JVNDB-2009-001911 XML 署名の検証において認証回避が可能な問題
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001911.html
JVNDB-2009-001910 BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001910.html
JVNDB-2009-001909 BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001909.html
JVNDB-2009-001908 Oracle Application Server の HTTP Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001908.html
JVNDB-2008-002299 Python の expandtabs メソッドにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002299.html
JVNDB-2008-002298 Python の imageop モジュールにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002298.html
JVNDB-2008-002297 Python の PyOS_vsnprintf 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002297.html
JVNDB-2008-002296 32 ビットプラットフォーム上の Python におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002296.html
JVNDB-2008-002294 Python における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002294.html
JVNDB-2008-002293 Python の PyString_FromStringAndSize 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002293.html
JVNDB-2008-002292 Python の zlib 拡張モジュールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002292.html
JVNDB-2008-002291 Python の imageop.c における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002291.html
JVNDB-2007-001021 Python の imageop モジュールにおける複数の整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001021.html
JVNDB-2007-001020 Python の PyLocale_strxfrm() 関数における一つずれエラーの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001020.html
Database Master 1.5 for PostgreSQL and MySQL has been released.
http://www.postgresql.org/about/news.1124
「Namazu」の古いバージョンを利用しているウェブサイトへの注意喚起
http://www.ipa.go.jp/security/vuln/documents/2009/200908_namazu.html
JVN#21388501 ColdFusion におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN21388501/index.html
Adobe Flex SDK Input Validation Bug in 'index.template.html' Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Aug/1022748.html
Cisco Firewall Services Module ICMP Processing Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022747.html
Solaris sendfile and sendfilev Flaw Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022746.html
CA Internet Security Suite 'vetmonnt.sys' IOCTL Validation Flaw Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Aug/1022745.html
CA Host-Based Intrusion Prevention System 'kmxIds.sys' Driver Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022744.html
libvorbis OGG Code File Header Memory Corruption Error Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Aug/1022742.html
Pidgin Null Pointer Dereference in msn_slplink_process_msg() Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Aug/1022740.html
+ Solution 258588: Security Vulnerability in the Solaris sendfile(3EXT) and sendfilev(3EXT) Extended Library Functions may Result in a Denial of Service (DoS) Condition due to a System Panic
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258588-1
http://secunia.com/advisories/36400/
http://www.vupen.com/english/advisories/2009/2316
+ Flex 3.4 SDK released
http://opensource.adobe.com/wiki/display/flexsdk/Download+Flex+3
- APSB09-13: Security update available for Flex SDK
http://www.adobe.com/support/security/bulletins/apsb09-13.html
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00170.html
[ANNOUNCE] Apache Jackrabbit 2.0 alpha8 released
http://jackrabbit.apache.org/downloads.html
[ANNOUNCE] Apache Directory Server 1.5.5 released
http://directory.apache.org/apacheds/1.5/downloads.html
Solution 234461: Solaris Daylight Saving Time (DST) Update (Aug 2008, Oct 2008, Mar-Apr 2009, Jun 2009, Aug 2009)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-234461-1
2nd International Conference on LDAP - LDAPCon 2009
http://www.symas.com/ldapcon2009/
Perl 5.10.1 RC2 released
http://use.perl.org/article.pl?sid=09/08/19/0731241
Linux dev community growing, 5 patches accepted every hour
http://www.linux.org/news/2009/08/19/0003.html
Linux is booming, but unpaid adoption may hurt vendors
http://www.linux.org/news/2009/08/19/0002.html
Which netbook OS is right for you?
http://www.linux.org/news/2009/08/19/0001.html
Red Hat Revamps Partner Program
http://www.linux.org/news/2009/08/18/0007.html
Larry Augustin: Open source fueling enterprise software shift
http://www.linux.org/news/2009/08/18/0006.html
Sony Reveals PS3 Slim, Slashes Price, Removes Linux Option
http://www.linux.org/news/2009/08/18/0005.html
Linux vendor revenue $1 billion by 2012? Or is it $49 billion+ ?
http://www.linux.org/news/2009/08/18/0004.html
Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20090819-fwsm.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Firewall Services Module Crafted ICMP Message Vulnerability
http://www.cisco.com/warp/public/707/cisco-amb-20090819-fwsm.shtml
Debian : New kdegraphics packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30148
Debian : New kdelibs packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30149
Debian : New kde4libs packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30150
SecurityReason.com : Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30169
Slackware Linux : kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30147
Ubuntu Security Notice : Linux kernel vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30146
Computer Associates : Security Notice for CA Host-Based Intrusion Prevention System
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30161
Computer Associates : Security Notice for CA Internet Security Suite
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30162
CoreNews : Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30163
Gentoo Linux : Subversion: Remote execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30154
Gentoo Linux : CDF: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30155
Gentoo Linux : Perl Compress::Raw modules: Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30156
Gentoo Linux : ISC DHCP: dhcpd Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30157
Gentoo Linux : DokuWiki: Local file inclusion
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30158
Gentoo Linux : Dillo: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30159
Hewlett-Packard : HP Network Node Manager (NNM) Remote Console Running on Windows, Local Execution of Arbitrary Code,
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30171
JPCERT/CC WEEKLY REPORT 2009-08-19
http://www.jpcert.or.jp/wr/2009/wr093201.html
JVN#21388501: ColdFusion におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN21388501/index.html
JVNDB-2009-000054 ColdFusion におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000054.html
JVNDB-2009-001907 Oracle Database の Virtual Private Database コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001907.html
JVNDB-2009-001906 Oracle Database の Listener コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001906.html
JVNDB-2009-001905 Oracle Database の Auditing コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001905.html
JVNDB-2009-001904 Oracle Database の Secure Enterprise Search コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001904.html
JVNDB-2009-001903 Oracle Database および Oracle Enterprise Manager の Config Management コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001903.html
JVNDB-2009-001902 Oracle Database および Oracle Enterprise Manager の Config Management コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001902.html
JVNDB-2009-001901 Oracle Database の Network Foundation コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001901.html
JVNDB-2009-001900 Oracle Database の Advanced Replication コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001900.html
JVNDB-2009-001899 Oracle Database の Network Foundation コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001899.html
JVNDB-2009-001898 Oracle Database の Network Authentication コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001898.html
JVNDB-2009-001897 Oracle Database の Core RDBMS コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001897.html
JVNDB-2009-001896 Oracle Database の Upgrade コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001896.html
JVNDB-2009-001732 IBM WebSphere Application Server (WAS) の Administrative Console コンポーネントにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001732.html
JVNDB-2009-001731 IBM WebSphere Application Server (WAS) の System Management/Repository コンポーネントにおける wsadmin のセキュリティ問題に関連した脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001731.html
JVNDB-2009-001730 IBM WebSphere Application Server (WAS) の Administrative Console コンポーネントにおける WAS セッションの内容を読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001730.html
JVNDB-2009-001729 IBM WebSphere Application Server (WAS) の セキュリティコンポーネントにおける標準でない http メソッドを許可する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001729.html
[SECURITY] [DSA 1869-1] New curl packages fix SSL certificate verification weakness
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00172.html
iDefense Security Advisory 08.11.09: Microsoft Office Web Components 2000 Buffer Overflow Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00171.html
Adobe Flex 3.3 SDK DOM-Based XSS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00170.html
Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00169.html
[USN-802-2] Apache regression
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00168.html
[SECURITY] [DSA 1868-1] New kde4libs packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00159.html
[SECURITY] [DSA 1867-1] New kdelibs packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00161.html
[SECURITY] [DSA 1866-1] New kdegraphics packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00158.html
[ MDVSA-2009:206 ] wget
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00166.html
ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00165.html
ZDI-09-058: Oracle Secure Backup Administration Server Authentication Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00164.html
rPSA-2009-0121-1 kernel open-vm-tools
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00163.html
rPSA-2009-0119-1 apr apr-util
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00162.html
rPSA-2009-0118-1 mod_dav_svn subversion
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00160.html
CORE-2009-0727: Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00157.html
Gentoo update for Compress-Raw-Zlib and Compress-Raw-Bzip2
http://secunia.com/advisories/36410/
Stiva Forum Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/36409/
rPath update for apr and apr-util
http://secunia.com/advisories/36408/
ULoKI PHP Forum "term" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36407/
Kaspersky Anti-Virus / Internet Security Denial of Service Vulnerability
http://secunia.com/advisories/36405/
ntop Basic Authentication Denial of Service Vulnerability
http://secunia.com/advisories/36403/
Adium "msn_slplink_process_msg()" Memory Corruption Vulnerability
http://secunia.com/advisories/36401/
Sun Solaris sendfile and sendfilev Extended Library Functions Denial of Service
http://secunia.com/advisories/36400/
CA Host-Based Intrusion Prevention System kmxIds.sys Denial of Service
http://secunia.com/advisories/36396/
BackupPC "ClientNameAlias" SSH Rsync Backup Security Bypass
http://secunia.com/advisories/36393/
Red Hat update for pidgin
http://secunia.com/advisories/36392/
Red Hat update for libvorbis
http://secunia.com/advisories/36391/
Cisco IOS XR Border Gateway Protocol Denial of Service
http://secunia.com/advisories/36390/
Gentoo update for subversion
http://secunia.com/advisories/36388/
Gentoo update for cdf
http://secunia.com/advisories/36387/
Perl Compress::Raw::Bzip2 Module Off-by-One Vulnerability
http://secunia.com/advisories/36386/
Gentoo update for dhcp
http://secunia.com/advisories/36385/
Pidgin "msn_slplink_process_msg()" Memory Corruption Vulnerability
http://secunia.com/advisories/36384/
Gentoo update for DokuWiki
http://secunia.com/advisories/36383/
Gentoo update for dillo
http://secunia.com/advisories/36382/
Ubuntu update for linux and linux-source-2.6.15
http://secunia.com/advisories/36376/
AJ Auction Pro "store.php" SQL Injection Vulnerability
http://secunia.com/advisories/36369/
Arcadem Pro "article" SQL Injection Vulnerability
http://secunia.com/advisories/36362/
Xenorate Media Player XPL File Processing Buffer Overflow
http://secunia.com/advisories/36360/
Autonomous LAN Party "master[currentskin]" File Inclusion Vulnerability
http://secunia.com/advisories/36354/
Joomla MisterEstate Component "searchstring" SQL Injection
http://secunia.com/advisories/36351/
PHP eMail Manager "ID" SQL Injection Vulnerability
http://secunia.com/advisories/36346/
vCBAuthority "id" SQL Injection Vulnerabilityhttp://secunia.com/advisories/36345/
Internet Explorer URL Path Spoofing Vulnerability
http://secunia.com/advisories/36334/
vtiger CRM Multiple Vulnerabilities
http://secunia.com/advisories/36309/
Checking your protection
http://isc.sans.org/diary.html?storyid=6994
Vtiger CRM Code Execution and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2009/2319
Adium "msn_slplink_process_msg()" Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2009/2318
ntop "checkHTTPpassword()" Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2317
Sun Solaris "sendfile" and "sendfilev" Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2316
CA Internet Security Suite "vetmonnt.sys" Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2315
CA Host-Based Intrusion Prevention System Denial of Service Issue
http://www.vupen.com/english/advisories/2009/2314
Cisco IOS XR Border Gateway Protocol Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2313
Compress::Raw::Bzip2 "bzinflate()" Off-by-one Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2308
Pidgin "msn_slplink_process_msg()" Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2009/2303
0 件のコメント:
コメントを投稿