2009年6月16日火曜日

16日 火曜日、仏滅

Native Linux Nintendo Emulation for Palm Pre
http://www.linux.org/news/2009/06/15/0007.html

Linux 2.6.30's best five features
http://www.linux.org/news/2009/06/15/0006.html

Linux learns multi-touch
http://www.linux.org/news/2009/06/15/0005.html

New Linux kernel adds file-system support
http://www.linux.org/news/2009/06/15/0004.html

フィッシング・サイトを見抜けない米国ネット・ユーザーは約9割
http://itpro.nikkeibp.co.jp/article/NEWS/20090616/332010/?ST=security

Sun Java Runtime Environment Aqua Look and Feel Multiple Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35381

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/32608




+ Linux Kernel release: 2.6.29.5
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29.5

+ RHSA-2009:1101-1: Moderate: cscope security update
http://rhn.redhat.com/errata/RHSA-2009-1101.html

+ Sun Java Runtime Environment Aqua Look and Feel Multiple Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35381

HPSBUX02435 SSRT090059 rev.1 - OpenSSLを実行するHP-UX、リモートアクセス拒否(DoS)、セキュリティ制限のバイパス
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01769290-1

HPSBMA02439 SSRT080082 rev.1 - HP OpenView SNMP Emanate Master Agent Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01757418-1

Novell to ship Linux-monitoring tool for Microsoft
http://www.linux.org/news/2009/06/15/0002.html

s Xandros a Linux distro, a marketing machine or a Microsoft stooge?
http://www.linux.org/news/2009/06/15/0001.html

DSA 1815-1 : New libtorrent-rasterbar packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29581

TZO-37-2009 : Apple Safari
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29572

TZO-36-2009: Apple Safari & Quicktime Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29573

TZO-33-2009 : Frisk F-prot evasion (TAR)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29574

TZO-32-2009 : Norman generic bypass (RAR)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29575

DSA 1814-1 : New libsndfile packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29580

SugarCRM-SA-06/13/2009: 5.2.0e Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29578

TZO-31-2009 : Ikarus multiple generic evasions (CAB, ZIP, RAR)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29576

TZO-30-2009 : Kaspersky and the silent patch that wasn't (PDF evasion, forced full disclosure)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29577

USN-779-1 : Firefox and Xulrunner vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29579

Serena-SA-06/12/2009: Dimensions CM has insufficient default privileges
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29569

Determining the build number for VMware vCenter Lab Manager
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011871&sliceId=1&docTypeID=DT_KB_1_1

Mozilla,最新版「Firefox 3.0.11」で重要度「最高」の修正4件
http://itpro.nikkeibp.co.jp/article/NEWS/20090615/331937/?ST=security

[DSF-02-2009] - Zoki Catalog SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00157.html

Netgear DG632 Router Authentication Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00158.html

Netgear DG632 Router Remote DoS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00159.html

[USN-788-1] Tomcat vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00156.html

[waraxe-2009-SA#074] - Multiple Vulnerabilities in TorrentTrader Classic 1.09
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00143.html

[TZO-37-2009] Apple Safari
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00145.html

[SECURITY] [DSA 1815-1] New libtorrent-rasterbar packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00144.html

[TZO-36-2009] Apple Safari & Quicktime Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00142.html

[TZO-33-2009] Frisk F-prot evasion (TAR)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00141.html

[TZO-32-2009] Norman generic bypass (RAR)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00140.html

[TZO-31-2009] Ikarus multiple generic evasions (CAB,ZIP,RAR)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00139.html

[SECURITY] [DSA 1814-1] New libsndfile packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00155.html

Link Logger syslogd resource overwhelm DoS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00148.html

SugarCRM 5.2.0e Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00147.html

[TZO-30-2009] Kaspersky and the silent patch that wasnt (PDF evasion, forced full disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00146.html

[USN-779-1] Firefox and Xulrunner vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00138.html

[InterN0T] Webmedia Explorer - XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00154.html

[InterN0T] transLucid 1.75 - Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00153.html

[InterN0T] SkyBlueCanvas 1.1 r237 - Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00151.html

[InterN0T] TBDev 01-01-2008 - Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00152.html

[InterN0T] Pivot 1.40.4-7 - Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00150.html

JVN#87272440: Apache Tomcat におけるサービス運用妨害(DoS)の脆弱性
http://jvn.jp/jp/JVN87272440/index.html

JVN#30732239: Apache Tomcat において権限のないクライアントからのリクエストが実行されてしまう脆弱性
http://jvn.jp/jp/JVN30732239/index.html

Microsoft Internet Explorer Security Zone Restrictions Bypass
http://www.securiteam.com/windowsntfocus/5NP0H15RFI.html

Mozilla Firefox Java Applet Loading Vulnerability
http://www.securiteam.com/securitynews/5PP0J15RFW.html

Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability (MS09-019)
http://www.securiteam.com/windowsntfocus/5MP0G15RFM.html

Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability (MS09-019)
http://www.securiteam.com/windowsntfocus/5LP0F15RFQ.html

Microsoft Internet Explorer DHTML Handling Memory Corruption Vulnerability (MS09-019)
http://www.securiteam.com/windowsntfocus/5KP0E15RFE.html

Microsoft Internet Explorer Concurrent Ajax Request Memory Corruption (MS09-019)
http://www.securiteam.com/windowsntfocus/5JP0D15RFC.html

DX Studio Player Firefox Plug-in Command Injection
http://www.securiteam.com/windowsntfocus/5IP0C15RFA.html

Microsoft Internet Explorer setCapture Memory Corruption Vulnerability (MS09-019)
http://www.securiteam.com/windowsntfocus/5OP0I15RFG.html

Adobe Reader/Acrobat TrueType Font Processing Memory Corruption
http://www.securiteam.com/securitynews/5HP0B15RFU.html

RHBA-2009:1088-1: mkinitrd bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1088.html

RHBA-2009:1099-1: iscsi-initiator-utils bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1099.html

RHSA-2009:1100-1: Moderate: wireshark security update
http://rhn.redhat.com/errata/RHSA-2009-1100.html

RHSA-2009:1102-1: Moderate: cscope security update
http://rhn.redhat.com/errata/RHSA-2009-1102.html

RT "ShowConfigTab" Security Bypass
http://secunia.com/advisories/35451/

Ubuntu update for firefox-3.0 and xulrunner-1.9
http://secunia.com/advisories/35447/

SugarCRM Emails Module File Upload Vulnerability
http://secunia.com/advisories/35445/

Debian update for libsndfile
http://secunia.com/advisories/35443/

Norman Products CAB / RAR Archive Handling Security Bypass
http://secunia.com/advisories/35442/

Green Dam URL Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/35435/

4images Script Insertion and Local File Inclusion
http://secunia.com/advisories/35427/

Zip Store Chat "index.asp" SQL Injection Vulnerability
http://secunia.com/advisories/35417/

FireStats SQL Injection and File Inclusion Vulnerabilities
http://secunia.com/advisories/35400/

transLucid Script Insertion and Cross-Site Scripting
http://secunia.com/advisories/35389/

TBDEV.NET Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/35378/

Pivot Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/35363/

ATEN KH1516i / KN9116 Multiple Vulnerabilities
http://secunia.com/advisories/35241/

Debian update for libtorrent-rasterbar
http://secunia.com/advisories/34241/

SugarCRM E-mail Attachment Uploading Bug Lets Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jun/1022399.html

Git Virtualization Support Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Jun/1022398.html

Campus Virtual-LMS SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1583

4images HTML Filter Bypass Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/1582

Zip Store Chat "login" and "senha" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1581

Green Dam URL and Blacklist Update Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/1580

GIT "git-daemon" Extra Arguments Parsing Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1579

SugarCRM 5.2.0e Remote Code Execution Vulnerability
http://www.milw0rm.com/exploits/8949

Netgear DG632 Router Authentication Bypass Vulnerability
http://www.milw0rm.com/exploits/8963

Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/32892

Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
http://www.securityfocus.com/bid/35115

Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/35253

Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
http://www.securityfocus.com/bid/35251

Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
http://www.securityfocus.com/bid/35221

Net-SNMP Remote Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/29623

CScope Cscope.Lists Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/19686

Apple QuickTime Clipping Region (CRGN) Atom Types Stack Exhaustion Vulnerability
http://www.securityfocus.com/bid/35375

Cscope 'find.c' Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34832

CScope Reffile Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/19687

Cscope Include Filename Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/18050

Cscope Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34805

Wireshark PN-DCP Data Format String Vulnerability
http://www.securityfocus.com/bid/34291

Wireshark Prior to 1.0.7 Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34457

Wireshark PCNFSD Dissector Denial of Service Vulnerability
http://www.securityfocus.com/bid/35081

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/32608

Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/32620

Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35263

Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196

Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193

libsndfile VOC and AIFF Processing Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34978

Serena Dimensions CM 'DOWNLOAD' Command Security Bypass Vulnerability
http://www.securityfocus.com/bid/35337

Git Parameter Processing Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35338

phpWebThings 'fdown.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35336

4homepages 4images Multiple Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35342

ModSecurity SQL Injection Rule Security Bypass Vulnerability
http://www.securityfocus.com/bid/35323

Lxlabs Kloxo Hosting Platform Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/35316

phpWebThings 'module' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/35313

F5 Networks FirePass SSL VPN Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/35312

'Compress::Raw::Zlib' Perl Module Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35307

Mutt 'mutt_ssl.c' X.509 Certificate Chain Security Bypass Vulnerability
http://www.securityfocus.com/bid/35288

Drupal Nodequeue Module Security Bypass and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35305

Drupal Views Module Multiple Security Bypass and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35304

Drupal Services Module Key Based Access Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/35292

Drupal Booktree Module Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35287

Drupal Taxonomy Manager Administrative Page HTML Injection Vulnerability
http://www.securityfocus.com/bid/35286

Mozilla Firefox 'NPObject' Access Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35360

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/35326

Microsoft Windows Print Spooler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35209

Multiple F-PROT Products TAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/35355

Microsoft Office Works for Windows Document Converters Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35184

Apple QuickTime NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/35359

Libpng 1-bit Interlaced Images Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35233

Xvid Video Codec DirectShow Initialization Logic Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35158

Xvid Video Codec Macroblock Number Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35156

Podcast Generator Multiple Remote And Local File Include Vulnerabilities
http://www.securityfocus.com/bid/28038

WebKit CSS 'Attr' Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35318

Multiple Kaspersky Products PDF File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/35365

Multiple Symantec Products RAR/TAR/ZIP File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/35354

Pivot Multiple Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35363

Rasterbar Software libtorrent Arbitrary File Overwrite Vulnerability
http://www.securityfocus.com/bid/35262

phPortal 'topicler.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35387

vBulletin Radio and TV Player Add-On Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35385

Joomla! 'com_jumi' Component 'fileid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35384

WordPress Photoracer Plugin 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35382

Sun Java Runtime Environment Aqua Look and Feel Multiple Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35381

iJoomla RSS Feeder Component 'cat' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35379

JoomlaPraise Projectfork Joomla! Component 'section' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/35378

NetGear DG632 Router Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/35376

Mozilla Firefox and SeaMonkey JavaScript Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35373

TorrentTrader Classic Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/35369

Webmedia Explorer Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35368

0 件のコメント:

コメントを投稿