+ Linux kernel 2.6.31.5 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5
HPSBUX02466 SSRT090192 rev.1 - Tomcat Servlet Engineを実行するHP-UX、リモートサービス拒否(DoS)、未許可アクセス
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01910408-1
HPSBUX02465 SSRT090192 rev.1 - Apache-based Web Serverを実行するHP-UX、リモートサービス拒否(DoS)、クロスサイトスクリプティング(XSS)、未許可アクセス
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01910407-1
Kernel release: 2.6.27.38
http://www.linux.org/news/2009/10/22/0001.html
Devel-NYTProf-2.10_90 released
http://search.cpan.org/~timb/Devel-NYTProf-2.10_90/
JVNDB-2009-002139 Apple Mac OS の Wiki Server におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002139.html
JVNDB-2009-002138 Apple Mac OS の SMB サブシステムにおけるファイル共有の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002138.html
JVNDB-2009-002137 Apple Mac OS の Launch Services における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002137.html
JVNDB-2009-002136 Apple Mac OS の Launch Services における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002136.html
JVNDB-2009-002135 Apple Mac OS の ImageIO における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002135.html
JVNDB-2009-002134 Apple Mac OS の CUPS における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002134.html
JVNDB-2009-002133 Apple Mac OS の CoreGraphics における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002133.html
JVNDB-2009-002132 Apple Mac OS の ColorSync における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002132.html
JVNDB-2009-002057 Linux kernel の udp_sendmsg 関数における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002057.html
JVNDB-2009-002056 Linux kernel における proto_ops 構造体の初期化処理に関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002056.html
JVNDB-2009-002018 libxml2 および libxml の Notation または Enumeration 属性タイプの処理におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002018.html
JVNDB-2009-002017 libxml2 および libxml における DTD 内の要素宣言の処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002017.html
Snort IPv6 Processing Denial of Service Vulnerability
http://secunia.com/advisories/37135/
Drupal FileField Module Security Bypass
http://secunia.com/advisories/37130/
Drupal Abuse Module Script Insertion Vulnerability
http://secunia.com/advisories/37129/
Drupal Simplenews Statistics Module Multiple Vulnerabilities
http://secunia.com/advisories/37128/
Drupal vCard Module Script Insertion Vulnerability
http://secunia.com/advisories/37127/
Typo3 Multiple Vulnerabilities
http://secunia.com/advisories/37122/
IBM HTTP Server "mod_proxy_ftp" Two Vulnerabilities
http://secunia.com/advisories/37116/
Debian update for mapserver
http://secunia.com/advisories/37111/
Gentoo update for pidgin
http://secunia.com/advisories/37071/
+ MySQL Community Server 5.1.40 has been released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-40.html
+ Linux kernel 2.6.27.38 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.38
- Cisco Security Advisory: IOS HTTP Server Command Injection Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20051201-http.shtml
+ RHSA-2009:1522-1: Moderate: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2009-1522.html
+ Linux Kernel NFSV4 CallbackClient NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36794
+ Linux Kernel Keyring 'refcount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36793
+ Linux Kernel 'get_random_int' Random Number Generation Weakness
http://www.securityfocus.com/bid/36788
+ Linux kernel 'O_EXCL' NFSv4 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36472
- Linux Kernel Multiple Protocols Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36176
- Linux Kernel 'net/llc/af_llc.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36126
[ntp:announce] NTP 4.2.5p236-RC Released
http://www.ntp.org/downloads.html
HIPER - S0C4 Abends May Occur When Running the VTCS Configuration (CONFIG) Utility
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270473-1
Testing Needed: Strawberry October 2009 BioPerl
http://use.perl.org/articles/09/10/22/1355218.shtml
Fix Pack 6.0.2.8 for WebSphere MQ V6.0 is available.
http://www-01.ibm.com/support/docview.wss?rs=171&context=SSFKSJ&context=SSEP7X&dc=D600&uid=swg21398961&loc=en_US&cs=UTF-8&lang=en
Document ID: 334286: Veritas Storage Foundation High Availability for Windows 5.1 (SFWHA) and Veritas Cluster Server 5.1 for Windows (VCS) updated System Center Operations Manager 2007 (SCOM) Management Packs (MP)
http://seer.entsupport.symantec.com/docs/334286.htm
Independent Researcher : Everfocus EDR1600 remote authentication bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30707
Ubuntu Security Notice : Linux kernel vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30705
Mandriva : ocaml-camlimages
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30702
NGSSoftware : Anonymous Remote Arbitrary Code Execution in Alien Arena 7.30
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30709
Ubuntu Security Notice : poppler vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30703
Ubuntu Security Notice : Elinks vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30704
US-CERT : Oracle Updates for Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30706
waraxe : Remote File Disclosure in Vivvo CMS 4.1.5.1
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30708
{PRL} Pegasus Mail client BoF
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00169.html
{PRL} Eureka Mail client BoF
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00168.html
Avast! Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00167.html
[ MDVSA-2009:287 ] xpdf
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00166.html
Everfocus EDR1600 remote authentication bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00165.html
Call for Papers: Conference on Cyber Conflict, Estonia
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00164.html
Corsaire White Paper: Attacking Magstripe Gift Cards
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00162.html
[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00163.html
Drupal Moodle Course List Module SQL Injection Vulnerability
http://secunia.com/advisories/37126/
Drupal Organic Groups Vocabulary Module Script Insertion Vulnerability
http://secunia.com/advisories/37125/
Drupal Flag Content Module Script Insertion Vulnerability
http://secunia.com/advisories/37124/
Drupal Userpoints Module Security Bypass
http://secunia.com/advisories/37123/
HP-UX Apache Web Server Suite Tomcat Multiple Vulnerabilities
http://secunia.com/advisories/37120/
Alien Arena "M_AddToServerList()" Buffer Overflow Vulnerability
http://secunia.com/advisories/37118/
Ubuntu update for poppler
http://secunia.com/advisories/37114/
Ubuntu update for elinks
http://secunia.com/advisories/37112/
Sahana disaster management system "mod" Local File Inclusion Vulnerability
http://secunia.com/advisories/37109/
Everfocus EDR1600 Authentication Bypass Vulnerability
http://secunia.com/advisories/37108/
Ubuntu update for kernel
http://secunia.com/advisories/37105/
Amiro.CMS Cross-Site Scripting and Information Disclosure Vulnerabilities
http://secunia.com/advisories/37065/
httpdx Source Code Disclosure Vulnerability
http://secunia.com/advisories/37063/
Windows Kernel Multiple Vulnerabilities
http://www.securiteam.com/windowsntfocus/6R00N0KPPY.html
Microsoft Windows Local Security Authority Integer Overflow Vulnerability
http://www.securiteam.com/windowsntfocus/6S00O0KPPU.html
Microsoft Windows ActiveX Indexing Service Memory Corruption Vulnerability
http://www.securiteam.com/windowsntfocus/6Q00M0KPPG.html
Windows CryptoAPI Null Truncation and Integer Overflow Vulnerabilities
http://www.securiteam.com/unixfocus/6P00L0KPPM.html
Mongoose Request Handling Source Code Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/3004
httpdx Request Handling Source Code Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/3003
vCard for Drupal "theme_vcard()" Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3002
Moodle Course List for Drupal Unspecified SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/3001
OG Vocabulary for Drupal Group Title Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2009/3000
Flag Content Module for Drupal Reason Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/2999
Userpoints Module for Drupal Unspecified Information Ddisclosure Issue
http://www.vupen.com/english/advisories/2009/2998
Alien Arena "M_AddToServerList()" Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2997
HP-UX Security Update Fixes Tomcat Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2009/2996
IBM OS/400 Apache mod_proxy Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2995
South River WebDrive Service Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2009/2994
PHP 5 'posix_access()' Function 'safe_mode' Bypass Directory Traversal Vulnerability
http://www.securityfocus.com/bid/29797
PHP SAPI 'php_getuid()' Safe Mode Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/32688
PHP 5.2.5 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/29009
PHP 'imageRotate()' Uninitialized Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33002
PHP 'chdir()' and 'ftok()' 'safe_mode' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/29796
PCRE Regular Expression Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30087
PHP 'rfc822_write_address()' Function Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/29829
Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
http://www.securityfocus.com/bid/26663
Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/27234
Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
http://www.securityfocus.com/bid/29653
Cisco IOS HTTP Service CDP Status Page HTML Injection Vulnerability
http://www.securityfocus.com/bid/16291
Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/30560
Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness
http://www.securityfocus.com/bid/19661
Apache Mod_AutoIndex.C Undefined Charset Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/25653
Apache Tomcat XML Parser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35416
Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193
Adobe Acrobat Reader Firefox Plugin Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36669
Adobe Photoshop Elements Active File Monitor Service Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36542
Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35263
Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196
Linux Kernel NFSV4 CallbackClient NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36794
Linux Kernel Keyring 'refcount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36793
Linux Kernel 2.4 and 2.6 Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36304
Linux Kernel 'get_random_int' Random Number Generation Weakness
http://www.securityfocus.com/bid/36788
Linux Kernel eCryptfs Lower Dentry Null Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36639
Linux Kernel KVM 'kvm_emulate_hypercall()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36512
Linux Kernel AppleTalk Driver IP Over DDP Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36379
Linux kernel 'O_EXCL' NFSv4 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36472
Linux Kernel Multiple Protocols Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36176
Linux Kernel 'udp_sendmsg()' MSG_MORE Flag Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36108
Linux Kernel 'drivers/scsi/sg.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/36238
Linux Kernel PA-RISC EEPROM Driver Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36004
Linux Kernel 'net/llc/af_llc.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36126
Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35929
Linux Kernel with SELinux 'mmap_min_addr' Low Memory NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36051
Linux Kernel 'clear_child_tid()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35930
Linux Kernel SGI GRU Driver Off By One Vulnerability
http://www.securityfocus.com/bid/35753
Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703
Linux Kernel 'posix-timers.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/35976
Kleopatra Malformed Certificate Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36781
Alien Arena 'M_AddToServerList()' UDP Packet Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36782
Vivvo CMS 'files.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36783
Links, ELinks 'smbclient' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/21082
ELinks 'entity_cache' HTML File Off By One Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36574
Drupal FileField Module Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36792
PHP ZipArchive::extractTo() '.zip' Files Directory Traversal Vulnerability
http://www.securityfocus.com/bid/32625
PHP 'error_log' Safe Mode Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/32383
PHP Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/30649
PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31612
Drupal Abuse Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36791
PHP 'mbstring' Extension Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32948
Drupal Simplenews Statistics Module Multiple Vulnerabilities
http://www.securityfocus.com/bid/36790
Drupal vCard Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36789
Drupal Moodle Course List Module Unspecified SQL Injection Vulnerability
http://www.securityfocus.com/bid/36787
Drupal Userpoints Module 'userpoint' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36786
Drupal Flag Content Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/36785
Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability
http://www.securityfocus.com/bid/36784
0 件のコメント:
コメントを投稿