+ DeleGate 9.9.4 released
http://www.delegate.org/mail-lists/delegate-en/4519
+ Postfix 2.6 Patchlevel 3 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.3.RELEASE_NOTES
JVNDB-2009-001836 Cscope の putstring 関数におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001836.html
JVNDB-2006-000994 Cscope における長大なパス名の処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000994.html
JVNDB-2004-000630 Cscope における C ファイルの処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000630.html
JVNDB-2004-000468 iptables のフィルタリングルールが適用されない脆弱性
http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000468.html
HP ProLiant ML Servers - バージョンコントロールレポジトリマネージャによるSXML3.DLLインストール時のセキュリティの脆弱性について
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01831121-1
Trend Micro Network VirusWall Enforcer 1200 / 2500 用 Service Pack 1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1212
The latest snapshot for the stable Linux kernel tree is: 2.6.31-rc5-git1
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=summary
Installing VMware Tools
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=340&sliceId=1&docTypeID=DT_KB_1_1
AppleがiPhone OSの修正パッチ公開,SMS関連の脆弱性に対応
http://itpro.nikkeibp.co.jp/article/NEWS/20090803/334960/?ST=security
ISC BIND 9 の脆弱性を使用したサービス運用妨害攻撃に関する注意喚起
http://www.jpcert.or.jp/at/2009/at090016.txt
+ MySQL Server 5.1.37 has been released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-37.html
courier-0.62.2.20090730 released
http://www.courier-mta.org/download.php
Kernel release: 2.6.31-rc5
http://www.linux.org/news/2009/08/01/0001.html
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc5
Ten Linux apps that get top marks from schools
http://www.linux.org/news/2009/07/31/0005.html
Dispute between Linux gurus Alan Cox and Linus Torvalds
http://www.linux.org/news/2009/07/31/0004.html
Twitter, Linux, Red Hat, Microsoft "honored" with Pwnie Awards
http://www.linux.org/news/2009/07/31/0003.html
Document ID: 329251: Replication volume group stuck in Activating status
http://seer.entsupport.symantec.com/docs/329251.htm
Document ID: 329186: Dynamic disks show as offline following a restore of a Storage Foundation for Windows cluster using Backup Exec System Recovery (BESR).
http://seer.entsupport.symantec.com/docs/329186.htm
Mandriva : firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29954
Sense of Security : XOOPS Multiple Cross-Site Scripting Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29963
Debian : New apache/apache2-mpm-itk fix regression
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29959
Hewlett-Packard : HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29964
ISC : ISC BIND 9.6.1-P1 is now available (resend)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29955
ISC : ISC BIND 9.5.1-P3 is now available (resend)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29956
ISC : ISC BIND 9.4.3-P3 is now available (resend)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29957
Nine:Situations:Group : EPSON Status Monitor 3 local privilege escalation vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29965
Spotlight On: Malicious Insiders with Ties to the Internet Underground Community (pdf), March 2009
http://www.cert.org/insider_threat/docs/CyLab%20Insider%20Threat%20Quarterly%20on%20Internet%20Underground%20-%20March%202009P.pdf
Flash PlayerとAdobe Readerの最新版が公開、危険な脆弱性を複数解消
「PDFウイルス」悪用の脆弱性や「ATL」関連の脆弱性などを修正
http://itpro.nikkeibp.co.jp/article/NEWS/20090731/334940/?ST=security
SonicWALLが10~50人規模では最エントリとなるUTM機器を出荷
http://itpro.nikkeibp.co.jp/article/NEWS/20090731/334881/?ST=security
ISC BIND 9 の脆弱性を使用したサービス運用妨害攻撃に関する注意喚起
http://www.jpcert.or.jp/at/2009/at090016.txt
JVNVU#725188 ISC BIND 9 におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU725188/index.html
[ MDVSA-2009:184 ] apache-mod_security
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00262.html
[ MDVSA-2009:183 ] apache-mod_security
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00261.html
XOOPS Multiple Cross-Site Scripting Vulnerabilities - Security Advisory - SOS-09-
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00258.html
[ MDVSA-2009:182 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00259.html
Avant Browser "browser:home" Script Insertion Vulnerability
http://secunia.com/advisories/36113/
XOOPS "op" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36109/
Red Hat update for seamonkey
http://secunia.com/advisories/36102/
ScriptsEz Ez Album Comment "name" Script Insertion Vulnerability
http://secunia.com/advisories/36101/
SUSE update for bind
http://secunia.com/advisories/36098/
Joomla! "com_mailto" Timeout Bypass
http://secunia.com/advisories/36097/
AJ Matrix "id" SQL Injection Vulnerability
http://secunia.com/advisories/36095/
Red Hat update for nspr and nss
http://secunia.com/advisories/36094/
Network Security Services Multiple Vulnerabilities
http://secunia.com/advisories/36093/
Webservice-DIC yoyaku_v41 Command Injection Vulnerability
http://secunia.com/advisories/36090/
MUJE CMS "_class" Local File Inclusion Vulnerability
http://secunia.com/advisories/36079/
dit.cms Multiple File Inclusion Vulnerabilities
http://secunia.com/advisories/36076/
CMSphp Local File Inclusion and Cross-Site Scripting
http://secunia.com/advisories/36073/
Orbis CMS Information Disclosure and File Deletion Vulnerabilities
http://secunia.com/advisories/36073/
Epson Stylus SX100 Drivers Insecure Default Permissions
http://secunia.com/advisories/36065/
Red Hat update for flash-plugin
http://secunia.com/advisories/36064/
About the security content of iPhone OS 3.0.1
http://support.apple.com/kb/HT3754
XOOPS Input Validation Flaws in 'viewpmsg.php' and 'user.php' Permit Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Jul/1022641.html
Network Security Services Library Heap Overflow in Regular Expression Parser Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022633.html
Network Security Services Library NULL Character Flaw in Common Name Field Lets Remote Users Spoof Certficiates
http://securitytracker.com/alerts/2009/Jul/1022632.html
Sun Solaris Trusted Extensions Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2089
Sun Solaris BIND Dynamic Update Message Denial of Service Issue
http://www.vupen.com/english/advisories/2009/2088
Sun Solaris Kerberos Credential Cache Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2009/2087
Adobe Flash Player and AIR Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/2086
Network Security Services Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2009/2085
Website Warnings
http://isc.sans.org/diary.html?storyid=6907
Don't forget to tell your SysAdmin Thanks
http://isc.sans.org/diary.html?storyid=6895
Google Safe Browsing
http://isc.sans.org/diary.html?storyid=6898
The iPhone patch is out
http://isc.sans.org/diary.html?storyid=6901
Adobe Patch is out
http://isc.sans.org/diary.html?storyid=6904
Multiple Mozilla Products NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35888
Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35891
Mozilla Firefox/Thunderbird JavaScript Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35776
Mozilla Firefox and Thunderbird RDF File Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35775
Mozilla Firefox and Thunderbird Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35765
Mozilla Firefox 'XPCCrossOriginWrapper' Multiple Cross Domain Scripting Vulnerabilities
http://www.securityfocus.com/bid/35773
Mozilla Firefox 'watch()' and ' __defineSetter__ ()' Functions Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35772
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Mozilla Firefox Flash Player Unloading Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35767
Mozilla Firefox/Thunderbird Double Frame Construction Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35770
CoreGraphics Font Glyph Rendering Library Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35774
Mozilla Firefox 'nsViewManager.cpp' Denial of Service Vulnerability
http://www.securityfocus.com/bid/35413
Multiple Browsers Web Proxy Redirect Handling Man In The Middle Vulnerability
http://www.securityfocus.com/bid/35412
Multiple Browser HTTP Resource in HTTPS Context Security Bypass Vulnerability
http://www.securityfocus.com/bid/35403
Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
http://www.securityfocus.com/bid/35380
Mozilla Firefox/Thunderbird/SeaMonkey Null Owner Document Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/35383
Mozilla Firefox/Thunderbird/SeaMonkey XUL Scripts Content-Policy Check Security Bypass Vulnerability
http://www.securityfocus.com/bid/35377
Mozilla Firefox/SeaMonkey 'file://' URI Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35391
Mozilla Firefox and SeaMonkey JavaScript Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35373
Mozilla Firefox/Thunderbird/SeaMonkey Multiple Browser Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35370
Mozilla Firefox and SeaMonkey Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/35388
Mozilla Firefox/Thunderbird/SeaMonkey Double Frame Construction Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35371
Mozilla Firefox/Thunderbird/SeaMonkey Multiple JavaScript Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35372
Mozilla Firefox/Thunderbird/SeaMonkey 'file://' URI Security Bypass Vulnerability
http://www.securityfocus.com/bid/35386
Mozilla Firefox 'NPObject' Access Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35360
Mozilla Firefox Large GIF File Background Denial of Service Vulnerability
http://www.securityfocus.com/bid/35280
Microsoft Internet Explorer (CVE-2009-1919) Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35827
Microsoft Internet Explorer HTML Table Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35826
Microsoft Internet Explorer Deleted Object (CVE-2009-1917) Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35831
Avant Browser 'browser:home' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/35898
Article Publisher Pro 'photos.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35892
Softbiz Dating Script 'cat_products.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35896
Absolute Software Computrace LoJack for Laptops Security Bypass Vulnerability
http://www.securityfocus.com/bid/35889
Compface '.xbm' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35863
Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35759
HTC Touch 3G Windows Mobile SMS Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35887
Open Handset Alliance Android SMS Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35886
Movable Type 'mt-wizard.cgi' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35885
EPSON Status Monitor Insecure File Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35883
ModSecurity Transformation Caching Security Bypass Vulnerability
http://www.securityfocus.com/bid/31672
ModSecurity Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34096
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
OpenEXR Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35838
Multiple Drupal Modules Date Wizard HTML Injection Vulnerability
http://www.securityfocus.com/bid/35790
Apple iPhone SMS Application Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35569
Snitz Forums 2000 'register.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35764
Sun Solaris Network File System Version 4 (NFSv4) Unauthorized Network Access Vulnerability
http://www.securityfocus.com/bid/35546
VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35500
NTSOFT BBS E-Market Professional Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35893
RETIRED: Adobe Flash Player and AIR Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/35890
Adobe Flash Player and AIR Unspecified Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35907
Adobe Flash Player and AIR Unspecified Click Jacking Vulnerability
http://www.securityfocus.com/bid/35905
Adobe Flash Player and AIR NULL Pointer Exception Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35906
Adobe Flash Player and AIR Unspecified Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35904
Adobe Flash Player and AIR URI Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35902
Adobe Flash Player and AIR Sandbox Bypass Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35908
Adobe Flash Player and AIR (CVE-2009-1866) Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35901
Adobe Flash Player and AIR Unspecified Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35900
Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34169
Adobe Acrobat and Reader JBIG2 Image Processing Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/34229
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33751
IBM AIX 'MALLOCDEBUG' File Overwrite Vulnerability
http://www.securityfocus.com/bid/35034
Microsoft Visual Studio Active Template Library NULL String Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35830
Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35828
Microsoft Visual Studio ATL 'VariantClear()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35832
Microsoft Windows 'MPEG2TuneRequest' ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35558
Joomla! 'com_mailto' Timeout Protection Security Bypass Vulnerability
http://www.securityfocus.com/bid/35899
XOOPS 'op' Parameter Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35895
Adobe Shockwave Player Active Template Library Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35845
0 件のコメント:
コメントを投稿