2009年6月8日月曜日

8日 月曜日、友引

[ANNOUNCE] MyFaces Core v1.2.7 Release
http://myfaces.apache.org/download.html

[ANNOUNCE] MyFaces Core v1.1.7 Release
http://myfaces.apache.org/download.html

「IC旅券用プロテクションプロファイル」に関する調査報告書
http://www.ipa.go.jp/security/fy20/reports/epassport/index.html

「ウェブサイト構築事業者のための脆弱性対応ガイド」などを公開
http://www.ipa.go.jp/security/fy20/reports/vuln_handling/index.html

「CEOのアドレスは50ドル」---オンライン不正行為のサプライ・チェーンを認識せよ,RSAが説明会
http://itpro.nikkeibp.co.jp/article/NEWS/20090608/331474/?ST=security

「情報通信の安心安全な利用のための標語」で小学5年生の後藤ゆうひさんが総務大臣賞を受賞
http://itpro.nikkeibp.co.jp/article/NEWS/20090608/331473/?ST=security

JVN#20689557: Serene Bach におけるセッション ID が推測可能な脆弱性
http://jvn.jp/jp/JVN20689557/index.html

XM Easy Personal FTP Server Multiple DoS Vulnerabilities
http://www.securiteam.com/windowsntfocus/5PP0420RFS.html

HP DDMI Running on Windows Unauthorized Access
http://www.securiteam.com/windowsntfocus/5NP0220RFW.html

Joomla JA_Purity Multiple Persistent XSS
http://www.securiteam.com/unixfocus/5OP0320RFC.html

Drupal Flag Module Multiple Vulnerabilities
http://www.securiteam.com/unixfocus/5MP0120RFQ.html









+ Linux Kernel release: 2.4.37.2
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.2

- DBI 1.608_90 released
http://search.cpan.org/~timb/DBI-1.608_90/
http://search.cpan.org/src/TIMB/DBI-1.608_90/README

- Solution 260508: A Security Vulnerability in idmap(1M) of OpenSolaris may Allow a Denial of the CIFS (Common Internet File System) Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-260508-1

+ Solution 257708: Security Vulnerabilities in DTrace (dtrace(1M)) ioctl(2) Handlers May Lead to a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-257708-1

- Solution 201294: Third-party Applications Using GSS-API May Be Vulnerable to Compromise
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201294-1

[ANNOUNCE] Apache Stonehenge M1-incubating Released
http://www.apache.org/dyn/closer.cgi/incubator/stonehenge

Apache Portable Runtime 1.3.5 and APR-Utility 1.3.7 Released
http://apr.apache.org/download.cgi

[courier-announce] Insight Connection 4.0 beta available for download
http://www.courier-mta.org/imap/bynari-connector.html

HPSBMA02433 SSRT090084 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01760771-1

Kernel release: 2.4.37.2
http://www.linux.org/news/2009/06/07/0002.html

Distribution Release: Absolute Linux 12.2.5
http://www.linux.org/news/2009/06/07/0001.html

Novell - On the way to becoming a Linux business?
http://www.linux.org/news/2009/06/05/0002.html

Get a Linux-powered Dell laptop for $299
http://www.linux.org/news/2009/06/05/0001.html

Sun survey shows growing open source software adoption in the Nordic and Benelux regions
http://www.mysql.com/news-and-events/generate-article.php?id=2009_10

Postfix 2.7 Snapshot 20090607
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.7-20090607.HISTORY

WebSphere MQ File Transfer Edition V7.0.1 for distributed platforms and zOS software announcement
http://www-01.ibm.com/support/docview.wss?rs=171&context=SSFKSJ&context=SSEP7X&dc=D600&uid=swg21389448&loc=en_US&cs=UTF-8&lang=en

Symantec Delivers High Availability and Disaster Recovery Solutions for VMware Environments. Veritas Cluster Server integration with VMware vCenter and cooperative support initiative provide customers with comprehensive application availability
http://seer.entsupport.symantec.com/docs/326061.htm

Secondary replicated volume group (RVG) is missing from Replication Network in a global cluster - Veritas Storage Foundation HA for Windows.
http://seer.entsupport.symantec.com/docs/324684.htm

Vxdisk diskinfo lists the Track Alignment status as "disable" even though the volumes are track aligned - Veritas Storage Foundation for Windows
http://seer.entsupport.symantec.com/docs/323993.htm

"target account name is incorrect" appears when they try to access a fileshare via UNC - Veritas Storage Foundation HA for Windows
http://seer.entsupport.symantec.com/docs/323666.htm

Diskgroup is not visible to other nodes after being imported - Veritas Storage Foundation for Windows
http://seer.entsupport.symantec.com/docs/323388.htm

The Exchange Setup Wizard continues to attempt to contact servers that are no longer online - Veritas Storage Foundation HA for Windows
http://seer.entsupport.symantec.com/docs/323367.htm

MDVSA-2009:129: file
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29466

DSA 1812-1: New apr-util packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29467

MDVSA-2009:128: libmodplug
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29465

[ MDVSA-2009:130 ] gstreamer0.10-plugins-good
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00071.html

[security bulletin] HPSBMA02433 SSRT090084 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Unauthorized Access
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00070.html

SQL INJECTION VULNERABILITY--Kjtechforce mailman Beta-1-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00069.html

Reminder: DeepSec 2009 Call for Papers is open
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00064.html

LightOpenCMS 0.1 pre-alpha Remote SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00063.html

[ISecAuditors Security Advisories] Joomla! 1.5.10 JA_Purity Multiple Persistent XSS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00063.html

[SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM auth
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00061.html

[ MDVSA-2009:129 ] file
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00060.html

[Security] XM Easy Personal FTP Server Multiple DoS vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00059.html

EC2ND 2009 CFP - 5th European Conference on Computer Network Defence
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-06/msg00065.html

When using the HP RGS protocol, the desktop session screen resolution does not match the display resolution on the host
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011664&sliceId=1&docTypeID=DT_KB_1_1

VMware View Client requires HTTP 1.1 to be enabled in Internet Explorer
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011655&sliceId=1&docTypeID=DT_KB_1_1

ESX going not responding following upgrade to ESX 4
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011647&sliceId=1&docTypeID=DT_KB_1_1

Collecting diagnostic information for VMware vCenter Server 4.0
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011641&sliceId=1&docTypeID=DT_KB_1_1

Twitter,なりすまし防止のアカウント認証を今夏から試験提供
http://itpro.nikkeibp.co.jp/article/NEWS/20090608/331406/?ST=security

HP Discovery & Dependency Mapping Inventory (DDMI) Bug Lets Remote Users Access DDMI Agents
http://securitytracker.com/alerts/2009/Jun/1022339.html

IBM FileNet Content Manager Lets Remote Users Hijack Accounts in Certain Cases
http://securitytracker.com/alerts/2009/Jun/1022338.html

Joomla! Input Validation Hole in JA_Purity Template Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Jun/1022337.html

Debian update for apr-util
http://secunia.com/advisories/35360/

Nortel Media Processing Server Adobe Reader Vulnerabilities
http://secunia.com/advisories/35358/

LightNEasy Comments Script Insertion Vulnerabilities
http://secunia.com/advisories/35354/

moziloCMS "cat" and "file" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/35349/

IBM FileNet Content Manager WSEAF Vulnerability
http://secunia.com/advisories/35347/

libpng Interlaced Images Information Disclosure Vulnerability
http://secunia.com/advisories/35346/

Web Directory PRO "admin/backup_db.php" Database Disclosure Vulnerability
http://secunia.com/advisories/35327/

ASMAX AR 804gu Command Execution and Cross-Site Request Forgery
http://secunia.com/advisories/35310/

Virtual DJ Playlist Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/35307/

Apache APR-util Library Denial of Service Vulnerabilities
http://secunia.com/advisories/35284/

GStreamer gst-plugins-good 'gstpngdec.c' PNG Output Buffer Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35172

Joomla! Prior to 1.5.11 Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35189

XM Easy Personal FTP Server Multiple Command Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35239

Virtual DJ '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25512

RETIRED: Virtual DJ M3U File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25513

LogMeIn 'cfgadvanced.html' HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/35236

LightNEasy Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35229

Online Armor Personal Firewall IOCTL Request Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35227

file 'cdf_read_sat()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34745

Libpng 1-bit Interlaced Images Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35233

Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196

Autodesk IDrop ActiveX Control 'IDrop.ocx' Multiple Heap Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34352

Sun GlassFish Enterprise Server HTTP Engine/Admin Interface Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35217

IBM FileNet Content Manager Cached Subject Security Bypass Vulnerability
http://www.securityfocus.com/bid/35228

Sun GlassFish Enterprise and Sun Java System Application Server Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34914

Hitachi Web Server HTML Injection Vulnerability and Signature Forgery Vulnerability
http://www.securityfocus.com/bid/26271

HP Discovery and Dependency Mapping Inventory Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/35250

0 件のコメント:

コメントを投稿