DreamCoder for PostgreSQL ver 2.0 is now available
http://www.postgresql.org/about/news.1089
vsftpd-2.1.1 released
ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.1.1/Changelog
日立と仏エヴィディアンが指静脈認証関連で提携
http://itpro.nikkeibp.co.jp/article/NEWS/20090528/330835/?ST=security
JVNDB-2009-001269 JBIG2 デコーダにおける SplashBitmap に関連する整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001269.html
JVNDB-2009-001268 JBIG2 デコーダにおける CairoOutputDev に関連する整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001268.html
JVNDB-2009-001267 JBIG2 MMR デコーダにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001267.html
JVNDB-2009-001266 JBIG2 MMR デコーダにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001266.html
JVNDB-2009-001265 JBIG2 デコーダにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001265.html
JVNDB-2009-001264 JBIG2 デコーダにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001264.html
JVNDB-2009-001263 JBIG2 デコーダにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001263.html
JVNDB-2009-001262 JBIG2 デコーダにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001262.html
JVNDB-2009-001261 JBIG2 デコーダにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001261.html
JVNDB-2009-001143 libvirt の proxyReadClientSocket 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001143.html
JVNDB-2009-001137 ICC Format ライブラリにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001137.html
JVNDB-2009-001136 ICC Format ライブラリにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001136.html
JVNDB-2009-001024 RealVNC VNC Viewer コンポーネントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001024.html
JVNDB-2008-002307 libvirt におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002307.html
Apache IncludesNoExec Options Restrictions Can Be Bypass By Local Users
http://securitytracker.com/alerts/2009/May/1022296.html
BlackBerry Enterprise Server Bug in PDF Distiller Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/May/1022295.html
+ MySQL Community Server 5.0.82 has been released
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-82.html
+ Apache HTTP Server AllowOverride Options Security Bypass
http://secunia.com/advisories/35261/
http://www.securityfocus.com/bid/35115
+ Microsoft Windows 'win32k.sys' Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35121
[ANNOUNCE] Apache Qpid 0.5 Released
http://qpid.apache.org/
Q&A: Revamped Linux for Netbooks
http://www.linux.org/news/2009/05/27/0004.html
ASUS Linux insult will be Intel and Dell's gain
http://www.linux.org/news/2009/05/27/0003.html
Linux Mint 7 released
http://www.linux.org/news/2009/05/27/0002.html
Has ASUS all but given up on Linux?
http://www.linux.org/news/2009/05/27/0001.html
HP snubs Moblin, rolls out Mi Linux-Atom netbook
http://www.linux.org/news/2009/05/26/0007.html
VelocityTools 2.0-beta4 released
http://velocity.apache.org/news.html#tools20beta4
SSH Option Certificates Exercised for Share Subscription
http://www.ssh.com/company/news/2009/english/all/article/1011/
SSA:2009-146-01: pidgin
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29377
GLSA 200905-08: NTP: Remote execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29386
Lighttpd-SA-05/26/2009: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29380
Joomla-SA-05/26/2009: Backdoor in com_rsgallery2 gallery extension for joomla
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29388
ATEN-SA-05/26/2009: Multiple vulnerabilities in several ATEN IP KVM Switches
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29389
jetCast-SA-05/26/2009: COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29390
Drupal-SA-05/26/2009: Drupal 6 Content Access Module XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29387
RHSA-2009:1066-01: Important: squirrelmail security upda
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29378
RHSA-2009:1067-01: Moderate: Red Hat Application Stack v2.3 security and enhancement update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29379
SEC Consult SA-20090525-0: Nortel Contact Center Manager Server Authentication Bypass Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29381
SEC Consult SA-20090525-1: Nortel Contact Center Manager Server Password Disclosure Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29382
SEC Consult SA-20090525-2: SonicWALL Global Security Client Local Privilege Escalation Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29383
SEC Consult SA-20090525-3: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29384
SEC Consult SA-20090525-4: SonicOS Format String Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29385
NRIがファイル共有の簡便さとセキュリティの両立を狙う文書管理ソフトを販売
http://itpro.nikkeibp.co.jp/article/NEWS/20090527/330769/?ST=security
JVN#57036470 アドシステムズ製Web会議室予約 フリー(無料)版 leger におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN57036470/index.html
New paper: Understanding Microsofts KB971492 IIS WebDAV Vuln
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00266.html
[InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00265.html
[ MDVSA-2009:123 ] opensc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00264.html
Re[2]: [Full-disclosure] [TZO-26-2009] Firefox (all?) Denial of Service through unclamp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00263.html
Re[2]: Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00262.html
Re[2]: [Full-disclosure] Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00260.html
[ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00259.html
[security bulletin] HPSBUX02429 SSRT090058 rev.1 - HP-UX Running Java, Remote Execution of A
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00257.html
Vanilla v.1.1.7 Cross-Site Scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00256.html
PHP Nuke v.8.0 (referer) SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00255.html
W3af ninja training class in NYC
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00253.html
[IMF 2009] 3rd Call - Deadline Extended
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00252.html
Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00251.html
RHBA-2009:1068-1: vsftpd bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1068.html
RHBA-2009:1069-1: net-snmp bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1069.html
RHSA-2009:1075-1: Moderate: httpd security update
http://rhn.redhat.com/errata/RHSA-2009-1075.html
Red Hat update for httpd
http://secunia.com/advisories/35264/
Red Hat update for rhpki-ra
http://secunia.com/advisories/35263/
Apache HTTP Server AllowOverride Options Security Bypass
http://secunia.com/advisories/35261/
ArcaBit ArcaVir ps_drv.sys Privilege Escalation Vulnerability
http://secunia.com/advisories/35260/
Red Hat update for squirrelmail
http://secunia.com/advisories/35259/
HP-UX update for JRE / JDK
http://secunia.com/advisories/35255/
BlackBerry Products PDF Distiller Unspecified Vulnerabilities
http://secunia.com/advisories/35254/
Gentoo update for ntp
http://secunia.com/advisories/35253/
Mole Group Adult Portal Script "user_id" SQL Injection Vulnerability
http://secunia.com/advisories/35246/
cpCommerce "GLOBALS[prefix]" File Inclusion Vulnerability
http://secunia.com/advisories/35245/
Wordpress WP-Lytebox Plugin "pg" Local File Inclusion
http://secunia.com/advisories/35244/
Dogtag Certificate System Agent Group Security Bypass
http://secunia.com/advisories/35242/
eZoneScripts.com Hot Or Not Script Multiple Vulnerabilities
http://secunia.com/advisories/35240/
RoomPHPlanning Multiple Vulnerabilities
http://secunia.com/advisories/35237/
WebMember "formID" SQL Injection Vulnerability
http://secunia.com/advisories/35227/
DokuWiki "config_cascade" File Inclusion Vulnerability
http://secunia.com/advisories/35218/
ImageMagick "XMakeImage()" Integer Overflow Vulnerability
http://secunia.com/advisories/35216/
Zeeways PhotoVideoTube Multiple Vulnerabilities
http://secunia.com/advisories/35208/
jetAudio jetCast MP3 Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/35195/
Serena Dimensions CM Certificate Validation Vulnerability
http://secunia.com/advisories/35189/
phpBugTracker "username" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1432
ZeeCareers Admin Interface Missing Authentication Vulnerability
http://www.vupen.com/english/advisories/2009/1431
WebMember "formID" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1430
BlackBerry Products Attachment Service PDF Distiller Vulnerabilities
http://www.vupen.com/english/advisories/2009/1429
ArcaBit ArcaVir Products "ps_drv.sys" Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2009/1428
Soulseek Search Request Handling Buffer Overflow Vulnerablity
http://www.vupen.com/english/advisories/2009/1427
HP-UX Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/1426
Wireshark PCNFSD Dissector Denial of Service Vulnerability
http://www.securityfocus.com/bid/35081
Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33846
Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
http://www.securityfocus.com/bid/33906
Linux Kernel Audit System 'audit_syscall_entry()' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33951
Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34673
Linux Kernel 'ptrace_attach()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34799
Linux Kernel CIFS Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34453
Linux Kernel 'exit_notify()' CAP_KILL Verification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34405
Linux Kernel 'kill_something_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34558
Linux Kernel 'EFER_LME' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34331
Linux Kernel nfsd 'CAP_MKNOD' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34205
NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35017
Cyrus SASL 'sasl_encode64()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34961
libsndfile VOC and AIFF Processing Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34978
OpenSSL 'zlib' Compression Memory Leak Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/31692
OpenSC 'pkcs11-tool' Inseure Key Generation Vulnerability
http://www.securityfocus.com/bid/34884
SiteX 'THEME_FOLDER' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/35122
AgoraGroups Joomla! Component 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35118
Vanillla 'ajax/updatecheck.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/35114
Microsoft IIS Unicode Requests to WebDAV Multiple Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/34993
Drupal Ajax Session Module Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/35123
Easy PX 41 CMS 'fiche' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/35119
RSGallery2 Component for Mambo/Joomla! Backdoor Vulnerability
http://www.securityfocus.com/bid/35106
PHP-Nuke 'main/tracking/userLog.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35117
pam_krb5 Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35112
Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
http://www.securityfocus.com/bid/35115
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
Apple Mac OS X PICT Image Handling Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34938
IBM Hardware Management Console (HMC) Shared Memory Unspecified Vulnerability
http://www.securityfocus.com/bid/35113
Microsoft Windows Desktop Wall Paper System Parameter Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35120
Pidgin Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35067
ImageMagick TIFF File Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35111
Dokuwiki 'doku.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/35095
RoomPHPlanning Multiple Vulnerabilities
http://www.securityfocus.com/bid/35110
ProFTPD CIDR Access Control Rule Bypass Vulnerability
http://www.securityfocus.com/bid/10252
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34800
SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities
http://www.securityfocus.com/bid/34916
0 件のコメント:
コメントを投稿