HPSBST02459 SSRT080134 rev.2 - HP StorageWorks Remote Management Interface (RMI) for MSL Tape Libraries and 1/8 G2 Tape Autoloaders, Denial of Service (DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01868405-2
BIND 9.5.2rc1 is now available.
ftp://ftp.isc.org/isc/bind9/9.5.2rc1/bind-9.5.2rc1.tar.gz
JPCERT/CC WEEKLY REPORT 2009-09-16
http://www.jpcert.or.jp/wr/2009/wr093601.html
JVNDB-2009-001838 Linux kernel の CIFS サブシステムにおける Unicode 文字列の処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001838.html
JVNDB-2009-001837 Linux kernel の CIFS における長大な nativeFileSystem フィールドの処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001837.html
Wireshark 1.2.2 (and 1.0.9) is out!
http://isc.sans.org/diary.html?storyid=7132
Apple iPhone OS AudioCodecs Heap Buffer Overflow
http://www.securiteam.com/securitynews/5VP0C1FSAO.html
NetArt Media iBoutique.MALL 'cat' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36404
VLC Media Player CUE File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36403
+ Solution 266908: Security vulnerability in Solaris Pidgin (see pidgin(1)), Versions Prior to 2.5.9 may Lead to Execution of Arbitrary Code or a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266908-1
http://secunia.com/advisories/36708/
http://www.vupen.com/english/advisories/2009/2663
+ Linux kernel 2.6.27.34, 2.6.30.7 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.34
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.7
http://www.linux.org/news/2009/09/15/0002.html
http://www.linux.org/news/2009/09/15/0001.html
+ RHSA-2009:1438-01: Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2009-1438.html
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30394
http://secunia.com/advisories/36759/
+ Linux Kernel Intel 32bit Emulation Mode Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36393
MySQL Workbench 5.2.3 Alpha
http://dev.mysql.com/downloads/workbench
ISC BIND 9.7.0a3 is now available
ftp://ftp.isc.org/isc/bind9/9.7.0a3/bind-9.7.0a3.tar.gz
Suhosin Patch 0.9.8 - BETA 1
http://www.hardened-php.net/suhosin/download.html
Document ID: 331896: Veritas Storage Agent service terminates unexpectedly with new install of 5.1 on Windows 2008 32 bit.
http://seer.entsupport.symantec.com/docs/331896.htm
Red Hat : Important: kernel security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30394
SuSE : security-announce SUSE Security Summary Report
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30390
Apple : Xsan 2.2
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30389
Debian : New nginx packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30391
Debian : New xulrunner packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30392
Debian : New iceweasel packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30393
ECHO : Joomla Hotel Booking System Component XSS/SQL Injection Multiple Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30396
Mandriva : kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30386
Installing VMware Tools in Unsupported Linux Distributions
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1625&sliceId=1&docTypeID=DT_KB_1_1
NYタイムズのサイトに悪質広告、偽警告で「偽ソフト」を売り込む
「ウイルスに感染しています」のポップアップ、現在では対策済み
http://itpro.nikkeibp.co.jp/article/NEWS/20090916/337309/?ST=security
ヤフーをかたるフィッシング詐欺が続出、業界団体が緊急警告
偽メールの内容は同じ、「重要なお知らせです」で偽サイトへ誘導
http://itpro.nikkeibp.co.jp/article/NEWS/20090916/337307/?ST=security
Improper Authentication Mechanism in 3Com Wireless8760 Dual Radio 11a/b/g Poe Access Point
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00125.html
3rd party patch for XP for MS09-048?
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00124.html
[SECURITY] [DSA 1887-1] New rails packages fix cross-site scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00123.html
[ MDVSA-2009:235 ] silc-toolkit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00122.html
[ MDVSA-2009:234-1 ] silc-toolkit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00121.html
[ MDVSA-2009:234 ] silc-toolkit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00120.html
Local privilege escalation vulnerability in Protector Plus Antivirus (Proland Software)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00119.html
[ MDVSA-2009:233 ] kernel
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00118.html
SANS releases new Cyber Security Risk Report
http://isc.sans.org/diary.html?storyid=7129
Planet Venus HTML Sanitation Security Bypass Vulnerability
http://secunia.com/advisories/36766/
HP StorageWorks Products Remote Management Interface Denial of Service
http://secunia.com/advisories/36764/
Red Hat update for kernel
http://secunia.com/advisories/36759/
Debian update for nginx
http://secunia.com/advisories/36758/
Debian update for iceweasel
http://secunia.com/advisories/36757/
Ubuntu update for openexr
http://secunia.com/advisories/36753/
nginx "ngx_http_parse_complex_uri()" Buffer Underflow
http://secunia.com/advisories/36751/
Fedora update for kdelibs
http://secunia.com/advisories/36736/
httpdx "h_readrequest()" Format String Vulnerability
http://secunia.com/advisories/36734/
Aurora CMS "AURORA_MODULES_FOLDER" File Inclusion Vulnerability
http://secunia.com/advisories/36731/
Magic Morph ".mor" Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/36721/
Fedora update for dovecot
http://secunia.com/advisories/36713/
Vulnerability Note VU#180065: Nginx ngx_http_parse_complex_uri() buffer underflow vulnerability
http://www.kb.cert.org/vuls/id/180065
Protector Plus Local Privilege Escalation Vulnerability
http://www.securiteam.com/windowsntfocus/5UP0B1FSAO.html
BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) Universal
http://www.milw0rm.com/exploits/9690
BRS Webweaver 1.33 /Scripts Access Restriction Bypass Vulnerability
http://www.milw0rm.com/exploits/9676
BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) 0day
http://www.milw0rm.com/exploits/9673
NetAccess IP3 (ping option) Command Injection Vulnerability (auth)
http://www.milw0rm.com/exploits/9688
SAP Player 0.9 (.pla) Universal Local Buffer Overflow Exploit (SEH)
http://www.milw0rm.com/exploits/9687
Protector Plus Antivirus 8/9 Local Privilege Escalation Vulnerability
http://www.milw0rm.com/exploits/9680
IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2665
HP-UX "bootpd" Unspecified Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2664
Sun Solaris Pidgin "msn_slplink_process_msg()" Vulnerability
http://www.vupen.com/english/advisories/2009/2663
HP StorageWorks Products RMI Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2662
PHP Pro Bid "auction_id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2661
Aurora CMS "AURORA_MODULES_FOLDER" File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2009/2660
AlphaUserPoints for Joomla "username2points" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2659
Portable E.M Magic Morph File Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2658
FotoTagger XML Data Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2657
Batch Picture Watermark Protector Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2656
FtpXQ FTP Server "ABOR" Command Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2655
httpdx "h_readrequest()" Host Header Format String Vulnerability
http://www.vupen.com/english/advisories/2009/2654
Techlogica HTTP Server Remote File Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/2653
Belkin F5D7632-4V6 Wireless G Router Multiple Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/36406
NatterChat Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/36402
TGS Content Management Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/36401
BRS WebWeaver 'Scripts' Security Bypass Vulnerability
http://www.securityfocus.com/bid/36399
3Com Wireless 8760 Dual-Radio 11a/b/g PoE Web Administration Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/36400
nginx HTTP Request Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36384
Novell GroupWise Client 'gxmim1.dll' ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36398
EasyMail Objects 'emmailstore.dll ' ActiveX Control Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32722
FileCOPA FTP Server 'NOOP' Command Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36397
Joomla! Hotel Booking System Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/36380
PHP-Lance Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/36065
WOW Raid Manager 'auth/auth_phpbb3.php' Security Bypass Vulnerability
http://www.securityfocus.com/bid/32250
PureMessage for Microsoft Exchange RTF Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/30881
AJPoll Security Bypass and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/32245
Sun Solaris 'sockfs' Kernel Module Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36169
Cisco Lightweight Access Point Over The Air Manipulation Denial of Service Vulnerability
http://www.securityfocus.com/bid/36145
Sun Solaris pollwakeup(9F) Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36106
SILC Toolkit HTTP Server Format String Vulnerability
http://www.securityfocus.com/bid/36194
SILC Toolkit Encoded OID Format String Vulnerability
http://www.securityfocus.com/bid/36192
SILC Toolkit 'command.c' Multiple Format String Vulnerabilities
http://www.securityfocus.com/bid/36193
SILC Client Format String Vulnerability
http://www.securityfocus.com/bid/35940
SIDVault 'simple_bind()' Function Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/25460
Ruby on Rails Form Helpers Unicode String Handling Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36278
Ghostscript 'CCITTFax' Decoding Filter Denial of Service Vulnerability
http://www.securityfocus.com/bid/34337
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Ghostscript 'jbig2dec' JBIG2 Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34445
Ghostscript 'gdevpdtb.c' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34340
Proland Protector Plus Insecure Program File Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36396
Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
http://www.securityfocus.com/bid/35380
Perl IO::Socket::SSL 'verify_hostname_of_cert()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/35587
libxml2 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36010
eCryptfs 'parse_tag_3_packet()' Packet Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35850
RETIRED: SIDVault Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36394
OpenOffice Word Document Table Parsing Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36200
Multiple Browsers Cached Certificate HTTP Site Spoofing Vulnerability
http://www.securityfocus.com/bid/35411
Multiple Browsers Web Proxy Redirect Handling Man In The Middle Vulnerability
http://www.securityfocus.com/bid/35412
GnuTLS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35952
Multiple Browser HTTP Resource in HTTPS Context Security Bypass Vulnerability
http://www.securityfocus.com/bid/35403
Opera XML Parser Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34298
Siemens Gigaset SE361 WLAN Data Flood Denial of Service Vulnerability
http://www.securityfocus.com/bid/36366
Xen XenStore Domain Configuration Data Unsafe Storage Vulnerability
http://www.securityfocus.com/bid/31499
Planet HTML Injection Vulnerability
http://www.securityfocus.com/bid/36392
Cerberus FTP Server Long Command Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36390
DataWizard FtpXQ Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36391
Pidgin 'msn_slplink_process_msg()' NULL Pointer Dereference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36071
PHP Pro Bid 'auction_details.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/36389
HP StorageWorks Products Remote Management Interface Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36388
Ipswitch IMail Server Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/24962
PowerISO Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36387
Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36377
KDE KSSL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36229
Mozilla Firefox/SeaMonkey UTF-8 Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31397
Linux Kernel Intel 32bit Emulation Mode Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36393
Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038
Linux Kernel eCryptfs 'parse_tag_11()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35851
Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Weakness
http://www.securityfocus.com/bid/35647
Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35929
Linux Kernel 'clear_child_tid()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35930
HP-UX bootpd Unspecified Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36395
Apple iPhone Safari 'tel:' URI Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36386
Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36299
GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities
http://www.securityfocus.com/bid/36381
NetArt Media iBoutique.MALL 'cat' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36404
VLC Media Player CUE File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36403
0 件のコメント:
コメントを投稿