OSDC.TW calls for papers
http://use.perl.org/article.pl?sid=10/01/02/134248&from=rss
Effective Perl Programming master class at Frozen Perl
http://use.perl.org/articles/10/01/01/1339229.shtml
eumm-migrate - easy way to migrate to Module::Build
http://use.perl.org/articles/10/01/01/1339216.shtml
UPDATE: cisco-sa-20091109-tls: Transport Layer Security Renegotiation Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml
「PDFファイルに要注意」、ADOBE READERの脆弱性を突くウイルス出回る
パッチ未提供で対策ソフトの多くは検出せず、回避策はJavaScript無効化
http://itpro.nikkeibp.co.jp/article/NEWS/20100105/342867/?ST=security
JVNDB-2007-000775 OpenSSL の SSL_get_shared_ciphers() 関数における一つずれエラーの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000775.html
JVNDB-2009-001737 Apache Tomcat における Web アプリケーションに関連するファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001737.html
JVNDB-2009-001736 Apache Tomcat における有効なユーザ名を列挙される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001736.html
JVNDB-2009-001115 Apache Tomcat のサンプル用 calendar アプリケーションにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001115.html
JVNDB-2008-001607 Apache Tomcat の HttpServletResponse.sendError メソッドに関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001607.html
JVNDB-2008-001606 Apache Tomcat の RequestDispatcher に関するディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001606.html
JVNDB-2008-001420 Apache Tomcat の host-manager におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001420.html
JVNDB-2008-001099 Apache Tomcat における例外処理に関する情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001099.html
JVNDB-2008-001098 Apache Tomcat における SSL リクエストに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001098.html
JVNDB-2008-000009 Apache Tomcat において不正な Cookie を送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000009.html
JVNDB-2007-001080 Apache Tomcat の JULI ロギングコンポーネントにおけるウェブアプリケーションのパーミッションに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001080.html
JVNDB-2007-000880 Apache Tomcat の WebDAV servlet における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000880.html
XOOPS Input Validation Flaws Permit Cross-Site Scripting and SQL Injection Attacks
http://securitytracker.com/alerts/2010/Jan/1023394.html
+ libpng 1.2.42, 1.4.0 released
http://www.libpng.org/pub/png/libpng.html
http://www.libpng.org/pub/png/src/libpng-1.2.42-README.txt
http://www.libpng.org/pub/png/src/libpng-1.4.0-README.txt
+ RHSA-2010:0003-1: Moderate: gd security update
http://rhn.redhat.com/errata/RHSA-2010-0003.html
- RHSA-2010:0002-1: Moderate: PyXML security update
http://rhn.redhat.com/errata/RHSA-2010-0002.html
Independent Researcher : XSS in Zoneedit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31366
Secunia : PDF-XChange Viewer Content Parsing Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31365
Gentoo Linux : NTP: Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31361
Gentoo Linux : Adobe Flash Player: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31362
Ubuntu Security Notice : PostgreSQL vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31364
Symantec SEPM having 2010 date problems
http://isc.sans.org/diary.html?storyid=7870
Any other reports of decade change problems?
http://isc.sans.org/diary.html?storyid=7873
Vulnerability Note VU#571629: S2 Security Linear eMerge Access Control System management component vulnerable to unauthenticated factory reset
http://www.kb.cert.org/vuls/id/571629
HP-UX Running Apache Data Injection and DoS Vulnerability
http://www.securiteam.com/unixfocus/5QP2V150AO.html
Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability
http://www.securiteam.com/securitynews/5RP2W150AC.html
Rezervi "root" File Inclusion Vulnerability
http://secunia.com/advisories/38118/
IMAGIN "writeToFile.php" File Manipulation Vulnerability
http://secunia.com/advisories/38115/
Gentoo update for adobe-flash
http://secunia.com/advisories/38102/
Gentoo update for ntp
http://secunia.com/advisories/38101/
Ubuntu update for PostgreSQL
http://secunia.com/advisories/38100/
Debian update for postgresql
http://secunia.com/advisories/38099/
tnftpd "fts_build()" Denial of Service Vulnerability
http://secunia.com/advisories/38098/
Fedora update for cacti
http://secunia.com/advisories/38087/
Acidcat CMS Information Disclosure Security Issue
http://secunia.com/advisories/38084/
Fedora update for NetworkManager
http://secunia.com/advisories/38082/
HLstatsX Community Edition "award" SQL Injection Vulnerability
http://secunia.com/advisories/38079/
Weatimages "path" Directory Traversal Vulnerability
http://secunia.com/advisories/38075/
Imagevue Gallery "path" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38071/
Fedora update for slim
http://secunia.com/advisories/38070/
Fedora update for automake
http://secunia.com/advisories/38067/
phpYellow File Upload Vulnerability
http://secunia.com/advisories/38063/
Hit Counter Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38052/
VisionGate "url" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38043/
Net Transport eDonkey Protocol Buffer Overflow Vulnerability
http://secunia.com/advisories/38028/
phpBannerExchange "bannerurl" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38022/
Joomla! Dailymeals Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/38014/
Joomla! Component Ozio Gallery "writeToFile.php" File Manipulation Vulnerability
http://secunia.com/advisories/37974/
BLOG:CMS Comments Script Insertion Vulnerability
http://secunia.com/advisories/37966/
Joomla! Memory Book! Component SQL Injection and File Upload Vulnerability
http://secunia.com/advisories/37926/
Xoops Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/37920/
Joomla CARTwebERP Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/37917/
Joomla Bible Study Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/37896/
Joomla BF Survey Pro Component "catid" SQL Injection Vulnerability
http://secunia.com/advisories/37868/
Joomla BF Survey Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/37866/
Joomla Abbreviations Manager Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/37834/
PDF-XChange Viewer Content Parsing Memory Corruption Vulnerability
http://secunia.com/advisories/37706/
IMAGIN "writeToFile.php" Remote PHP Code Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0024
TPJobs for Joomla "id_c" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0023
PDF-XChange Viewer PDF Data Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/0022
HotBrackets for Joomla "id" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0021
MasterWeb "newsID" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0020
Joomla Bridge of Hope Template "id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0019
Doqment Component for Joomla "cid" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0018
Otzivi Component for Joomla "Itemid" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0017
Rezervi "root" Parameter Handling Remote File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0016
Portal ModulNet "id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0015
Joomla Bamboo Simpla Admin Template SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0014
Smart Vision Script News "id" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0013
Elite Gaming Ladders "account" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0012
PlayMeNow Playlist Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0011
Net Transport eD2K Protocol Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0010
Skype for Linux (<=2.1 Beta) multiple strange behavior http://www.exploit-db.com/exploits/10980
RETIRED: QuizShock 'auth.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37552
NetworkManager Security Bypass and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/37580
PDF-XChange Viewer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37582
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
Joomla! Module for Alfresco 'id_pan' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37578
GD Graphics Library '_gdGetColors' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36712
Discuz! 'referer' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37562
DieselPay Cross Site Scripting And Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/37564
Virtual DJ '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25512
Linux Kernel Ext4 'move extents' ioctl Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37277
Multiple Vendor libc 'fts.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/34008
PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37334
PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37333
Cacti Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/37109
Adobe Flash Player and AIR (CVE-2009-3798) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37275
Adobe Flash Player and AIR (CVE-2009-3797) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37273
Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37270
Adobe Flash Player and AIR 'exception_count' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37267
Adobe Flash Player and AIR JPEG File Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37266
Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/37269
Wireshark 0.9.0 through 1.2.4 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37407
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37255
GNU Automake Insecure Directory Permissions Vulnerability
http://www.securityfocus.com/bid/37378
WP Events Calendar Plugin for WordPress 'event_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37607
'com_doqment' Joomla! Component 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37606
MercuryBoard 'index.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37605
Joomla! 'com_cartikads' Component Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/37604
Shape5 Bridge of Hope Template for Joomla! 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37602
S2 Security Linear eMerge Access Control System Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37601
WMNews 'admin/wmnews.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37600
IMAGIN 'writeToFile.php' Multiple Remote Command Execution Vulnerabilities
http://www.securityfocus.com/bid/37598
XOOPS 'include/notification_update.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/37597
Dailymeals Joomla! Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/37596
Joomla! 'com_otzivi' Component 'Itemid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37595
Private Messaging Module for XOOPS 'op' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37594
pL-PHP 'index.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37593
Gretech GOM Player '.asx' File Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37592
Joomla! 'com_tpjobs' Component 'id_c[]' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37591
REZERVI Belegungsplan und GA?stedatenbank 'include/mail.inc.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/37589
BLOG:CMS Comment Editing HTML Injection Vulnerability
http://www.securityfocus.com/bid/37587
httpdx Space Character Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/37586
Joomla! BF Survey Pro 'catid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37585
BF Survey Pro Joomla! Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/37584
0 件のコメント:
コメントを投稿