Taglibs is retired
http://jakarta.apache.org/site/news/news-2009-q4.html#20091004.1
Kernel release: 2.6.32-rc3
http://www.linux.org/news/2009/10/04/0001.html
コンピュータウイルス・不正アクセスの届出状況[9月分および第3四半期]について
http://www.ipa.go.jp/security/txt/2009/10outline.html
SQLインジェクション攻撃を仕掛けるウイルス再び、Webサイトを改ざん
トレンドマイクロが警告、2008年7月に国内外で大きな被害
http://itpro.nikkeibp.co.jp/article/NEWS/20091005/338334/?ST=security
「ウイルス情報をXML形式で共有」、業界団体が標準化作業
マカフィーが「IEEE ICSG」の進捗を報告、メーカー4社が実験中
http://itpro.nikkeibp.co.jp/article/NEWS/20091005/338359/?ST=security
JVNDB-2009-002064 IBM WebSphere Application Server におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002064.html
JVNDB-2009-002063 z/OS 上で稼働する IBM WebSphere Application Server の System Management/Repository コンポーネントにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002063.html
JVNDB-2009-002062 IBM WebSphere Application Server の System Management/Repository コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002062.html
JVNDB-2009-002061 IBM WebSphere Application Server の Migration コンポーネントにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002061.html
JVNDB-2009-002060 IBM WebSphere Application Server の Servlet Engine/Web Container コンポーネントにおける認証を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002060.html
JVNDB-2009-002059 IBM WebSphere Application Server の Web Services 機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002059.html
JVNDB-2009-002058 IBM WebSphere Application Server の Security コンポーネントにおける CSIv2 アクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002058.html
JVNDB-2009-001966 Adobe Flash Player および Adobe AIR における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001966.html
JVNDB-2009-001965 Adobe Flash Player および Adobe AIR の AVM2 abcFile パーサにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001965.html
JVNDB-2009-001964 Adobe Flash Player および Adobe AIR における URL 構造解析に関するヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001964.html
JVNDB-2009-001201 PHP の JSON_parser 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001201.html
JVNDB-2009-001200 PHP の php_zip_make_relative_path 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001200.html
JVNDB-2009-001153 OpenSSL におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001153.html
JVNDB-2009-001152 OpenSSL の CMS_verify 関数における不正な署名を正当なものとして処理する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001152.html
JVNDB-2008-002285 PHP の imageRotate 関数における任意のメモリ内容を読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002285.html
+ FreeBSD-SA-09:14.devfs
http://security.freebsd.org/advisories/FreeBSD-SA-09:14.devfs.asc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00016.html
http://securitytracker.com/alerts/2009/Oct/1022983.html
http://www.securityfocus.com/bid/36587
+ FreeBSD-SA-09:13.pipe
http://security.freebsd.org/advisories/FreeBSD-SA-09:13.pipe.asc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00018.html
http://securitytracker.com/alerts/2009/Oct/1022982.html
+ FreeBSD 'kqueue' NULL Pointer Dereference Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36375
FreeBSD-EN-09:05.null
http://security.freebsd.org/advisories/FreeBSD-EN-09:05.null.asc
Solution 268728: Solaris 10 Kernel Update Patches 141414-09/-10 and 141415-09/-10 May Cause a System Panic, Which May Be Misdiagnosed as a Hardware Fault
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268728-1
Kernel release: 2.6.30.9-rc3
http://www.linux.org/news/2009/10/02/0005.html
Kernel release: 2.6.27.36-rc2
http://www.linux.org/news/2009/10/02/0004.html
Kernel release: 2.6.30.9-rc2
http://www.linux.org/news/2009/10/02/0003.html
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20090923-ipsec.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080af8114.html
サイベース、リアルタイム・データ分析アプリケーション「Sybase CEP」を発表
http://www.sybase.jp/detail?id=1065821
RHBA-2009:1474-1: openais bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1474.html
Independent Researcher : Drupal CCK 5.x-1.10 XSS Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30521
SecurityReason.com : libc:fts_*() Multiple Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30523
SuSE : TCP Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30518
VMware : VMware Fusion resolves two security issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30522
Mandriva : backuppc
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30514
Mandriva : graphviz
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30515
Protek Research Lab : {PRL} Novell Edirectory 8.8 SP5 XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30524
Protek Research Lab : {PRL} Cerberus FTP server 3.0.6 Pre-Auth DoS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30525
Red Hat : Important: elinks security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30519
Red Hat : Moderate: xen security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30520
Ubuntu Security Notice : Samba vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30516
Ubuntu Security Notice : OpenOffice.org vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30517
[ MDVSA-2009:255 ] perl-DBD-Pg
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00017.html
FreeBSD Security Advisory FreeBSD-SA-09:14.devfs
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00016.html
FreeBSD Security Advisory FreeBSD-SA-09:13.pipe
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00018.html
[SECURITY] [DSA 1900-1] New PostgreSQL packages fix various problems
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00014.html
[SECURITY] [DSA 1899-1] New strongswan packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00015.html
[SECURITY] [DSA 1898-1] New openswan packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00013.html
VMSA-2009-0013 VMware Fusion resolves two security issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00011.html
google apps googleapps.url.mailto:// uri handler cross-browser remote command execution exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00010.html
[USN-840-1] OpenOffice.org vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00009.html
Cyber Security Awareness Month - Day 4 - Port 20/21 - FTP-data/FTP
http://isc.sans.org/diary.html?storyid=7234
New ISC Feature: One Liner "event notes"
http://isc.sans.org/diary.html?storyid=7264
Samba Security Information Disclosure and DoS
http://isc.sans.org/diary.html?storyid=7267
Cyber Security Awareness Month - Day 3 - Port 5900 - VNC
http://isc.sans.org/diary.html?storyid=7231
Cyber Security Awareness Month - Day 2 - Port 0
http://isc.sans.org/diary.html?storyid=7216
New version of OpenSSH released
http://isc.sans.org/diary.html?storyid=7219
New SysInternal fun for the weekend
http://isc.sans.org/diary.html?storyid=7222
VMware Fusion updates to fixes a couple of bugs
http://isc.sans.org/diary.html?storyid=7225
Verizon New York area issues
http://isc.sans.org/diary.html?storyid=7228
SugarCRM Cross-Site Scripting Vulnerability
http://secunia.com/advisories/36942/
Cerberus FTP "USER" Command Denial of Service
http://secunia.com/advisories/36931/
VMware Fusion Denial of Service and Privilege Escalation
http://secunia.com/advisories/36928/
Linux Kernel 64bit Kernel Register Value Leak
http://secunia.com/advisories/36927/
Google Apps "googleapps.url.mailto" URI Handling Argument Injection
http://secunia.com/advisories/36924/
AOL SuperBuddy ActiveX Control "SetSuperBuddy()" Memory Corruption
http://secunia.com/advisories/36919/
Ubuntu update for samba
http://secunia.com/advisories/36918/
Ubuntu update for openoffice.org
http://secunia.com/advisories/36917/
Red Hat update for elinks
http://secunia.com/advisories/36910/
OSIsoft PI Server Insecure Authentication Process Security Issue
http://secunia.com/advisories/36909/
Serv-U "SITE SET TRANSFERPROGRESS ON" Denial of Service
http://secunia.com/advisories/36873/
FreeBSD devfs/VFS Race Condition Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Oct/1022983.html
FreeBSD kqueue Pipe Race Condition Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Oct/1022982.html
VMware Fusion vmx86 Kernel Extension Bugs Let Local Host OS Users Gain Elevated Privileges and Deny Service on the Host System
http://securitytracker.com/alerts/2009/Oct/1022981.html
Novell eDirectory Input Validation Hole in 'dconserv.dlm' Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Oct/1022979.html
Google Apps "googleapps.url.mailto:" Argument Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2813
AOL SuperBuddy ActiveX Control Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/2812
VMware Fusion Privilege Escalation and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/2811
Samba Information Disclosure and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/2810
Serv-U 'SITE SET TRANSFERPROGRESS ON' Command Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36585
Drupal Service Links Component Content Type Names HTML Injection Vulnerability
http://www.securityfocus.com/bid/36584
AOL SuperBuddy ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36580
Google Apps 'googleapps.url.mailto' Handler Command Injection Vulnerability
http://www.securityfocus.com/bid/36581
SugarCRM Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36583
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36314
DBD::Pg 'pg_getline()' and 'getline()' Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34755
strongSwan IKE Request Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/35178
strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/35452
TCP/IP Protocol Stack Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31545
KeyWorks KeyHelp Module 'keyhelp.ocx' ActiveX Control Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36546
FreeBSD 'kqueue' NULL Pointer Dereference Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36375
FreeBSD 'devfs' and 'VFS' Interaction NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36587
Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038
Apple iTunes '.pls' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36478
RETIRED: FreeBSD Pipes 'close()' Function Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36586
Linux Kernel 'udp_sendmsg()' MSG_MORE Flag Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36108
Linux Kernel 64-bit Kernel Register Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36576
Multiple Vendor libc 'fts.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/34008
Alkacon OpenCms Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/35979
VMware Fusion Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36579
VMware Fusion Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36578
0 件のコメント:
コメントを投稿