MySQL 5.1.36 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-36.html
The latest snapshot for the stable Linux kernel tree is: 2.6.30-rc8-git1
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=summary
「想定外で気づかなかった」、ダイエー通販サイト会員9万人のアドレスが閲覧可能に
http://itpro.nikkeibp.co.jp/article/NEWS/20090605/331383/?ST=security
Microsoftの6月定例アップデート予告,「緊急」6件を含む計10件
http://itpro.nikkeibp.co.jp/article/NEWS/20090605/331292/?ST=security
Adobe Security Bulletin Advance Notification
http://blogs.adobe.com/psirt/2009/06/adobe_security_bulletin_advanc.html
マイクロソフト セキュリティ情報の事前通知 - 2009 年 6 月
http://www.microsoft.com/japan/technet/security/Bulletin/MS09-jun.mspx
Tomcat Bug Lets Web Applications Access the Files of Other Web Applications
http://securitytracker.com/alerts/2009/Jun/1022336.html
Cisco IronPort AsyncOS Input Validation Flaw in Spam Quarantine Login Page Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Jun/1022335.html
Sun Java System Web Server Input Validation Hole in Reverse Proxy Plug-in Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Jun/1022334.html
+ libpng 1.2.37 released
http://www.libpng.org/pub/png/libpng.html
http://www.libpng.org/pub/png/src/libpng-1.2.37-README.txt
+ libpng: Vulnerability Warning
http://www.libpng.org/pub/png/libpng.html
+ Postfix 2.6 Patchlevel 2 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.2.HISTORY
+ MySQL 5.1.35 released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-35.html
+ Solution 252787: A Security Vulnerability in Solaris Kerberos Credential Management May Lead to Unauthorized Access of Kerberized NFS Mount Points
http://sunsolve.sun.com/search/document.do?assetkey=1-66-252787-1
+ [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00047.html
+ OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
http://www.milw0rm.com/exploits/8873
http://www.securityfocus.com/bid/35174/exploit
- Microsoft June 2009 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/35213
[ANNOUNCE] Apache Jackrabbit 1.5.6 released
http://jackrabbit.apache.org/downloads.html
[ANNOUNCE] Apache Jackrabbit 2.0 alpha1 released
http://jackrabbit.apache.org/downloads.html
Red Hat Linux to power Verizon Cloud
http://www.linux.org/news/2009/06/04/0002.html
Linux based CrunchPad "a few weeks away"
http://www.linux.org/news/2009/06/04/0001.html
Dovecot 1.2.rc5 released
http://www.dovecot.org/list/dovecot-news/2009-June/000114.html
Reboot stops responding at "Applying Computer Settings" after installing Veritas Storage Foundation for Windows
http://seer.entsupport.symantec.com/docs/321049.htm
Solution 259588: Cross-Site Scripting (XSS) Vulnerability in the Sun Java System Web Server 6.1 Reverse Proxy Plug-in
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1
Solution 258528: Multiple Security Vulnerabilities in Sun GlassFish Enterprise Server 2.1 (formerly Sun Java System Application Server 9.1UR2) May Lead to a Denial of Service (DoS) Condition or Execution of JavaScript Code
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258528-1
HS09-006: Vulnerability in Elevating Privileges for the JP1/VERITAS NetBackup Communications Setup
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-006/index.html
HS09-010: Hitachi Web ServerのSSLクライアント認証における脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-010/index.html
HS09-009: Hitachi Web ServerのリバースプロキシにおけるDoS脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-009/index.html
SSA:2009-154-01: ntp
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29458
Apache-SA-06/03/2009: Apache Tomcat DoS when using Java AJP connector
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29462
Apache: Apache Tomcat User enumeration vulnerability with FORM authentication
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29463
メッセージラボ ジャパンのSaaS型メール暗号化サービス,日立情報システムズが提供
http://itpro.nikkeibp.co.jp/article/NEWS/20090604/331371/?ST=security
[SECURITY] [DSA 1812-1] New apr-util packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00055.html
SQL INJECTION VULNERABILITY--LightOpen CMS Devel 0.1-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00053.html
[ MDVSA-2009:128 ] libmodplug
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00054.html
[SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00047.html
[InterN0T] Flatnux 2009-03-27 - XSS Vulnerabilities + More
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00052.html
[InterN0T] Geeklog 1.5 - Pre-Installation Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00051.html
[InterN0T] SiteCore.NET 6.0.0 - XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00050.html
[InterN0T] LightNEasy 2.2.2 - HTML Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00049.html
[InterN0T] moziloCMS 1.11.1 - XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00048.html
Unable to Open Microsoft Word and Microsoft Excel Attachments in a Captured Microsoft Outlook Application
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011613&sliceId=1&docTypeID=DT_KB_1_1
Only install the View Manager Composer Agent if you want to deploy View Composer linked clone desktops
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011596&sliceId=1&docTypeID=DT_KB_1_1
Drupal Quiz Module Script Insertion Vulnerability
http://secunia.com/advisories/35345/
Apache Tomcat 6 Denial of Service and Information Disclosure
http://secunia.com/advisories/35344/
Red Hat update for kernel-rt
http://secunia.com/advisories/35343/
Red Hat update for cups
http://secunia.com/advisories/35342/
Sun Solaris Kerberos Credential Management Unauthorised Access
http://secunia.com/advisories/35341/
Red Hat update for cups
http://secunia.com/advisories/35340/
Drupal Webform Module Script Insertion Vulnerability
http://secunia.com/advisories/35339/
Sun Java System Web Server Reverse Proxy Plug-in Cross-Site Scripting
http://secunia.com/advisories/35338/
Slackware update for ntp
http://secunia.com/advisories/35336/
Podcast Generator Multiple Vulnerabilities
http://secunia.com/advisories/35333/
Ubuntu update for gaim
http://secunia.com/advisories/35330/
Ubuntu update for pidgin
http://secunia.com/advisories/35329/
Ubuntu update for cups and cupsys
http://secunia.com/advisories/35328/
Apache Tomcat Denial of Service and Information Disclosure
http://secunia.com/advisories/35326/
wxWidgets Double Free and Integer Overflow Vulnerabilities
http://secunia.com/advisories/35292/
MyMiniBill "orderid" SQL Injection Vulnerability
http://secunia.com/advisories/35285/
Movie PHP Script "anticode" PHP Code Injection
http://secunia.com/advisories/35283/
Netgear RP614 Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/35276/
IronPort AsyncOS "referrer" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/34895/
Solaris Bug in Kerberos Credential Management Lets Local Users Access Protected NFS Mount Points
http://securitytracker.com/alerts/2009/Jun/1022333.html
Tomcat Authentication Response Error Lets Remote Users Determine Valid Usernames
http://securitytracker.com/alerts/2009/Jun/1022332.html
Tomcat Java AJP Connector Header Procesing Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Jun/1022331.html
Microsoft Windows Bug in SETDESKWALLPAPER and GETDESKWALLPAPER Calls Let Local Users Deny Service
http://securitytracker.com/alerts/2009/Jun/1022330.html
CUPS Scheduler Directory Services User-After-Free Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Jun/1022327.html
CUPS Integer Overflow in 'pdftops' Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jun/1022326.html
Sun Java System Web Server Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/1500
Sun Solaris Kerberos Credential Management Security Bypass Issue
http://www.vupen.com/english/advisories/2009/1499
SonicWALL SSL-VPN "err" Parameter Format String Vulnerability
http://www.vupen.com/english/advisories/2009/1498
Joomla! Data Processing Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1497
Apache Tomcat Information Disclosure and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/1496
Movie PHP Script "anticode" Parameter PHP Code Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1495
Omilen Photo Gallery for Joomla "controller" Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2009/1494
SuperNews "noticia" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1493
OCS Inventory NG Server SQL Injection and File Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2009/1492
EgyPlus "username" and "password" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1491
MyMiniBill "orderid" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1490
CUPS Multiple Integer Overflow and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/1488
Online Armor http://www.milw0rm.com/exploits/8875
Kloxo 5.75 (24 Issues) Multiple Remote Vulnerabilities
http://www.milw0rm.com/exploits/8880
Hitachi Web Server Reverse Proxy Denial of Service Vulnerability
http://www.securityfocus.com/bid/35216
Podcast Generator 'core/admin/delete.php' Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/34317
Adobe Reader 'spell.customDictionaryOpen()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34740
Adobe Reader 'getAnnots()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34736
Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
http://www.securityfocus.com/bid/35221
libmodplug 'load_pat.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34747
libmodplug 's3m' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30801
Netgear RP614 Wireless Router Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/35214
Microsoft June 2009 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/35213
moziloCMS Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35212
OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/35174
Apple iTunes Multiple URI Handler Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35157
Symantec Veritas NetBackup Communication Setup Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33772
IBM AIX 'portmapper' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35211
NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35017
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
IronPort AsyncOS Spam Quarantine Login Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35203
Sun Solaris Kerberos Credential Management Security Bypass Vulnerability
http://www.securityfocus.com/bid/35205
0 件のコメント:
コメントを投稿