:: IT Security Neophyte Investigator's MEMO ::: 31日月曜日、赤口

2009年8月31日月曜日

31日月曜日、赤口

【入札公告】「重要インフラ制御システムの脆弱性低減と普及施策に関する調査」に係る一般競争入札
http://www.ipa.go.jp/security/kobo/21fy/cip/index.html

【入札公告】「国内外の自動車の情報セキュリティ動向と意識向上策に関する調査」に係る一般競争入札
http://www.ipa.go.jp/security/kobo/21fy/emb_sec/index.html

+ Postfix 2.6.5, 2.5.9, 2.4.13, 2.3.19 released
http://mirror.postfix.jp/postfix-release/index.html
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.5.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.5.9.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.4.13.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.3.19.HISTORY
http://www.postfix.org/announcements/postfix-2.6.5.html
http://www.postfix.org/announcements/postfix-2.5.9.html

Linux kernel: next-20090828 released
http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=summary

Linux kernel: snapshot: 2.6.31-rc8-git1 released
http://www.kernel.org/diff/diffview.cgi?file=/pub/linux/kernel//v2.6/snapshots/patch-2.6.31-rc8-git1.bz2

Linux kernel: mainline: 2.6.31-rc8 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc8

Slackware Linux 13 released
http://www.linux.org/news/2009/08/28/0007.html

Aussies give open source golden crumbs from Microsoft table
http://www.linux.org/news/2009/08/28/0006.html

Sony explains PS3 Slim's loss of Linux option
http://www.linux.org/news/2009/08/28/0005.html

10 Common Mistakes Made by New Linux Administrators
http://www.linux.org/news/2009/08/28/0004.html

Novell's Linux revenue soars 22 percent, while everything else tanks
http://www.linux.org/news/2009/08/28/0003.html

Is the Linux Desktop Too Much Like Windows, Mac OS X?
http://www.linux.org/news/2009/08/28/0002.html

MySQL 5.1.38 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-38.html

MySQL 6.0.12 (Not yet released)
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-12.html

Refresh Pack 7.0.1.0 for WebSphere MQ V7.0
http://www-01.ibm.com/support/docview.wss?rs=171&context=SSFKSJ&context=SSEP7X&dc=D600&uid=swg21395926&loc=en_US&cs=UTF-8&lang=en

Solution 266429: A Security Vulnerability in the Sun Java System Web Server Related to Handling of Dynamic Content May Lead to Unauthorized Information Disclosure
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266429-1

Solution 255308: A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1

Red Hat : Critical: java-1.5.0-ibm security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30260

SuSE : security-announce SUSE Security Announcement: Linux kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30258

史上初の「盗聴ウイルス」が出現、Skypeユーザーを狙う
PC上で暗号化前と復号後の音声データを記録、広くは出回っていない
http://itpro.nikkeibp.co.jp/article/NEWS/20090828/336200/?ST=security

RSAセキュリティがフィッシング対策の新サービス，トロイの木馬対策を国内提供
http://itpro.nikkeibp.co.jp/article/NEWS/20090828/336180/?ST=security

Cross-Site Scripting vulnerability in Mozilla, Firefox, SeaMonkey, Orca Browser and Maxthon
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00253.html

[ MDVSA-2009:222 ] squirrelmail
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00254.html

Team SHATTER Security Advisory: Buffer Overflow in Resource Manager of Oracle Database - Plan na
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00252.html

SUSE update for kernel
http://secunia.com/advisories/36510/

Red Hat update for java-1.5.0-ibm
http://secunia.com/advisories/36507/

Ubuntu update for mono
http://secunia.com/advisories/36494/

Uiga Church Portal "year" and "month" SQL Injection Vulnerabilities
http://secunia.com/advisories/36479/

Joomla DigiFolio Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/36478/

FreeBSD ftpd chroot Security Bypass Security Issue
http://secunia.com/advisories/36353/

How do I recover from.....?
http://isc.sans.org/diary.html?storyid=7036

Immunet Protect - Cloud and Community Malware Protection
http://isc.sans.org/diary.html?storyid=7033

QuarkMail "tf" Parameter Processing Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2009/2460

Danneo CMS "comtitle" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2459

Uiga Church Portal "year" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2458

DigiFolio for Joomla "id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2457

WP-Syntax for WordPress "test_filter[wp_head]" Code Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2456

Linux Kernel "*_getname()" Functions Memory Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/2455

IBM Tivoli Access Manager for Enterprise Single Sign-On Vulnerability
http://www.vupen.com/english/advisories/2009/2454

Drupal Go - url redirects Code Execution and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/2453

Drupal Ajax Table Module Access Bypass and Cross Site Scripting
http://www.vupen.com/english/advisories/2009/2452

libmikmod Multiple Sound Channel Media Playback Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33235

libmikmod '.XM' File Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33240

Adobe ColdFusion Double-Encoded NULL Character Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36096

Adobe JRun Multiple Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/36050

Sun VirtualBox Host Operating System Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35960

Adobe JRun 'logviewer.jsp' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36047

Microsoft Internet Explorer 8 Denial of Service Vulnerability
http://www.securityfocus.com/bid/35941

SAP Business One 2005 License Manager 'NT_Naming_Service.exe' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35933

eAccelerator 'encoder.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35917

Arab Portal 'forum.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35914

Oracle Config Management CVE-2009-1967 Multiple SQL-injection Vulnerabilities
http://www.securityfocus.com/bid/35692

Oracle Config Management CVE-2009-1966 SQL-injection Vulnerability
http://www.securityfocus.com/bid/35676

Multiple Browser HTTP Resource in HTTPS Context Security Bypass Vulnerability
http://www.securityfocus.com/bid/35403

OpenSC 'pkcs11-tool' Insecure Key Generation Vulnerability
http://www.securityfocus.com/bid/34884

Sun Solaris XScreenSaver Popup Windows Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35964

Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097

Audacity 'lib-src/allegro/strparse.cpp' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33090

Compface '.xbm' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35863

GnuTLS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35952

Agares Media Arcadem Pro 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/36069

OpenAutoClassifieds 'paycalc.php' Path Disclosure Vulnerability
http://www.securityfocus.com/bid/36175

OpenAutoClassifieds Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/36174

OpenAutoClassifieds SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/36173

Autonomy KeyView Module Excel Document Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36042

WordPress 'cat' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/28845

Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35888

Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/25316

Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35891

Sun Java Runtime Environment Audio System Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35939

Sun Java Runtime Environment Proxy Mechanism Implementation Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35943

Sun Java Runtime Environment XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35958

Sun Java Runtime Environment Unpack200 JAR Unpacking Utility Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35944

Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461

Sun Java System Web Server '.jsp' File Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35577

Xerox WorkCentre Web Services Extensible Interface Platform Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/36177

Kaspersky Products URI Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/36084

Sun ONE/iPlanet Web Server HTTP TRACE Credential Theft Vulnerability
http://www.securityfocus.com/bid/9561

Linux Kernel 'udp_sendmsg()' MSG_MORE Flag Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36108

Linux Kernel Multiple Protocols Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36176

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)