2013年10月28日月曜日

28日 月曜日、友引

+ CESA-2013:1458 Moderate CentOS 5 gnupg Update
http://lwn.net/Alerts/571724/

+ CESA-2013:1459 Moderate CentOS 5 gnupg2 Update
http://lwn.net/Alerts/571726/

+ CESA-2013:1457 Moderate CentOS 5 libgcrypt Update
http://lwn.net/Alerts/571727/

+ CESA-2013:1459 Moderate CentOS 6 gnupg2 Update
http://lwn.net/Alerts/571725/

+ CESA-2013:1457 Moderate CentOS 6 libgcrypt Update
http://lwn.net/Alerts/571728/

+ VMware Player 6.0.1 released
https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_player/6_0|

+ Apache Tomcat 7.0.47 Released
http://tomcat.apache.org/download-70.cgi

+ OpenLDAP 2.4.37 released
http://www.openldap.org/software/download/

+ Linux Kernel ip_output Memory Corruption Flaw Lets Local Users Deny Service or Gain Elevated Privileges
http://www.securitytracker.com/id/1029254
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4470

+ GnuPG Incorrect Processing of Key Flags Subpacket May Let Users Bypass Security Controls
http://www.securitytracker.com/id/1029243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351

+ GnuPG Side-Channel Attack Lets Local Users Recover RSA Secret Keys
http://www.securitytracker.com/id/1029242
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242

+ Glibc getaddrinfo() Overflow Lets Remote or Local Users Deny Service
http://www.securitytracker.com/id/1029238
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4458

セキュリティ・ホットトピックス
Apple IDを狙うリストアタックが多発、サイトが攻撃を回避する手段とは
http://itpro.nikkeibp.co.jp/article/COLUMN/20131024/513462/?ST=security

JVN#62507275 複数のブロードバンドルータがオープンリゾルバとして機能してしまう問題
http://jvn.jp/jp/JVN62507275/index.html

VU#785838 TVT TD-2308SS-B DVR contains a directory traversal vulnerability
http://www.kb.cert.org/vuls/id/785838

VU#911678 Tyler Technologies TaxWeb 3.13.3.1 contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/911678

REMOTE: Open Flash Chart 2 Arbitrary File Upload
http://www.exploit-db.com/exploits/29210

LOCAL: Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)
http://www.exploit-db.com/exploits/29213

0 件のコメント:

コメントを投稿