+ The latest stable version of the Linux kernel is: 2.6.29
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29
+ iptables 1.4.3 released
http://www.netfilter.org/projects/iptables/files/changes-iptables-1.4.3.txt
FreeBSD-SA-09:06.ktimer: ktimer
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28726
「情報セキュリティ技術動向調査タスクグループ報告書(2008 年下期)」を公開しました。
http://www.ipa.go.jp/security/fy20/reports/tech1-tg/index2.html
ExpressionEngine Persistent Cross-Site Scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00207.html
FreeBSD Security Advisory FreeBSD-SA-09:06.ktimer
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00210.html
Rittal CMC-TC Processing Unit II multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00206.html
[ MDVSA-2009:078 ] evolution-data-server
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00213.html
CORE-2009-0122: HP OpenView Buffer Overflows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00211.html
[ MDVSA-2009:079 ] postgresql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00214.html
[SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00212.html
[USN-743-1] Ghostscript vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00215.html
[USN-744-1] LittleCMS vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00216.html
bind 9.4.3-P2, 9.5.1-P2 リリース
http://www2.ns-labs.com/cgi-bin/security_detail_2.cgi?os=unix&id=49&p=
Apple Safari にリモートコード実行の脆弱性
http://www2.ns-labs.com/cgi-bin/security_detail_2.cgi?os=unix&id=50&p=
Mozilla Firefox にリモートコード実行の脆弱性
http://www2.ns-labs.com/cgi-bin/security_detail_2.cgi?os=unix&id=51&p=
Sun Java System Identity Manager に複数の脆弱性
http://www2.ns-labs.com/cgi-bin/security_detail_2.cgi?os=unix&id=52&p=
52840 : PHCDownload search.php string Parameter Arbitrary PHP Code Execution
http://osvdb.org/show/osvdb/52840
Sun Java System Identity Manager Code Execution and Security Bypass
http://www.vupen.com/english/advisories/2009/0797
Avaya Products Solaris NFS Server Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2009/0798
PHPCMS2008 "q" Parameter Handling Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/0799
BS.Player Playlist Processing Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/0800
SlySoft Products ElbyCD Driver Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2009/0801
+ Linux Kernel Security Bypass and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2009/0802
Telnet-FTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/21339
Telnet-FTP Server Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/21340
Pivot 'refkey' Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/34160
PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
POP Peeper 'From' Mail Header Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34192
Foxit Reader PDF Handling Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34035
Muttprint Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/32743
Evolution Data Server 'ntlm_challenge()' Memory Contents Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34109
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
GNOME Evolution S/MIME Email Signature Verification Vulnerability
http://www.securityfocus.com/bid/33720
Zinf Multiple Playlist Files Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33482
WebCit Mini_Calendar Component Format String Vulnerability
http://www.securityfocus.com/bid/34206
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Piwik 'archive.sh' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34204
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34185
Orbit Downloader ActiveX Control 'download()' Method Arbitrary File Delete Vulnerability
http://www.securityfocus.com/bid/34200
+ Linux Kernel nfsd 'CAP_MKNOD' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34205
X-BLC 'get_read.php' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34197
Drupal CCK Field Privacy Module Security Bypass Vulnerability
http://www.securityfocus.com/bid/34199
FreeBSD 'kenv' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34198
FreeBSD 'ktimer' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34196
SuperNews 'valor.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34195
WBB3 rGallery 'userID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34194
ExpressionEngine Avtaar Name HTML Injection Vulnerability
http://www.securityfocus.com/bid/34193
HP OpenView Network Node Manager 'Accept-Language' HTTP Header Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34135
HP OpenView Network Node Manager 'OvAcceptLang' Parameter Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34134
Apple Mac OS X HFS Plus Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34203
Apple Mac OS X Kernel Memory Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34202
Content Construction Kit (CCK) Drupal Module User and Node References HTML Injection Vulnerability
http://www.securityfocus.com/bid/34172
WeeChat IRC Message Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34148
Apple Mac OS X AppleTalk Zip-Notify Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34201
Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/33827
Racer Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25297
Libpng Library 'png_handle_tEXt()' Memory Leak Denial of Service Vulnerability
http://www.securityfocus.com/bid/31920
Libpng Library Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/25956
Libpng Library Unknown Chunk Handler Vulnerability
http://www.securityfocus.com/bid/28770
Libpng Library Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/24000
Linux Kernel 'dell_rbu' Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/33428
Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33846
Linux Kernel 'readlink' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33412
Linux Kernel 64 Bit ABI System Call Parameter Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33275
Linux Kernel 'keyctl_join_session_keyring()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/33339
Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33113
Linux-PAM Configuration File Non-ASCII User Name Handling Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34010
VMware Server 1.0.5 and Workstation 6.0.3 Multiple Vulnerabilities
http://www.securityfocus.com/bid/28276
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33990
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -01 to -06 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33598
Sun Solaris NFS Server (nfssec(5)) Security Modes Security Bypass Vulnerability
http://www.securityfocus.com/bid/34063
Rittal CMC-TC Processing Unit II Administrator Session ID Security Bypass Vulnerability
http://www.securityfocus.com/bid/34217
+ Linux Kernel 'ecryptfs_write_metadata_to_contents()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34216
PHPizabi 'modules/chat/dac.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34213
Free Arcade Script SQL Injection and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/34212
Padl nss_ldap '/etc/nss_ldapd.conf' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34211
Syzygy CMS SQL Injection and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34210
Sysax Multi Server FTP 'DELE' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34209
Codice CMS 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34208
Pluck 'module_pages_site.php' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/34207
Sun Java System Identity Manager Security Vulnerabilities
http://sunsolve.sun.com/search/document.do?assetkey=1-66-253267-1
「10大脅威 攻撃手法の『多様化』が進む」を公開
http://www.ipa.go.jp/security/vuln/10threats2009.html
JVNDB-2009-001091 IBM WebSphere Application Server におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001091.html
JVNDB-2009-001090 IBM WebSphere Application Server の IBM I/O ライブラリにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001090.html
JVNDB-2009-001089 IBM WebSphere Application Server における任意の Web サイトへリダイレクトされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001089.html
JVNDB-2009-001088 IBM WebSphere Application Server における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001088.html
+ Linux Kernel 'ecryptfs_write_metadata_to_contents()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34216
0 件のコメント:
コメントを投稿