Webベースの「ボットネット」が急増中、半年で2倍に
通信方法が「IRC」から「HTTP」へ、構築用ツールが出回る
http://itpro.nikkeibp.co.jp/article/NEWS/20100201/343999/?ST=security
JVNDB-2009-002474 PHP におけるスーパーグローバル配列 SESSION の割り込み領域が破壊される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002474.html
JVNDB-2009-002473 PHP の htmlspecialchars 関数におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002473.html
JVNDB-2009-002472 複数の VMware 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002472.html
JVNDB-2009-002471 Linux kernel の arch/x86/ia32/ia32entry.S におけるレジスタ値を読み取られる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002471.html
JVNDB-2009-002470 Linux kernel の NFSv4 クライアントの nfs4_proc_lock 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002470.html
JVNDB-2009-002469 Linux kernel の net/unix/af_unix.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002469.html
JVNDB-2009-002468 Linux kernel の ATI Rage 128 ドライバにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002468.html
JVNDB-2008-002425 Linux kernel および gxsnmp パッケージの asn1 の実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002425.html
JVNDB-2009-002467 複数の Symantec 製品の VRTSweb における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002467.html
+ MySQL Community Server 5.1.43 has been released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html
+ Linux kernel 2.4.37.8 released
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.8
http://www.linux.org/news/2010/01/31/0001.html
- NetVault Backup 8.5 released
http://www.bakbone.co.jp/products/nvbu85.html
[ANNOUNCE] Apache OpenJPA 2.0.0-beta released
http://cwiki.apache.org/openjpa/openjpa-200-beta.html
[ANNOUNCE] Apache Tika 0.6 released
http://www.apache.org/dist/lucene/tika/CHANGES-0.6.txt
APSB10-04: Solution available for potential ColdFusion information disclosure issue
http://www.adobe.com/support/security/bulletins/apsb10-04.html
Dovecot 2.0.beta2 released
http://www.dovecot.org/list/dovecot-news/2010-January/000149.html
Linux Kernel release: 2.6.33-rc6
http://www.linux.org/news/2010/01/29/0001.html
Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities
http://www.cisco.com/en/US/products/products_security_advisory09186a00809ac83b.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the SNMP Version 3 Authentication Vulnerabilities
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a00809adfc8.html
RHBA-2010:0073-1: nss_ldap bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0073.html
RHBA-2010:0075-1: bind bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0075.html
MDVSA-2010:029: rootcerts
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31625
OCS Inventory NG Server <= 1.3b3 (login) Remote Authentication Bypass http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00283.html
[ MDVSA-2010:029 ] rootcerts
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00282.html
Multiple vulnerabilities in XAMPP (advisory #7)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00281.html
Multiple vulnerabilities in XAMPP (advisories #5 and #6)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00280.html
Multiple vulnerabilities in XAMPP (advisories #3 and #4)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00279.html
Multiple vulnerabilities in XAMPP (advisories #1 and #2)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00278.html
[SECURITY] [DSA 1968-2] New pdns-recursor packages fix cache poisoning
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00274.html
[USN-892-1] FUSE vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00273.html
[SECURITY] [DSA 1981-2] New maildrop packages fix regression
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00272.html
[USN-893-1] Samba vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00271.html
PR09-19: Cross-Site Scripting (XSS) on CommonSpot server
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00270.html
[SECURITY] [DSA 1981-1] New maildrop packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00269.html
2月は「情報セキュリティ月間」です
http://www.ipa.go.jp/security/event/2009/security-month.html
NMAP 5.21 - Is UDP Protocol Specific Scanning Important? Why Should I Care?
http://isc.sans.org/diary.html?storyid=8110
New and updated VMWare advisories
http://isc.sans.org/diary.html?storyid=8122
Got PushDo SSL packets?
http://isc.sans.org/diary.html?storyid=8125
Neo-legacy applications
http://isc.sans.org/diary.html?storyid=8116
BoA Offline?
http://isc.sans.org/diary.html?storyid=8119
Ingres Database Heap Overflow May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023517.html
Wireshark Buffer Overflows in LWRES Dissector Let Remote Users Deny Service
http://securitytracker.com/alerts/2010/Jan/1023516.html
Debian update for ircd-hybrid and ircd-ratbox
http://secunia.com/advisories/38383/
oftc-hybrid "LINKS" Command Integer Underflow Vulnerability
http://secunia.com/advisories/38382/
IRCD-hybrid "LINKS" Command Integer Underflow Vulnerability
http://secunia.com/advisories/38381/
Joomla ccNewsletter Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/38378/
TantumWeb PhpCatalog Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/38376/
Feodra update for ncpfs
http://secunia.com/advisories/38371/
NovaBoard Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/38368/
Hitachi Products Image File Processing Buffer Overflow
http://secunia.com/advisories/38363/
Ubuntu update for fuse
http://secunia.com/advisories/38359/
Ubuntu update for samba
http://secunia.com/advisories/38357/
Symantec Altiris Notification Server Static Encryption Key
http://secunia.com/advisories/38356/
ncpfs "ncpmount" / "ncpumount" Race Condition Security Issues
http://secunia.com/advisories/38327/
Geo++ GNCASTER Multiple Weaknesses and Vulnerabilities
http://secunia.com/advisories/38323/
Fedora update for bltk
http://secunia.com/advisories/38313/
Comtrend CT-507IT "srvName" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38309/
Fedora update for samba
http://secunia.com/advisories/38308/
Samba "mount.cifs" Race Condition Security Issue
http://secunia.com/advisories/38286/
FUSE "fusermount" Race Condition Denial of Service
http://secunia.com/advisories/38261/
ircd-ratbox Integer Underflow and NULL Pointer Dereference Vulnerabilities
http://secunia.com/advisories/38210/
Vermillion FTP Deamon v1.31 Remote BOF Exploit
http://www.exploit-db.com/exploits/11293
Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37985
cPanel and WHM 'failurl' Parameter HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/37902
Hybserv2 ':help' Command Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38006
Internet Explorer CVE-2010-0249 'srcElement()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37815
Microsoft Internet Explorer (CVE-2010-0247) Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37893
Microsoft Internet Explorer Table Layout Reuse Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37892
Microsoft Internet Explorer Cloned DOM Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37894
Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37895
Microsoft Internet Explorer 8 Cross-Site Scripting Filter Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37135
Microsoft Internet Explorer URI Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37884
XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/13127
Microsoft Internet Explorer 'Col' Element Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37891
XAMPP 'showcode.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/37999
XAMPP Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37997
XAMPP Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37998
Ingres Database Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38001
FUSE 'fusermount' Race Condition Vulnerability
http://www.securityfocus.com/bid/37983
Battery Life Toolkit 'bltk_sudo' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37996
Retired: phpBB Forum ID Security Bypass Vulnerability
http://www.securityfocus.com/bid/37882
South River Technologies WebDrive Security Descriptor Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37955
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Sun Java SE November 2009 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36881
Ruby WEBrick Terminal Escape Sequence in Logs Command Injection Vulnerability
http://www.securityfocus.com/bid/37710
SystemTap 'stat-server' Remote Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/37842
IRCD-Hybrid and ircd-ratbox 'LINKS' Command Remote Integer Underflow Vulnerability
http://www.securityfocus.com/bid/37978
XAMPP for Linux 'text' Parameter Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/30535
Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36572
Samba Oplock Break Notification Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36573
Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
http://www.securityfocus.com/bid/36363
Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37992
Joomla! 'com_ccnewsletter' Component Local File Include Vulnerability
http://www.securityfocus.com/bid/37987
Adobe ColdFusion Solr Service Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38007
OCS Inventory NG Server 'login' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38005
Comtrend CT-507 IT ADSL Router 'scvrtsrv.cmd' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38004
ejabberd 'client2server' Message Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38003
SQLite 'SQLITE_SECURE_DELETE' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38002
Hitachi Multiple Products Image File Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38000
0 件のコメント:
コメントを投稿