2013年10月21日月曜日

21日 月曜日、先勝

+ UPDATE: Multiple Vulnerabilities in Cisco ASA Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa

+ Multiple vulnerabilities in Firefox
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_firefox1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4196

+ CVE-2012-6329 Code Injection vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2012_6329_code_injection
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6329

+ CVE-2012-5195 Buffer Errors vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5195_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5195

+ CVE-2010-2761 Code Injection Vulnerability in perl
https://blogs.oracle.com/sunsecurity/entry/cve_2010_2761_code_injection
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2761

+ CVE-2011-3597 Improper Input Validation vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2011_3597_improper_input
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3597

+ CVE-2012-5195 Heap Buffer Overrun vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5195_heap_buffer
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5195

+ CVE-2012-5526 Configuration vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5526_configuration_vulnerability
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5526

+ CVE-2010-2761, CVE-2010-4411 Vulnerabilities in CGI.pm Perl Module in Solaris 10
https://blogs.oracle.com/sunsecurity/entry/cve_2010_2761_cve_2010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4411

+ CVE-2011-2728 Denial of Service (DoS) vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2011_2728_denial_of1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2728

+ CVE-2011-2728 Denial of Service Vulnerability in Perl
https://blogs.oracle.com/sunsecurity/entry/cve_2011_2728_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2728

+ VMSA-2013-0012 VMware vSphere updates address multiple vulnerabilities
http://www.vmware.com/security/advisories/VMSA-2013-0012.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5971

+ Zimbra Collaboration Suite 8.0.5, 7.2.5 released
http://files.zimbra.com/website/docs/8.0/Zimbra_OS_Release_Notes_8.0.5.pdf
http://files.zimbra.com/website/docs/7.2/Zimbra_OS_Release_Notes_7.2.5.pdf

+ Cisco Unified Computing System Bugs Let Remote Users Conduct Man-in-the-Middle Attacks and Obtain Information and Let Local Users View Files
http://www.securitytracker.com/id/1029209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4117

+ Sybase Adaptive Server XML External Entity Processing Flaw Lets Remote Authenticate Users View Files
http://www.securitytracker.com/id/1029208
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6025

+ VU#526012 Oracle JavaServer Faces contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/526012

+ Linux Kernel Patches For Linux Kernel Security
http://cxsecurity.com/issue/WLB-2013100131

+ SA55311 Bugzilla Multiple Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/55311/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1743

Trend Micro Network VirusWall Enforcer 1500i/3500i/3600i バージョン 3.5 リパック版および Patch 1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=2017

DbWrench Database Design v3.0.1 Released
http://www.postgresql.org/about/news/1488/

JVNDB-2013-000095 HDL-A および HDL2-A シリーズにおけるセッション管理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000095.html

インターコムがクライアント管理新版「MaLion 4」、XP端末のWeb禁止やMac管理強化
http://itpro.nikkeibp.co.jp/article/NEWS/20131018/511988/?ST=security

JVNVU#98285660 Oracle Outside In にバッファオーバーフローの脆弱性
http://jvn.jp/cert/JVNVU98285660/index.html

JVNVU#90204379 複数の D-Link 製ルータに認証回避の脆弱性
http://jvn.jp/cert/JVNVU90204379/index.html

JVNVU#97158970 SAP Sybase Adaptive Server Enterprise に XML インジェクションの脆弱性
http://jvn.jp/cert/JVNVU97158970/index.html

JVN#52509236 HDL-A および HDL2-A シリーズにおけるセッション管理に関する脆弱性
http://jvn.jp/jp/JVN52509236/index.html

VU#233990 Watchguard Extensible Threat Management (XTM) appliance version 11.7.4 contains a buffer overflow vulnerability
http://www.kb.cert.org/vuls/id/233990

REMOTE: SikaBoom - Remote Buffer Overflow
http://www.exploit-db.com/exploits/29035

0 件のコメント:

コメントを投稿