JVNDB-2009-001890 FCKEditor におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001890.html
JVNDB-2009-001889 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001889.html
JVNDB-2009-001888 Apple Safari の WebKit におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001888.html
JVNDB-2009-001887 IBM WebSphere Application Server の IBM Stax XMLStreamWriter におけるデータを改ざん可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001887.html
JVNDB-2009-001886 Microsoft Video ActiveX control における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001886.html
JVNDB-2009-001885 Microsoft Windows の MPEG2TuneRequest ActiveX コントロールにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001885.html
JVNDB-2009-001329 NTP の ntpq における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001329.html
JVNDB-2009-001297 Pango の pango_glyph_string_set_size 関数 における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001297.html
JVNDB-2008-000009 Apache Tomcat において不正な Cookie を送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000009.html
ウイルスバスター コーポレートエディション 8.0 Critical Patch (ビルド 3356)のリパック版公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1290
InterScan WebManager 6.0 Service Pack 1用 Patch1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1289
中国政府が全PCへの「Green Dam」導入を断念,中国メディアが報じる
http://itpro.nikkeibp.co.jp/article/NEWS/20090817/335582/?ST=security
+ Linux Kernel 2.6.27.30, 2.6.30.5 released
http://www.linux.org/news/2009/08/16/0002.html
http://www.linux.org/news/2009/08/16/0001.html
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.30
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5
+ Solution 255308: A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1
+ Solution 265808: Multiple Integer Overflow Vulnerabilities in the libtiff(3) Image Conversion Tools tiff2rgba and rgb2ycbcr May Lead to Arbitrary Code Execution
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265808-1
+ The deprecated HTTP/1.1 connector does not reject request URIs containing null bytes
http://tomcat.apache.org/security-4.html
- Linux Kernel Null Pointer Dereference Due to Incorrect proto_ops Initialization Lets Local Users Gain Elevated Privilege
http://securitytracker.com/alerts/2009/Aug/1022732.html
MySQL Workbench 5.1.17 GA Available
http://dev.mysql.com/workbench/?page_id=49
Solution 259988: Devices May Not Appear After Reboot When Using Only One Port of a Sun StorageTek PCIe SAS Host Bus Adapter
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259988-1
Solution 265488: A Security Vulnerability in Sun Virtual Desktop Infrastructure (VDI) Software 3.0 may Lead to Inadvertent use of an Insecure LDAP Connection
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265488-1
Solution 264408: Solaris 10 Systems Using the hme(7D) Driver May Hang On Boot if the Install Image Contains Patch 140179-02
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264408-1
Solution 257329: A Security Vulnerability in Certain System Board Firmware Revisions of Sun Fire V215 Servers with XVR-100 Graphic Cards may Allow an Unprivileged User to Panic the System
http://sunsolve.sun.com/search/document.do?assetkey=1-66-257329-1
The latest snapshot for the stable Linux kernel tree is: 2.6.31-rc6-git1
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=summary
Suhosin-Extension 0.9.29 released
http://www.hardened-php.net/suhosin/changelog.html#version_0.9.29
Document ID: 329885: Unable to import a diskgroup with harddisks using hardware replication
http://seer.entsupport.symantec.com/docs/329885.htm
Independent Researcher : ByPass a BlueCoat Proxy 8100 Serie authentification
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30124
ShineShadow : ICQ 6.5 HTML-injection vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30123
SuSE : subversion
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30116
Debian : New libxml packages fix several issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30117
Google Security Team : Linux NULL pointer dereference due to incorrect proto_ops initializations
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30121
Hewlett-Packard : Insight Control Suite For Linux (ICE-LX) CSRF, Code Execution, DoS, and Other Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30125
Independent Researcher : Elkapax CMS Cross site scripting vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30126
Justin C. Klein Keane : Drupal Print Module Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30120
Red Hat : Moderate: curl security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30118
Red Hat : Important: kernel security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30119
「意味不明なメール」の目的はアドレス収集、スパムやウイルスの予兆
米シマンテックが「ディレクトリハーベスト攻撃」を警告
http://itpro.nikkeibp.co.jp/article/NEWS/20090817/335597/?ST=security
[SECURITY] [DSA 1862-1] New Linux 2.6.26 packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00124.html
ClubHack2009: Call for Papers/Speakers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00123.html
[ MDVSA-2009:202 ] memcached
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00122.html
ICQ 6.5 HTML-injection vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00121.html
Surviving a third party onsite audit
http://isc.sans.org/diary.html?storyid=6970
Linux NULL pointer dereference due to incorrect proto_ops initializations (CVE-2009-2692) vulnerability
http://isc.sans.org/diary.html?storyid=6964
Deja Vu - 2 Analysis Links
http://isc.sans.org/diary.html?storyid=6967
Linux Kernel Null Pointer Dereference Due to Incorrect proto_ops Initialization Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Aug/1022732.html
SAP NetWeaver Input Validation Flaw in UDDI Client Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Aug/1022731.html
cURL NULL Character Flaw in Server Name Fields Lets Remote Users Spoof Certficiates
http://securitytracker.com/alerts/2009/Aug/1022728.html
Avaya CMS / IR Solaris SCTP Packet Denial of Service
http://secunia.com/advisories/36318/
Avaya Products Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/36317/
Avaya CMS Solaris rpc.nisd NIS+ Server Denial of Service
http://secunia.com/advisories/36315/
GnuTLS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35952
VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35500
Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038
Memcached Multiple Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35989
Subversion Binary Delta Processing Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35983
Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35185
Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34673
Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34934
Linux Kernel nfsd 'CAP_MKNOD' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34205
Xen 'hypervisor_callback()' Guest Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34957
Sun Solaris 'IP(7P)' Multicast Reception Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35474
Sun Solaris 'rpc.nisd(1M)' Daemon NIS+ Server Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35276
Sun Solaris SCTP Packet Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35712
ICQ Incoming Message HTML Injection Vulnerability
http://www.securityfocus.com/bid/36041
0 件のコメント:
コメントを投稿