2009年7月13日月曜日

13日 月曜日、先勝

http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001747.html

JVNDB-2009-001746 Apple Safari における EV 証明書の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001746.html

JVNDB-2009-001745 libxml2 におけるエンティティの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001745.html

JVNDB-2009-001744 Apple Safari の CoreGraphics における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001744.html

JVNDB-2009-001743 Apple Safari の CFNetwork における重要な情報が読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001743.html

JVNDB-2009-001742 Apple Safari の CFNetwork における任意の JavaScript コードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001742.html

Postfix 2.7 Snapshot 20090712
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.7-20090712.HISTORY

米国や韓国サイトへのDDoS攻撃に「Dozer」「Mydoom」などが関与
http://itpro.nikkeibp.co.jp/article/NEWS/20090713/333664/?ST=security

Retina WiFi Security Scanner Buffer Overflow in Parsing '.rws' Files Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022534.html




+ Solution 263529: Security Vulnerabilities in Solaris Bundled Tomcat May Lead to Unauthorized Access to Data or Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263529-1

+ VMSA-2009-0009: ESX Service Console updates for udev, sudo, and curl
http://www.vmware.com/security/advisories/VMSA-2009-0009.html

VMSA-2009-0008.1: ESX Service Console update for krb5
http://www.vmware.com/security/advisories/VMSA-2009-0008.html

FreeBSD 8.0-BETA1 Available
http://www.freebsd.org/news/newsflash.html#event20090707:01

USPS goes open-source with tracking system
http://www.linux.org/news/2009/07/10/0005.html

Chrome OS: what does it mean for Android?
http://www.linux.org/news/2009/07/10/0004.html

Review: Linux Mint 7 is Glorious
http://www.linux.org/news/2009/07/10/0003.html

What open source can learn from Apple
http://www.linux.org/news/2009/07/10/0002.html

Ubuntu 6.06 LTS Desktop Edition approaches end-of-life
http://www.linux.org/news/2009/07/10/0001.html

What to expect from the next version of Ubuntu
http://www.linux.org/news/2009/07/09/0003.html

Demise of the solid-state Linux Netbook
http://www.linux.org/news/2009/07/09/0002.html

Red Hat: From manic acquisitions to focused execution
http://www.linux.org/news/2009/07/09/0001.html

Google Chrome: Microsoft killer?
http://www.linux.org/news/2009/07/08/0007.html

Richard Stallman Fights Latest Linux Threat
http://www.linux.org/news/2009/07/08/0006.html

MySQL 5.1.37 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-37.html

Postfix 2.7 Snapshot 20090711
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.7-20090711.HISTORY

pg_migrator 8.4 final relased
http://www.postgresql.org/about/news.1111

Solution 248386: Security vulnerability in Solaris Related to the Apache 1.3 mod_perl(3) Module Component "PerlRun.pm" may Lead to Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1

Windows Mobile OBEX-SA-07/10/2009: HTC / Windows Mobile OBEX FTP Service Directory Traversal
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29771

Atlantic SimpleCaddy-SA-07/09/2009: Shopping Cart Price Manipulation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29772

MDVSA-2009:149 : apache
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29768

RHSA-2009:1148-01 : Important: httpd security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29769

eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
http://research.eeye.com/html/advisories/published/AD20090710.html

米国や韓国のサイトを狙う大規模攻撃、原因はボットネット
攻撃対象サイトに大量のデータを一斉送信、「防御は困難」
http://itpro.nikkeibp.co.jp/article/NEWS/20090710/333609/?ST=security

Update: [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00051.html

HTC / Windows Mobile OBEX FTP Service Directory Traversal
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00049.html

Atlantic SimpleCaddy Shopping Cart Price Manipulation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00050.html

RHBA-2009:1150-1: samba bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1150.html

Red Hat update for httpd
http://secunia.com/advisories/35793/

Sun Solaris Tomcat Multiple Vulnerabilities
http://secunia.com/advisories/35788/

eEye Retina WiFi Scanner ".rws" Handling Buffer Overflow
http://secunia.com/advisories/35786/

Apache Modules Client Disconnect Denial of Service
http://secunia.com/advisories/35781/

PatPlayer M3U Playlist Parsing Buffer Overflow
http://secunia.com/advisories/35756/

OtsAV Products Ots File List Processing Buffer Overflow
http://secunia.com/advisories/35738/

Universe CMS "id" SQL Injection Vulnerability
http://secunia.com/advisories/35737/

TalkBack Comment Edit Security Bypass
http://secunia.com/advisories/35735/

Clear Content "url" Local File Inclusion Vulnerabilities
http://secunia.com/advisories/35726/

Nwahy Products Security Bypass Vulnerability
http://secunia.com/advisories/35708/

ManageEngine NetFlow Analyzer 7 Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/35105/

Apache "mod_deflate" Module Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1841

Pirch IRC 98 Client (response) Remote BOF Exploit (SEH)
http://www.milw0rm.com/exploits/9128

RHBA-2009:1149-1: rsh bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1149.html

ManageEngine NetFlow Analyzer 'jspui/index.jsp' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35630

WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability
http://www.securityfocus.com/bid/35584

Glossword 'gw_install/index.php' Security Bypass Vulnerability
http://www.securityfocus.com/bid/35621

TalkBack Security Bypass and Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/35619

eEye Retina WiFi Scanner '.rws' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35624

Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/35464

FCKeditor 'CurrentFolder' Parameter Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/31812

Sun Java Web Console Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35513

Microsoft Windows Mobile OBEX FTP Service Directory Traversal Vulnerability
http://www.securityfocus.com/bid/33359

Linux Kernel Console Selection Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33672

Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35263

Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196

Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193

Apache Tomcat XML Parser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35416

Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623

Joomla! 'com_propertylab' Component 'auction_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35622

Sun Solaris Cassini Gigabit-Ethernet Device Driver Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35439

Sun Solaris Ultra-SPARC T2 Crypto Provider Device Driver Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35438

Microsoft Windows 'MPEG2TuneRequest' ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35558

Microsoft Internet Explorer 'AddFavorite' Method Denial of Service Vulnerability
http://www.securityfocus.com/bid/35620
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)