JVNDB-2009-001880 HP HP-UX 上の NFS / ONCplus におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001880.html
JVNDB-2009-001879 Sun Solaris の NFSv4 サーバ Kernel モジュールにおける任意のファイルにアクセスされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001879.html
JVNDB-2009-001878 Sun Solaris の Kernel にある upd サブシステムにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001878.html
JVNDB-2009-001877 Mozilla Thunderbird/SeaMonkey における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001877.html
JVNDB-2009-001876 Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001876.html
JVNDB-2009-001875 PHP の exif_read_data 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001875.html
10 reasons Linux should be your netbook operating system
http://www.linux.org/news/2009/08/12/0005.html
Dell: Linux Netbook High Return Rate 'Non-Issue'
http://www.linux.org/news/2009/08/12/0004.html
Debian-Ubuntu debate: an upstream view
http://www.linux.org/news/2009/08/12/0003.html
vsftpd-2.2.0 released
http://vsftpd.beasts.org/
ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.2.0/Changelog
JVNTA09-223A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-223A/index.html
JVNTA09-218A Apple 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-218A/index.html
CA eTrust update crashes systems
http://isc.sans.org/diary.html?storyid=6955
New and updated cheat sheets
http://isc.sans.org/diary.html?storyid=6958
Solaris XScreenSaver and Assistive Technology Support Flaw Lets Physically Local Users Bypass Access Controls
http://securitytracker.com/alerts/2009/Aug/1022722.html
+ cURL 7.19.6 released
http://curl.haxx.se/
http://curl.haxx.se/changes.html
+ Project cURL Security Advisory, August 12th 2009
http://curl.haxx.se/docs/adv_20090812.html
http://secunia.com/advisories/36238/
http://www.securityfocus.com/bid/36032
+ Apache Tomcat 5.5.28 released
http://tomcat.apache.org/download-55.cgi
+ Solution 259388: A Security Vulnerability Involving xscreensaver(1) and Assistive Technology Support May Allow an Unauthorized User to Access the System
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259388-1
http://secunia.com/advisories/36270/
http://www.vupen.com/english/advisories/2009/2250
+ Solution 265330: Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) (Adobe Security Bulletin APSB09-07)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265330-1
http://secunia.com/advisories/36286/
http://www.vupen.com/english/advisories/2009/2251
+ Microsoft Windows Embedded OpenType Font Denial of Service
http://secunia.com/advisories/36250/
http://milw0rm.com/exploits/9417
ISC BIND 9.7.0a2 is now available
http://ftp.isc.org/isc/bind9/9.7.0a2/9.7.0a2
Solution 265688: Solaris 10 BIND Patches, T-patches and IDRs may Fail to Install in Deferred-Activation Patching (DAP) Context as a Result of Having Malformed pkgmap Files Caused by a pkgmk(1) Regression
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265688-1
Dell Sees Itself As Cloud Computing Visionary
http://www.linux.org/news/2009/08/12/0002.html
Top Linux Apps to Make The Switch Easier
http://www.linux.org/news/2009/08/12/0001.html
Document ID: 329581: The vxdisk set track commands fail with "INVALID PARAMETER" if a target device is specified
http://seer.entsupport.symantec.com/docs/329581.htm
Hewlett-Packard : HP-UX Running XNTP, Remote Execution of Arbitrary Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30107
Independent Researcher : Hijacking Safari 4 Top Sites with Phish Bombs
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30094
Independent Researcher : 2WIRE Gateway Authentication Bypass & Password Reset
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30106
Mandriva : libxml
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30088
Positive Technologies : Microsoft Windows MSMQ Privilege Escalation Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30096
Red Hat : Critical: nspr and nss security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30091
Sense of Security : Plume CMS Multiple SQL Injection Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30095
Apple : Safari 4.0.3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30090
ATLの問題でOutlookやMedia Playerも修正、マイクロソフトの8月度セキュリティ修正
http://itpro.nikkeibp.co.jp/article/NEWS/20090812/335525/?ST=security
[ MDVSA-2009:201 ] fetchmail
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00104.html
[SECURITY] [DSA 1860-1] New Ruby packages fix several issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00105.html
Microsoft Wordpad Memory Exhaustion (msftedit)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00103.html
[ MDVSA-2009:200 ] libxml
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00101.html
[DSECRG-09-033] SAP Netweaver UDDI - XSS Security Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00100.html
[security bulletin] HPSBUX02437 SSRT090038 rev.2 - HP-UX Running XNTP, Remote Execution of A
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00098.html
[PT-2008-09] Microsoft Windows MSMQ Privilege Escalation Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00096.html
Chavoosh CMS SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00102.html
Plume CMS Multiple SQL Injection Vulnerabilities - Security Advisory - SOS-09-006
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00097.html
2WIRE Gateway Authentication Bypass & Password Reset
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00095.html
Hijacking Safari 4 Top Sites with Phish Bombs
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00094.html
JibberBook GuestBook 2.3 Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00099.html
Blocking those Secret, Stubborn Cookies
http://isc.sans.org/diary.html?storyid=6949
Apple Security Update Released for BIND DNS
http://isc.sans.org/diary.html?storyid=6952
Faces of War GEM Engine Multiple Vulnerabilities
http://secunia.com/advisories/36288/
Men of War GEM Engine Multiple Vulnerabilities
http://secunia.com/advisories/36287/
Sun Solaris Adobe Reader and Acrobat Multiple Vulnerabilities
http://secunia.com/advisories/36286/
Novell NetWare "named" Dynamic Update Denial of Service Vulnerability
http://secunia.com/advisories/36285/
Fedora update for xmlsec1
http://secunia.com/advisories/36284/
Fedora update for wordpress
http://secunia.com/advisories/36283/
Fedora update for libxml2
http://secunia.com/advisories/36282/
HP Internet Express for Tru64 UNIX Samba Information Disclosure
http://secunia.com/advisories/36281/
Ubuntu update for libxml2
http://secunia.com/advisories/36280/
Plume CMS SQL Injection Vulnerabilities
http://secunia.com/advisories/36277/
Astaro Security Update for Various Packages
http://secunia.com/advisories/36275/
Ubuntu update for libxml2
http://secunia.com/advisories/36274/
GEM Engine Multiple Vulnerabilities
http://secunia.com/advisories/36273/
Elicio "c_campaignid" SQL Injection Vulnerability
http://secunia.com/advisories/36271/
Sun Solaris xscreensaver Security Bypass
http://secunia.com/advisories/36270/
Apple Safari Multiple Vulnerabilities
http://secunia.com/advisories/36269/
Easy Music Player Buffer Overflow Vulnerability
http://secunia.com/advisories/36267/
Microsoft Windows Embedded OpenType Font Denial of Service
http://secunia.com/advisories/36250/
Joomla IDoBlog Component "userid" SQL Injection
http://secunia.com/advisories/36243/
cURL OpenSSL NULL Character Spoofing Vulnerability
http://secunia.com/advisories/36238/
WordPress Password Reset Weakness
http://secunia.com/advisories/36237/
PunkBuster Buffer Overflow Vulnerability
http://secunia.com/advisories/36221/
IBM Network Authentication Service Multiple Vulnerabilities
http://secunia.com/advisories/36215/
SquirrelMail Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/34627/
Sun Solaris Adobe Reader Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/2251
Sun Solaris Xscreensaver Local Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/2250
Apple Safari Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/2249
IBM Network Authentication Service for DB2 Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2009/2248
Astaro Security Gateway Multiple Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/2247
Linux Kernel "mm_for_maps()" Local Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/2246
HP Internet Express for Tru64 UNIX Samba Information Disclosure Issue
http://www.vupen.com/english/advisories/2009/2245
GnuTLS X.509 CN and SAN Fields Verification Security Bypass Issue
http://www.vupen.com/english/advisories/2009/2244
2WIRE Gateway Authentication Bypass & Password Reset Vulnerabilities
http://www.milw0rm.com/exploits/9422
Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (SEH)
http://www.milw0rm.com/exploits/9420
MS Wordpad on winXP SP3 Local Crash Exploit
http://www.milw0rm.com/exploits/9423
MS Windows 2003 (EOT File) BSOD Crash Exploit
http://www.milw0rm.com/exploits/9417
Microsoft Remote Desktop Connection ActiveX Control Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35973
Microsoft Office Web Components ActiveX Control Buffer Overflow Code Execution Vulnerability
http://www.securityfocus.com/bid/35992
Microsoft Office Web Components ActiveX Control 'msDataSourceObject()' Code Execution Vulnerability
http://www.securityfocus.com/bid/35642
Microsoft OWC ActiveX Control 'BorderAround()' Heap Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35991
Microsoft Windows Telnet NTLM Credential Reflection Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35993
Microsoft Windows Workstation Service Double Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35972
Microsoft Message Queuing Service NULL Pointer Dereference Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35969
Apple Mac OS X 2009-003 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/35954
CamlImages PNG Image Parsing Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35556
Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35951
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
Ruby 'OCSP_basic_verify()' X.509 Certificate Verification Vulnerability
http://www.securityfocus.com/bid/33769
Ruby BigDecimal Library Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35278
phpGroupWare Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/35761
NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35017
Asterisk SIP Channel Driver 'scanf' Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/36015
Gallarific Cross Site Scripting and Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/28163
Avant Browser 'browser:home' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35898
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
BoonEx Orca Topic Title HTML Injection Vulnerability
http://www.securityfocus.com/bid/33545
Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35891
Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35888
libxml2 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36010
Pixaria Gallery 'file' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35802
WordPress 'wp-login.php' Admin Password Reset Security Bypass Vulnerability
http://www.securityfocus.com/bid/36014
strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/35452
Adobe Reader and Acrobat JBIG Segments 'Text Region' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35303
Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35299
Adobe Reader & Acrobat JBIG Pattern Dictionary Allocation Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35300
Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35301
Adobe Reader and Acrobat FlateDecode Filter Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35294
Adobe Reader and Acrobat TrueType Font Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35296
Adobe Reader and Acrobat JBIG Halftone Region Grid Area Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35291
Adobe Reader and Acrobat Huffman-encoded JBIG2 Text Heap Overflow Vulnerability
http://www.securityfocus.com/bid/35302
Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35298
Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35293
Adobe Reader and Acrobat U3D Model Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35282
Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35289
Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35295
Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/35274
WS_FTP Server Manager Authentication Bypass and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/27654
Ipswitch FTP Log Server Denial of Service Vulnerability
http://www.securityfocus.com/bid/27612
Ipswitch WS_FTP SFTP Opendir Command Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/27573
Apple Safari Top Site Feature Website Promotion Security Vulnerability
http://www.securityfocus.com/bid/36022
ViewVC Cross Site Scripting and Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/36035
SAP NetWeaver Application Server 'uddiclient/process' HTML Injection Vulnerability
http://www.securityfocus.com/bid/36034
cURL / libcURL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36032
2Wire Routers 'CD35_SETUP_01' Access Validation Vulnerability
http://www.securityfocus.com/bid/36031
What a great resource! I've bookmarked this now as one or two links are really useful. I've also found a great reseller of SAN SSL Certificates called SSL247 who are the UK's biggest reseller of SSL certificates, and who I've dealt with in the past with great recommendation.
返信削除