+ PHP 5.2.11 Released
http://www.php.net/archive/2009.php#id2009-09-17-1
http://www.php.net/ChangeLog-5.php#5.2.11
Linux Kernel: next-20090918
http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=summary
Linux Kernel: snapshot: 2.6.31-git7
http://www.kernel.org/diff/diffview.cgi?file=/pub/linux/kernel//v2.6/snapshots/patch-2.6.31-git7.bz2
JVN#65914253 複数の phpspot 製品におけるディレクトリトラバーサルの脆弱性
http://jvn.jp/jp/JVN65914253/index.html
JVN#53591199 複数の phpspot 製品におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN53591199/index.html
JVNVU#943657 複数の TCP の実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU943657/index.html
JVNDB-2009-000064 複数の phpspot 製品におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000064.html
JVNDB-2009-000063 複数の phpspot 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000063.html
JVNDB-2009-002019 HP-UX におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002019.html
JVNDB-2009-002018 libxml2 および libxml の Notation または Enumeration 属性タイプの処理におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002018.html
JVNDB-2009-002017 libxml2 および libxml における DTD 内の要素宣言の処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002017.html
Linux Kernel 'perf_counter_open()' Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36423
+ DBD-mysql 4.013 released
http://www.cpan.org/modules/by-module/DBD/DBD-mysql-4.013.readme
+ GNU glibc 'strfmon()' Function Integer Overflow Weaknes
http://www.securityfocus.com/bid/36443
MySQL Server 5.4.2-beta has been released
http://dev.mysql.com/doc/refman/5.4/en/news-5-4-x.html
Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/975497.mspx
RHBA-2009:1435-2: cman enhancement update
http://rhn.redhat.com/errata/RHBA-2009-1435.html
RHSA-2009:1451-1: Moderate: freeradius security update
http://rhn.redhat.com/errata/RHSA-2009-1451.html
Independent Researcher : Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX stack overflow exploit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30409
Independent Researcher : Quiksoft EasyMail 6 (AddAttachment) Remote Buffer Overflow Exploit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30410
Debian : New icu packages correct multibyte sequence parsing
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30407
Google Security Team : Iret #GP on pre-commit handling failuthe NetBSD case
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30408
無料のウイルス対策ソフトに対抗馬、独アバイラが日本語版を提供へ
2009年末までにリリース予定、個人の非商用利用に限る
http://itpro.nikkeibp.co.jp/article/NEWS/20090917/337428/?ST=security
ファイルを“ダウンロード人数”で危険性を警告,ノートン2010製品発売
http://itpro.nikkeibp.co.jp/article/NEWS/20090917/337443/?ST=security
Peiter "Mudge" Zatko petition to be named U.S. Cybersecurity Chief
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00163.html
SEC Consult SA-20090917-0 :: RADactive I-Load Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00159.html
Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX stack overflow exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00158.html
nginx internal DNS cache poisoning
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00155.html
Snort 2.8.5 is out
http://isc.sans.org/diary.html?storyid=7147
Drupal Comment RSS Module Information Disclosure
http://secunia.com/advisories/36787/
Drupal OpenID Module Hijacking and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/36786/
Drupal Session Fixation Vulnerability
http://secunia.com/advisories/36785/
Drupal Multiple Vulnerabilities
http://secunia.com/advisories/36781/
Drupal Date Module Script-Insertion Vulnerability
http://secunia.com/advisories/36776/
NetBSD x86 IRET Pre-Commit Failure Privilege Escalation
http://secunia.com/advisories/36775/
AdsDX "loginname" SQL Injection Vulnerability
http://secunia.com/advisories/36771/
Debian update for icu
http://secunia.com/advisories/36769/
foobla Suggestions for Joomla "idea_id" SQL Injection Vulnerability
http://secunia.com/advisories/36767/
Ubuntu update for freeradius
http://secunia.com/advisories/36765/
Linux Kernel Denial of Service and Privilege Escalation
http://secunia.com/advisories/36763/
VLC Media Player Multiple Buffer Overflow Vulnerabilities
http://secunia.com/advisories/36762/
foobla RSS Feed Creator for Joomla "id" SQL Injection
http://secunia.com/advisories/36748/
Novell GroupWise WebAccess "User.Theme.index" Cross-Site Scripting
http://secunia.com/advisories/36746/
PaoBacheca Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36741/
RSSMediaScript "page" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36740/
PaoLink Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36738/
SaphpLesson "CLIENT_IP" SQL Injection Vulnerability
http://secunia.com/advisories/36737/
Elite Gaming Ladders "platform" SQL Injection Vulnerability
http://secunia.com/advisories/36732/
phpPollScript "include_class" File Inclusion Vulnerability
http://secunia.com/advisories/36730/
RADactive I-Load Multiple Vulnerabilities
http://www.securiteam.com/unixfocus/5AP0C20SAS.html
Quiksoft EasyMail imap onnect() ActiveX Stack Overflow Exploit
http://www.securiteam.com/unixfocus/5ZP0B20SAW.html
HP-UX Running bootpd, Remote Denial of Service Vulnerability
http://www.securiteam.com/unixfocus/5CP0E20SAY.html
Iret Pre-commit Handling Failures With Notes On NetBSD Privilege Elevation
http://www.securiteam.com/securitynews/5BP0D20SAQ.html
Quiksoft EasyMail 6 (AddAttachment) Remote Buffer Overflow Exploit
http://www.milw0rm.com/exploits/9705
Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX BOF Exploit
http://www.milw0rm.com/exploits/9704
Changetrack 4.3-3 Local Privilege Escalation Vulnerability
http://www.milw0rm.com/exploits/9709
phpPollScript "include_class" Remote File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2009/2686
Elite Gaming Ladders "platform" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2685
jLord RSS Feed Creator for Joomla "id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2684
Foobla Suggestions for Joomla "idea_id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2683
AdsDX "loginname" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2682
DJ Studio Pro Playlist Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2681
Multiple BSD Platforms 'strfmon()' Function Integer Overflow Weakness
http://www.securityfocus.com/bid/28479
'com_album' Joomla! Component Local File Include Vulnerability
http://www.securityfocus.com/bid/36441
PowerISO Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36387
Quiksoft EasyMail 'AddAttachment()' Method ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36440
nginx Proxy DNS Cache Domain Spoofing Vulnerability
http://www.securityfocus.com/bid/36438
TCP/IP Protocol Stack Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31545
Changetrack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36420
VLC Media Player Multiple Remote Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36439
Drupal OpenID Module Access Validation and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/36432
Notepad++ 'C' and 'CPP' File Handling Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36426
FFmpeg 'vmd_read_header()' VMD File Integer Overflow Vulnerability
http://www.securityfocus.com/bid/36419
Microsoft JScript Scripting Engine Keyword Arguments Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36224
EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/22583
Drupal Arbitrary File Upload and Session Fixation Vulnerabilities
http://www.securityfocus.com/bid/36431
Drupal Comment RSS Module Node Title Access Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/36429
Drupal Date Module 'date' CCK Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/36428
MyPHPDating 'success_story.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/31763
SaphpLesson 'CLIENT_IP' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36422
FreeRADIUS Zero-length Tunnel-Password Attributes Denial of Service Vulnerability
http://www.securityfocus.com/bid/36263
NetBSD 'IRET' General Protection Fault Handling Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36430
Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36299
Novell GroupWise WebAccess Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/36437
Mozilla Firefox MFSA 2009-47, -48, -49, -50, -51 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36343
Adobe Shockwave Player ActiveX Control 'PlayerVersion' Property Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36434
Oracle Secure Backup CVE-2009-1978 Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/35678
Oracle Secure Backup CVE-2009-1977 Remote Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35672
RETIRED: EasyMail Objects 'emimap4.dll' ActiveX Control Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36435
JForJoomla JReservation Joomla! Component 'pid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36446
OpenSiteAdmin 'pages/pageHeader.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/36445
nePHP Publisher SQL Login SQL Injection Vulnerability
http://www.securityfocus.com/bid/36444
GNU glibc 'strfmon()' Function Integer Overflow Weakness
http://www.securityfocus.com/bid/36443
CF Shopkart 'ItemID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36442
0 件のコメント:
コメントを投稿