ウイルスデータベースサーバメンテナンスのお知らせ(2009年4月13日)
http://www.trendmicro.co.jp/support/news.asp?id=1241
Confickerに新たな亜種「WORM_DOWNAD.E」,PtoP通信でアップデート
http://itpro.nikkeibp.co.jp/article/NEWS/20090410/328179/?ST=security
JVNDB-2009-001049 Trend Micro InterScan Web Security Suite における権限設定を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001049.html
JVNDB-2008-001918 Adobe Acrobat および Reader の JavaScript メソッドにおける入力値検証に関わる任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001918.html
JVNDB-2008-001917 Adobe Acrobat および Reader におけるメモリ破壊の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001917.html
JVNDB-2008-001915 Adobe Acrobat および Reader における PDF ドキュメントの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001915.html
53447 : Cisco PIX / ASA Implicit Deny ACE Unspecified ACL Bypass
http://osvdb.org/show/osvdb/53447
53446 : Cisco PIX / ASA SQL*Net Malformed Packet Sequence Remote DoS
http://osvdb.org/show/osvdb/53446
53445 : Cisco PIX / ASA Malformed TCP Packet Memory Consumption Remote DoS
http://osvdb.org/show/osvdb/53445
53444 : Cisco PIX / ASA H.323 Inspection Packet Handling Remote DoS
http://osvdb.org/show/osvdb/53444
53442 : Cisco PIX / ASA HTTP Packet Handling Remote DoS
http://osvdb.org/show/osvdb/53442
53441 : Cisco PIX / ASA Overide Account Feature VPN Authentication Bypass
http://osvdb.org/show/osvdb/53441
EMC RepliStor Heap Overflow in 'ctrlservice' and 'rep_srv' Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022026
IBM BladeCenter Flaws Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks
http://www.securitytracker.com/id?1022025
IBM Lotus Domino Server IMAP Attachment Processing Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id?1022024
- Linux Kernel CIFS Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Apr/1022023.html
HP ProCurve Manager Bug Lets Remote Users Access Data
http://www.securitytracker.com/id?1022022
HP OpenView Performance Agent Flaw in DynaZip Component Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022021
+ Solution 256728 : Multiple Security Vulnerabilities in the Solaris Kerberos 'Mech' Libraries May Lead To Execution of Arbitrary Code, Unauthorized Access to Data or a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256728-1
Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml
DSA 1766-1: New krb5 packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28922
SASPCMS-SA-04/08/2009: SASPCMS Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28928
cisco-sa-20090408-asa: Multiple Vulnerabilities in Cisco ASA and Cisco PIX
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28923
携帯電話向けワームが出現,エフセキュアがマルウエア動向を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20090409/328160/?ST=security
ClamAV 0.95.1 リリース
http://www.clamav.net/
Reminder: RAID 2009 CFP
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00094.html
[ MDVSA-2009:088 ] wireshark
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00093.html
[security bulletin] HPSBMA02420 SSRT071458 rev.1 - HP ProCurve Manager and HP ProCurve Manager P
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00092.html
OpenVAS now beyond 10000 Network Vulnerability Tests
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00080.html
[SECURITY] [DSA 1767-1] New multipath-tools packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00089.html
Secunia Research: Ghostscript jbig2dec JBIG2 Processing Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00091.html
AdaptBB 1.0 Beta Multiple Remote Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00082.html
[security bulletin] HPSBMA02396 SSRT080175 rev.1 - HP OpenView Performance Agent and HP Performance Agent Running on Windows, Remote Execution of Arbitrary Code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00086.html
IBM BladeCenter Advanced Management Module Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00088.html
Geeklog <=1.5.2 SESS_updateSessionTime() vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00079.html
Geeklog <=1.5.2 SEC_authenticate()/PHP_AUTH_USER sql injection exploit http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00084.html
FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00078.html
[SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00085.html
[ GLSA 200904-11 ] Tor: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00083.html
[ GLSA 200904-10 ] Avahi: Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00090.html
[ GLSA 200904-09 ] MIT Kerberos 5: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00087.html
Exjune Guestbook v2 Remote Database Disclosure Exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00081.html
net2ftp <= 0.97 Cross-Site Scripting/Request Forgery http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00077.html
Wireshark 1.0.7 released
http://www.wireshark.org/news/20090408.html
http://www.wireshark.org/security/wnpa-sec-2009-02.html
HP OpenView Performance Agent DynaZip Buffer Overflow Vulnerability
http://secunia.com/advisories/34659/
- IBM Lotus Domino IMAP Server Denial of Service Vulnerability
http://secunia.com/advisories/34657/
OpenAFS Client Two Vulnerabilities
http://secunia.com/advisories/34655/
Photo Graffix File Upload and File Overwrite Vulnerabilities
http://secunia.com/advisories/34649/
WebFileExplorer "db.mdb" Database Disclosure Security Issue
http://secunia.com/advisories/34648/
Debian update for krb5
http://secunia.com/advisories/34645/
SUSE update for krb5
http://secunia.com/advisories/34637/
Linksys WRT160N Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/34625/
- ClamAV UPack Denial of Service and "cli_url_canon()" Buffer Overflow
http://secunia.com/advisories/34612/
Debian update for horde3
http://secunia.com/advisories/34609/
Cisco ASA and PIX Multiple Vulnerabilities
http://secunia.com/advisories/34607/
Gentoo update for mit-krb5
http://secunia.com/advisories/34594/
Gentoo update for avahi
http://secunia.com/advisories/34592/
Gentoo update for tor
http://secunia.com/advisories/34583/
Ghostscript jbig2dec JBIG2 Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/34292/
- IBM Lotus Domino RFC822 Blobs Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/0986
- ClamAV "cli_url_canon()" Buffer Overflow and UPack DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/0985
OpenAFS Remote Buffer Overflow and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/0984
- Ghostscript jbig2dec JBIG2 Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/0983
Linksys WRT160N Remote Cross Site Request Forgery Vulnerability
http://www.vupen.com/english/advisories/2009/0982
Cisco ASA and PIX Denial of Service and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/0981
HP OpenView Performance Agent DynaZip Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/0980
HP-UX Security Update Fixes PAMKerberos Privilege Escalation Issues
http://www.vupen.com/english/advisories/2009/0979
Sun Solaris XScreenSaver Popup Windows Security Weakness
http://www.vupen.com/english/advisories/2009/0978
Sun Solaris Security Update Fixes Firefox Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/0977
Sun Solaris and SEAM Kerberos Code Execution and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/0976
Linux Kernel Privilege Escalation and Integer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/0975
+ Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
Roundup EditCSVAction Security Bypass Vulnerability
http://www.securityfocus.com/bid/34059
Photo-Graffix 'wmprocess.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34436
Photo-Graffix 'mp3upload.htm' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34434
Geeklog 'SEC_authenticate()' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34456
glFusion 'SESS_updateSessionTime()' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34361
NetworkManager Permission Enforcement Multiple Local Vulnrabilities
http://www.securityfocus.com/bid/33966
Wireshark Prior to 1.0.7 Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34457
XBMC Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34334
Wireshark PN-DCP Data Format String Vulnerability
http://www.securityfocus.com/bid/34291
multipath-tools 'multipathd' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34410
net2ftp Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34440
Tor Unspecified Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/33399
Tor Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/33713
Tor Security Bypass And Privilege Escalation Weaknesses
http://www.securityfocus.com/bid/32648
Ots Labs OtsTurntables OFL File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33257
AdaptBB Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34452
Linux Kernel CIFS Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34453
Maian Music Joomla! Component 'category' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34432
Cisco Subscriber Edge Services Manager Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34454
Linksys WRT160N Wireless Router Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/34448
HP ProCurve Manager and ProCurve Manager Plus Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34451
Cisco Unified Communications Manager SIP Service Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/31367
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
+ Microsoft April 2009 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/34450
http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx
ClamAV Prior to 0.95.1 Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34446
- Ghostscript 'jbig2dec' JBIG2 Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34445
- IBM Lotus Domino IMAP Server Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34441
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
IBM Tivoli Storage Manager Multiple Vulnerabilities
http://www.securityfocus.com/bid/34285
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
InnerMedia DynaZip ZIP Archive Handling Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/19143
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
ejabberd MUC Logs Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34133
Avahi 'avahi-core/server.c' Multicast DNS Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33946
FFmpeg 'libavformat/4xm.c' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33502
PHP 'imageRotate()' Uninitialized Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33002
Net-SNMP 'snmpUDPDomain.c' Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33755
Gretech GOM Player '.srt' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34427
Joomla! 'com_mailto' Component 'article' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34433
Joomla! cmimarketplace Component 'viewit' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34431
Horde Products Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/33491
Horde Turba 'services/obrowser/index.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/29745
Horde XSS Filter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/33367
Linux Kernel 'exit_notify()' CAP_KILL Verification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34405
Bugzilla 'attachment.cgi' Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/34308
LinPHA 1.3.4 Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34422
Xplode 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34419
Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33846
Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33113
Linux Kernel 'seccomp' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33948
Linux Kernel '/ipc/shm.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34020
Linux Kernel 'dell_rbu' Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/33428
Linux Kernel Audit System 'audit_syscall_entry()' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33951
Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
http://www.securityfocus.com/bid/33906
+ Microsoft Windows 'atapi.sys' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34466
Dynamic Flash Forum Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34465
My Dealer CMS 'admin/login.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34464
XIGLA Absolute Form Processor XE 'login.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34463
WebFileExplorer 'body.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34462
SWF Opener Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34459
BackendCMS 'main.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34455
EMC RepliStor Multiple Remote Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34449
IBM BladeCenter Advanced Management Module Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34447
53420 : WebFileExplorer db.mdb Direct Request Database Disclosure
http://osvdb.org/show/osvdb/53420
53419 : OpenGoo Web Link Addition webpage[url] Parameter Arbitrary Code Injection
http://osvdb.org/show/osvdb/53419
53418 : OpenGoo index.php search_for Parameter XSS
http://osvdb.org/show/osvdb/53418
0 件のコメント:
コメントを投稿