Timekeeping best practices for Linux guests
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1006427&sliceId=1&docTypeID=DT_KB_1_1
経済産業省、年末年始に向けてセキュリティ管理の注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20091225/342668/?ST=security
JVNDB-2009-002358 富士通 Interstage および Systemwalker 関連製品における SSL セキュリティの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002358.html
JVNDB-2009-002357 Adobe Photoshop Elements における任意のコマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002357.html
JVNDB-2009-002356 Apache Tomcat の Windows インストーラにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002356.html
JVNDB-2009-002184 IBM WebSphere Application Server におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002184.html
JVNDB-2009-002183 IBM WebSphere Application Server における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002183.html
JVNDB-2009-002182 IBM WebSphere Application Server の Eclipse Help におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002182.html
JVNDB-2009-001884 Apache HTTP Server の mod_proxy におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001884.html
JVNDB-2009-001296 IBM Lotus Domino のサーバ内 IMAP タスクにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001296.html
JVNDB-2009-001130 Autonomy KeyView SDK の wp6sr.dll における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001130.html
Did any digital nasties show up under your tree this year?
http://isc.sans.org/diary.html?storyid=7813
CastRipper (.M3U) Stack BOF WinXP SP2
http://www.exploit-db.com/exploits/10646
- Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of Service (DoS) and May Allow Unauthorized Access to Certain Data
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1
- HPSBUX02498 SSRT090264 rev.1 - Apacheを実行するHP-UX、リモートでの未許可データ注入、サービス拒否(DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01964199
Linux kernel 2.6.33-rc2 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc2
Linux kernel 2.6.33-rc1-git4 released
http://www.kernel.org/pub/linux/kernel//v2.6/snapshots/patch-2.6.33-rc1-git4.bz2
相次ぐ「Webウイルス」に緊急警告、Adobe ReaderやFlashを最新版に
国内サイトが次々と改ざん、JR東日本のWebページにも「わな」
http://itpro.nikkeibp.co.jp/article/NEWS/20091224/342678/?ST=security
ウェブサイト管理者へ:ウェブサイト改ざんに関する注意喚起
一般利用者へ:改ざんされたウェブサイトからのウイルス感染に関する注意喚起
http://www.ipa.go.jp/security/topics/20091224.html
Adobe Reader 及び Acrobat の未修正の脆弱性に関する注意喚起
http://www.jpcert.or.jp/at/2009/at090027.txt
Microsoft IIS File Parsing Extension Vulnerability
http://isc.sans.org/diary.html?storyid=7810
APC Network Management Card Devices Input Validation Flaws Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks
http://securitytracker.com/alerts/2009/Dec/1023388.html
Microsoft Internet Information Services (IIS) Filename Extension Parsing Flaw May Let Users Bypass Security Controls
http://securitytracker.com/alerts/2009/Dec/1023387.html
Drupal FAQ Module Script Insertion Vulnerability
http://secunia.com/advisories/37923/
Jax Guestbook guestbook.admin.php Security Bypass
http://secunia.com/advisories/37921/
Kolab Server Web Client Image Upload Form Vulnerability
http://secunia.com/advisories/37918/
Fedora update for wireshark
http://secunia.com/advisories/37916/
OpenX Authentication Bypass Security Issue
http://secunia.com/advisories/37914/
Debian update for unbound
http://secunia.com/advisories/37913/
MyBB MYPS Plugin "username" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37910/
Auto-Surf Traffic Exchange Script "rid" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/37894/
Joomla Car Manager Component "msg" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37882/
Drupal Automated Logout Module Script Insertion Vulnerability
http://secunia.com/advisories/37878/
Red Hat update for java-1.6.0-ibm
http://secunia.com/advisories/37841/
Microsoft IIS ASP Multiple Extensions Security Bypass
http://secunia.com/advisories/37831/
APC NMC Products Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/37744/
Exploit Easy RM to MP3 2.7.3.700 - Ruby
http://www.exploit-db.com/exploits/10642
CastRipper 2.50.70 (.pls) Stack buffer Overflow Exploit WinXP SP3
http://www.exploit-db.com/exploits/10628
Microsoft IIS File Extension Processing Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/3634
Automated Logout for Drupal Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3633
FAQ Module for Drupal Unspecified Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3632
APC Switched Rack PDU 'login1' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37338
Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36377
Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703
Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
http://www.securityfocus.com/bid/37370
Mozilla Firefox CVE-2009-3979 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/37361
Mozilla Firefox and Sea Monkey Insecure Protocol Location Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/37367
Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37366
Mozilla Firefox 'window.opener' Property Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37365
Mozilla Firefox CVE-2009-3981 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37363
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Apache mod_proxy_ftp Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/36254
Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623
Joomla! 'com_schools' Component 'schoolid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37469
Woltlab Burning Board Kleinanzeigenmarkt Plugin 'catID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37468
Pragyan CMS 'search.php' Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/37467
Jax Guestbook 'guestbook.admin.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37466
MyBB 'myps.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37464
Polipo Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/37463
Drupal Automated Logout Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37462
0 件のコメント:
コメントを投稿