Kernel release: 2.6.29.4-rc1 has been released
http://www.linux.org/news/2009/05/14/0014.html
Kernel release: 2.6.27.24-rc1 has been released
http://www.linux.org/news/2009/05/14/0013.html
Call For Presentations: pgDay San Jose
http://www.postgresql.org/about/news.1082
JVNVU#238019 Cyrus SASL ライブラリにおけるバッファオーバーフローの脆弱性
http://jvn.jp/cert/JVNVU238019/index.html
54434 : Family Connections gallery/index.php pid Parameter SQL Injection
http://osvdb.org/show/osvdb/54434
54433 : Family Connections profile.php member Parameter SQL Injection
http://osvdb.org/show/osvdb/54433
54432 : Family Connections messageboard.php thread Parameter SQL Injection
http://osvdb.org/show/osvdb/54432
54431 : Family Connections fcms_login_id Cookie SQL Injection
http://osvdb.org/show/osvdb/54431
54430 : Hollywood FX InstallHFZ.exe HFZ File Handling Traversal Arbitrary File Write
http://osvdb.org/show/osvdb/54430
54429 : Feed Block Module for Drupal Aggregator Items XSS
http://osvdb.org/show/osvdb/54429
54428 : LoginToboggan Module for Drupal Blocked User Login Security Bypass
http://osvdb.org/show/osvdb/54428
54427 : Print Module for Drupal UTF-7 Unspecified XSS
http://osvdb.org/show/osvdb/54427
HP Data Protector Express Lets Local Users Gain Elevated Privileges and Deny Service
http://securitytracker.com/alerts/2009/May/1022220.html
InterScan VirusWall スタンダードエディション 6.02 Linux版 Patch 1 (Build_7751)の概要および適用方法
http://esupport.trendmicro.co.jp/supportjp/viewxml.do?ContentID=jp-2064922
ウイルスバスター2009 プログラムバージョン17.10 ビルド1251 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1244
JVNDB-2008-001325 Microsoft Windows におけるユーザの不適切な管理に関連する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001325.html
[ANN] New Release of Apache Sling 5
http://incubator.apache.org/sling
+ Solution 259028: Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1
HPSBMA02427 SSRT090069 rev.1 - HP Remote Graphics Software (RGS) Sender Running Easy Login, Remote Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01731970-1
HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01743291-1
University of Duisburg-Essen relies on MySQL Enterprise Unlimited
http://www.mysql.com/news-and-events/generate-article.php?id=2009_09
Hitachi Universal Replicator supportability qualified with Storage Foundation HA 5.1 for Windows (SFWHA) and Veritas Cluster Server 5.1 (VCS) Hitachi True Copy (HTC) Agent
http://seer.entsupport.symantec.com/docs/324977.htm
Solution 258808: Security Vulnerability in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258808-1
Solution 258748: Multiple Security Vulnerabilities in Mozilla Thunderbird Versions Prior to 2.0.0.19 May Allow Execution of Arbitrary Code or Unauthorized Access to Data
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258748-1
InfiniX-SA-05/14/2009: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29274
maxcms-SA-05/13/2009: maxcms2.0 creat new admin exploit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29275
Pinnacle Studio-SA-05/13/2009: Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal vulnerability poc
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29276
Family Connections-SA-05/13/2009: (GET var 'member') BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS <= v1.9 -->
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29277
MDVSA-2009:111: firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29242
MDVSA-2009:111-1: firefox update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29243
MDVSA-2009:112: ipsec-tools
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29271
HP,ノートPC用バッテリ7万個を自主回収,発熱・発火の恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20090515/330056/?ST=security
本物そっくりの「Flash Player」偽サイト出現、目的はウイルス配布
偽のエラーメッセージで誘導、ウイルスをFlash Playerに見せかける
http://itpro.nikkeibp.co.jp/article/NEWS/20090514/330029/?ST=security
Changing Beacon Probing settings using the command line
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010736&sliceId=1&docTypeID=DT_KB_1_1
MULTIPLE SQL INJECTION VULNERABILITIES --Shutter v-0.1.1-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00141.html
MULTIPLE CODE INJECTION VULNERABILITIES --TUENTI--SPAIN-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00142.html
=?utf-8?Q?Re:_MULTIPLE_REMOTE_SQL_INJECTION_VULNERABILITIES---MIM:InfiniX?= =?utf
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00143.html
iDefense Security Advisory 05.14.09: Apple Mac OS X xnu Kernel workqueue_additem/workqueue_removeite
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00137.html
[security bulletin] HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protect
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00133.html
Insufficient Authentication vulnerability in Asus notebook
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00130.html
PUBLIC ADVISORY: 05.14.09: Apple Mac OS X xnu Kernel workqueue_additem/workqueue_removeitem Index Validation Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=797
copSSH Multiple OpenSSL Vulnerabilities
http://secunia.com/advisories/35086/
HP Data Protector Express Denial of Service and Privilege Escalation
http://secunia.com/advisories/35084/
vbDrupal UTF-7 Script Insertion Vulnerability
http://secunia.com/advisories/35082/
Drupal LoginToboggan Module Security Bypass
http://secunia.com/advisories/35081/
Sun Solaris Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/35080/
Pinnacle Hollywood FX Archive Handling Directory Traversal
http://secunia.com/advisories/35078/
cwRsync Multiple OpenSSL Vulnerabilities
http://secunia.com/advisories/35075/
Red Hat update for poppler
http://secunia.com/advisories/35064/
Red Hat update for perl-DBD-Pg
http://secunia.com/advisories/35058/
Red Hat update for acroread
http://secunia.com/advisories/35055/
Drupal UTF-7 Script Insertion Vulnerability
http://secunia.com/advisories/35045/
Drupal Feed Block Script Insertion Vulnerability
http://secunia.com/advisories/35044/
Drupal Print Module Script Insertion Vulnerability
http://secunia.com/advisories/35040/
Family Connections Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/35039/
Vulnerability Note VU#238019 Cyrus SASL library buffer overflow vulnerability
http://www.kb.cert.org/vuls/id/238019
A-A-S (Application Access Server) Multiple Security Vulnerabilities
http://www.securiteam.com/windowsntfocus/5LP0B0KR5Y.html
Sun IDM Arbitrary Commands Execution Vulnerability
http://www.securiteam.com/unixfocus/5PP0F0KR5E.html
AjaxTerm Session ID Collision
http://www.securiteam.com/securitynews/5MP0C0KR5I.html
+ FormMail Multiple Vulnerabilities
http://www.securiteam.com/securitynews/5NP0D0KR5I.html
LevelOne AMG-2000 Proxy Bypass Vulnerability and Plain Text Passwords
http://www.securiteam.com/securitynews/5OP0E0KR5Y.html
Drupal LoginToboggan Module Access Restriction Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/1312
cwRsync Update Fixes OpenSSL Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2009/1311
Sun Security Update Fixes Thunderbird Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/1310
HP Data Protector Express Local Code Execution and DoS Vulnerability
http://www.vupen.com/english/advisories/2009/1309
Mlffat "supervisor" Cookie Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1308
MaxCMS "m_username" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1307
Family Connections Multiple Parameter SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2009/1306
Password Protector SD Cookie Handling Authentication Bypass Issue
http://www.vupen.com/english/advisories/2009/1305
TinyButStrong "script" Parameter File Source Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/1304
Adobe Reader 'getAnnots()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34736
RETIRED: Apple Mac OS X 2009-002 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34926
Apple Mac OS X International Components for Unicode Invalid Byte Sequence Handling Vulnerability
http://www.securityfocus.com/bid/34974
Apple Mac OS X Disk Image Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34972
Apple Mac OS X CFNetwork 'Set-Cookie' Headers Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34951
Apple Mac OS X iChat Disabled SSL Connection Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34973
Multiple Mr. CGI Guy Products Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34969
Bitweaver Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34910
Adobe Reader 'spell.customDictionaryOpen()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34740
Nortel Networks Contact Center Administration CCMA Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34966
Nortel Contact Center Manager Administration Password Disclosure Vulnerability
http://www.securityfocus.com/bid/34964
PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
MIM:InfiniX Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34750
Apple Mac OS X CoreGraphics PDF Handling Heap Overflow Vulnerability
http://www.securityfocus.com/bid/34965
Linux Kernel 'ptrace_attach()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34799
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
Drupal UTF-7 'book-export-html.tpl.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34946
Drupal 'Printer, e-mail and PDF versions' Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/34954
Drupal Feed Block Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/34953
Drupal LoginToboggan Module Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34945
Drupal Taxonomy Vocabulary 'Help text' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34893
DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34678
Zervit HTTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34570
Zervit 'http.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34530
DBD::Pg BYTEA Values Memory Leak Denial of Service Vulnerability
http://www.securityfocus.com/bid/34757
Apple Mac OS X CoreGraphics PDF Handling Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34962
DBD::Pg 'pg_getline()' and 'getline()' Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34755
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692
xterm DECRQSS Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/33060
Net-SNMP GETBULK Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/32020
GNU Enscript 'src/psgen.c' Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31858
Absolute Form Processor XE 'userid' Parameter Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34706
Apple Mac OS X CFNetwork HTTP Header Handling Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34958
Apple Mac OS X Kernel Workqueue Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34959
X-Forum 'cookie_username' Cookie Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34302
pecio cms 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34802
Microsoft PowerPoint Sound Data (CVE-2009-0227) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34882
PCRE Regular Expression Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30087
Net-SNMP Remote Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/29623
Multiple Ascad Networks Products Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34930
+ Sendmail 'X-header' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34944
Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/32882
HP Data Protector Express Local Unspecified Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34955
Microsoft PowerPoint Sound Data (CVE-2009-0223) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34834
Apple Mac OS X Help Viewer Cascading Style Sheets Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34950
Apple Mac OS X Help Viewer HTML Document Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34952
Template Monster Clone 'edituser.php' Remote Password Change Vulnerability
http://www.securityfocus.com/bid/34977
Business Community Script SQL Injection and Unauthorized Access Vulnerabilities
http://www.securityfocus.com/bid/34976
Answer And Question Script Cross Site Scripting and Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34975
Strawberry Remote Command Execution and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34971
SubmitterScript Admin Login SQL Injection Vulnerability
http://www.securityfocus.com/bid/34970
beLive 'arch.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34968
tenfourzero.net Shutter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34967
My Game Script 'admin.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34963
Cyrus SASL 'sasl_encode64()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34961
DigiMode Maya Malformed 'm3u' and 'm3l' Playlist Files Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34960
Xen 'hypervisor_callback()' Guest Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34957
D-Link DIR-628 Router 'CAPTCHA' Security Bypass Weakness
http://www.securityfocus.com/bid/34956
Linux Kernel 2.6.29 ptrace_attach() Local Root Race Condition Exploit
http://www.milw0rm.com/exploits/8678
0 件のコメント:
コメントを投稿