Preferred Path operation with DMP DSM
http://seer.entsupport.symantec.com/docs/323137.htm
Getting Lab Manager 3.0 and VMware View licenses
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010083&sliceId=1&docTypeID=DT_KB_1_1
Required VMware vCenter Converter ports
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010056&sliceId=1&docTypeID=DT_KB_1_1
CERT Releases Dranzer Tool
http://www.cert.org/vuls/discovery/dranzer.html
DSA 1772-1: New udev packages fix privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28992
APEX-SA-04/16/2009: Unprivileged DB users can see APEX password hashes CVE-2009-0981
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28996
CVE-2009-0992: SQL Injection in package DBMS_AQIN
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28997
CVE-2009-0977: SQL Injection in package DBMS_AQADM_SYS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28998
KON-BOOT-SA-04/16/2009: KON-BOOT for Windows and Linux (Password Bypassing Utility for Forgetting Heads)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28999
DSA 1771-1: New clamav packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28991
「アルバム全曲入っています」、音楽ファイルに見せかけたウイルス
感染するとDNS設定を変更、悪質サイトに誘導される
http://itpro.nikkeibp.co.jp/article/NEWS/20090416/328543/?ST=security
「Adobe Readerの脆弱性が狙われている」――シマンテックが警告
2008年はWeb経由の攻撃が顕著、新たに出現したウイルスは160万件以上
http://itpro.nikkeibp.co.jp/article/NEWS/20090416/328599/?ST=security
NECの指紋照合技術が米当局から高評価
http://itpro.nikkeibp.co.jp/article/NEWS/20090416/328572/?ST=security
「2009年はPDFとWebブラウザのプラグインが狙われる」---シマンテックが分析
http://itpro.nikkeibp.co.jp/article/NEWS/20090416/328575/?ST=security
[DSECRG-09-020] Apache Geronimo - XSRF vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00162.html
[DSECRG-09-019] Apache Geronimo - XSS vulnerabilities.txt
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00161.html
[DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00160.html
Miniweb Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00164.html
Miniweb server Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00163.html
DDIVRT-2009-23 Apache ActiveMQ Numerous Cross Site Scripting Issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00157.html
webSPELL 4.2.0c--XSS (BYPASS BBCODE) COOKIES STEALING VULNERABILITY--
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00156.html
[SECURITY] [DSA 1772-1] New udev packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00155.html
Geeklog <= 1.5.2 savepreferences()/*blocks[] remote sql injection exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00152.html
Secunia Research: Danske Bank e-Sec Control Module Error Logging Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00151.html
Unprivileged DB users can see APEX password hashes
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00149.html
SQL Injection in package DBMS_AQADM_SYS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00154.html
SQL Injection in package DBMS_AQIN
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00148.html
Phorum < 5.2.10 Cross-Site Scripting/Request Forgery
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00150.html
skpd: A tool to dump processes to executable ELF files
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00159.html
iDefense Security Advisory 04.15.09: IBM AIX muxatmd Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00153.html
[SECURITY] [DSA 1771-1] New clamav packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00147.html
53702 : Drupal Content Construction Kit (CCK) Comment Reference Module XSS
http://osvdb.org/show/osvdb/53702
Vulnerability Note VU#196617 Xpdf and poppler contain multiple vulnerabilities in the processing of JBIG2 data
http://www.kb.cert.org/vuls/id/196617
Debian update for udev
http://secunia.com/advisories/34753/
Sun Java System Directory Server Information Disclosure Vulnerability
http://secunia.com/advisories/34751/
Ubuntu update for udev
http://secunia.com/advisories/34750/
Fedora update for phpMyAdmin
http://secunia.com/advisories/34741/
Drupal CCK Comment Reference Script Insertion Vulnerability
http://secunia.com/advisories/34739/
Drupal Print Module Content Title Script Insertion Vulnerability
http://secunia.com/advisories/34738/
Novell Kerberos KDC Multiple Vulnerabilities
http://secunia.com/advisories/34734/
udev Denial of Service and Privilege Escalation
http://secunia.com/advisories/34731/
Ubuntu update for ghostscript
http://secunia.com/advisories/34729/
Microsoft Whale IAG / Client Components ActiveX Control Buffer Overflows
http://secunia.com/advisories/34725/
FreeType Multiple Vulnerabilities
http://secunia.com/advisories/34723/
Drupal Localization Client Module Script Insertion Vulnerability
http://secunia.com/advisories/34718/
Debian update for clamav
http://secunia.com/advisories/34716/
Novell Teaming User Enumeration and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/34714/
FreeWebShop.org "lang_file" File Inclusion Vulnerability
http://secunia.com/advisories/34707/
Job2C Local File Inclusion and File Upload Vulnerabilities
http://secunia.com/advisories/34698/
Fedora update for ghostscript
http://secunia.com/advisories/34667/
AbleSpace Multiple Vulnerabilities
http://secunia.com/advisories/34663/
IBM AIX "muxatmd" Buffer Overflow Vulnerability
http://secunia.com/advisories/34662/
Danske Bank e-Sec Control Module Error Logging Buffer Overflow
http://secunia.com/advisories/29635/
SPIP Data Processing PHP Code Injection and Security Bypass Issues
http://www.vupen.com/english/advisories/2009/1062
Microsoft Whale IAG ActiveX Remote Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/1061
Drupal Multiple Module Data Handling Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1060
Sun Java System Directory Server Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/1059
- FreeType Data Processing Multiple Integer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/1058
Novell Kerberos KDC Code Execution and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/1057
IBM AIX "muxatmd" Local Buffer Overflow Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2009/1056
- udev Local Privilege Escalation and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/1053
Novell Teaming Username Enumeration and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/1048
Danske Bank e-Sec Control Module Error Logging Buffer Overflow Issue
http://www.vupen.com/english/advisories/2009/1047
Nortel Application Gateway 2000 Password Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/1046
phpMyAdmin Setup Script Remote PHP Code Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1045
DivX Web Player 'STRF' Chunk Processing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34523
- CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34571
TYPO3 pmk_rssnewsexport and cm_rdfexport Extensions Unspecified SQL Injection Vulnerability
http://www.securityfocus.com/bid/34544
Drupal Printer, e-mail and PDF versions Module Content Title HTML Injection Vulnerability
http://www.securityfocus.com/bid/34545
@Mail and @Mail WebMail Email Body HTML Injection Vulnerability
http://www.securityfocus.com/bid/34529
Microsoft Word 2000 WordPerfect Converter Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34469
Microsoft WordPad Text Converter Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/32718
Microsoft WordPad Word 97 Converter Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34470
GraphicsMagick Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/29583
CCK Comment Reference Edit Form HTML Injection Vulnerability
http://www.securityfocus.com/bid/34547
XMLPortal Search Feature Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34541
Develop It Easy Event Calendar Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/32148
OpenSSL 'EVP_VerifyFinal' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33150
ClamAV Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34357
Apache Geronimo Application Server Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34562
LightNEasy Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/28801
Opencosmo VisualSentinel User Agent HTML Injection Vulnerability
http://www.securityfocus.com/bid/29447
- udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536
Linux Kernel 'kill_something_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34558
+ Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33846
+ Linux Kernel 'seccomp' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33948
Linux Kernel nfsd 'CAP_MKNOD' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34205
Microsoft DirectX DirectShow MJPEG Video Decompression Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34460
Job2C 'adtype' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34537
D-Bus 'dbus_signature_validate()' Type Signature Denial of Service Vulnerability
http://www.securityfocus.com/bid/31602
Job2C Profile Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34535
Fortinet FortiClient VPN Connection Name Local Format String Vulnerability
http://www.securityfocus.com/bid/34343
SAFARI Montage 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/29343
Liferay Portal Forgot-Password Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/26606
Liferay Portal Login Script Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/26470
WikkaWiki Security Bypass Vulnerability
http://www.securityfocus.com/bid/34528
Novell Teaming User Enumeration Weakness and Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34531
PowerCHM HTML File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34517
RQMS Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34518
GuestCal 'lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/34519
Apache ActiveMQ Web Console Multiple Unspecified HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34552
Aqua CMS 1.1 Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34516
AbleSpace Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34512
Jamroom 't' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/34511
Mongoose HTTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34510
People-Trak Login SQL Injection Vulnerability
http://www.securityfocus.com/bid/34491
+ Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34383
Sun Solaris ip(7P) Kernel Module Minor Number Allocation Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33550
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Ghostscript 'gdevpdtb.c' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34340
Ghostscript 'jbig2dec' JBIG2 Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34445
VMware Hosted Products VMSA-2009-0005 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34373
IBM AIX 'usr/sbin/muxatmd' Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34543
Sun Java System Directory Server Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34548
Sun Solaris Kerberos Incremental Propagation Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34139
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
- udev Path Encoding Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34539
phpMyAdmin Configuration File PHP Code Injection Vulnerability
http://www.securityfocus.com/bid/34526
BlackBerry Enterprise Server MDS Connection Service Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34573
chCounter 'counter/stats/index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34572
Zervit HTTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34570
SMA-DB 'theme/format.php' Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/34569
+ XPDF JBIG2 Processing Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/34568
razorCMS 0.3RC2 Multiple Vulnerabilities
http://www.securityfocus.com/bid/34566
MiniWeb Source Code Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34565
MiniWeb Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34563
NetHoteles 'ficha.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34561
Elecard AVC HD Player '.xpl' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34560
GScripts.net DNS Tools 'dig.php' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/34559
NetHoteles Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34557
cpCommerce 'document.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34556
Online Password Manager Insecure Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34555
Apollo 'm3u' Playlist File Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34554
Geeklog 'usersettings.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34553
Phorum Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34551
Danske Bank Danske e-Sec Control Module ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34549
+ RHSA-2009:0429-1 Important: cups security update
http://rhn.redhat.com/errata/RHSA-2009-0429.html
- RHSA-2009:0430-1 Important: xpdf security update
http://rhn.redhat.com/errata/RHSA-2009-0430.html
- RHSA-2009:0431-1 Important: kdegraphics security update
http://rhn.redhat.com/errata/RHSA-2009-0431.html
+ RHSA-2009:0428-1 Moderate: cups security update
http://rhn.redhat.com/errata/RHSA-2009-0428.html
- RHSA-2009:0427-1 Important: udev security update
http://rhn.redhat.com/errata/RHSA-2009-0427.html
+ View Bulletin PSN-2009-04-326 Cross-Site Scripting (XSS) in the JUNOS web management console allows unauthorized access.
http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2009-04-326&viewMode=view
+ Xpdf 3.02pl3 was released
http://www.foolabs.com/xpdf/download.html
0 件のコメント:
コメントを投稿