+ Linux kernel 2.6.32 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32
【注意喚起】ワンクリック不正請求に関する相談急増!
パソコン利用者にとっての対策は、まずは手口を知ることから!
http://www.ipa.go.jp/security/topics/alert20080909.html
コンピュータウイルス・不正アクセスの届出状況[11月分]について
―ワンクリック不正請求相談の急増を受け、対策情報ページを公開―
http://www.ipa.go.jp/security/txt/2009/12outline.html
JVNVU#418861 BIND 9 の DNSSEC 検証処理における脆弱性
http://jvn.jp/cert/JVNVU418861/index.html
JVNDB-2009-002292 Mozilla Firefox で使用される liboggplay における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002292.html
JVNDB-2009-002291 Mozilla Firefox で使用される libvorbis における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002291.html
JVNDB-2009-002290 Mozilla Firefox で使用される liboggz における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002290.html
JVNDB-2009-002289 Mozilla Firefox における Web ワーカーの再帰的生成処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002289.html
Novell eDirectory Buffer Overflow in Processing Service Requests Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Dec/1023262.html
Sun Java Enterprise System Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks
http://securitytracker.com/alerts/2009/Dec/1023261.html
Sun Java System Portal Server Gateway Input Validation Flaw Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Dec/1023260.html
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34185
Little CMS Monochrome Profiles Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34411
+ Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects Network Security Services (NSS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273350-1
- Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Portal Server's Gateway May Lead to Execution of Arbitrary Code
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269368-1
- Security Vulnerability in Mozilla Thunderbird Related to SSL Certificates May Cause Arbitrary Code Execution
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269468-1
- HPSBNS02475 SSRT090068 rev.1 - HP NonStop Servers, Unauthorized Access to Data, Denial of Service (DoS), Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01923646-1
[ANNOUNCE] ANN: Database Designer for PostgreSQL 1.2.9 released!
http://microolap.com/products/database/postgresql-designer/download/
[ANNOUNCE] Apache Directory Studio 1.5.1 released
http://directory.apache.org/studio/downloads.html
GCC 4.5.0 development status
http://gcc.gnu.org/ml/gcc/2009-12/msg00019.html
FreeBSD : rtld patch for 7.2-RELEASE
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31021
Independent Researcher : 40 vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31023
Secunia : Lateral Arts Photobox uploader ActiveX Control Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31024
Secunia : Roxio Creator Image Rendering Integer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31025
SuSE : bind
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31020
Gentoo Linux : OpenSSL: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31022
Call for Papers - you Sh0t the Sheriff 4 - Security Conference, Brazil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00023.html
Secunia Research: Roxio Creator Image Rendering Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00015.html
Secunia Research: Lateral Arts Photobox uploader ActiveX Control Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00021.html
Same-origin policy bypass vulnerabilities in several VPN products reported
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00020.html
vulnerabilities in SMF 1.1.10/SMF 2.0RC2 by elhacker.net (Simple Audit)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00016.html
[ GLSA 200912-01 ] OpenSSL: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00018.html
Microsoft Black Screen of Death - Fact of Fiction?
http://isc.sans.org/diary.html?storyid=7672
Updates to Sysinternals Toolkit
http://isc.sans.org/diary.html?storyid=7675
SPAM and Malware taking advantage of H1N1 concerns
http://isc.sans.org/diary.html?storyid=7678
BlackBerry Products PDF Distiller Unspecified Vulnerabilities
http://secunia.com/advisories/37562/
HP NonStop Server Privilege Escalation
http://secunia.com/advisories/37560/
Fedora update for roundcubemail
http://secunia.com/advisories/37559/
Fedora update for cups
http://secunia.com/advisories/37558/
Novell eDirectory NDS Verb 0x1 Request Integer Overflow Vulnerability
http://secunia.com/advisories/37554/
TEKUVA Password Reminder Hardcoded Password Security Issue
http://secunia.com/advisories/37553/
Joomla Joaktree Component "treeId" SQL Injection Vulnerability
http://secunia.com/advisories/37535/
Theeta CMS "start" SQL Injection Vulnerability
http://secunia.com/advisories/37529/
SUSE update for bind
http://secunia.com/advisories/37523/
SweetRice File Inclusion Vulnerabilities
http://secunia.com/advisories/37522/
phpMyFAQ Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/37520/
Gentoo update for openssl
http://secunia.com/advisories/37512/
Photobox Uploader ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/37492/
dotDefender Cross-Site Request Forgery
http://secunia.com/advisories/37459/
Pligg Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/advisories/37349/
Lateral Arts Uploader ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/37138/
Roxio Creator Image Rendering Integer Overflow Vulnerability
http://secunia.com/advisories/36069/
HP NonStop Server Lets Local Users Gain Elevated Privileges and Deny Service
http://securitytracker.com/alerts/2009/Dec/1023259.html
Novell eDirectory NDS Verb 0x1 Remote Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3379
TYPO3 Extensions Multiple SQL Injection and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/3378
Photobox Uploader ActiveX Control Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3377
Lateral Arts Uploader ActiveX Control Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3376
Roxio Creator Image Dimensions Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3375
ActivePerl Compress Modules Two Off-by-One Vulnerabilities
http://www.vupen.com/english/advisories/2009/3374
HP NonStop Server Local Privilege Escalation and DoS Vulnerability
http://www.vupen.com/english/advisories/2009/3373
BlackBerry Products PDF Distiller Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/3372
Drupal Taxonomy Timer Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/37189
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34185
Little CMS Monochrome Profiles Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34411
Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36901
Linux Kernel 2.4 and 2.6 Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36827
Linux Kernel 'unix_stream_connect()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36723
Linux kernel 'O_EXCL' NFSv4 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36472
Linux Kernel 64-bit Kernel Register Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36576
Linux Kernel AppleTalk Driver IP Over DDP Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36379
Linux Kernel r128 Driver CCE Initialization NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/36824
Linux Kernel 2.4 and 2.6 Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36304
Linux Kernel 'nfs4_proc_lock()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36936
Roundcube Webmail Background Attributes Email Message HTML Injection Vulnerability
http://www.securityfocus.com/bid/33372
Roundcube Webmail Multiple Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/36920
Photobox Uploader ActiveX Control URL Parsing Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37187
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Multiple VNC Clients Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33568
SafeNet SoftRemote Policy File Handling Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36907
Pligg Cross Site Scripting And Request Forgery Remote Vulnerabilities
http://www.securityfocus.com/bid/37185
FreeBSD 'execl()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37154
Computer Associates ARCserve Backup Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/31684
Roxio Creator Image Parsing Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37183
Autodesk Maya MEL Script Nodes Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/36636
Autodesk Softimage Scene TOC File Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36637
Autodesk 3ds Max Application Callbacks Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/36634
Sun Java System Portal Server Multiple Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37186
phpMyFAQ 2.5.4 and Prior Multiple Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37180
Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37153
RT Session Fixation Vulnerability
http://www.securityfocus.com/bid/37162
Ciamos 'module_path' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/37160
Simple Machines Forum Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/37182
CUPS 'kerberos' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36958
Joomla! mojoBlog Component Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/37179
Joomla! Joaktree Component 'treeId' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37178
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118
Novell eDirectory 'NDS Verb 0x1' Request Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37184
HP NonStop Server Unspecified Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37181
Oracle Database Text Component 'ctxsys.drvxtabc.create_tables' Remote SQL Injection Vulnerability
http://www.securityfocus.com/bid/36748
ISPworker Download.PHP Multiple Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/26277
0 件のコメント:
コメントを投稿