+ GNU Patch 2.6 released
http://ftp.gnu.org/gnu/patch/
InterScan Messaging Security Suite 7.0 Solaris 版 Service Pack1 Patch1 リパック版公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1325
ソフマップ、見ている前で完全破壊する「ハードディスク破壊サービス」開始
http://itpro.nikkeibp.co.jp/article/NEWS/20091130/341261/?ST=security
「1カ月120ドルでボットネット構築を支援」、新手のサービスが出現
RSAセキュリティが報告、「ボットのアップデートもサポート」
http://itpro.nikkeibp.co.jp/article/NEWS/20091130/341276/?ST=security
JVNDB-2009-002279 Oracle Database の Auditing コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002279.html
JVNDB-2009-002278 Oracle Database の Data Pump コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002278.html
JVNDB-2009-002277 Oracle Database の Oracle Text コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002277.html
JVNDB-2009-002276 Oracle Database の Advanced Queuing コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002276.html
JVNDB-2009-002275 Oracle Database の Authentication コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002275.html
JVNDB-2009-002274 Oracle Database の Authentication コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002274.html
簡単な操作で製品のバージョンをチェックできる
「MyJVNバージョンチェッカ」を公開
http://www.ipa.go.jp/security/vuln/documents/2009/200911_myjvn_vc.html
セキュリティ検査言語OVAL概説
http://www.ipa.go.jp/security/vuln/OVAL.html
Distributed Wordpress admin account cracking
http://isc.sans.org/diary.html?storyid=7663
+ OpenLDAP 2.4.20 available
http://www.openldap.org/software/download/
http://www.openldap.org/software/release/
HPSBUX02482 SSRT090249 rev.1 - OpenSSLを実行するHP-UX、リモート未許可データ注入、サービス拒否(DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01946041-1
FreeBSD 8.0-RELEASE Announcement
http://www.freebsd.org/releases/8.0R/pressrelease.html
Document ID: 333481: Resize Volume error : Error V-76-58645-614 The Shrink Volume operation does not support NTFS volumes greater than 2TB
http://seer.entsupport.symantec.com/docs/333481.htm
YouTubeに「詐欺動画」出現、警告に見せかけて特定サイトへ誘導
「このビデオは表示できません」、動画中に偽警告を表示
http://itpro.nikkeibp.co.jp/article/NEWS/20091127/341202/?ST=security
A Cloudy Weekend
http://isc.sans.org/diary.html?storyid=7660
Joomla LyftenBloggie Component "author" SQL Injection Vulnerability
http://secunia.com/advisories/37499/
Ubuntu update for php5
http://secunia.com/advisories/37498/
Gentoo update for PEAR-Net_Traceroute
http://secunia.com/advisories/37497/
DotNetNuke Cross-Site Scripting and Information Disclosure
http://secunia.com/advisories/37480/
RADIO istek scripti Information Disclosure Security Issue
http://secunia.com/advisories/37478/
Joomla GCalendar Component "gcid" SQL Injection
http://secunia.com/advisories/37476/
XM Easy Personal FTP Server Denial of Service Vulnerability
http://secunia.com/advisories/37473/
Robo-FTP Response Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/37452/
Sun Java Runtime Environment Deployment Toolkit Plugin Launch Method Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Nov/1023244.html
IBM DB2 dasauto Command Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Nov/1023242.html
RHBA-2009:1614-1: curl bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1614.html
Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196
Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35263
Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193
Apache Tomcat XML Parser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35416
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118
PHP 'proc_open()' 'safe_mode_protected_env_var' Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/37138
KDE Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/36845
PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37079
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
TrackerCam Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/12592
phpBazar 'classified.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/37144
Robo-FTP Client Server Response Handling Unspecified Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37143
Ruby on Rails 'strip_tags()' Non-Printable Character Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37142
GCalendar Joomla! Component 'gcid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37141
LyftenBloggie Joomla! Component 'pid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37140
0 件のコメント:
コメントを投稿