ISC BIND 9.7.0rc2 development reelased
http://ftp.isc.org/isc/bind9/9.7.0rc2/9.7.0rc2
プレス発表
情報セキュリティ産業の構造分析結果の公開について
~市場規模、日本は世界の13%~
http://www.ipa.go.jp/about/press/20100128.html
JVNVU#943657 複数の TCP の実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU943657/index.html
JVNTA10-021A Internet Explorer に複数の脆弱性
http://jvn.jp/cert/JVNTA10-021A/index.html
JVNVU#568372 NTP におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU568372/index.html
The Apache Software Foundation が提供する Apache Tomcat には、情報漏えいの脆弱性が存在します。
http://jvn.jp/jp/JVN63832775/index.html
JVNDB-2009-002459 複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002459.html
JVNDB-2009-002458 複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002458.html
JVNDB-2009-002457 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002457.html
JVNDB-2009-002456 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002456.html
JVNDB-2009-002454 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002454.html
JVNDB-2009-002392 Expat の libexpat におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002392.html
JVNDB-2009-001955 Mozilla NSS の正規表現の解析における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001955.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace
http://isc.sans.org/diary.html?storyid=8101
yaSSL Buffer Overflow in Certificate Processing Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023513.html
HP OpenView Storage Data Protector Lets Local Users Gain Unauthorized Access
http://securitytracker.com/alerts/2010/Jan/1023512.html
Cisco Unified MeetingPlace Flaws Lets Remote Users Inject SQL Commands, Create Accounts, Obtain Information, and Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Jan/1023511.html
yaSSL Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/27140
MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37943
RETIRED: yaSSL SSL Certificate Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37974
+ HPSBUX02479 SSRT090212 rev.1 - HP-UX running HP CIFS Server (Samba), Remote Unauthorized Access
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01940841
+ MySQL 5.0.90 released
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html
+ Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00249.html
http://www.securityfocus.com/bid/37966
+ PostgreSQL Substring Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023510.html
http://www.securityfocus.com/bid/37973
[ANNOUNCE] [Announce] GNUmed EMR version 0.6.0 released
http://www.gnumed.de/downloads/client/0.6/
[ANNOUNCE] Apache Jackrabbit 2.0.0 released
http://jackrabbit.apache.org/downloads.html
[Announce] Apache Lenya 2.0.3 released
http://cocoon.apache.org/
- HPSBNS02449 SSSRT090149 rev.2 - HP NonStop Servers with Telco CLIMs, Remote Execution of Arbitrary Code, Denial of Service (DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01832118
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace
http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml
Independent Researcher : Apple Iphone/Ipod - Serversman 3.1.5 HTTP Remote DoS exploit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31611
Mandriva : kdelibs4
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31601
Mandriva : kdelibs4
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31602
ProCheckUp : Multiple XSS / Cross Domain redirects and path disclosure on SAP BusinessObjects
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31610
RedTeam Pentesting : Geo++(R) GNCASTER: Insecure handling of long URLs
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31607
RedTeam Pentesting : Geo++(R) GNCASTER: Insecure handling of NMEA-data
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31608
RedTeam Pentesting : Geo++(R) GNCASTER: Faulty implementation of HTTP Digest Authentication
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31609
Debian : New phpgroupware packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31605
Hewlett-Packard : HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31613
[SECURITY] [DSA 1980-1] New ircd-hybrid/ircd-ratbox packages fix arbitrary code executio
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00263.html
[SECURITY] [DSA-1979-1] New lintian packages fix multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00261.html
[USN-803-2] Dhcp vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00260.html
PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00259.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00255.html
Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow.
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00249.html
PR09-02 Multiple Cross-Site Scripting (XSS) / Cross Domain redirects and Server path informa
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00253.html
[RT-SA-2010-002] Geo++(R) GNCASTER: Insecure handling of NMEA-data
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00262.html
[RT-SA-2010-001] Geo++(R) GNCASTER: Insecure handling of long URLs
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00258.html
[ MDVSA-2010:028 ] kdelibs4
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00257.html
[ MDVSA-2010:027 ] kdelibs4
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00256.html
[security bulletin] HPSBMA02502 SSRT090171 rev.1 - HP OpenView Storage Data Protector, Local Una
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00252.html
[InterN0T] ShareTronix 1.0.4 - HTML Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00250.html
「コンフィッカー」ウイルスは死なず、現在でも数百万台に感染
米トレンドマイクロが警告、脆弱性悪用やUSBメモリー経由で感染
http://itpro.nikkeibp.co.jp/article/NEWS/20100128/343850/?ST=security
Command Line Kung Fu
http://isc.sans.org/diary.html?storyid=8092
Active SEO poisoning attacks for hot topics
http://isc.sans.org/diary.html?storyid=8098
sudosh2 sudosh-replay Privilege Escalation Vulnerability
http://secunia.com/advisories/38349/
yaSSL Certificate Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/38344/
Status2k Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/38336/
e107 Unspecified Vulnerability
http://secunia.com/advisories/38330/
HP OpenView Storage Data Protector Unauthorised Access
http://secunia.com/advisories/38306/
Piwigo SQL Injection Vulnerability
http://secunia.com/advisories/38305/
LedgerSMB Multiple Vulnerabilities
http://secunia.com/advisories/38304/
Sun Java System Web Proxy Server Multiple Vulnerabilities
http://secunia.com/advisories/38301/
Debian update for phpgroupware
http://secunia.com/advisories/38297/
SUSE update for acroread
http://secunia.com/advisories/38295/
sudosh3 sudosh-replay Privilege Escalation Vulnerability
http://secunia.com/advisories/38292/
Ubuntu update for python-xml
http://secunia.com/advisories/38291/
Event Horizon Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/38289/
IBM DataPower ICMP Packet Processing Denial of Service
http://secunia.com/advisories/38256/
cPanel "failurl" HTTP Response Splitting Vulnerability
http://secunia.com/advisories/38255/
PostgreSQL Substring Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023510.html
IBM DB2 Heap Overflow in Processing SELECT Statements Lets Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023509.html
NetSupport Manager Flaw in Gateway Component Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Jan/1023508.html
OCS Inventory NG SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0225
e107 Unspecified Data Processing Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/0224
SiSoftware Sandra "sandra.sys" Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/0223
Hasbani-WindWeb/2.0 - HTTP GET Remote DoS
http://www.exploit-db.com/exploits/1274
CamShot v1.2 SEH Overwrite Exploit
http://www.exploit-db.com/exploits/11272
PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37973
ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35668
VirtueMart Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37963
Novatel Wireless MiFi 2352 Password Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37962
e107 Unspecified Remote Vulnerability
http://www.securityfocus.com/bid/37961
phpYabs 'Azione' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/33670
KDE KSSL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36229
Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35510
Multiple Vendor Browser 'HTMLSelectElement' Denial of Service Vulnerability
http://www.securityfocus.com/bid/35446
WebKit Numeric Character References Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35607
WebKit JavaScript Garbage Collector Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35309
WebKit CSS 'Attr' Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35318
WebKit SVGList Objects Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34924
WebKit DOM Event Handler Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35271
Joomla! JBDiary Component Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37936
ircd-ratbox 'HELP' Command Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37979
IRCD-Hybrid and ircd-ratbox 'LINKS' Command Remote Integer Underflow Vulnerability
http://www.securityfocus.com/bid/37978
Drupal Author Contact Module 'block' HTML Injection Vulnerability
http://www.securityfocus.com/bid/37977
IBM DB2 'REPEAT()' Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37976
Debian Lintian Multiple Local Vulnerabilities
http://www.securityfocus.com/bid/37975
yaSSL SSL Certificate Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37974
SAP BusinessObjects URI Redirection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37972
HP System Management Homepage 'servercert' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37968
Apache 1.3 mod_proxy HTTP Chunked Encoding Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37966
Cisco Unified MeetingPlace Multiple Vulnerabilities
http://www.securityfocus.com/bid/37965
HP OpenView Storage Data Protector Unspecified Remote Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/37964
0 件のコメント:
コメントを投稿