2009年9月30日水曜日

30日 水曜日、先勝

+ DeleGate 9.9.5 released
http://www.delegate.org/mail-lists/delegate-en/4595

+ Solution 267628: Security Vulnerability in Samba (SAMBA(7)) May Allow Unauthorized Changes to Access Control Lists (ACL)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-267628-1

InterScan Messaging Security Suite 7.1 Linux版 公開とサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1293

JPCERT/CC WEEKLY REPORT 2009-09-30
http://www.jpcert.or.jp/wr/2009/wr093701.html

JVNDB-2009-002046 Adobe ColdFusion におけるセッション固定の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002046.html

JVNDB-2009-002045 Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002045.html

JVNDB-2009-002044 Adobe ColdFusion における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002044.html

JVNDB-2009-002042 Adobe JRun の Management Console におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002042.html

JVNDB-2009-002041 Adobe JRun Application Server の Management Console におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002041.html

JVNDB-2009-002040 Adobe ColdFusion Server におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002040.html

JVNDB-2009-001951 ISC BIND 9 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001951.html

JVNDB-2009-001892 Apache httpd の mod_deflate モジュールにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001892.html

JVNDB-2009-001884 Apache HTTP Server の mod_proxy におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001884.html

JVNDB-2008-002290 fetchmail におけるメールメッセージの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002290.html

JVNDB-2007-001194 fetchmail におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001194.html

Microsoft Security Essentials AV
http://isc.sans.org/diary.html?storyid=7204

IBM AIX NFSv4 Bugs Let Remote and Local Users Access NFSv4 Shares
http://securitytracker.com/alerts/2009/Sep/1022958.html

KVM Missing Privilege Check in kvm_emulate_hypercall() May Let Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Sep/1022956.html

IBM Informix Dynamic Server JDBC Connection Password Processing Flaw Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Sep/1022955.html




+ RHSA-2009:1455-1: Moderate: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2009-1455.html

+ Juniper JUNOS JWeb Multiple Vulnerabilities
http://secunia.com/advisories/36829/
http://www.vupen.com/english/advisories/2009/2784
http://www.securityfocus.com/bid/36537

[ANNOUNCE] Apache Felix Karaf 1.0.0
http://felix.apache.org/site/karaf-100.html

WinRAR-SA-09/29/2009: WinRAR v3.80 - ZIP Filename Spoofing
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30495

RHBA-2009:1464-1: kdelibs bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1464.html

FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00246.html

Adobe Photoshop Elements 8.0 Active File Monitor Service Bad Security Descriptor Local Elevation Of
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00245.html

WinRAR v3.80 - ZIP Filename Spoofing
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00243.html

「ワンタイムパスワードでも防げない」、ブラウザーの乗っ取りが急増
RSAセキュリティが警告、「オンラインバンクの口座から勝手に送金」
http://itpro.nikkeibp.co.jp/article/NEWS/20090930/338084/?ST=security

HP Remote Graphics Software (RGS) Unauthorised Access
http://secunia.com/advisories/36911/

Ubuntu update for dovecot
http://secunia.com/advisories/36904/

IBM DB2 Multiple Vulnerabilities
http://secunia.com/advisories/36890/

TrustPort Products Insecure Default Directory Permissions
http://secunia.com/advisories/36880/

FireFTP Extension for Firefox SFTP Filename Handling Vulnerability
http://secunia.com/advisories/36860/

IBM Informix Dynamic Server Denial of Service
http://secunia.com/advisories/36853/

Juniper JUNOS JWeb Multiple Vulnerabilities
http://secunia.com/advisories/36829/

IBM AIX NFSv4 "gssd" and "nfs_portmon" Unauthorized Access Issues
http://www.vupen.com/english/advisories/2009/2788

IBM DB2 for Linux, UNIX, and Windows Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/2787

IBM Informix Dynamic Server JDBC Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2786

BlackBerry Device Software Certificate Warning Weakness Issue
http://www.vupen.com/english/advisories/2009/2785

JUNOS Multiple Parameter Processing Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/2784

HP Remote Graphics Software Remote Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2009/2783

SAP GUI WebViewer ActiveX Insecure Methods File Overwrite Issues
http://www.vupen.com/english/advisories/2009/2782

Black Ice Printer Driver Resource Toolkit ActiveX Control Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/36548

KeyWorks KeyHelp Module 'keyhelp.ocx' ActiveX Control Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36546

IBM AIX 'gssd' Kerberos Credential Cache Local Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/36545

FlatPress 'userid' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/36543

IBM AIX 'nfs_portmon' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/36544

Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35929

Linux Kernel 'clear_child_tid()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35930

Linux Kernel KVM 'kvm_emulate_hypercall()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36512

Adobe Photoshop Elements Active File Monitor Service Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36542

Interspire Knowledge Manager 'p' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36541

HP Remote Graphics Software (RGS) Sender Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/36534

Juniper Networks JUNOS J-Web Multiple Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/36537

FireFTP Firefox Extension Double Quotes Security Bypass Vulnerability
http://www.securityfocus.com/bid/36536

IBM DB2 Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/36540

IBM Informix Dynamic Server JDBC Long Password Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36538
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)