http://ws.apache.org/rampart/c/download.cgi
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the CiscoWorks TFTP Directory Traversal Vulnerability
http://www.cisco.com/warp/public/707/cisco-amb-20090520-cw.shtml
Solution 259848: SUN ALERT WEEKLY SUMMARY REPORT - Week of 17-May-2009 to 23-May-2009
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259848-1
「50ドルで他人のパスワードを破ります」――怪しいサービスにご用心 利用は禁物、サービス提供サイトの前歴はウイルスサイトに詐欺サイト
http://itpro.nikkeibp.co.jp/article/NEWS/20090527/330742/?ST=security
JPCERT/CC WEEKLY REPORT 2009-05-27
http://www.jpcert.or.jp/wr/2009/wr092001.html
JVNDB-2009-001260 Xpdf および CUPS の JBIG2 デコーダーにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001260.html
JVNDB-2009-001259 Xpdf および CUPS の JBIG2 デコーダーにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001259.html
JVNDB-2009-001258 Xpdf および CUPS の JBIG2 デコーダーにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001258.html
JVNDB-2009-001257 CUPS の TIFF イメージデコーディングルーチンにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001257.html
JVNDB-2009-001256 udev における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001256.html
JVNDB-2008-001963 SSH 通信において一部データが漏えいする可能性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001963.html
JVNDB-2005-000650 libungif ライブラリにおける不正な GIF ファイルによる out-of-bounds が発生する脆弱性
http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000650.html
JVNDB-2005-000648 libungif ライブラリにおける不正な GIF ファイルによる Null ポインタデリファレンスの脆弱性
http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000648.html
SonicWALL Global Security Client System Tray Icon Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/May/1022283.html
SonicWALL Global VPN Client Folder Permissions Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/May/1022282.html
SonicWALL Global VPN Client Format String Bug Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/May/1022281.html
Red Hat Certificate System Bug in Registration Authority Lets Remote Authenticated Users Bypass Access Controls
http://securitytracker.com/alerts/2009/May/1022278.html
aMember Input Validation Flaws Permit Cross-Site Scripting and SQL Injection Attacks
http://securitytracker.com/alerts/2009/May/1022277.html
Nortel Contact Center Manager Administration Password Disclosure Vulnerability
http://www.securityfocus.com/bid/34964
Multiple ATEN IP KVM Switches Multiple Remote Vulnerabilities and Weakness
http://www.securityfocus.com/bid/35108
+ HPSBUX02429 SSRT090058 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01745133-1
+ ActivePerl 5.8.9.826 Released
http://www.activestate.com/activeperl/features/
http://docs.activestate.com/activeperl/5.8/release.html
http://docs.activestate.com/activeperl/5.8/changes-58.html
http://www.activestate.com/activeperl/downloads/
InfiBand Makes Gains, Thanks to Linux
http://www.linux.org/news/2009/05/26/0006.html
Invisible Linux: The Details
http://www.linux.org/news/2009/05/26/0005.html
Sooner (Linux Mint 7), Later (Fedora 11) and Now (ooVoo 2.1)
http://www.linux.org/news/2009/05/26/0004.html
First look: Intel's Moblin 2.0 Linux desktop for netbooks
http://www.linux.org/news/2009/05/26/0003.html
Four Linux Apps Worth Downloading
http://www.linux.org/news/2009/05/26/0002.html
Do we need our own Linux?
http://www.linux.org/news/2009/05/26/0001.html
Wii Fit board speaks to Linux
http://www.linux.org/news/2009/05/25/0001.html
CompareData 1.5.0 is released
http://www.postgresql.org/about/news.1087
White Camel Awards 2009
http://use.perl.org/article.pl?sid=09/05/26/1415215&from=rss
TZO : Firefox (all?) Denial of Service through unclamped loop (SVG)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29368
Gentoo Linux : Pidgin: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29362
Independent Researcher : Soulseek * P2P Remote Distributed Search Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29366
Independent Researcher : Arcade Trade Script XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29367
Independent Researcher : MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement'
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29374
Independent Researcher : Arcade Trade Script XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29375
SuSE : IBM Java 5
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29353
Debian : New cscope packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29355
Gentoo Linux : Cscope: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29357
Gentoo Linux : IPSec Tools: Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29358
Gentoo Linux : GnuTLS: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29359
Gentoo Linux : FreeType: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29360
Gentoo Linux : acpid: Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29361
Independent Researcher : BASE - Persistent and Reflective XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29365
Independent Researcher : InterN0T AMember 3.1.7 - Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29376
Mandriva : squirrelmail
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29352
Secunia : Sun Solaris "sadmind" Integer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29363
Secunia : Sun Solaris "sadmind" Buffer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29364
Debian : New pidgin packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29354
Independent Researcher : IPFilter (ippool) 4.1.31 lib/load_http.c buffer overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29356
Independent Researcher : DotNetNuke ErrorPage.aspx Cross-Site Scripting Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29369
Independent Researcher : Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29370
Independent Researcher : Serena Dimensions CM Desktop Client does not validate the server SSL certificate
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29371
Independent Researcher : MULTIPLE REMOTE VULNERABILITIES --MiniTwitter<=v0.3-Beta-->
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29373
oCERT : Android improper package verification when using shared uids
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29372
クラウド・セキュリティの評価ポイントは事後対策にあり---IPAX2009パネルより
http://itpro.nikkeibp.co.jp/article/NEWS/20090526/330736/?ST=security
「姿を変えて検出回避」「攻撃サイトは閉鎖」、最新Webウイルスの詳細
シマンテックが緊急説明会、「別の攻撃サイトが出現する恐れあり」
http://itpro.nikkeibp.co.jp/article/NEWS/20090526/330708/?ST=security
[ GLSA 200905-08 ] NTP: Remote execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00250.html
SEC Consult SA-20090525-4 :: SonicOS Format String Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00249.html
SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00248.html
SEC Consult SA-20090525-2 :: SonicWALL Global Security Client Local Privilege Escalation Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00247.html
SEC Consult SA-20090525-1 :: Nortel Contact Center Manager Server Password Disclosure Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00244.html
SEC Consult SA-20090525-0 :: Nortel Contact Center Manager Server Authentication Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00243.html
[TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00241.html
Multiple vulnerabilities in several ATEN IP KVM Switches
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00242.html
COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00246.html
Backdoor in com_rsgallery2 gallery extension for joomla
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00240.html
[ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00245.html
Overview of Pluggable Storage Architecture (PSA)
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011308&sliceId=1&docTypeID=DT_KB_1_1
Orchestrator security overview
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011305&sliceId=1&docTypeID=DT_KB_1_1
Stopping or starting VMware vCenter Orchestrator
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011303&sliceId=1&docTypeID=DT_KB_1_1
VMotion stops working after upgrading to vSphere 4 with a Licensing server is not configured error
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011296&sliceId=1&docTypeID=DT_KB_1_1
VMotion stops working after upgrading to vSphere 4.0
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011294&sliceId=1&docTypeID=DT_KB_1_1
vSphere support for View Manager
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011292&sliceId=1&docTypeID=DT_KB_1_1
View 3.1 Agent must be installed last and uninstalled first to avoid losing third-party registry entries
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011279&sliceId=1&docTypeID=DT_KB_1_1
Cannot add a template to a configuration
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011278&sliceId=1&docTypeID=DT_KB_1_1
vCenter Service Status and vCenter Hardware Status plug-ins fail
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011274&sliceId=1&docTypeID=DT_KB_1_1
VMware Data Recovery fails to connect when invoked from a linked vCenter
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011236&sliceId=2&docTypeID=DT_KB_1_1
RHSA-2009:1066-1: Important: squirrelmail security update
http://rhn.redhat.com/errata/RHSA-2009-1066.html
Windows Server 2008 Service Pack 2 および Windows Vista Service Pack 2 (5 言語用スタンドアロン版) (KB948465)
http://www.microsoft.com/downloads/details.aspx?FamilyID=a4dd31d5-f907-4406-9012-a5c3199ea2b3&DisplayLang=ja
x64 ベース システム用の Windows Server 2008 Service Pack 2 および Windows Vista Service Pack 2 (5 言語用スタンドアロン版) (KB948465)
http://www.microsoft.com/downloads/details.aspx?FamilyID=656c9d4a-55ec-4972-a0d7-b1a6fedf51a7&DisplayLang=ja
Windows Server 2008 Service Pack 2 および Windows Vista Service Pack 2 (5 言語用スタンドアロン版) DVD ISO (KB948465)
http://www.microsoft.com/downloads/details.aspx?FamilyID=9f073285-b6ef-4297-85ce-f4463d06d6cb&DisplayLang=ja
Fedora update for kernel
http://secunia.com/advisories/35226/
Fedora update for jetty
http://secunia.com/advisories/35225/
Fedora update for wireshark
http://secunia.com/advisories/35224/
Basic Analysis And Security Engine Multiple Vulnerabilities
http://secunia.com/advisories/35222/
Arcade Trade Script "q" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35197/
IPcelerate IPsession SQL Injection Vulnerability
http://secunia.com/advisories/35196/
Gentoo update for pidgin
http://secunia.com/advisories/35188/
Soulseek Search Message Buffer Overflow Vulnerability
http://secunia.com/advisories/35186/
aMember Multiple Vulnerabilities
http://secunia.com/advisories/35182/
DotNetNuke ErrorPage.aspx Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35178/
Jetty Multiple Vulnerabilities
http://secunia.com/advisories/35143/
MiniTwitter SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1420
Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC
http://www.milw0rm.com/exploits/8798
Winamp 5.551 MAKI Parsing Integer Overflow Exploit
http://www.milw0rm.com/exploits/8783
ArcaVir 2009
http://www.milw0rm.com/exploits/8782
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl)
http://www.milw0rm.com/exploits/8806
Soulseek 157 NS Remote Buffer Overflow Exploit (SEH)
http://www.milw0rm.com/exploits/8804
Lighttpd 1.4.23 Source Code Disclosure Vulnerability (FreeBSD/OSX bug)
http://www.milw0rm.com/exploits/8786
PHP <= 5.2.9 Local Safemod Bypass Exploit (win32) http://www.milw0rm.com/exploits/8799
Slayer 2.4 (skin) Universal Buffer Overflow Exploit (SEH)
http://www.milw0rm.com/exploits/8789
COWON America jetCast 2.0.4.1109 (.mp3) Local Overflow Exploit
http://www.milw0rm.com/exploits/8780
ZEECAREERS and SHAADICLONE 'admin/addadminmembercode.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35107
Graphiks MyForum Login Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35096
RSGallery2 Component for Mambo/Joomla! Backdoor Vulnerability
http://www.securityfocus.com/bid/35106
DBD::Pg BYTEA Values Memory Leak Denial of Service Vulnerability
http://www.securityfocus.com/bid/34757
MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
http://www.securityfocus.com/bid/29106
PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
DBD::Pg 'pg_getline()' and 'getline()' Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34755
MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/31081
Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35100
phpBugTracker 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35101
cpCommerce 'GLOBALS[prefix]' Local/Remote File Include Vulnerability
http://www.securityfocus.com/bid/35103
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35017
vbPlaza 'name' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35099
BlackBerry Attachment Service PDF Distiller Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/35102
Gallarific Cross Site Scripting and Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/28163
Red Hat Certificate System Agent Group Security Bypass Vulnerability
http://www.securityfocus.com/bid/35104
WP-Lytebox 'main.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/35098
SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities
http://www.securityfocus.com/bid/34916
libxml XML Entity Name Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31126
Multiple SlySoft Products Driver IOCTL Request Multiple Local Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34103
FreeBSD 'telnetd' Daemon Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33777
Lighttpd Trailing Slash Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35097
Soulseek Distributed File Search Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35091
Microsoft IIS Unicode Requests to WebDAV Multiple Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/34993
Dokuwiki 'doku.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/35095
Nullsoft Winamp 'gen_ff.dll' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35052
SonicWALL Global VPN Client 'RampartSvc' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35092
SonicWALL Global Security Client Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35094
SonicWALL Global VPN Client Log File Remote Format String Vulnerability
http://www.securityfocus.com/bid/35093
SAP AG SAPgui EAI WebViewer3D ActiveX Control Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34310
Microsoft PowerPoint Paragraph Data Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34833
IBM Director CIM Server Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34065
Nortel Contact Center Manager Administration Password Disclosure Vulnerability
http://www.securityfocus.com/bid/34964
Nortel Networks Contact Center Administration CCMA Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34966
Wireshark Prior to 1.0.7 Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34457
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34800
Wireshark PCNFSD Dissector Denial of Service Vulnerability
http://www.securityfocus.com/bid/35081
Wireshark PN-DCP Data Format String Vulnerability
http://www.securityfocus.com/bid/34291
Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612
Linux Kernel CIFS Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34453
Linux Kernel 'EFER_LME' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34331
Linux Kernel 'exit_notify()' CAP_KILL Verification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34405
Multiple ATEN IP KVM Switches Multiple Remote Vulnerabilities and Weakness
http://www.securityfocus.com/bid/35108
0 件のコメント:
コメントを投稿