2009年5月8日金曜日

8日 金曜日、大安

Courier Mail Server 0.61.2 released
http://www.courier-mta.org/download.php

PostgreSQL.org Website Design Contest
http://www.postgresql.org/about/news.1081

ASTERIA WARP サンプルフローを公開しました
http://support.asteria.jp/download/ASTERIAWARP/sampleFlow/Tips/Index.html

BOM: コンピューター名/IPアドレスを変更する場合
http://www.say-tech.co.jp/support/bom-for-windows/ip/index.shtml

BOM: 動作環境/監視設定のインポート/エクスポート
http://www.say-tech.co.jp/support/bom-for-windows/post-41/index.shtml

[TOOL] moth - vulnerable web application vmware
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00064.html

JVNDB-2009-001197 Cisco PIX/ASA におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001197.html

JVNDB-2009-001196 Cisco PIX/ASA における SQL*Net パケットに関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001196.html

JVNDB-2009-001195 Cisco ASA における H.323 パケットに関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001195.html

JVNDB-2009-001194 Cisco PIX/ASA における TCP パケットに関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001194.html

JVNDB-2009-001193 Cisco PIX/ASA における SSL/HTTP パケットに関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001193.html

JVNDB-2009-001192 Cisco PIX/ASA における認証を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001192.html

acpid Socket Processing Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/May/1022182.html

Linux Kernel NFS Memory Initialization Bug Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/May/1022176.html

Linux Kernel Bug in ecryptfs_write_metadata_to_contents() Lets Local Users Obtain Portions of Kernel Memory
http://securitytracker.com/alerts/2009/May/1022177.html

Google Chrome Integer Overflow in Skia 2D Graphics Lets Remote Users Execute Arbitrary Code Within the Sandboxed Browser Tab
http://securitytracker.com/alerts/2009/May/1022175.html

Google Chrome Input Validation Flaw in InitSkBitmapFromData() Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/May/1022174.html

Garmin Communicator Plugin ActiveX Control Lets Remote Users Access the Target GPS Device
http://securitytracker.com/alerts/2009/May/1022173.html

Updates: Autoruns v9.5, PsLoglist v2.7, PsExec v1.95
http://technet.microsoft.com/sysinternals/bb963902.aspx
http://technet.microsoft.com/sysinternals/bb897544.aspx
http://technet.microsoft.com/sysinternals/bb897553.aspx

Chinagames ActiveX Control 'CreateChinagames()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34871

TCPDB 'user/index.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34866

Techno Dreams Job Career Package Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34865

Sorinara Soritong MP3 Player '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34863

webSPELL 'getlang.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34862

Sorinara Streaming Audio Player '.pla' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34861

+ PHP 'mb_ereg_replace()' String Evaluation Vulnerability
http://www.securityfocus.com/bid/34873

Multiple Mini-stream Software Products '.asx' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34864

libwmf WMF Image File Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34792

HP OpenView Network Node Manager 'ovalarmsrv.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34738

Multiple Mini-stream Software Products '.ram' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34860

MPFR Library 'printf.c' Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33945

libmodplug 'load_pat.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34747

libmodplug 's3m' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30801

Grabit 'NZB' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34807

BaoFeng Storm ActiveX Control 'SetAttributeValue()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34869

BaoFeng Storm ActiveX Control 'OnBeforeVideoDownload()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34789

Aladdin eSafe Unspecified Archive File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34726

acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692

Memcached and MemcacheDB ASLR Information Disclosure Weakness
http://www.securityfocus.com/bid/34756

Linux Kernel 'exit_notify()' CAP_KILL Verification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34405

Linux Kernel 'locks_remove_flock()' Local Race Condition Vulnerability
http://www.securityfocus.com/bid/33237

Linux Kernel 'ecryptfs_write_metadata_to_contents()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34216

Linux Kernel Audit System 'audit_syscall_entry()' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33951

Linux Kernel 'NFS filename' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34390

Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33846

Linux Kernel 'dell_rbu' Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/33428

Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
http://www.securityfocus.com/bid/33906

Linux Kernel 'keyctl_join_session_keyring()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/33339

Linux Kernel 'parisc_show_stack()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/32636

Linux Kernel Frame Size Integer Overflow Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34654

Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33113

Linux Kernel 'ib700wdt.c' Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/33003

Linux Kernel '/ipc/shm.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34020

Linux Kernel MIPS Untrusted User Application Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/32716

Linux Kernel CIFS Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34453

Linux Kernel 64 Bit ABI System Call Parameter Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33275

Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34673

Linux Kernel 'qdisc_run()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/32985

razorCMS 'Create New Page' Form HTML Injection Vulnerability
http://www.securityfocus.com/bid/34854

ldns 'rr.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34233

Kayako SupportSuite Ticket Notes HTML Injection Vulnerability
http://www.securityfocus.com/bid/34853

FreePBX Multiple Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34857

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656

Mozilla Firefox 'nsTextFrame::ClearTextRun()' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34743

Verlihub Control Panel Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34856

32bit FTP 'CWD' Response Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34838



+ HPSBUX02366 SSRT080120 rev.2 - HPUX Running useradd(1M), Local Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01539431-2

+ RHSA-2009:0474-1 Moderate: acpid security update
http://rhn.redhat.com/errata/RHSA-2009-0474.html

+ RHSA-2009:0473-1 Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2009-0473.html

PHP 5.3.0RC2 Release Announcement
http://www.php.net/archive/2009.php#id2009-05-07-1

RHBA-2009:0467-1 kexec-tools bug fix update
http://rhn.redhat.com/errata/RHBA-2009-0467.html

RHBA-2009:0475-1 audit bug fix and enhancement update
http://rhn.redhat.com/errata/RHBA-2009-0475.html

DSA 1795-1: New ldns packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29191

MDVSA-2009:108: zsh
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29196

NETRAGARD-2009042: AirCell GoGo Inflight Internet -- No Encryption
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29194

RHSA-2009:0473-01: Important: kernel security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29192

RHSA-2009:0474-01: Moderate: acpid security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29193

Garmin-SA-05/07/2009: Garmin Communicator Plug-In Domain Locking Security Bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29197

TZO-15-2009: Update: Aladdin eSafe generic bypass - Forced release
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29195

VMFS volume becomes inaccessible during SAN LUN replication
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010609&sliceId=1&docTypeID=DT_KB_1_1

Squid 3.0.STABLE15 released
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE15-RELEASENOTES.html

[USN-773-1] Pango vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00062.html

[USN-772-1] MPFR vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00061.html

[USN-771-1] libmodplug vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00060.html

[oCERT-2009-001] Pango integer overflow in heap allocation size calculations
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00059.html

[SECURITY] [DSA 1796-1] New libwmf packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00063.html

SQL INJECTION VULNERABILITIES--ST-Gallery version 0.1 alpha-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00057.html

[ MDVSA-2009:108 ] zsh
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00058.html

[TZO-15-2009] Aladdin eSafe generic bypass - Forced release
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00055.html

Secunia Research: Garmin Communicator Plug-In Domain Locking Security Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00054.html

[SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00052.html

[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00053.html

[ MDVSA-2009:107 ] acpid
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00056.html

Red Hat update for kernel
http://secunia.com/advisories/35015/

Google Chrome Skia 2D Integer Overflow Vulnerabilities
http://secunia.com/advisories/35014/

Debian update for ldns
http://secunia.com/advisories/35013/

Coccinelle Insecure Temporary File Creation
http://secunia.com/advisories/35012/

Debian update for linux-2.6
http://secunia.com/advisories/35011/

Red Hat update for acpid
http://secunia.com/advisories/35010/

Debian update for kdegraphics
http://secunia.com/advisories/34991/

Debian update for drupal6
http://secunia.com/advisories/34980/

Red Hat update for java-1.5.0-ibm
http://secunia.com/advisories/34972/

Verlihub Control Panel "nick" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/34941/

freePBX Multiple Vulnerabilities
http://secunia.com/advisories/34772/

Garmin Communicator Plug-In Domain Locking Security Bypass
http://secunia.com/advisories/34326/

Garmin Communicator Plug-In Domain Locking Security Bypass
http://www.securiteam.com/windowsntfocus/5VP0120R5K.html

Cisco Unified Communications Manager IP Phone Personal Address Book Vulnerability
http://www.securiteam.com/windowsntfocus/5WP0220R5I.html

Google Chrome Skia 2D Integer overflow and Browser Process Issues
http://www.vupen.com/english/advisories/2009/1266

VerliAdmin Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1265

VerliHub Control Panel "nick" Parameter Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/1264

32bit FTP Client Server Response Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1263

F-Secure Products Archive Handling Detection Evasion Vulnerability
http://www.vupen.com/english/advisories/2009/1262

Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
http://www.securityfocus.com/bid/33906

Linux Kernel 'keyctl_join_session_keyring()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/33339

Linux Kernel 'parisc_show_stack()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/32636

Linux Kernel Frame Size Integer Overflow Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34654

Linux Kernel 'NFS filename' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34390

Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33113

Linux Kernel 'ib700wdt.c' Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/33003

Linux Kernel 'locks_remove_flock()' Local Race Condition Vulnerability
http://www.securityfocus.com/bid/33237

Linux Kernel '/ipc/shm.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34020

Linux Kernel Audit System 'audit_syscall_entry()' System Call Security Bypass Vulnerability
http://www.securityfocus.com/bid/33951

Linux Kernel MIPS Untrusted User Application Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/32716

Linux Kernel CIFS Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34453

Linux Kernel 'exit_notify()' CAP_KILL Verification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34405

Linux Kernel 64 Bit ABI System Call Parameter Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33275

Linux Kernel 'qdisc_run()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/32985

Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34673

ldns 'rr.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34233

acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656

Mozilla Firefox 'nsTextFrame::ClearTextRun()' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34743

FreePBX Multiple Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34857

0 件のコメント:

コメントを投稿