+ Dovecot 1.1.18, 1.2.2 released
http://www.dovecot.org/list/dovecot-news/2009-July/000127.html
http://www.dovecot.org/list/dovecot-news/2009-July/000126.html
JVNDB-2009-001813 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001813.html
JVNDB-2009-001812 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001812.html
JVNDB-2009-001811 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001811.html
JVNDB-2009-001810 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001810.html
JVNDB-2009-001809 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001809.html
JVNDB-2009-001808 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001808.html
JVNDB-2009-001807 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001807.html
JVNDB-2009-000049 futomi's CGI Cafe 製 RevoCounter CGI (アニメーションカウンター) におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000049.html
「EC-CUBE」の古いバージョンを利用しているウェブサイトへの注意喚起
http://www.ipa.go.jp/security/vuln/documents/2009/200907_ec-cube.html
JVNVU#259425 Adobe Flash に脆弱性
http://jvn.jp/cert/JVNVU259425/index.html
JVN#36085487 EC-CUBE におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN36085487/index.html
+ Solution 264428: Security Vulnerability in Solaris Auditing Related to Extended File Attributes May Allow Local Unprivileged Users to Panic the System
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264428-1
http://secunia.com/advisories/35980/
http://securitytracker.com/alerts/2009/Jul/1022599.html
http://www.vupen.com/english/advisories/2009/2000
http://www.securityfocus.com/bid/35787
+ Linux kernel 2.4.37.4 released
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.4
http://www.linux.org/news/2009/07/26/0001.html
+ Linux kernel 2.6.27.28, 2.6.30.3 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.28
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.3
http://www.linux.org/news/2009/07/24/0006.html
http://www.linux.org/news/2009/07/24/0007.html
+ Oracle Database CVE-2009-1019 Remote Network Authentication Vulnerability
http://www.securityfocus.com/bid/35680/
[ANNOUNCE] PostGIS 1.4.0 Released
http://trac.osgeo.org/postgis/query?status=closed&milestone=postgis+1.4.0&order=priority
[ANNOUNCE] Apache CouchDB 0.9.1 has been released
http://couchdb.apache.org/downloads.html
Solution 264248: Security Vulnerability in the Simple Authentication and Security Layer (SASL) Library Bundled with the Java Enterprise System (JES) may Allow Unprivileged Users to Crash Applications Using the sasl_encode64 Function
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1
Solution 258408: Some Sun Fire, SPARC Enterprise, and Sun Storage Systems Using Power Supply Units Within a Certain Date Code Range May Experience a Thermal Event Upon PSU Failure
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258408-1
Solution 258508: A Security Vulnerability in the Sun Java System Access Manager Policy Agent May Result in a Denial of Service (DoS) to Web Proxy Server 4.0
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258508-1
Linus: "Microsoft Hatred Is a Disease"
http://www.linux.org/news/2009/07/24/0005.html
Red Hat educates profs
http://www.linux.org/news/2009/07/24/0004.html
The Germans Love Laptop Linux. So Why Don't We?
http://www.linux.org/news/2009/07/24/0003.html
SCO vs. Linux: The trail leads to Japan
http://www.linux.org/news/2009/07/24/0002.html
Top 10 pratfalls for novice Linux admins
http://www.linux.org/news/2009/07/24/0001.html
How UCSB Grad Students Put Cloud Computing Power into Ubuntu
http://www.linux.org/news/2009/07/23/0005.html
Microsoft Gives Red Hat a Taste of the Real IP World
http://www.linux.org/news/2009/07/23/0004.html
Microsoft aims to be a Linux kernel contributor: What's in it for them?
http://www.linux.org/news/2009/07/23/0003.html
Okay, Linux Gamers Are REALLY Excited!
http://www.linux.org/news/2009/07/23/0002.html
White Camel Awards
http://use.perl.org/article.pl?sid=09/07/24/098208&from=rss
ISecAuditors : Joomla! 1.5.12 Multiple Full Path Disclosure vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29882
Justin C. Klein Keane : Drupal 6 Date/Calendar XSS Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29883
Mandriva : pango
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29877
MSが7月29日に修正パッチを臨時公開,IE用の「緊急」含む2件
http://itpro.nikkeibp.co.jp/article/NEWS/20090727/334483/?ST=security
URL spoofing bug involving Firefoxs error pages and document.write
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00181.html
Oracle CPUjul2009
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00182.html
[ISecAuditors Security Advisories] Joomla!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00178.html
[ MDVA-2009:158 ] pango
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00180.html
Sun Solaris Auditing Extended File Attributes Denial of Service
http://secunia.com/advisories/35980/
Sun Java System Access Manager Policy Agent Denial of Service
http://secunia.com/advisories/35979/
Kaspersky Internet Security / Anti-Virus Security Bypass Vulnerability
http://secunia.com/advisories/35978/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/35974/
SUSE update for kernel
http://secunia.com/advisories/35971/
Ubuntu update for python
http://secunia.com/advisories/35970/
Solaris Auditing Extended File Attributes Bug Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Jul/1022599.html
Sun Java System Access Manager Policy Agent Bug Lets Remote Users Deny Service to the Web Proxy Server
http://securitytracker.com/alerts/2009/Jul/1022598.html
IBM Tivoli Identity Manager Console and Self Service Interface Session Fixation Bug Lets Remote Users Hijack Sessions
http://securitytracker.com/alerts/2009/Jul/1022597.html
New Volatility plugins
http://isc.sans.org/diary.html?storyid=6862
Microsoft Out of Band Patch
http://isc.sans.org/diary.html?storyid=6859
Sun Java System Access Manager Policy Agent Denial of Service Issue
http://www.vupen.com/english/advisories/2009/2001
Sun Solaris Auditing Extended File Attributes Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2000
Palm Pre WebOS LunaSysMgr URL Parsing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1999
Kaspersky Anti-Virus and Internet Security Protection Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/1998
Joomla! Remote File Upload and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2009/1997
RaidenHTTPD "ulang" File Inclusion and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/1996
Deonix Web Templates Management Index.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/25926
Microsoft DirectX DirectShow Pointer Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35600
Mozilla Firefox Error Page Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/35803
Oracle Database Network Foundation Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35677
Oracle Database CVE-2009-1020 Network Foundation Remote Vulnerability
http://www.securityfocus.com/bid/35684
Oracle Database TNS Command Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35683
Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35185
Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34934
Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35281
Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Weakness
http://www.securityfocus.com/bid/35647
Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612
Oracle Database CVE-2009-1019 Remote Network Authentication Vulnerability
http://www.securityfocus.com/bid/35680
Asante FM2008 Managed Ethernet Switch Default Backdoor Account Vulnerability
http://www.securityfocus.com/bid/11947
ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35668
Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35660
Kaspersky Anti-Virus And Internet Security Bypass Vulnerability
http://www.securityfocus.com/bid/35789
ClamAV CAB/RAR/ZIP File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/35426
ClamAV Embedded Archive File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/35398
PulseAudio setuid Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35721
Python 'expandtabs' Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33187
Python Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31976
Python 'Imageop' Module Argument Validation Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31932
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Mozilla Firefox 'XPCCrossOriginWrapper' Multiple Cross Domain Scripting Vulnerabilities
http://www.securityfocus.com/bid/35773
Mozilla Firefox 'watch()' and ' __defineSetter__ ()' Functions Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35772
Mozilla Firefox/Thunderbird Double Frame Construction Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35770
Mozilla Firefox and Thunderbird RDF File Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35775
Mozilla Firefox Flash Player Unloading Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35767
Mozilla Firefox/Thunderbird JavaScript Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35776
Mozilla Firefox and Thunderbird Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35765
Mozilla Firefox 'setTimeout()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35766
CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
http://www.securityfocus.com/bid/35783
Acajoom Component for Mambo/Joomla! Backdoor Vulnerability
http://www.securityfocus.com/bid/35459
ZNC File Upload Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35757
e107 my_gallery Plugin 'file' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35782
RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/35781
OSI Codes PHP Live! 'knowledge_searchm.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/27807
DD-WRT Web Management Interface Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/35742
Microsoft Internet Explorer 'findText()' Unicode Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35799
RETIRED: Hitachi Multple Products Arbitrary Memory Read Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35792
Hitachi Multiple Business Logic Products Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/35793
Hitachi Multiple Products Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/35589
Hitachi Web Server Client SSL Certificate Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/35665
Ekiga GetHostAddress Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/25642
NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35740
OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/25955
Phorum Multiple BBCode HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35777
Joomla! Remote File Upload Vulnerability And Information Disclosure Weakness
http://www.securityfocus.com/bid/35780
Akamai Download Manager ActiveX Control Redswoosh Download Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35778
CoreGraphics Font Glyph Rendering Library Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35774
Snitz Forums 2000 'register.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35764
Perl IO::Socket::SSL 'verify_hostname_of_cert()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/35587
Palm WebOS Prior to 1.0.4 Multiple Vulnerabilities
http://www.securityfocus.com/bid/35528
Palm WebOS Unspecified URL Processing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35786
Sun Java System Access Manager Policy Agent Denial of Service Vulnerability
http://www.securityfocus.com/bid/35788
Sun Solaris Auditing Extended File Attributes (fsattr(5)) Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35787
Microsoft Visual Studio Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35804
Pixaria Gallery 'file' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35802
Scripteen Free Image Hosting Script Insecure Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35801
Scripteen Free Image Hosting Script Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35800
Joomla! UIajaxIM Component Arbitrary Script Injection Vulnerability
http://www.securityfocus.com/bid/35798
WordPress 'wp-comments-post.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/35797
nilfs-utils Multiple Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35796
SaphpLesson 'admin/login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35795
PHPLive! 'message_box.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35791
Multiple Drupal Modules Date Wizard HTML Injection Vulnerability
http://www.securityfocus.com/bid/35790
0 件のコメント:
コメントを投稿