Linux kernel: next-20091001
http://git.kernel.org/?p=linux/kernel/git/next/linux-next.git;a=summary
Linux kernel 2.6.32-rc1-git1
http://www.kernel.org/diff/diffview.cgi?file=/pub/linux/kernel//v2.6/snapshots/patch-2.6.32-rc1-git1.bz2
Linux Is Bloated. Does Anyone Care?
http://www.linux.org/news/2009/09/30/0002.html
Will Linux ever be a popular desktop system? Take the poll
http://www.linux.org/news/2009/09/30/0001.html
ダメージクリーンナップエンジン 6.2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1307
InterScan Web Security Virtual Appliance 3.1 Patch 2 ならびに OS Patch 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1305
JVNDB-2009-002052 IBM WebSphere Application Server におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002052.html
JVNDB-2009-002051 IBM DB2 の db2jds におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002051.html
JVNDB-2009-002050 IBM DB2 におけるアクセスをされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002050.html
JVNDB-2009-002049 IBM DB2 の Security コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002049.html
JVNDB-2009-002048 libpurple における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002048.html
JVNDB-2009-002047 Sun Solaris の Kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002047.html
JVNDB-2009-001981 Mozilla Firefox におけるアドレスバーを偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001981.html
JVNDB-2009-001957 Mozilla NSS における X.509 証明書を偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001957.html
JVNDB-2009-001956 複数の Mozilla 製品 における任意の SSL サーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001956.html
JVNDB-2008-001004 PostgreSQL の index() 関数における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001004.html
OSIsoft PI Server Authentication Flaw Lets Remote Users View/Modify Data
http://securitytracker.com/alerts/2009/Sep/1022972.html
IBM Tivoli Composite Application Manager Input Validation Hole Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Sep/1022970.html
OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Sep/1022967.html
+ DeleGate 9.9.5 released
http://www.delegate.org/mail-lists/delegate-en/4595
+ Solution 267628: Security Vulnerability in Samba (SAMBA(7)) May Allow Unauthorized Changes to Access Control Lists (ACL)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-267628-1
+ Solution 266688: Security Vulnerabilities in libxml2 Library Related to Parsing of Element Declarations, Notation and Enumeration Attribute Types may Lead to a Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266688-1
+ HPSBUX02421 SSRT090047 rev.2 - HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01717795-2
+ Struts 2.1.8 released
http://struts.apache.org/download.cgi#struts218
+ Solution 263388: Security Vulnerabilities in Solaris IP(7P) Module and STREAMS Framework May Lead to a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263388-1
http://www.securityfocus.com/bid/36562
+ PHP 'tempname()' 'safe_mode' Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/36555
+ PHP 'posix_mkfifo()' 'open_basedir' Restriction Bypass Vulnerability
http://www.securityfocus.com/bid/36554
+ Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36552
Cisco Security Advisory: Cisco IOS Software Tunnels Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml
Independent Researcher : MD5 hash extension attack breaks API authentication of Flickr and other online services
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30503
Independent Researcher : gameforge.de gaming platform (validated for: kingsage.gr) authentication bypass (using hashed values
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30504
ついに登場、マイクロソフトの無料ウイルス対策ソフト日本語版
日本を含む19カ国で提供開始、「エンジンやパターンは企業向け製品と同じ」
http://itpro.nikkeibp.co.jp/article/NEWS/20091001/338177/?ST=security
[ MDVSA-2009:177 ] postgresql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00250.html
[ MDVSA-2009:176 ] postgresql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00249.html
=?us-ascii?Q?C4_SCADA_Security_Advisory_-_OSISoft_PI_Server_Authenticatio?= =?us-ascii?Q
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00248.html
US-CERT Technical Cyber Security Alert -- New US-CERT PGP Key
http://www.derkeiler.com/Mailing-Lists/Cert/2009-09/msg00001.html
MD5 hash extension attack breaks API authentication of Flickr and others
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00247.html
To install AV, or Malware - That is the Question
http://isc.sans.org/diary.html?storyid=7207
Cyber Security Awareness Month - Day 1 - Port 445 - SMB over TCP
http://isc.sans.org/diary.html?storyid=7210
EMC Captiva QuickScan Pro KeyHelp ActiveX Buffer Overflow
http://secunia.com/advisories/36914/
FlatPress "user" Local File Inclusion
http://secunia.com/advisories/36907/
IBM Installation Manager "iim" URI Handling Argument Injection
http://secunia.com/advisories/36906/
KeyWorks KeyHelp ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/36905/
Oracle Document Capture BlackIceDEVMODE Arbitrary Command Execution
http://secunia.com/advisories/36902/
IBM Tivoli Composite Application Manager for WebSphere Cross-Site Scripting
http://secunia.com/advisories/36901/
Adobe Photoshop Elements Active File Monitor Service Privilege Escalation
http://secunia.com/advisories/36895/
IBM AIX NFSv4 Two Vulnerabilities
http://secunia.com/advisories/36894/
Red Hat update for kernel
http://secunia.com/advisories/36891/
Activedition Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/36851/
BIGACE Web CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/36524/
Linux Kernel md Driver Null Pointer Dereference Bug Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Sep/1022961.html
Linux Kernel execve() Bug May Let Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Sep/1022960.html
Linux Kernel do_sigaltstack() Lets Local Users Obtain Portions of Kernel Memory
http://securitytracker.com/alerts/2009/Sep/1022959.html
Adobe Photoshop Elements Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Sep/1022963.html
JUNOS J-Web Input Validation Holes Permit Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Sep/1022962.html
Adobe Photoshop Elements Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2009/2798
IBM Tivoli Composite Application Manager Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/2797
Oracle Document Capture BlackIce DEVMODE ActiveX Vulnerabilities
http://www.vupen.com/english/advisories/2009/2796
EMC Captiva QuickScan KeyHelp ActiveX Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2795
BlackIce DEVMODE ActiveX Control Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2794
KeyWorks KeyHelp ActiveX Control Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2793
IBM Installation Manager "iim:" URI Remote Library Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2792
RHBA-2009:1468-2: autofs bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1468.html
RHEA-2009:1467-1: tzdata enhancement update
http://rhn.redhat.com/errata/RHEA-2009-1467.html
RHSA-2009:1470-1: Moderate: openssh security update
http://rhn.redhat.com/errata/RHSA-2009-1470.html
Drupal Shared Sign On Module Cross-Site Request Forgery and Session Fixation Vulnerabilities
http://www.securityfocus.com/bid/36563
Drupal Boost Module Arbitrary Directory Creation Vulnerability
http://www.securityfocus.com/bid/36561
Perl IO::Socket::SSL 'verify_hostname_of_cert()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/35587
Sun Solaris IP(7P) Module and STREAMS Framework Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36562
Drupal Bibliography Module Unspecified HTML Injection Vulnerability
http://www.securityfocus.com/bid/36560
Drupal Dex Unspecified HTML Injection Vulnerability
http://www.securityfocus.com/bid/36559
Drupal Organic Groups 'Group Nodes' HTML Injection Vulnerability
http://www.securityfocus.com/bid/36558
Drupal Browscap Module User Agent Strings HTML Injection Vulnerability
http://www.securityfocus.com/bid/36557
Drupal XML Sitemap Link Paths HTML Injection Vulnerability
http://www.securityfocus.com/bid/36556
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36314
Xerox WorkCentre Web Services Extensible Interface Platform Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/36177
OSISoft PI System Encryption Security Bypass Vulnerability
http://www.securityfocus.com/bid/36553
Squid Web Proxy Cache Authentication Header Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36091
PHP 'tempname()' 'safe_mode' Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/36555
PHP 'posix_mkfifo()' 'open_basedir' Restriction Bypass Vulnerability
http://www.securityfocus.com/bid/36554
Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038
Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35281
Linux Kernel 'udp_sendmsg()' MSG_MORE Flag Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36108
Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36552
Cisco IOS Software Tunnels Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/36500
IBM Installation Manager 'iim://' URI Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36549
IBM Tivoli Composite Application Manager for WebSphere Unspecified Cross-Site Scripting
http://www.securityfocus.com/bid/36551
HP LoadRunner XUpload.ocx ActiveX Control 'MakeHttpRequest()' Arbitrary File Download Vulnerability
http://www.securityfocus.com/bid/36550
Interspire Knowledge Manager 'p' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36541
Novell NetWare NFS Portmapper and RPC Module Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36564
0 件のコメント:
コメントを投稿