プレス発表
暗号モジュール試験及び認証制度の運用の改正について
~暗号モジュールのバージョンアップの際に、簡便な認証制度を導入~
http://www.ipa.go.jp/about/press/20091102-2.html
プレス発表
暗号モジュール試験及び認証制度における新規格への移行について
http://www.ipa.go.jp/about/press/20091102.html
「Windows Enterprise Defender」出現、MS製品に見せかける偽ソフト
ユーザーの「うろ覚え」を突く新手口、インストールすると代金請求
http://itpro.nikkeibp.co.jp/article/NEWS/20091102/339908/?ST=security
JVNDB-2009-002172 Pidgin の XMPP プロトコルプラグインにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002172.html
JVNDB-2009-002171 Pidgin の MSN プロトコルプラグインにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002171.html
JVNDB-2009-002170 Pidgin の libpurple におけるセッションを盗聴される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002170.html
JVNDB-2009-002169 Pidgin の IRC プロトコルプラグインにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002169.html
JVNDB-2009-002168 neon における X.509 証明書の処理に関する任意の SSL サーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002168.html
JVNDB-2009-002167 neon におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002167.html
JVNDB-2008-001939 Microsoft XML コア サービスにおける HTTP リクエストヘッダフィールドの処理に関するクロスドメインの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001939.html
JVNDB-2008-001938 Microsoft XML コア サービスにおける XML ドキュメントの処理に関するクロスドメインの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001938.html
JVNDB-2007-000003 Adobe Acrobat Reader プラグインにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000003.html
JVNDB-2007-000002 Adobe Acrobat Reader プラグインにおける Interent Explorer 使用時のメモリ破壊の脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000002.html
IDN ccTLDs
http://isc.sans.org/diary.html?storyid=7507
+ Security Vulnerability in Solaris Trusted Extensions may Prevent XScreenSaver (xscreensaver(1)) From Running
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270809-1
http://www.securityfocus.com/bid/36891
[ANNOUNCE] Apache Jackrabbit 2.0 beta1 released
http://jackrabbit.apache.org/downloads.html
A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Sun GlassFish Enterprise Server v2.1 may Allow Authentication to be Bypassed
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1
Document ID: 336485: Enhancement to support SCSI (including SCSI-3) persistent disk reservations on shared disks in an SFW storage environment with VCS One.
http://seer.entsupport.symantec.com/docs/336485.htm
Debian : New libhtml-parser-perl packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30772
Independent Researcher : Oracle RDBMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30778
Sense of Security : SafeNet SoftRemote Local Buffer Overflow - Security Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30777
Independent Researcher : 2wire Remote Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30775
Independent Researcher : Mura CMS root folder disclosure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30776
Mandriva : firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30770
Mandriva : jetty5
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30771
Red Hat : Moderate: pidgin security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30773
Red Hat : Moderate: pidgin security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30774
JVNDB-2009-002166 Cisco IOS の Unified CME コンポーネントにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002166.html
JVNDB-2009-002165 Cisco IOS における IKE の証明書認証の処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002165.html
JVNDB-2009-002164 Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002164.html
JVNDB-2009-002163 Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002163.html
JVNDB-2009-002162 Cisco IOS の ACL 機能におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002162.html
JVNDB-2009-002161 Cisco IOS における H.323 パケットの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002161.html
JVNDB-2009-002073 Microsoft IIS の FTP サーバにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002073.html
JVNDB-2009-002072 Microsoft IIS の FTP サーバにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002072.html
JVNDB-2009-001950 Microsoft Visual Studio の ATL における終端文字列の処理に関する重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001950.html
JVNDB-2009-001949 Microsoft Visual Studio の ATL におけるオブジェクトのインスタンス化処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001949.html
JVNDB-2009-001948 Microsoft Visual Studio の ATL における未初期化オブジェクト処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001948.html
{PRL} My Remote File Server Privilege Escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00308.html
CVE-2009-1979 (Oracle RDBMS)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00304.html
PSAtr v1.2 Sql Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00302.html
Windows Media Player Plugin: Local File Detection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00303.html
CubeCart 4 Session Management Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00301.html
com_jumi / jumi 2.0.5 for joomla 1.5 backdoored
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00299.html
SafeNet SoftRemote Local Buffer Overflow - Security Advisory - SOS-09-008
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00296.html
[SECURITY] [DSA 1923-1] New libhtml-parser-perl packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00297.html
[ MDVSA-2009:291 ] jetty5
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00300.html
Cyber Security Awareness Month 2009 - Summary and Links
http://isc.sans.org/diary.html?storyid=7504
Cyber Security Awareness Month - Day 31, ident
http://isc.sans.org/diary.html?storyid=7501
ICANN Strategic Planning (2010-2013) Consultation
http://isc.sans.org/diary.html?storyid=7495
New version of NIST 800-41, Firewalls and Firewall Policy Guidelines
http://isc.sans.org/diary.html?storyid=7498
KDE Bugs Let Remote Users Cause XMLHttpRequests to Be Issued or JavaScript to Be Executed
http://securitytracker.com/alerts/2009/Oct/1023118.html
SafeNet SoftRemote Buffer Overflow in Processing Policy Files May Let Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Oct/1023117.html
2Wire Gateway Can Be Crashed By Remote Users Via a Specially Crafted XLST Request
http://securitytracker.com/alerts/2009/Oct/1023116.html
F-Secure Internet Gatekeeper May Fail to Detect Malware in PDF Files
http://securitytracker.com/alerts/2009/Oct/1023115.html
F-Secure Anti-Virus May Fail to Detect Malware in PDF Files
http://securitytracker.com/alerts/2009/Oct/1023114.html
F-Secure Internet Security May Fail to Detect Malware in PDF Files
http://securitytracker.com/alerts/2009/Oct/1023113.html
OpenBSD getsockopt(2) Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Oct/1023112.html
Wireshark Flaws in RADIUS, DCERPC/NT, Paltalk, and SMB Dissectors Let Remote Users Deny Service
http://securitytracker.com/alerts/2009/Oct/1023111.html
Solaris Trusted Extensions Weakness May Let Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Oct/1023110.html
KDE Multiple Vulnerabilities
http://www.securiteam.com/securitynews/6V00P2KPPS.html
Mozilla Firefox Floating Point Memory Allocation Vulnerability
http://www.securiteam.com/securitynews/6T00N2KPPG.html
Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability
http://www.securiteam.com/securitynews/6S00M2KPPS.html
TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities
http://www.securiteam.com/securitynews/6R00L2KPPS.html
McAfee generic PDF detection bypass
http://www.securiteam.com/securitynews/6U00O2KPPG.html
Debian update for libhtml-parser-perl
http://secunia.com/advisories/37209/
Red Hat update for pidgin
http://secunia.com/advisories/37208/
Drupal CCK Comment Reference Module Security Bypass
http://secunia.com/advisories/37206/
Mura CMS Multiple Vulnerabilities
http://secunia.com/advisories/37194/
Red Hat update for pidgin
http://secunia.com/advisories/37168/
Mambo Cache_Lite Class 'mosConfig_absolute_path' Remote File Include Vulnerability
http://www.securityfocus.com/bid/29716
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
Open Handset Alliance Android SMS Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35886
KDE Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/36845
Mozilla Firefox Download Manager World Writable File Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36852
Mozilla Firefox 'document.getSelect' Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36858
Mozilla Firefox CVE-2009-3380 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36871
Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability
http://www.securityfocus.com/bid/36851
Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
http://www.securityfocus.com/bid/36867
Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038
Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35281
Microsoft Windows Media Player ScriptCommand Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/35335
Linux Kernel 'udp_sendmsg()' MSG_MORE Flag Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36108
HTML-Parser Invalid HTML Entity Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36807
Microsoft Windows Media Player ASF File Processing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36644
Microsoft .NET Framework Type Verification Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36617
Oracle Network Authentication CVE-2009-1979 Security Vulnerability
http://www.securityfocus.com/bid/36747
Microsoft Internet Explorer NULL Byte CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36475
Internet Explorer X.509 Certificate Common Name Encoding Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/36577
Sun Solaris 'xscreensaver(1)' From JDS Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36891
SUSE Linux 'scsi_discovery tool' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/36887
Multiple Intel Desktop Board Models Bitmap Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36886
Multiple BSD Distributions 'printf(3)' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36885
OpenBSD and NetBSD 'printf(1)' Format String Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/36884
'com_jumi' Component for Joomla! Backdoor Vulnerability
http://www.securityfocus.com/bid/36883
CubeCart 'admin.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/36882
0 件のコメント:
コメントを投稿