+ DBD-mysql 4.013 released
http://www.cpan.org/modules/by-module/DBD/DBD-mysql-4.013.readme
Solution 265608: Security Vulnerability with the Solaris IPv6 Networking Stack Involving the Cassini Gigabit-Ethernet Device Driver and Jumbo Frames
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265608-1
「Web 2.0系サイトの投稿コメントは95%がスパムか悪質なコード」,Websense調べ
http://itpro.nikkeibp.co.jp/article/NEWS/20090917/337407/?ST=security
JVNVU#817433 複数の XML ライブラリの実装に脆弱性
http://jvn.jp/cert/JVNVU817433/index.html
JVN#00425482 XF-Section におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN00425482/index.html
JVN#39157969 Opera におけるサードパーティ Cookie の取り扱いに関する問題
http://jvn.jp/jp/JVN39157969/index.html
JVNDB-2009-000062 XF-Section におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000062.html
JVNDB-2009-000061 Opera におけるサードパーティ Cookie の取り扱いに関する問題
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000061.html
JVNDB-2009-002016 APR ライブラリおよび APR-util ライブラリにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002016.html
JVNDB-2009-002015 Subversion の libsvn_delta ライブラリにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002015.html
JVNDB-2009-002014 MySQL におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002014.html
JVNDB-2009-002013 MySQL の dispatch_command 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002013.html
JVNDB-2009-002012 ZODB における認証を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002012.html
JVNDB-2009-002011 ZODB における任意の Python コードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002011.html
Why is Rogue/Fake AV so successful?
http://isc.sans.org/diary.html?storyid=7144
Drupal Session Fixation Vulnerability
http://secunia.com/advisories/36785/
Drupal Multiple Vulnerabilities
http://secunia.com/advisories/36781/
Debian update for icu
http://secunia.com/advisories/36769/
foobla Suggestions for Joomla "idea_id" SQL Injection Vulnerability
http://secunia.com/advisories/36767/
Ubuntu update for freeradius
http://secunia.com/advisories/36765/
foobla RSS Feed Creator for Joomla "id" SQL Injection
http://secunia.com/advisories/36748/
Protector Plus Directory Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2009/2680
BigAnt Messenger HTTP Request Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2679
FFmpeg "vmd_read_header()" VMD Format Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2678
Sun StarOffice/StarSuite Word Documents Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/2677
Wireshark Multiple Protocol Dissector Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/2676
Google Chrome Cross Site Scripting and Same Origin Policy Bypass
http://www.vupen.com/english/advisories/2009/2675
+ Linux Kernel 'perf_counter_open()' Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36423
+ Linux Kernel 'find_ie()' Function Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36421
Solution 263508: Security Vulnerability in StarOffice/StarSuite Related to Microsoft Word Document Handling may Lead to Arbitrary Code Execution
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263508-1
Solution 267228: SUN ALERT WEEKLY SUMMARY REPORT - Week of 06-Sep-2009 to 12-Sep-2009
http://sunsolve.sun.com/search/document.do?assetkey=1-66-267228-1
Apache HTTP Server at ApacheCon US 2009 - 2-6 November, Oakland, CA
http://www.us.apachecon.com/
Kernel release: 2.6.31.1-rc1
http://www.linux.org/news/2009/09/16/0003.html
Kernel release: 2.6.30.8-rc1
http://www.linux.org/news/2009/09/16/0002.html
Kernel release: 2.6.27.35-rc1
http://www.linux.org/news/2009/09/16/0001.html
Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products
http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml
Independent Researcher : Exploiting Chrome and Opera’s inbuilt ATOM/RSS reader with Script Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30403
Debian : New rails packages fix cross-site scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30401
Debian : New openssl packages deprecate MD2 hash signatures
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30402
Independent Researcher : Improper Authentication Mechanism in 3Com Wireless8760 Dual Radio 11a/b/g Poe Access Point
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30405
Mandriva : silc-toolkit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30398
Mandriva : silc-toolkit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30399
Mandriva : silc-toolkit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30400
情報セキュリティと行動科学ワークショップ開催のお知らせ
http://www.ipa.go.jp/security/event/2009/isec-workshop/index.html
JVNVU#180065 Nginx ngx_http_parse_complex_uri() にバッファアンダーランの脆弱性
http://jvn.jp/cert/JVNVU180065/index.html
JVNDB-2009-002010 Sun Java SE および OpenJDK の JDK13Services.getProviders におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002010.html
JVNDB-2009-002009 Sun Java SE および OpenJDK のエンコーダにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002009.html
JVNDB-2009-002008 Sun Java SE および OpenJDK の JMX におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002008.html
JVNDB-2009-002007 Sun Java SE および OpenJDK における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002007.html
JVNDB-2009-002006 Sun Solaris の XScreenSaver における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002006.html
[USN-832-1] FreeRADIUS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00152.html
[SECURITY] [DSA 1889-1] New icu packages correct multibyte sequence parsing
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00151.html
Iret #GP on pre-commit handling failure: the NetBSD case (CVE-2009-2793)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00146.html
=?iso-8859-1?Q?Exploiting_Chrome_and_Operas_inbuilt_ATOM/RSS_reader_with?= =?iso-8859
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00140.html
ANNOUNCE: RFIDIOt release - v0.z - 16th September, 2009
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00142.html
[security bulletin] HPSBUX02458 SSRT090104 rev.1 - HP-UX Running bootpd, Remote Denial of Se
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00139.html
[SECURITY] [DSA 1888-1] New openssl packages deprecate MD2 hash signatures
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00131.html
SMB2 remote exploit released
http://isc.sans.org/diary.html?storyid=7141
Review the security controls of your Web Applications... all them!
http://isc.sans.org/diary.html?storyid=7135
IETF Draft for Remediation of Bots in ISP Networks
http://isc.sans.org/diary.html?storyid=7138
FileCOPA NOOP Processing Denial of Service Vulnerability
http://secunia.com/advisories/36773/
Google Chrome Security Bypass and Cross-Site Scripting
http://secunia.com/advisories/36770/
OXID eShop Multiple Vulnerabilities
http://secunia.com/advisories/36761/
FFmpeg "vmd_read_header()" Integer Overflow Vulnerability
http://secunia.com/advisories/36760/
Changetrack Privilege Escalation Vulnerability
http://secunia.com/advisories/36756/
Wireshark Multiple Denial of Service Vulnerabilities
http://secunia.com/advisories/36754/
RT Custom Fields Script Insertion Vulnerability
http://secunia.com/advisories/36752/
Sun StarOffice / StarSuite Word Document Table Parsing Vulnerabilities
http://secunia.com/advisories/36750/
HotWeb Rentals "PropId" SQL Injection Vulnerability
http://secunia.com/advisories/36747/
Protector Plus Insecure Default Directory Permissions
http://secunia.com/advisories/36742/
Debian update for openssl
http://secunia.com/advisories/36739/
VMware Workstation 5 VMnc Codec Multiple Vulnerabilities
http://secunia.com/advisories/36735/
DJ Studio Pro PLS Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/36728/
iBoutique.MALL SQL Injection Vulnerabilities
http://secunia.com/advisories/36726/
Debian update for rails
http://secunia.com/advisories/36717/
Fedora update for nginx
http://secunia.com/advisories/36715/
BigAnt Messenger AntServer Module Buffer Overflow Vulnerability
http://secunia.com/advisories/36704/
SUSE Update for Multiple Packages
http://secunia.com/advisories/36700/
Gigaset SE361 WLAN Denial of Service Vulnerability
http://secunia.com/advisories/36697/
Joomla DJ-Catalog Component SQL Injection Vulnerabilities
http://secunia.com/advisories/36696/
Ardguest "page" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36630/
refbase Cross-Site Request Forgery
http://secunia.com/advisories/36111/
Notepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow PoC (0day)
http://www.milw0rm.com/exploits/9701
NaviCOPA Web Server 3.01 Remote Source Code Disclosure Vulnerability
http://www.milw0rm.com/exploits/9694
Red Hat Kernel z90crypt Driver Lets Certain Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Sep/1022907.html
HP-UX Bug in bootpd Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Sep/1022906.html
HP StorageWorks Remote Management Interface Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Sep/1022905.html
Xsan May Display the User's Password
http://securitytracker.com/alerts/2009/Sep/1022904.html
Bugzilla Input Validation Flaw in Bug.search and Bug.create WebService Functions Lets Remote Users Inject SQL Commands
http://securitytracker.com/alerts/2009/Sep/1022903.html
Bugzilla May Display the User's Password in the Browser URL
http://securitytracker.com/alerts/2009/Sep/1022902.html
Best Practical Solutions RT 'Custom Field' HTML Injection Vulnerability
http://www.securityfocus.com/bid/36417
Oracle Secure Backup CVE-2009-1978 Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/35678
Oracle Secure Backup CVE-2009-1977 Remote Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35672
IBD Micro CMS 'microcms-admin-login.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/29159
FileCOPA FTP Server 'NOOP' Command Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36397
FreeRADIUS Zero-length Tunnel-Password Attributes Denial of Service Vulnerability
http://www.securityfocus.com/bid/36263
International Components for Unicode Invalid Byte Sequence Handling Vulnerability
http://www.securityfocus.com/bid/34974
TuttoPHP Morris Guestbook 'view.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36415
Mega File Hosting Script 'emaillinks.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36413
Joomla! Foobla RSS Feed Creator Component 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36427
Joomla! Foobla Suggestions Component 'idea_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36425
Joomla! Lucy Games Component 'gameid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36334
Joomla! TurtuShout Component SQL Injection Vulnerability
http://www.securityfocus.com/bid/36414
Joomla! djCatalog Component Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/36412
eFront 'database.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/36411
EasyMail Objects 'emimap4.dll' ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36409
VMware Movie Decoder VMnc Codec Multiple Heap Overflow Vulnerabilities
http://www.securityfocus.com/bid/36290
VMware Hosted Products VMSA-2009-0005 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34373
OpenOffice Word Document Table Parsing Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36200
Hero Super Player 3000 M3U Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/27478
BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36407
Wireshark 1.2.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36408
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36314
Opera Unspecified Security Bypass Vulnerability
http://www.securityfocus.com/bid/36418
IP3 NetAccess Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36410
Mozilla Firefox MFSA 2009-47, -48, -49, -50, -51 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36343
Google Chrome prior to 3.0.195.21 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36416
Linux Kernel 'perf_counter_open()' Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36423
Linux Kernel 'find_ie()' Function Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36421
MyPHPDating 'success_story.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/31763
NetArt Media iBoutique.MALL 'cat' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36404
VLC Media Player CUE File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36403
Adobe Shockwave Player ActiveX Control 'PlayerVersion' Property Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36434
Drupal OpenID Module Access Validation and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/36432
Drupal Arbitrary File Upload and Session Fixation Vulnerabilities
http://www.securityfocus.com/bid/36431
NetBSD 'IRET' General Protection Fault Handling Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36430
Drupal Comment RSS Module Node Title Access Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/36429
Drupal Date Module 'date' CCK Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/36428
Notepad++ 'C' and 'CPP' File Handling Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36426
SaphpLesson 'CLIENT_IP' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36422
Changetrack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36420
FFmpeg 'vmd_read_header()' VMD File Integer Overflow Vulnerability
http://www.securityfocus.com/bid/36419
0 件のコメント:
コメントを投稿