+ Security-announce] VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim
http://lists.vmware.com/pipermail/security-announce/2009/000053.html
conntrack-tools 0.9.12 released
http://www.netfilter.org/projects/conntrack-tools/downloads.html
Beta 1 of OpenSSL 1.0.0 is now available, please test it now
http://www.openssl.org/source/
VxCache option installation or uninstallation requires reboot.
http://seer.entsupport.symantec.com/docs/321754.htm
Solution 256068 : Certain Disk Drives May Experience Data Miscompare or Drive Initialization Issues
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256068-1
Solution 256228 : Cross-Site Scripting (XSS) Vulnerability in Sun Java System Calendar Server
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256228-1
Solution 256069 : Certain 500.0GB Disk Drive in Sun Fire X4500 and X4540 Systems May Experience Data Miscompare Issues
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256069-1
VMSA-2009-0004: ESX Service Console updates for openssl, bind, and vim
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28834
RHSA-2009:0326-01: Important: kernel security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28832
MDVSA-2009:084: firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28831
MDVSA-2009:083: mozilla-thunderbird
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28830
NRIセキュアが情報セキュリティ格付け「AA+」取得
http://itpro.nikkeibp.co.jp/article/NEWS/20090401/327490/?ST=security
NTTぷらら、改ざんWebからのウイルス感染を防ぐサービス
http://itpro.nikkeibp.co.jp/article/NEWS/20090401/327569/?ST=security
「4月1日にConfickerが凶暴化」はデマ、便乗ウイルスには注意
http://itpro.nikkeibp.co.jp/article/NEWS/20090401/327492/?ST=security
Samba 3.2.9 Maintenance Release Available
http://news.samba.org/releases/3.2.9/
Samba 3.2.10 Maintenance Release Available
http://news.samba.org/releases/3.2.10/
Samba 3.3.3 Available for Download
http://news.samba.org/releases/3.3.3/
OpenX 2.6.4 multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00010.html
[SecNiche Whitepaper] Evading Web XSS Filters with Microsoft Word - WAPT Perspective
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00006.html
Microsoft Internet Explorer 8 - Anti Spoofing is a Myth
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00004.html
[ MDVSA-2009:084 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00003.html
+ [security bulletin] HPSBUX02418 SSRT090002 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Access
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00001.html
[ MDVSA-2009:083 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00008.html
Secunia Research: UltraISO Image Name Parsing Format String Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00000.html
Secunia Research: UltraISO Image Parsing Buffer Overflow Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00007.html
Massive exploitation of instant messaging applications proved feasible
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00005.html
VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00002.html
Trend Micro Internet Security Buffer Overflow in 'tmactmon.sys' Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Mar/1021955.html
Sun Java System Calendar Server Bugs Permit Denial of Service and Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Mar/1021956.html
Wireshark Format String Flaw in the PROFINET/DCP Dissector Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Mar/1021957.html
VMware ESX Multiple Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2009/0904
UltraISO Multiple Disk Image Parsing Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/0903
MyioSoft Ajax Portal 'ajaxp_backend.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34338
+ Ghostscript 'CCITTFax' Decoding Filter Denial of Service Vulnerability
http://www.securityfocus.com/bid/34337
OpenX 2.6.3 Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/33468
TinyPHPForum UpdatePF.PHP Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/19281
TinyPHPForum 'index.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34339
BibTeX '.bib' File Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34332
OpenX Prior to 2.8 Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34336
Xfig Multiple Insecure Temporary File Creation Vulnerabilities
http://www.securityfocus.com/bid/34328
Turnkey eBook Store 'keywords' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34324
AstonSoft DeepBurner DBR Compilation Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/21657
QtWeb Browser Malformed HTML File Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34327
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
Vim HelpTags Command Remote Format String Vulnerability
http://www.securityfocus.com/bid/25095
Vim 'mch_expand_wildcards()' Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30648
Vim Vim Script Multiple Command Execution Vulnerabilities
http://www.securityfocus.com/bid/29715
Vim Insufficient Shell Escaping Multiple Command Execution Vulnerabilities
http://www.securityfocus.com/bid/30795
Multiple Vendor OpenSSL 'DSA_verify' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33151
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Symantec Backup Exec for Windows Server Remote Agent Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/32347
Microsoft GDI+ WMF Image File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31021
UltraISO Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34325
Microsoft GDI+ GIF File Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/31020
Microsoft GDI+ BMP Integer Overflow Vulnerability
http://www.securityfocus.com/bid/31022
Microsoft GDI+ VML Heap-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31018
Microsoft GDI+ EMF Image Processing Memory Corruption Vulnerability
http://www.securityfocus.com/bid/31019
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33751
Sun xVM VirtualBox Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34080
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34185
Mozilla Firefox XSL Parsing 'root' XML Tag Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34235
Mozilla Firefox '_moveToEdgeShift' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34181
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33990
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -01 to -06 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33598
Oracle January 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/33177
Sun Java System Calendar Server 'command.shtml' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34153
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
Sun Java System Calendar Server 'login.wcap' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34152
Linux Kernel 'dell_rbu' Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/33428
Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
http://www.securityfocus.com/bid/33906
Linux Kernel '/proc/net/rt_cache' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34084
Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33846
Linux Kernel 'readlink' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33412
+ Linux Kernel 'EFER_LME' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34331
+ Linux Kernel '/proc/net/udp' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34329
IBM WebSphere Application Server Username Token Option Session Hijacking Vulnerability
http://www.securityfocus.com/bid/34330
Podcast Generator 'core/admin/delete.php' Arbitrary File Deletion Vulnerability2009-04-01
http://www.securityfocus.com/bid/34317
JobHut 'manageUser.php' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34321
JobHut 'browse.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34300
Haudenschilt Family Connections Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/29722
webEdition CMS 'WE_LANGUAGE' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/34323
Family Connections Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34297
Free Arcade Script 'play.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/33869
SystemTap Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34260
VirtueMart Prior to 1.1.3 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/33480
InGate Firewalls and SIParators Multiple Vulnerabilities
http://www.securityfocus.com/bid/34309
X-Forum 'cookie_username' Cookie Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34302
Community CMS 'index.php' and 'view.php' SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34303
Multiple Gravy Media Applications Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34301
BandSite CMS 'members.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34292
glFusion Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34281
AtomixMP3 Malformed 'm3u' Playlist File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34290
OpenSSL 'EVP_VerifyFinal' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33150
KarjaSoft Sami HTTP Server Request Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/23445
IBM DB2 Content Manager eClient Unspecified Security Vulnerability
http://www.securityfocus.com/bid/34326
Taifajobs 'jobdetails.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/33864
libsndfile CAF Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33963
KoschtIT Image Gallery 'file' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34335
XBMC Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34334
pam_ssh Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/34333
+ Sysstat 9.0.2 released (stable version)
http://pagesperso-orange.fr/sebastien.godard/
Solution 256188 : Database Script Fails for MySQL Repositories When Upgrading to IDM 8.0
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256188-1
Solution 256368 : Nested Mounts Managed by a SUNW.HAStoragePlus Resource may Fail to Mount in the Correct Order on Solaris Cluster 3.2
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256368-1
Solution 255008 : Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1
ZFS(zfs(1M)) filesystem(5) Performance May Drop Significantly if the ZFS Pool Becomes Full
http://sunsolve.sun.com/search/document.do?assetkey=1-66-249566-1
Sun StorageTek and Storage Arrays May Experience Data Corruption for Volumes 2TB or Larger ...
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256288-1
Solution 253468 : A Security Vulnerability in the Solaris dircmp(1) Shell Script may Allow Overwriting of Arbitrary Files
http://sunsolve.sun.com/search/document.do?assetkey=1-66-253468-1
Limited Number of Sun Fire T2000 and SPARC Enterprise T2000 Servers may Experience a ...
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255948-1
GetFreeTablespaceMaxSize(最大空き容量)監視の不具合について
http://www.say-tech.co.jp/support/oracle/getfreetablespacemaxsize/index.shtml
コンピュータウイルス・不正アクセスの届出状況[3月分および第1四半期]について
http://www.ipa.go.jp/security/txt/2009/04outline.html
Symantec,コール・センターの顧客情報流出を調査中
http://itpro.nikkeibp.co.jp/article/NEWS/20090402/327611/?ST=security
If a View Composer desktop is cloned and then used as a Parent VM, a message tells you to reboot when you attempt to log in
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1009679&sliceId=1&docTypeID=DT_KB_1_1
+ Virtual Infrastructure Client shows one datastore in use on the Summary tab when multiple datastores are in use
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1009639&sliceId=1&docTypeID=DT_KB_1_1
+ Cannot add an ESX 3.5.x Update 2 host with running virtual machines to an EVC enabled Cluster
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1009571&sliceId=1&docTypeID=DT_KB_1_1
JVNDB-2009-000017 XOOPS Cube Legacy におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000017.html
+ Linux Kernel Memory Leaks in icmp_send() Let Remote Users Deny Service in Certain Cases
http://securitytracker.com/alerts/2009/Apr/1021958.html
Wireshark Format String Flaw in the PROFINET/DCP Dissector Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Mar/1021957.html
Sun Java System Calendar Server Bugs Permit Denial of Service and Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Mar/1021956.html
0 件のコメント:
コメントを投稿