+ Solution 255308 : A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1
Solution 256408 : Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to Unauthorized Data
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256408-1
Solution 256728 : Multiple Security Vulnerabilities in the Solaris Kerberos 'Mech' Libraries May Lead To Execution of Arbitrary Code, Unauthorized Access to Data or a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256728-1
+ Solution 254909 : Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris 10 (Adobe Security Bulletin APSB09-01)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1
Solution 248386 : Security vulnerability in Solaris Related to the Apache 1.3 mod_perl(3) Module Component "PerlRun.pm" may Lead to Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1
Solution 255008 : Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255008-1
Solution 256688 : SUN ALERT WEEKLY SUMMARY REPORT - Week of 29-Mar-2009 to 04-Apr-2009
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256688-1
Call for Venue for YAPC::Europe::2010
http://use.perl.org/article.pl?sid=09/04/07/1421218&from=rss
Internet Scanner 7.0 SP2 XPU 7.2.67
http://www.isskk.co.jp/offer/XPressUpdates_history.html
トレンドマイクロがiPhone向けWebセキュリティ、不正サイトへの接続を防ぐ
http://itpro.nikkeibp.co.jp/article/NEWS/20090408/328039/?ST=security
JPCERT/CC REPORT 2009-04-08
http://www.jpcert.or.jp/wr/2009/wr091401.txt
JVNDB-2009-001126 Sun Solaris の NFS デーモンにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001126.html
JVNDB-2009-001125 Sun Solaris の NFS サーバにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001125.html
JVNDB-2009-001062 Linux kernel の sctp 実装におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001062.html
JVNDB-2009-001061 Linux kernel の keyctl_join_session_keyring 関数におけるメモリリークの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001061.html
JVNDB-2008-001406 Apple Mac OS X の International Components for Unicode (ICU) におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001406.html
JVNDB-2008-000009 Apache Tomcat において不正な Cookie を送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000009.html
53352 : Synchrologic Email Accelerator aggregate.asp User Account Disclosure
http://osvdb.org/show/osvdb/53352
Apache Tomcat mod_jk May Disclose Responses to the Wrong User
http://securitytracker.com/alerts/2009/Apr/1022001.html
multipath-tools Unsafe Socket Permissions Let Local Users Deny Service
http://securitytracker.com/alerts/2009/Apr/1021997.html
Kerberos ASN.1 GeneralizedTime Decoder Bug Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Apr/1021994.html
Kerberos ASN.1 Decoding Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Apr/1021993.html
Novell Client NetIdentity Agent Pointer Dereference Bug Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Apr/1021990.html
xine-lib Integer Overflow in Processing QuickTime Media Files Lets Remote Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Apr/1021989.html
mod_perl Input Validation Flaw in Apache::Status and Apache2::Status Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Apr/1021988.html
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
The latest prepatch for the stable Linux kernel tree is: 2.6.30-rc1
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc1
+ RHSA-2009:0410-1: Critical: krb5 security update
http://rhn.redhat.com/errata/RHSA-2009-0410.html
GLSA 200904-07: Xpdf: Untrusted search path
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28888
GLSA 200904-08: OpenSSL: Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28889
Java-SA-04/07/2009: POC - Sun Java System Acccess Manager & Identity Manager Users Enumeration
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28893
SUSE-SA:2009:018: security-announce SUSE Security Announcement: IBM Java 1.4.2 and 6
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28881
USN-751-1: Linux kernel vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28880
DSA 1763-1: New openssl packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28882
GLSA 200904-06: Eye of GNOME: Untrusted search path
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28887
2005年出現の古いウイルス、話題の「Conficker」をまねて“復活”
Windowsの脆弱性を突いて感染、USBメモリー経由の感染手法も備える
http://itpro.nikkeibp.co.jp/article/NEWS/20090407/327973/?ST=security
「一太郎」シリーズに危険な脆弱性、すぐにアップデートの適用を
ファイルやWebページを開くだけで被害の恐れ、現時点では実害なし
http://itpro.nikkeibp.co.jp/article/NEWS/20090407/327983/?ST=security
「アダルト動画を表示、閉じると『入会完了』」ワンクリ詐欺の新手口
危ないのは実行形式だけではない、HTA形式ファイルにも注意
http://itpro.nikkeibp.co.jp/article/NEWS/20090407/327972/?ST=security
マカフィーが2009年3月の脅威動向を発表
既知のぜい弱性経由での感染が増加,適切なぜい弱性管理を!
http://itpro.nikkeibp.co.jp/article/NEWS/20090407/327848/?ST=security
[SECURITY] CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00064.html
[USN-754-1] ClamAV vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00063.html
MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00062.html
MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00060.html
[USN-752-1] Linux kernel vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00059.html
LayerOne 2009 - Registration Open, Initial Speakers Announced
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00061.html
[USN-753-1] PostgreSQL vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00056.html
+ [security bulletin] HPSBUX02415 SSRT090023 rev.1 - HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00054.html
POC - Sun Java System Acccess Manager & Identity Manager Users Enumeration
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00055.html
Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00052.html
[ GLSA 200904-08 ] OpenSSL: Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00051.html
[ GLSA 200904-07 ] Xpdf: Untrusted search path
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00049.html
[ GLSA 200904-06 ] Eye of GNOME: Untrusted search path
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00057.html
ZDI-09-016: Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00048.html
TPTI-09-02: VMWare VMnc Codec Open-DML Standard Index dwSize Heap Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00050.html
TPTI-09-01: VMWare VMnc Codec Invalid RFB Message Type Heap Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00053.html
[security bulletin] HPSBMA02416 SSRT090008 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00047.html
RHSA-2009:0411-1: Moderate: device-mapper-multipath security update
http://rhn.redhat.com/errata/RHSA-2009-0411.html
+ RHSA-2009:0409-1: Important: krb5 security update
http://rhn.redhat.com/errata/RHSA-2009-0409.html
JustSystems Ichitaro RTF Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/0957
ContentKeeper Command Injection and Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2009/0956
Q2 Solutions ConnX "txtEmail" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/0955
Novell NetIdentity Client Agent Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/0954
IrfanView Formats Plug-in XPM Handling Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/0953
BookJoomlas for Joomla "gbid" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/0952
+ Apache Tomcat mod_jk Content Length Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34412
ClamAV Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34357
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34185
Little CMS Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34411
XBMC Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34334
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
+ Sun Java Applet Font.createFont Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/17981
+ Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
+ Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/32892
+ Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/32608
+ Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/32620
pam-krb5 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33740
pam-krb5 'KRB5CCNAME' Environment Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33741
CF Shopkart 'index.cfm' SQL Injection Vulnerability
http://www.securityfocus.com/bid/32765
Q2 Solutions ConnX 'frmLoginPwdReminderPopup.aspx' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34350
Pixie CMS SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34189
PPLive URI Handlers 'LoadModule' Parameter Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/34128
FormEncode 'chained_validators' Class Security Bypass Vulnerability
http://www.securityfocus.com/bid/30282
ldns 'rr.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34233
Destar Add User Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/28426
7-Zip Unspecified Archive Handling Vulnerability
http://www.securityfocus.com/bid/28285
iDB 'skin' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/34397
Unsniff Network Analyzer '.usnf' File Heap-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34396
Particle Software IntraLaunch ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34395
KVM Block Device Backend Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/28001
+ Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33846
+ Linux Kernel 'seccomp' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33948
+ Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33113
+ Linux Kernel '/ipc/shm.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34020
+ Linux Kernel 'dell_rbu' Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/33428
MoinMoin 1.6.1 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34406
Linux Kernel SPARC 'mremap()' Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/33836
+ Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
http://www.securityfocus.com/bid/33906
+ Linux Kernel 'locks_remove_flock()' Local Race Condition Vulnerability
http://www.securityfocus.com/bid/33237
+ Linux Kernel Audit System 'audit_syscall_entry()' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33951
Linux Kernel 64 Bit ABI System Call Parameter Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33275
Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33890
+ Linux Kernel 'exit_notify()' CAP_KILL Verification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34405
Avaya SIP Enablement Services (SES) Server Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/28687
Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33880
+ Microsoft PowerPoint File Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34351
XAMPP Phonebook.PHP Remote HTML Injection Vulnerability
http://www.securityfocus.com/bid/13127
HP OpenView Network Node Manager 'OvOSLocale' Cookie Parameter Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34294
Drupal Deleted Input Format HTML Injection Vulnerability
http://www.securityfocus.com/bid/32778
JustSystems Ichitaro RTF File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34403
+ OpenSSL PKCS Padding RSA Signature Forgery Vulnerability
http://www.securityfocus.com/bid/19849
HP OpenView Network Node Manager 'OvAcceptLang' Parameter Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34134
+ PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
HP OpenView Network Node Manager 'Accept-Language' HTTP Header Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34135
vBulletin Admin Control Panel Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34393
IrfanView FORMATS Plugin XPM Format Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34402
Web Help Desk Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34391
Novell NetIdentity Agent 'XTIERRPCPIPE' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34400
Xpdf Search Path Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34401
eog 'PySys_SetArgv' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/33443
ConnX 'frmLoginPwdReminderPopup.aspx' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34388
+ OpenSSH CBC Mode Information Disclosure Vulnerability
http://www.securityfocus.com/bid/32319
Sun Java System Calendar Server Duplicate URI Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/34150
+ Linux Kernel Kprobe Memory Corruption Vulnerability
http://www.securityfocus.com/bid/33758
+ Linux Kernel 'readlink' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33412
+ Linux Kernel Console Selection Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33672
+ Linux Kernel 'keyctl_join_session_keyring()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/33339
Apache Struts Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34399
MapServer Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/34306
NOS Microsystems getPlus Download Manager ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32105
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
Adobe Reader Unspecified Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/29420
Adobe Acrobat and Reader 8.1.2 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/32100
VMware Hosted Products VMSA-2009-0005 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34373
Tunapie Stream URI Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/34418
Tunapie Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/34417
Lanius CMS 'upload.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34415
OpenAFS Unix Cache Manager Heap-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34407
OpenAFS Error Codes Remote Denial of Service Vulnerabiliy
http://www.securityfocus.com/bid/34404
0 件のコメント:
コメントを投稿