Jakarta BSF 3.0 released
http://jakarta.apache.org/site/news/news-2009-q4.html#20091009.1
NTP 4.2.5p230-RC
http://archive.ntp.org/ntp4/ChangeLog-dev
Independent Researcher : FreeBSD 6.4 pipeclose()/knlist_cleardel() race condition exploit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30568
Independent Researcher : DreamPoll 3.1 Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30574
Independent Researcher : BMW 'inventory.php"<= SQL Injection Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30575
Independent Researcher : Remote buffer overflow in httpdx
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30576
Mandriva : mozilla-thunderbird
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30557
Mandriva : mozilla-thunderbird
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30558
Mandriva : snort
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30560
Ubuntu Security Notice : mimeTeX vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30561
Ubuntu Security Notice : Pan vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30562
Debian : New graphicsmagick packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30563
DSecRG : SAP GUI vsflexGrid ActiveX - Buffer Overflow vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30572
DSecRG : HP LaserJet printers - Multiple Stored XSS vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30573
HexView : HP LaserJet Printers, HP Color LaserJet Printers, Remote Cross Site Scripting (XSS)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30571
iDEFENSE : IBM AIX rpc.cmsd Stack Buffer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30566
Independent Researcher : Riorey "RIOS" Hardcoded Password Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30567
Independent Researcher : BulletProof FTP Client Buffer Overflow (SEH)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30570
Mandriva : openssl
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30559
Red Hat : Moderate: postgresql security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30565
RedHat : Moderate: postgresql security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30564
Using the VMware SCSI Disk Driver for Windows Guest Operating Systems
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1006956&sliceId=1&docTypeID=DT_KB_1_1
Restarting the Management agents on an ESX or ESXi Server
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1003490&sliceId=1&docTypeID=DT_KB_1_1
VerizonとMcAfeeが戦略的提携,クラウド型セキュリティ・サービスを共同開発へ
http://itpro.nikkeibp.co.jp/article/NEWS/20091009/338658/?ST=security
JVNDB-2008-002424 MySQL のコマンドラインクライアントにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002424.html
JVNDB-2008-002423 MySQL におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002423.html
JVNDB-2009-002081 RHEL の GDM 用の Red Hat build スクリプトにおけるアクセス制限を回避可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002081.html
JVNDB-2008-002422 fence および cman の fence_apc および fence_apc_snmp プログラムにおけるシンボリックリンク攻撃の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002422.html
JVNDB-2009-002080 OpenSSL の dtls1_retrieve_buffered_fragment 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002080.html
JVNDB-2008-002421 nfs-utils における TCP Wrapper に関するアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002421.html
JVNDB-2008-002420 eCryptfs の ecryptfs-utils における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002420.html
JVNDB-2007-001198 lftp の mirror --script における任意のシェルコマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001198.html
JVNDB-2009-001979 Mozilla Firefox などの製品で利用される libvorbis における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001979.html
JVNDB-2009-001976 Linux kernel の eCryptfs サブシステムにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001976.html
JVNDB-2009-001975 Linux kernel の eCryptfs サブシステムにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001975.html
JVNDB-2009-001974 Linux kernel の personality サブシステムにおける NULL ポインタ参照の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001974.html
JVNDB-2009-001973 Linux kernel の ptrace_start 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001973.html
JVNDB-2009-001876 Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001876.html
JVNDB-2008-002311 Linux カーネルの libata におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002311.html
JVNDB-2008-001973 Linux kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001973.html
JVNDB-2007-001184 Linux kernel の hrtimer_start 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001184.html
HP-UX Running Kerberos Denial of Service and Execution of Arbitrary Code
http://www.securiteam.com/unixfocus/6G0012APPE.html
Novell NetWare NFS Portmapper and RPC Module Stack Overflow Vulnerability
http://www.securiteam.com/unixfocus/6H0022APPC.html
OSISoft PI Server Authentication Weakness
http://www.securiteam.com/unixfocus/6I0032APPO.html
Flickr API Authentication Hash Extension Attack
http://www.securiteam.com/securitynews/6J0042APPS.html
Ubuntu update for devscripts
http://secunia.com/advisories/36987/
Ubuntu update for icu
http://secunia.com/advisories/36984/
Disk2vhd v1.0
http://blogs.technet.com/sysinternals/archive/2009/10/07/new-tool-disk2vhd-v1-0.aspx
Cyber Security Awareness Month - Day 9 - Port 3389/tcp (RDP)
http://isc.sans.org/diary.html?storyid=7303
+ Linux Kernel eCryptfs Lower Dentry Null Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36639
+ Linux Kernel 'net/ax25/af_ax25.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36635
Microsoft Security Bulletin Advance Notification for October 2009
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
[ANNOUNCE] PostgreDAC ver.2.5.3 released
http://microolap.com/products/connectivity/postgresdac/download/
[ANNOUNCE] PGLogAnalysis version 0.5 is released
http://code.google.com/p/pgloganalysis/
[ANNOUNCE] Apache Tuscany SCA Java 1.5.1 released
http://tuscany.apache.org/sca-java-releases.html
Postfix 2.7 Snapshot 20091008
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.7-20091008.HISTORY
Changes in MySQL 5.1.40 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-40.html
Measuring copy-on-write on Linux
http://use.perl.org/articles/09/10/08/196225.shtml
対策ソフトを使っていない人は「Security Essentials」を――MSが推奨
セキュリティチームが無料対策ソフトを解説、「Windows Defenderを包含」
http://itpro.nikkeibp.co.jp/article/NEWS/20091008/338637/?ST=security
QuickCart Multiple vlunerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00063.html
[USN-846-1] ICU vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00062.html
vBulletin - Multiple Versions - Cross Site Script Redirection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00061.html
WASC Announcement: Announcing the Web Application Security Scanner Evaluation Criteria v1
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00060.html
FreeBSD 7.2 VFS/devfs race condition exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00059.html
[ MDVSA-2009:217-2 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00057.html
FreeBSD 6.4 pipeclose()/knlist_cleardel() race condition exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00058.html
[ MDVSA-2009:217-1 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00056.html
[USN-845-1] Pan vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00055.html
[USN-844-1] mimeTeX vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00054.html
BMW inventory.php"<= SQL Injection Vulnerability http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00053.html
Remote buffer overflow in httpdx
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00051.html
[ MDVSA-2009:259 ] snort
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00052.html
DreamPoll 3.1 Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00050.html
RHBA-2009:1487-1: OpenIPMI bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1487.html
RHSA-2009:1490-1: Moderate: squirrelmail security update
http://rhn.redhat.com/errata/RHSA-2009-1490.html
Firefox Plugin Collections
http://isc.sans.org/diary.html?storyid=7291
Cyber Security Awareness Month - Day 8 - Port 25 - SMTP
http://isc.sans.org/diary.html?storyid=7294
New Adobe Vulnerability Exploited in Targeted Attacks
http://isc.sans.org/diary.html?storyid=7300
Red Hat update for postgresql
http://secunia.com/advisories/36995/
Xlpd LPD Requests Buffer Overflow Vulnerabilities
http://secunia.com/advisories/36989/
VMware Authorization Service Denial of Service Vulnerability
http://secunia.com/advisories/36988/
Red Hat update for postgresql
http://secunia.com/advisories/36982/
IBM AIX rpc.cmsd Buffer Overflow Vulnerability
http://secunia.com/advisories/36978/
Free WMA MP3 Converter WAV Processing Buffer Overflow
http://secunia.com/advisories/36975/
HP LaserJet Printers / Digital Senders Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/36969/
AfterLogic WebMail Pro "history-storage.aspx" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/36964/
Debian update for graphicsmagick
http://secunia.com/advisories/36946/
IBM AIX and VIOS "rpc.cmsd" Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2846
Sun VirtualBox "VBoxNetAdpCtl" Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2009/2845
McAfee Email and Web Security Appliance TCP Denial of Service Issue
http://www.vupen.com/english/advisories/2009/2844
StoneGate Products TCP Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2843
Adobe Acrobat Reader Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36600
FreeBSD 'kqueue' NULL Pointer Dereference Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36375
Debian devscripts 'uscan' Input Validation Vulnerability
http://www.securityfocus.com/bid/36227
SquirrelMail Form Submissions Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/36196
vBulletin 'Home Page' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/36643
FreeBSD 'devfs' and 'VFS' Interaction NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36587
Planet CDATA Filtering HTML Injection Vulnerability
http://www.securityfocus.com/bid/36640
Microsoft October 2009 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/36633
mimeTeX Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36632
Linux Kernel eCryptfs Lower Dentry Null Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36639
International Components for Unicode Invalid Byte Sequence Handling Vulnerability
http://www.securityfocus.com/bid/34974
Linux Kernel 'net/ax25/af_ax25.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36635
Adobe Reader and Acrobat Advance Notification Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/36638
mimeTeX Multiple Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36631
Pan '.nzb' File Parsing Heap Overflow Vulnerability
http://www.securityfocus.com/bid/29421
Pidgin 'msn_slplink_process_msg()' NULL Pointer Dereference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36071
Puppet Supplementary Groups Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36628
Exponent CMS Contact Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36626
Joomla! 'com_recerca' SQL Injection Vulnerability
http://www.securityfocus.com/bid/36627
Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35888
VMware Player and Workstation 'vmware-authd' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36630
Snort Time To Live Fragment Reassembly Security Bypass Weakness
http://www.securityfocus.com/bid/29327
Microsoft Windows Malformed AVI File Parsing Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35970
Microsoft Windows Malformed AVI File Header Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35967
0 件のコメント:
コメントを投稿