http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3
+ libiconv 1.13 released
http://www.gnu.org/software/libiconv/
http://savannah.gnu.org/projects/libiconv/
http://ftp.gnu.org/gnu/libiconv/?C=M;O=A
Trend Micro LeakProof Virtual Appliance 3.1 公開とサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1246
RHSA-2009:0436-1 Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2009-0436.html
JPCERT/CC WEEKLY REPORT 2009-04-22
http://www.jpcert.or.jp/wr/2009/wr091601.html
JVNDB-2009-001165 JDK および JRE の unpack200 におけるバッファオーバフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001165.html
JVNDB-2009-001164 JDK および JRE の unpack200 における整数オーバフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001164.html
JVNDB-2009-001163 JDK および JRE における一時フォントファイルの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001163.html
JVNDB-2009-001162 JDK および JRE の lightweight HTTP サーバ実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001162.html
JVNDB-2009-001161 JDK および JRE の仮想マシンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001161.html
53865 : FlatnuX CMS PHTML File Upload Parameter Arbitrary PHP Code Execution
http://osvdb.org/show/osvdb/53865
53864 : FlatnuX CMS themes/tp_green/theme.php _FN[theme] Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53864
53863 : FlatnuX CMS themes/tp_dhtml2/theme.php _FN[theme] Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53863
53862 : FlatnuX CMS themes/tp_alpha/theme.php _FN[theme] Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53862
53861 : FlatnuX CMS none_Control_Center/section.php _FN[vmod] Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53861
53860 : FlatnuX CMS sections/10_Login/section.php _FN[vmod] Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53860
53859 : FlatnuX CMS sections/06_Download/section.php _FNVMOD Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53859
53858 : FlatnuX CMS sections/08_Files/search.php module Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53858
53857 : FlatnuX CMS sections/02_Flatforum/search.php module Parameter Traversal Local File Inclusion
http://osvdb.org/show/osvdb/53857
53856 : eMule Plus Logging Functionality Infinite Loop DoS
http://osvdb.org/show/osvdb/53856
Mozilla Firefox Stylesheet and MozSearch Bugs Permit Cross-Site Scripting Attacks and Frame Saving Bug Lets Remote Users Obtain Potentially Sensitive Data
http://securitytracker.com/alerts/2009/Apr/1022097.html
Mozilla Firefox Bug in Processing Refresh Headers Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022096
Mozilla Firefox 'jar:' Scheme Error Processing the 'content-disposition:' Header May Affect Some Web Sites
http://www.securitytracker.com/id?1022095
Mozilla Firefox XMLHttpRequest and XPCNativeWrapper.toString Bugs Let Remote Users Bypass Same-Origin Restrictions
http://www.securitytracker.com/id?1022094
Mozilla Firefox Bug in Processing Adobe Flash Contents Lets Remote Users Bypass Cross-Domain Restrictions
http://www.securitytracker.com/id?1022093
Mozilla Firefox JavaScript and Browser Engine Memory Corruption Bugs May Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022090
Microsoft, HSBC, Sony, Coca-Cola(...) New Zealand hacked
http://www.zone-h.org/news/id/4708
Mozilla Firefox Memory Corruption and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/1125
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656
Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability
http://www.securityfocus.com/bid/33837
+ GCC 4.4.0 has been released
http://gcc.gnu.org/gcc-4.4/changes.html
Beta 2 of OpenSSL 1.0.0 is now available
http://www.openssl.org/source/
Sun Announces MySQL 5.4: Up To 90% Faster Response Times, and Scalability Up to 16-way x86 Servers and 64-way CMT Servers
http://www.mysql.com/news-and-events/generate-article.php?id=1602
+ MySQL 5.4 Downloads
http://dev.mysql.com/downloads/mysql/5.4.html
Operating system networking references and tutorials
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010144&sliceId=1&docTypeID=DT_KB_1_1
VMware Consolidated Backup installation instructions
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010092&sliceId=1&docTypeID=DT_KB_1_1
ウイルスバスター2009
プログラムバージョン17.10 ビルド1251 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1244
DSA 1776-1: New slurm-llnl packages fix privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29054
DSA 1777-1: New git-core packages fix privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29055
SSA:2009-111-01: udev
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29052
SUSE-SR:2009:009: SUSE Security Summary Report
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29053
日本カード情報セキュリティ協議会が発足、国内31社が参加
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328894/?ST=security
シマンテックがスパム対策エンジンを刷新,I/O低減など大規模向け機能を強化
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328793/?ST=security
「Waledac」ウイルスが急増中、あの手この手でユーザーをだます
感染すると迷惑メールの踏み台、2009年4月の2週間で2009年2月の2倍に
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328846/?ST=security
CORE-2009-0114 - HTTP Response Splitting vulnerability in Sun Delegated Administrator
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00216.html
MixedCMS 1.0--Multiple Remote Vulnerabilities-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00214.html
Python winappdbg module v1.0 is out!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00215.html
Trend Micro OfficeScan Client - DOS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00209.html
[SECURITY] [DSA 1777-1] New git-core packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00210.html
[SECURITY] [DSA 1776-1] New slurm-llnl packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00211.html
CVE-2009-0991 PoC
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00208.html
[USN-762-1] APT vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00206.html
[USN-763-1] xine-lib vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00207.html
[USN-761-1] PHP vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00205.html
RHSA-2009:0437-2 Critical: seamonkey security update
http://rhn.redhat.com/errata/RHSA-2009-0437.html
Ubuntu update for apt
http://secunia.com/advisories/34832/
Ubuntu update for php5
http://secunia.com/advisories/34830/
apt Package Signature Verification Security Bypass
http://secunia.com/advisories/34829/
Ubuntu update for xine-lib
http://secunia.com/advisories/34828/
Online Contact Manager Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/34826/
Online Photo Pro "section" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/34825/
TotalCalendar "manage_users.php" Security Bypass Vulnerability
http://secunia.com/advisories/34824/
e107 "hide" SQL Injection Vulnerability
http://secunia.com/advisories/34823/
WB News Insecure Cookie Handling Vulnerability
http://secunia.com/advisories/34822/
MoinMoin "AttachFile.py" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/34821/
EZ Webitor login.php SQL Injection Vulnerabilities
http://secunia.com/advisories/34819/
CoolPlayer+ Portable Playlist File Parsing Buffer Overflows
http://secunia.com/advisories/34816/
1by1 M3U Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/34815/
Avaya CMS Solaris / SEAM Kerberos Multiple Vulnerabilities
http://secunia.com/advisories/34814/
Avaya CMS Solaris dircmp Shell Script File Overwriting Vulnerability
http://secunia.com/advisories/34813/
Seditio CMS Events Plugin "c" SQL Injection Vulnerability
http://secunia.com/advisories/34812/
FlatnuX CMS Multiple Vulnerabilities
http://secunia.com/advisories/34811/
Creasito "username" SQL Injection Vulnerability
http://secunia.com/advisories/34809/
HP StorageWorks Storage Mirroring Software Multiple Vulnerabilities
http://secunia.com/advisories/34808/
HP Storage Essentials Secure NaviCLI Security Bypass
http://secunia.com/advisories/34807/
Slackware update for udev
http://secunia.com/advisories/34801/
eMule Plus Logging Infinite Loop Denial of Service
http://secunia.com/advisories/34799/
Debian update for php-json-ext
http://secunia.com/advisories/34770/
Novell NetStorage Multiple Vulnerabilities
http://secunia.com/advisories/34769/
Studio Lounge Address Book Arbitrary File Upload Vulnerability
http://secunia.com/advisories/34761/
OpenSolaris SCTP Socket Bug Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Apr/1022089.html
Git on Debian May Let Local Users Gain Elevated Privileges
http://www.securitytracker.com/id?1022088
Mozilla SeaMonkey Memory Corruption and URL Spoofing Vulnerabilities
http://www.vupen.com/english/advisories/2009/1124
Mozilla Thunderbird Memory Corruption and URL Spoofing Vulnerabilities
http://www.vupen.com/english/advisories/2009/1123
Sun Java System Delegated Administrator Response Splitting Issue
http://www.vupen.com/english/advisories/2009/1122
Linux Kernel CIFS Session Setup Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1121
Sun OpenSolaris SCTP Sockets Local Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1120
MoinMoin "AttachFile.py" File Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1119
Creasito "username" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1118
FunGamez SQL Injection and Local File Inclusion Vulnerabilities
http://www.vupen.com/english/advisories/2009/1117
WysGui CMS "admin_pages" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1116
EZ Webitor "txtUserId" and "txtPassword" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1115
webClassifieds "sAuth" Cookie Handling Authentication Bypass Issue
http://www.vupen.com/english/advisories/2009/1114
Flatnux Multiple Local File Inclusion and File Upload Vulnerabilities
http://www.vupen.com/english/advisories/2009/1113
Seditio CMS Events Plugin "c" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1112
Studio Lounge Address Book Arbitrary PHP File Upload Vulnerability
http://www.vupen.com/english/advisories/2009/1111
Multi-lingual E-Commerce System File Inclusion and Security Bypass
http://www.vupen.com/english/advisories/2009/1110
HP Storage Essentials Secure NaviCLI Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2009/1109
HP StorageWorks Storage Mirroring Code Execution and DoS Issues
http://www.vupen.com/english/advisories/2009/1108
Novell NetStorage Information Disclosure and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/1107
Avaya CMS Solaris Kerberos Code Execution and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/1106
Avaya Products Solaris "dircmp" Local File Overwrite Vulnerability
http://www.vupen.com/english/advisories/2009/1105
Libmodplug "CSoundFile::ReadMed()" Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1104
Horde Groupware Webmail PGP Public Key Caching Vulnerability
http://www.vupen.com/english/advisories/2009/1103
Debian git-core DEC Alpha & MIPS Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34644
Debian apt Repository Signature Verification Vulnerability
http://www.securityfocus.com/bid/34630
The S.T.A.L.K.E.R. game server is prone to a remote denial-of-service vulnerability
http://www.securityfocus.com/bid/29723
S.T.A.L.K.E.R Shadow of Chernobyl Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/29997
MagicISO CCD/Cue File Heap Overflow Vulnerability
http://www.securityfocus.com/bid/34574
Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34629
Linksys WRT54GC 'administration.cgi' Access Validation Vulnerability
http://www.securityfocus.com/bid/34616
Creasito 'checkuser.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34605
EZ Webitor 'login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34604
cpCommerce 'document.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34556
WysGui 'settings.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34603
Adam Patterson Address Book 'upload-file.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34601
NetworkManager Permission Enforcement Multiple Local Vulnrabilities
http://www.securityfocus.com/bid/33966
Openswan and strongSwan DPD Packet Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34296
D-Bus 'send_requested_reply' and 'receive_requested_reply' Security Bypass Vulnerability
http://www.securityfocus.com/bid/32674
GnuTLS X.509 Certificate Chain Security Bypass Vulnerability
http://www.securityfocus.com/bid/32232
Moodle TeX Filter Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/34278
PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
eLitius Administrative Interface Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34577
FFmpeg 'libavformat/4xm.c' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33502
Ghostscript 'jbig2dec' JBIG2 Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34445
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
CoolPlayer M3U File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30418
2532designs 2532Gigs Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/32911
ClamAV RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34344
Trend Micro OfficeScan Client Denial of Service Vulnerability
http://www.securityfocus.com/bid/34642
udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536
udev Path Encoding Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34539
+ Red Hat Stronghold Web Server Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34606
PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/33927
PHP 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33542
xine-lib STTS QuickTime Atom Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34384
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
QuickerSite Multiple Vulnerabilities
http://www.securityfocus.com/bid/29524
Pligg 'id' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/28681
libmodplug 's3m' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30801
cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
http://www.securityfocus.com/bid/33962
Multi-lingual E-Commerce System Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/34600
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/17040
Flatnux Arbitrary File Upload and Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34599
ntop Access Log 'access.log' File Permissions Vulnerability
http://www.securityfocus.com/bid/34597
webSPELL BBCode HTML Injection Vulnerability
http://www.securityfocus.com/bid/34595
Nuke Evolution Xtreme 'player.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34594
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
eZip Wizard Zip File Stack Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34044
Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33890
Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33880
Adobe Flash Player Unspecified Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33889
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33751
Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34169
Adobe Acrobat and Reader JBIG2 Image Processing Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/34229
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461
Linksys WVC54GCA Wireless-G 'SetupWizard.exe' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34596
SunGard Banner Student 'twbkwbis.P_SecurityQuestion' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34620
Sun OpenSolaris SCTP Sockets Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34628
HP Storage Essentials Secure NaviCLI Unspecified Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34613
HP StorageWorks Storage Mirroring Software Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34611
Linux Kernel 'inet6_hashtables.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34602
Linux Kernel CIFS 'serverDomain' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34615
Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612
Microsoft Agent agentdpv.dll ActiveX Control Malformed URL Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25566
Microsoft IAG 2007 ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34532
Malleo 'admin.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34588
e-cart 'admin/editor/image.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34590
Clantiger Clan CMS SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34589
Hot Project 'authenticate.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34593
Multiple ESET Antivirus Products RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34582
Multiple BitDefender Security Products RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34580
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
cTorrent and dTorrent Torrent File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34584
Tiny Blogr 'class.eport.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34581
Adam Patterson Addess Book Multiple Script Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34652
MixedCMS 1.0 Beta Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34649
VS Panel 'showcat.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34648
Quick.CMS.Lite 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34647
I-RATER Photo Rating Script Pro 'admin/login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34646
I-RATER Platinum 'platinumadmin.html' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34645
Sun Java System Delegated Administrator HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/34643
CRE Loaded 'product_info.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34640
SLURM 'sbcast' and 'strigger' Group Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34638
Zervit HTTP Server Malformed URI Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34637
NotFTP 'config.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34636
PastelCMS Local File Include and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34635
TotalCalendar 'cms_detect.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34634
Dokeos 'whoisonline.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34633
HITBSecConf2009 - Malaysia: Call for Papers
http://www.securityfocus.com/archive/82/502703/30/0/flat
http://gcc.gnu.org/gcc-4.4/changes.html
Beta 2 of OpenSSL 1.0.0 is now available
http://www.openssl.org/source/
Sun Announces MySQL 5.4: Up To 90% Faster Response Times, and Scalability Up to 16-way x86 Servers and 64-way CMT Servers
http://www.mysql.com/news-and-events/generate-article.php?id=1602
+ MySQL 5.4 Downloads
http://dev.mysql.com/downloads/mysql/5.4.html
Operating system networking references and tutorials
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010144&sliceId=1&docTypeID=DT_KB_1_1
VMware Consolidated Backup installation instructions
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010092&sliceId=1&docTypeID=DT_KB_1_1
ウイルスバスター2009
プログラムバージョン17.10 ビルド1251 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1244
DSA 1776-1: New slurm-llnl packages fix privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29054
DSA 1777-1: New git-core packages fix privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29055
SSA:2009-111-01: udev
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29052
SUSE-SR:2009:009: SUSE Security Summary Report
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29053
日本カード情報セキュリティ協議会が発足、国内31社が参加
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328894/?ST=security
シマンテックがスパム対策エンジンを刷新,I/O低減など大規模向け機能を強化
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328793/?ST=security
「Waledac」ウイルスが急増中、あの手この手でユーザーをだます
感染すると迷惑メールの踏み台、2009年4月の2週間で2009年2月の2倍に
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328846/?ST=security
CORE-2009-0114 - HTTP Response Splitting vulnerability in Sun Delegated Administrator
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00216.html
MixedCMS 1.0--Multiple Remote Vulnerabilities-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00214.html
Python winappdbg module v1.0 is out!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00215.html
Trend Micro OfficeScan Client - DOS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00209.html
[SECURITY] [DSA 1777-1] New git-core packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00210.html
[SECURITY] [DSA 1776-1] New slurm-llnl packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00211.html
CVE-2009-0991 PoC
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00208.html
[USN-762-1] APT vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00206.html
[USN-763-1] xine-lib vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00207.html
[USN-761-1] PHP vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00205.html
RHSA-2009:0437-2 Critical: seamonkey security update
http://rhn.redhat.com/errata/RHSA-2009-0437.html
Ubuntu update for apt
http://secunia.com/advisories/34832/
Ubuntu update for php5
http://secunia.com/advisories/34830/
apt Package Signature Verification Security Bypass
http://secunia.com/advisories/34829/
Ubuntu update for xine-lib
http://secunia.com/advisories/34828/
Online Contact Manager Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/34826/
Online Photo Pro "section" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/34825/
TotalCalendar "manage_users.php" Security Bypass Vulnerability
http://secunia.com/advisories/34824/
e107 "hide" SQL Injection Vulnerability
http://secunia.com/advisories/34823/
WB News Insecure Cookie Handling Vulnerability
http://secunia.com/advisories/34822/
MoinMoin "AttachFile.py" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/34821/
EZ Webitor login.php SQL Injection Vulnerabilities
http://secunia.com/advisories/34819/
CoolPlayer+ Portable Playlist File Parsing Buffer Overflows
http://secunia.com/advisories/34816/
1by1 M3U Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/34815/
Avaya CMS Solaris / SEAM Kerberos Multiple Vulnerabilities
http://secunia.com/advisories/34814/
Avaya CMS Solaris dircmp Shell Script File Overwriting Vulnerability
http://secunia.com/advisories/34813/
Seditio CMS Events Plugin "c" SQL Injection Vulnerability
http://secunia.com/advisories/34812/
FlatnuX CMS Multiple Vulnerabilities
http://secunia.com/advisories/34811/
Creasito "username" SQL Injection Vulnerability
http://secunia.com/advisories/34809/
HP StorageWorks Storage Mirroring Software Multiple Vulnerabilities
http://secunia.com/advisories/34808/
HP Storage Essentials Secure NaviCLI Security Bypass
http://secunia.com/advisories/34807/
Slackware update for udev
http://secunia.com/advisories/34801/
eMule Plus Logging Infinite Loop Denial of Service
http://secunia.com/advisories/34799/
Debian update for php-json-ext
http://secunia.com/advisories/34770/
Novell NetStorage Multiple Vulnerabilities
http://secunia.com/advisories/34769/
Studio Lounge Address Book Arbitrary File Upload Vulnerability
http://secunia.com/advisories/34761/
OpenSolaris SCTP Socket Bug Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Apr/1022089.html
Git on Debian May Let Local Users Gain Elevated Privileges
http://www.securitytracker.com/id?1022088
Mozilla SeaMonkey Memory Corruption and URL Spoofing Vulnerabilities
http://www.vupen.com/english/advisories/2009/1124
Mozilla Thunderbird Memory Corruption and URL Spoofing Vulnerabilities
http://www.vupen.com/english/advisories/2009/1123
Sun Java System Delegated Administrator Response Splitting Issue
http://www.vupen.com/english/advisories/2009/1122
Linux Kernel CIFS Session Setup Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1121
Sun OpenSolaris SCTP Sockets Local Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1120
MoinMoin "AttachFile.py" File Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1119
Creasito "username" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1118
FunGamez SQL Injection and Local File Inclusion Vulnerabilities
http://www.vupen.com/english/advisories/2009/1117
WysGui CMS "admin_pages" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1116
EZ Webitor "txtUserId" and "txtPassword" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1115
webClassifieds "sAuth" Cookie Handling Authentication Bypass Issue
http://www.vupen.com/english/advisories/2009/1114
Flatnux Multiple Local File Inclusion and File Upload Vulnerabilities
http://www.vupen.com/english/advisories/2009/1113
Seditio CMS Events Plugin "c" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1112
Studio Lounge Address Book Arbitrary PHP File Upload Vulnerability
http://www.vupen.com/english/advisories/2009/1111
Multi-lingual E-Commerce System File Inclusion and Security Bypass
http://www.vupen.com/english/advisories/2009/1110
HP Storage Essentials Secure NaviCLI Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2009/1109
HP StorageWorks Storage Mirroring Code Execution and DoS Issues
http://www.vupen.com/english/advisories/2009/1108
Novell NetStorage Information Disclosure and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/1107
Avaya CMS Solaris Kerberos Code Execution and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/1106
Avaya Products Solaris "dircmp" Local File Overwrite Vulnerability
http://www.vupen.com/english/advisories/2009/1105
Libmodplug "CSoundFile::ReadMed()" Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1104
Horde Groupware Webmail PGP Public Key Caching Vulnerability
http://www.vupen.com/english/advisories/2009/1103
Debian git-core DEC Alpha & MIPS Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34644
Debian apt Repository Signature Verification Vulnerability
http://www.securityfocus.com/bid/34630
The S.T.A.L.K.E.R. game server is prone to a remote denial-of-service vulnerability
http://www.securityfocus.com/bid/29723
S.T.A.L.K.E.R Shadow of Chernobyl Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/29997
MagicISO CCD/Cue File Heap Overflow Vulnerability
http://www.securityfocus.com/bid/34574
Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34629
Linksys WRT54GC 'administration.cgi' Access Validation Vulnerability
http://www.securityfocus.com/bid/34616
Creasito 'checkuser.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34605
EZ Webitor 'login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34604
cpCommerce 'document.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34556
WysGui 'settings.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34603
Adam Patterson Address Book 'upload-file.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34601
NetworkManager Permission Enforcement Multiple Local Vulnrabilities
http://www.securityfocus.com/bid/33966
Openswan and strongSwan DPD Packet Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34296
D-Bus 'send_requested_reply' and 'receive_requested_reply' Security Bypass Vulnerability
http://www.securityfocus.com/bid/32674
GnuTLS X.509 Certificate Chain Security Bypass Vulnerability
http://www.securityfocus.com/bid/32232
Moodle TeX Filter Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/34278
PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
eLitius Administrative Interface Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34577
FFmpeg 'libavformat/4xm.c' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33502
Ghostscript 'jbig2dec' JBIG2 Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34445
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
CoolPlayer M3U File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30418
2532designs 2532Gigs Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/32911
ClamAV RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34344
Trend Micro OfficeScan Client Denial of Service Vulnerability
http://www.securityfocus.com/bid/34642
udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536
udev Path Encoding Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34539
+ Red Hat Stronghold Web Server Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34606
PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/33927
PHP 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33542
xine-lib STTS QuickTime Atom Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34384
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
QuickerSite Multiple Vulnerabilities
http://www.securityfocus.com/bid/29524
Pligg 'id' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/28681
libmodplug 's3m' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30801
cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
http://www.securityfocus.com/bid/33962
Multi-lingual E-Commerce System Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/34600
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/17040
Flatnux Arbitrary File Upload and Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34599
ntop Access Log 'access.log' File Permissions Vulnerability
http://www.securityfocus.com/bid/34597
webSPELL BBCode HTML Injection Vulnerability
http://www.securityfocus.com/bid/34595
Nuke Evolution Xtreme 'player.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34594
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
eZip Wizard Zip File Stack Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34044
Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33890
Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33880
Adobe Flash Player Unspecified Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33889
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33751
Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34169
Adobe Acrobat and Reader JBIG2 Image Processing Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/34229
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461
Linksys WVC54GCA Wireless-G 'SetupWizard.exe' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34596
SunGard Banner Student 'twbkwbis.P_SecurityQuestion' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34620
Sun OpenSolaris SCTP Sockets Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34628
HP Storage Essentials Secure NaviCLI Unspecified Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34613
HP StorageWorks Storage Mirroring Software Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34611
Linux Kernel 'inet6_hashtables.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34602
Linux Kernel CIFS 'serverDomain' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34615
Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612
Microsoft Agent agentdpv.dll ActiveX Control Malformed URL Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25566
Microsoft IAG 2007 ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34532
Malleo 'admin.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34588
e-cart 'admin/editor/image.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34590
Clantiger Clan CMS SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34589
Hot Project 'authenticate.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34593
Multiple ESET Antivirus Products RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34582
Multiple BitDefender Security Products RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34580
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
cTorrent and dTorrent Torrent File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34584
Tiny Blogr 'class.eport.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34581
Adam Patterson Addess Book Multiple Script Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34652
MixedCMS 1.0 Beta Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34649
VS Panel 'showcat.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34648
Quick.CMS.Lite 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34647
I-RATER Photo Rating Script Pro 'admin/login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34646
I-RATER Platinum 'platinumadmin.html' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34645
Sun Java System Delegated Administrator HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/34643
CRE Loaded 'product_info.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34640
SLURM 'sbcast' and 'strigger' Group Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34638
Zervit HTTP Server Malformed URI Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34637
NotFTP 'config.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34636
PastelCMS Local File Include and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34635
TotalCalendar 'cms_detect.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34634
Dokeos 'whoisonline.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34633
HITBSecConf2009 - Malaysia: Call for Papers
http://www.securityfocus.com/archive/82/502703/30/0/flat
0 件のコメント:
コメントを投稿