[ curl-Bugs-2779245 ] no_proxy vs. NO_PROXY
http://curl.haxx.se/mail/tracker-2009-04/0024.html
SIPの脆弱性に関する検証ツールを公開
http://www.ipa.go.jp/security/vuln/documents/2009/200904_vuln_SIP.html
【注意喚起】 ゴールデンウィーク前に対策を
http://www.ipa.go.jp/security/topics/alert20090423.html
JVNTA09-105A Oracle 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-105A/
JVNVU#926676 Microsoft ワードパッドのテキストコンバータに任意のコードが実行可能な脆弱性
http://jvn.jp/cert/JVNVU926676/
「改めて基本対策の見直しを」、ベライゾンが注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20090423/329028/?ST=security
Microsoft,RSA 2009でセキュリティ・ビジョン「End to End Trust」を再アピール
http://itpro.nikkeibp.co.jp/article/NEWS/20090423/329023/?ST=security
JVNDB-2009-001170 JDK および JRE の Java プラグインにおけるセキュリティ警告文を非表示にされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001170.html
JVNDB-2009-001169 JDK および JRE の Java プラグインにおける crossdomain.xml ファイル の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001169.html
JVNDB-2009-001168 JDK および JRE の Java プラグインにおける古い JRE バージョンで動作可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001168.html
JVNDB-2009-001167 JDK および JRE の Java プラグインにおけるアクセス制限を回避可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001167.html
JVNDB-2009-001166 JDK および JRE の Java プラグインにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001166.html
JVNDB-2008-002303 Wireshark の WLCCP 解析部におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002303.html
JVNDB-2008-002302 Wireshark におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002302.html
JVNDB-2008-001973 Linux kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001973.html
Vulnerability in XenApp 4.5 Hotfix Rollup Pack 3 could result in policy bypass
http://support.citrix.com/article/CTX118792
SUSE update for cups
http://secunia.com/advisories/34852/
FreeBSD libc db(3) May Leak Potentially Sensitive Information into db Files
http://securitytracker.com/alerts/2009/Apr/1022113.html
OAuth Protocol Flaw Has Unspecified Impact
http://securitytracker.com/alerts/2009/Apr/1022110.html
Trend Micro OfficeScan Client Bug in Scanning Long Pathnames Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Apr/1022109.html
Sun Java System Delegated Administrator Bug Lets Remote Users Conduct HTTP Response Splitting Attacks
http://securitytracker.com/alerts/2009/Apr/1022108.html
+ Remotely exploitable crash in OpenSSL
http://security.freebsd.org/advisories/FreeBSD-SA-09:08.openssl.asc
+ Information leak in db(3)
http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc
Sun Presents Annual MySQL Awards
http://www.mysql.com/news-and-events/generate-article.php?id=2009_08
After setting up Track Alignment some LUNs are still not Track Aligned
http://seer.entsupport.symantec.com/docs/323375.htm
Free space amount is not automatically updated in Veritas Enterprsie Administrator - Veritas Storage Foundation for Windows
http://seer.entsupport.symantec.com/docs/323366.htm
Bkis-07-2009: 010 Editor Multiple Buffer Overflow Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29075
FreeBSD-SA-09:08.openssl: openssl
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29076
FreeBSD-SA-09:07.libc: libc
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29079
DirectAdmin-SA-04/22/2009: DirectAdmin http://www.criticalwatch.com/support/security-advisories.aspx?AID=29077
MDVSA-2009:093: mpg123
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29070
RHSA-2009:0436-02: Critical: firefox security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29072
RHSA-2009:0437-02: Critical: seamonkey security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29073
SSA:2009-111-02: udev reissued for 12.2/current
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29071
CORE-2009-0114: HTTP Response Splitting vulnerability in Sun Delegated Administrator
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29074
フォーティネット,UTMにWAN高速化機能を追加して“全部入り”にする新OSを提供
http://itpro.nikkeibp.co.jp/article/NEWS/20090422/328920/?ST=security
Webブラウザー「Firefox」の新版リリース、9件の脆弱性を修正
重要度が「最高」の脆弱性を含む、安定性や不具合も修正
http://itpro.nikkeibp.co.jp/article/NEWS/20090422/328925/?ST=security
「スパム対策製品でも仮想化/SaaS対応がポイントに」,シマンテックが調査結果を発表
http://itpro.nikkeibp.co.jp/article/Research/20090421/328870/?ST=security
Symantec,企業向けの新セキュリティ製品「Symantec Protection Suite」を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20090422/328908/?ST=security
Yamaha RT Series Routers SSH CBC Mode Plaintext Recovery
http://secunia.com/advisories/34857/
Dokeos "tablesort.lib.php" PHP Code Execution Vulnerability
http://secunia.com/advisories/34855/
PastelCMS SQL Injection and Local File Inclusion
http://secunia.com/advisories/34853/
VS PANEL "Cat_ID" SQL Injection Vulnerability
http://secunia.com/advisories/34848/
I-Rater Pro "login_username" SQL Injection Vulnerability
http://secunia.com/advisories/34847/
Fedora update for moin
http://secunia.com/advisories/34846/
Red Hat update for seamonkey
http://secunia.com/advisories/34844/
Red Hat update for firefox
http://secunia.com/advisories/34843/
Fedora update for xpdf
http://secunia.com/advisories/34841/
Plone PlonePAS Authentication Bypass Vulnerability
http://secunia.com/advisories/34840/
acpid Socket Exhaustion Denial of Service Vulnerability
http://secunia.com/advisories/34838/
Mozilla SeaMonkey Multiple Vulnerabilities
http://secunia.com/advisories/34835/
010 Editor Template Files Buffer Overflows
http://secunia.com/advisories/34834/
I-Rater Platinum "txtname" SQL Injection Vulnerability
http://secunia.com/advisories/34833/
SLURM Supplemental Groups Privilege Escalation Vulnerabilities
http://secunia.com/advisories/34831/
Apache mod_proxy_ajp Information Disclosure Vulnerability
http://secunia.com/advisories/34827/
SUSE Update for Multiple Packages
http://secunia.com/advisories/34804/
Debian update for slurm-llnl
http://secunia.com/advisories/34800/
DiViS DVR Directory Traversal Vulnerability
http://secunia.com/advisories/34795/
Debian git-core Insecure File Ownership Security Issue
http://secunia.com/advisories/34794/
Mahara Cross-Site Scripting and PHP Code Execution Vulnerabilities
http://secunia.com/advisories/34789/
Mozilla Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/34780/
Sun Java System Delegated Administrator "HELP_PAGE" HTTP Response Splitting
http://secunia.com/advisories/34760/
Mozilla Firefox Multiple Vulnerabilities
http://secunia.com/advisories/34758/
Fedora update for cups
http://secunia.com/advisories/34757/
53867 : OAuth Unspecified Issue
http://osvdb.org/show/osvdb/53867
010 Editor Binary Template File Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1136
Yamaha RT Series Routers SSH CBC Mode Plaintext Recovery Issue
http://www.vupen.com/english/advisories/2009/1135
RHBA-2009:0443-1 audit bugfix update
http://rhn.redhat.com/errata/RHBA-2009-0443.html
- RHSA-2009:0444-1 Important: giflib security update
http://rhn.redhat.com/errata/RHSA-2009-0444.html
[SECURITY] [DSA 1778-1] New mahara packages fix cross-site scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00226.html
[ MDVSA-2009:094 ] mysql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00227.html
[Tool] sqlmap 0.7rc1 released
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00221.html
FreeBSD Security Advisory FreeBSD-SA-09:07.libc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00222.html
FreeBSD Security Advisory FreeBSD-SA-09:08.openssl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00225.html
[TZO-12-2009] SUN / Oracle JVM Remote code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00218.html
[ MDVSA-2009:093 ] mpg123
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00223.html
[Bkis-07-2009] 010 Editor Multiple Buffer Overflow Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00220.html
SAP Cfolders Multiple Linked XSS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00217.html
SAP Cfolders Multiple Stored XSS Vulnerabilies
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00219.html
MemeCode Software i.Scribe Remote Format String Vulnerability
http://www.securityfocus.com/bid/32497
chuggnutt.com HTML to Plain Text Conversion Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/32799
The S.T.A.L.K.E.R. game server is prone to a remote denial-of-service vulnerability
http://www.securityfocus.com/bid/29723
S.T.A.L.K.E.R Shadow of Chernobyl Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/29997
cpCommerce 'document.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34556
Trend Micro OfficeScan Client Denial of Service Vulnerability
http://www.securityfocus.com/bid/34642
MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
http://www.securityfocus.com/bid/29106
MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
http://www.securityfocus.com/bid/31486
MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/31081
OpenSSH CBC Mode Information Disclosure Vulnerability
http://www.securityfocus.com/bid/32319
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
CoolPlayer M3U File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30418
Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34629
Apache Struts Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34686
Dokeos 'user_portal.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/30150
Novell Access Manager Local Browser Security Bypass Vulnerability
http://www.securityfocus.com/bid/32121
MoinMoin 'AdvancedSearch.py' Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/30297
MoinMoin 'AttachFile.py' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/33365
Avaya Communication Manager Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/29939
MoinMoin 'antispam.py' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/33479
MoinMoin Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/27904
MoinMoin 'acl_hierarchic' ACL Security Bypass Vulnerability
http://www.securityfocus.com/bid/34655
MoinMoin 'AttachFile.py' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34631
Online Contact Manager Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34626
Online Photo Pro 'section' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34625
Libungif Colormap Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/15299
TotalCalendar 'cms_detect.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34634
Libungif Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/15304
Groovy Media Player '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34621
Web Scribble Solutions webClassifieds Insecure Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34622
+ Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34673
1by1 '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34618
010 Editor File Parsing Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34662
FreeBSD libc Berkley DB Interface Uninitialized Memory Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34666
TotalCalendar 'manage_users.php' Remote Password Change Vulnerability
http://www.securityfocus.com/bid/34619
TotalCalendar 'config.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/34617
FunGamez Local File Include and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34610
Addonics NAS Adapter 'bts.cgi' Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34607
Seditio Events Plugin 'c' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34608
WB News Insecure Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34609
CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34571
Linux Kernel Frame Size Integer Overflow Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34654
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
SAP cFolders Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34658
CUPS Insufficient 'Host' Header Validation Weakness
http://www.securityfocus.com/bid/34665
e107 'usersettings.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34614
Apache Tiles Cross Site Scripting And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34657
Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34663
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656
Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability
http://www.securityfocus.com/bid/33837
mpg123 'store_id3_text()' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34381
Mani's Admin Plugin Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34685
RSMonials Joomla! Component Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34684
aMule 'wxExecute()' Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/34683
OAuth Unspecified Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34682
Xitami HTTP Server Multiple Socket HEAD Request Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34681
New5starRating 'admin/control_panel_sample.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34680
Elkagroup Image Gallery 'upload.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34679
DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34678
Mahara User Profile Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34677
DirectAdmin '/CMD_DB' Backup Action Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/34676
Sun Java Runtime Environment Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34667
0 件のコメント:
コメントを投稿