://www.exploit-db.com/exploits/28508
0 件のコメント:
コメントを投稿