2009年6月1日月曜日

1日 月曜日、先勝

[ANNOUNCE] Apache Tuscany SCA Java 1.5 released
http://tuscany.apache.org/sca-java-releases.html

[ANN][Axis2]Apache Axis2/C 1.6.0 Released
http://ws.apache.org/axis2/c/download.cgi

+ Dovecot 1.1.16 released
http://www.dovecot.org/list/dovecot-news/2009-June/000113.html

米政府,情報インフラのセキュリティ対策強化に向け“調整役”新設へ
http://itpro.nikkeibp.co.jp/article/NEWS/20090601/331025/?ST=security

■JVN iPedia、MyJVN メンテナンスのお知らせ
http://jvndb.jvn.jp/
下記の期間、メンテナンスのため JVN iPedia、MyJVN の情報が更新されません。
また、期間中にはサービスが一時的にご利用いただけない場合もございます。
ご不便をおかけいたしますが、ご理解いただきますようお願い申し上げます。

 2009年06月01日(月) ~ 2009年06月17日(水)

SonicWALL Global Security Client Privilege Escalation Vulnerability
http://www.securiteam.com/windowsntfocus/5OP0M2AR5Q.html




+ Solution 201294: Third-party Applications Using GSS-API May Be Vulnerable to Compromise
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201294-1

+ Linux Kernel 'splice(2)' Double Lock Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35143

vsftpd-2.1.2 released
ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.1.2/Changelog

MySQL 5.0.83 (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-83.html

Device Driver Installation Package 4 (DDI-4) for Veritas Storage Foundation (tm) 5.0 for Windows and Storage Foundation for Windows 5.0 Rollup Patch 1 (RP1) and Rollup Patch 2 (RP2)
http://seer.entsupport.symantec.com/docs/325630.htm

Device Driver Installation Package 2 (DDI-2) for Veritas Storage Foundation (tm) 5.1 for Windows (SFW)
http://seer.entsupport.symantec.com/docs/325536.htm

VMSA-2009-0007: VMware Hosted products and ESX and ESXi patches resolve security issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29406

(whitepaper) Microsoft WPAD Technology Weaknesses [PTResearch Team]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00288.html

[TZO-28-2009] - Avira Antivir generic RAR,CAB,ZIP
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00286.html

SonicWALL SSL-VPN Appliance Format String Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00291.html

VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00285.html

Whitepaper
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00293.html

「違法コピーは許さない」、MP3ファイルを破壊するウイルス出現
アイコン偽装でMP3ファイルに見せかける、インドネシアのユーザーが標的
http://itpro.nikkeibp.co.jp/article/NEWS/20090529/330976/?ST=security

On ESX/ESXi 4.0, A TPM-related warning is issued even though TPM is unavailable on the system
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011452&sliceId=1&docTypeID=DT_KB_1_1

[FIRST]「第21回 FIRST Annual Conference 京都」開催のご案内
http://www.ipa.go.jp/security/event/2009/FIRST2009Conf/FIRST2009Conf.html

Linux Kernel splice(2) Deadlock Condition Lets Local Users Deny Service
http://www.securitytracker.com/id?1022307

Achievo Input Validation Hole in 'atkaction' Parameter Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022306

Linksys WAG54G2 Router Lets Remote Authenticated Users Execute Shell Commands
http://www.securitytracker.com/id?1022305

ImageMagick Integer Overflow in XMakeImage() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022304

SonicWALL SSL-VPN Format String Bug Lets Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022303

VMware Descheduled Time Accounting Driver Bug Lets Local Users on the Guest Operating System Deny Service
http://www.securitytracker.com/id?1022300

Microsoft DirectX Bug in DirectShow QuickTime Parser Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022299

Citrix Password Manager May Let Remote Authenticated Users Access Their Secondary Credentials
http://www.securitytracker.com/id?1022298

IMG-BBS Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35275/

Small Pirate Script Insertion and SQL Injection Vulnerabilities
http://secunia.com/advisories/35272/

VMware Products Descheduled Time Accounting Driver Denial of Service
http://secunia.com/advisories/35269/

TOMOYO Linux 1.6.8 をリリース
http://sourceforge.jp/projects/tomoyo/lists/archive/users/2009-May/000602.html

HP-UX Execution of Arbitrary Code and Other Vulnerabilities
http://www.securiteam.com/unixfocus/5QP0O2AR5K.html

ATEN IP KVM Switch Multiple Vulnerabilities
http://www.securiteam.com/securitynews/5NP0L2AR5I.html

Nortel Contact Center Manager Server Password Disclosure Vulnerability
http://www.securiteam.com/securitynews/5PP0N2AR5O.html

VMware Descheduled Time Accounting Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1452

VMware ESX Security Update Fixes Libpng Memory Corruption Issues
http://www.vupen.com/english/advisories/2009/1451

ImageMagick "XMakeImage()" Function Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1449

pam_krb5 Authentication Remote Username Enumeration Weakness
http://www.vupen.com/english/advisories/2009/1448

Citrix Password Manager Secondary Credentials Disclosure Weakness
http://www.vupen.com/english/advisories/2009/1447

Libsndfile Multiple Function Division by Zero Denial of Service Issues
http://www.vupen.com/english/advisories/2009/1446

Microsoft DirectX DirectShow Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/1445

Adobe Acrobat Stack Exhaustion Denial of Service Vulnerability
http://www.securityfocus.com/bid/35148

Roxio CinePlayer SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/23412

Linksys WAG54G2 Web Management Console Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/35142

SonicWALL SSL-VPN 'cgi-bin/welcome/VirtualOffice' Remote Format String Vulnerability
http://www.securityfocus.com/bid/35145

Open Virtual Desktop Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34927

Matt Wright FormMail HTTP Response Splitting and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34929

Xen 'hypervisor_callback()' Guest Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34957

Multiple Avira AntiVir Products RAR/CAB/ZIP/LH File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/35144

NSD 'packet.c' Off-By-One Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35029

Achievo Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35140

Linux Kernel 'splice(2)' Double Lock Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35143

Mozilla Firefox 'keygen' HTML Tag Denial of Service Vulnerability
http://www.securityfocus.com/bid/35132

VMware Products Descheduled Time Accounting Driver Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35141

Libpng Library ICC Profile Chunk Off-By-One Denial of Service Vulnerability
http://www.securityfocus.com/bid/25957

Libpng Library Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/25956

Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/33827

Libpng Library Unknown Chunk Handler Vulnerability
http://www.securityfocus.com/bid/28770

Libpng Library 'png_push_read_zTXt()' Off-By-One Denial of Service Vulnerability
http://www.securityfocus.com/bid/31049

Joomla! JVideo! Component 'user_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35146

[ANNOUNCE] PostgreSQL Maestro 9.5 released (PostgreSQL 8.4 support and more)
http://www.sqlmaestro.com/products/postgresql/maestro/

[ANNOUNCE] Apache CXF 2.2.2 released!
http://cxf.apache.org/
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)