+ HPSBUX02464 SSRT090210 rev.1 - HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01894850
Debian GNU/Linux 5.0 updated (5.0.4)
http://www.debian.org/News/2010/20100130
Solaris Daylight Saving Time (DST) Update (Jan 2010)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-276190-1
SUN ALERT WEEKLY SUMMARY REPORT - Week of 24-Jan-2010 to 30-Jan-2010
http://sunsolve.sun.com/search/document.do?assetkey=1-66-276390-1
[CORE-2009-1126] Corel Paint Shop Pro Photo X2 FPX Heap Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00027.html
SNS経由のオンライン攻撃が急増、ユーザーの57%がスパム攻撃を経験
http://itpro.nikkeibp.co.jp/article/NEWS/20100202/344076/?ST=security
JVNVU#418861 BIND 9 の DNSSEC 検証処理における脆弱性
http://jvn.jp/cert/JVNVU418861/
JVNDB-2008-002426 Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002426.html
JVNDB-2010-001002 sendmail における X.509 証明書の処理に関する任意の SSL-based SMTP サーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001002.html
JVNDB-2009-002477 Drupal の Menu モジュールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002477.html
JVNDB-2009-002476 Drupal の Contact モジュールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002476.html
JVNDB-2009-002475 Cosminexus、Processing Kit for XML および Hitachi Developer's Kit for Java におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002475.html
Adobe ColdFusion Information Disclosure
http://isc.sans.org/diary.html?storyid=8128
Adobe ColdFusion Discloses Solr Service Collections to Remote Users
http://securitytracker.com/alerts/2010/Feb/1023519.html
IBM DB2 Flaw in Tivoli Monitoring Agent Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Feb/1023518.html
+ Linux kernel 2.4.37.9 released
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.9
http://www.linux.org/news/2010/02/01/0001.html
+ Solaris Microcode Device Denial of Service Vulnerability
http://secunia.com/advisories/38452/
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00010.html
http://www.securityfocus.com/bid/38016
+ Linux Kernel 64bit Personality Handling Denial of Service
http://secunia.com/advisories/38354/
http://www.securityfocus.com/bid/38027
++ ActivePerl 5.10.1.1007, 5.8.9.827 released
http://www.activestate.com/activeperl/downloads/
++ BIND 9.4-ESV (Extended Support Version) released
ftp://ftp.isc.org/isc/bind9/9.4-ESV/9.4-ESV
- VMSA-2010-0002: VMware vCenter update release addresses multiple security issues in Java JRE
http://www.vmware.com/security/advisories/VMSA-2010-0002.html
http://secunia.com/advisories/38438/
http://secunia.com/advisories/38384/
http://www.vupen.com/english/advisories/2010/0258
[ANNOUNCE] MyFaces Core v2.0.0-beta Release
http://myfaces.apache.org/download.html
FreeBSD 7.3-BETA1 Available
http://lists.freebsd.org/pipermail/freebsd-stable/2010-January/054608.html
Document ID: 340450: In an Any-to-Any Exchange setup, users are unable to access their Exchange mailboxes using Outlook Web Access when Exchange 2007 is clustered with VCS.
http://seer.entsupport.symantec.com/docs/340450.htm
Debian : New git-core packages fix build failure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31635
Debian : New libxerces2-java packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31636
iDefense Security Advisory 02.01.10: Real Networks RealPlayer Compressed GIF Handling Integer Overf
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00017.html
iDefense Security Advisory 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00018.html
[CORE-2010-0106] Cisco Secure Desktop XSS/JavaScript Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00019.html
[ MDVSA-2010:030 ] kernel
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00021.html
Joomla (com_gambling) SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00022.html
XSS vulnerability in Drupals MP3 Player contributed module (version 6.x-1.0-beta1)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00020.html
- Security Advisory for Bugzilla 3.0.10, 3.2.5, 3.4.4, and 3.5.2
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00011.html
Advisory: jBCrypt http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00005.html
[SECURITY] [DSA 1983-1] New Wireshark packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00014.html
[SECURITY] [DSA 1841-2] New git-core packages fix build failure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00001.html
[TKADV2010-001] Oracle Solaris UCODE_GET_VERSION IOCTL Kernel NULL Pointer Dereference
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00010.html
Cross-Site History Manipulation (XSHM)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00006.html
Tavanmand Portal (fckeditor) Remote Arbitrary File Upload Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00008.html
eWebeditor ASP Version Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00000.html
VMSA-2010-0002 VMware vCenter update release addresses multiple security issues in Java JRE
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00012.html
- iPhone certificate flaws
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00003.html
{PRL} Xerox Workcenter 4150 Remote Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00009.html
[SECURITY] [DSA 1982-1] New hybserv packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-02/msg00004.html
PUBLIC ADVISORY: 02.01.10: RealNetworks RealPlayer 11 HTTP Chunked Encoding Integer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=837
PUBLIC ADVISORY: 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=838
PUBLIC ADVISORY: 02.01.10: Real Networks RealPlayer Compressed GIF Handling Integer Overflow
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=839
RHBA-2010:0078-1: iscsi-initiator-utils bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0078.html
RHBA-2010:0077-1: parted bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0077.html
Squid DNS Packet Processing Denial of Service Vulnerability
http://secunia.com/advisories/38455/
Solaris Microcode Device Denial of Service Vulnerability
http://secunia.com/advisories/38452/
Squid DNS Packet Processing Denial of Service Vulnerability
http://secunia.com/advisories/38451/
C++ Sockets Library HTTP Headers Denial of Service
http://secunia.com/advisories/38448/
Oracle Times-Ten In-Memory Database Denial of Service
http://secunia.com/advisories/38446/
MoinMoin Unspecified Vulnerability
http://secunia.com/advisories/38444/
Bugzilla Information Disclosure Weaknesses
http://secunia.com/advisories/38443/
Python expat Module XML Processing Denial of Service
http://secunia.com/advisories/38442/
VMware Products JRE Multiple Vulnerabilities
http://secunia.com/advisories/38438/
Joomla! jVideoDirect Component "v" SQL Injection Vulnerability
http://secunia.com/advisories/38436/
Joomla AutartiTarot Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/38434/
snif "download" File Disclosure Vulnerability
http://secunia.com/advisories/38415/
Joomla! JE Quiz Component "eid" SQL Injection Vulnerability
http://secunia.com/advisories/38412/
Joomla! Documents Seller Component "category_id" SQL Injection Vulnerability
http://secunia.com/advisories/38410/
phpunity.newsmanager "id" File Disclosure Vulnerability
http://secunia.com/advisories/38409/
Joomla! JE Event Calendars Component "event_id" SQL Injection Vulnerability
http://secunia.com/advisories/38408/
Adobe ColdFusion Solr Collections Information Disclosure
http://secunia.com/advisories/38387/
VMware VirtualCenter JRE Multiple Vulnerabilities
http://secunia.com/advisories/38384/
Linux Kernel 64bit Personality Handling Denial of Service
http://secunia.com/advisories/38354/
Debian update for hybserv
http://secunia.com/advisories/38350/
Debian update for wireshark
http://secunia.com/advisories/38348/
Debian update for libxerces2-java
http://secunia.com/advisories/38342/
Debian update for sendmail
http://secunia.com/advisories/38314/
Fedora update for gzip
http://secunia.com/advisories/38312/
Fedora update for maniadrive
http://secunia.com/advisories/38303/
IBM DB2 Two Vulnerabilities
http://secunia.com/advisories/38294/
Fedora update for php
http://secunia.com/advisories/38293/
Fedora update for automake
http://secunia.com/advisories/38288/
Fedora update for fuse
http://secunia.com/advisories/38287/
MoinMoin Superuser Definition Unspecified Security Vulnerability
http://www.vupen.com/english/advisories/2010/0266
Oracle TimesTen In-Memory Database Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0265
Ingres Database Packets Processing Heap Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0264
IBM DB2 Remote Heap Overflow and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0263
Python Security Update Fixes Expat Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0262
Bugzilla Security Update Fixes Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2010/0261
Squid DNS Packets Processing Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0260
Adobe ColdFusion Solr Collections Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/0259
VMware Products Java JRE Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0258
Hitachi Products Java Image Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0257
Symantec Altiris Notification Server Static Encryption Key Weakness
http://www.vupen.com/english/advisories/2010/0256
dotProject 2.1.3 Multiple SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/37669
Adobe Reader and Acrobat U3D Support Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37756
NOS Microsystems getPlus Help ActiveX Control Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37759
Adobe Reader and Acrobat Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/37760
Adobe Reader and Acrobat Forms Data Format Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/37763
Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37757
Adobe Reader and Acrobat DLL Loading in 3D Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37761
Multiple RealNetworks Products Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/37880
bitfolge snif Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/38014
Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37203
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
LibThai Unspecified Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37822
Sun Solaris Trusted Extensions Missing Libraries Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37754
XFS ACL 'setfacl' and 'getfacl' Symbolic Link Handling Security Bypass Vulnerability
http://www.securityfocus.com/bid/37455
Avahi 'avahi-core/server.c' Multicast DNS Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33946
NetworkManager Security Bypass and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/37580
Sun VirtualBox Guest Additions Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37024
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37255
Xerox WorkCentre PJL Daemon Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38010
Oracle Times Ten In-Memory Database Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38019
Squid Header-Only Packets Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37522
IBM DB2 'kuddb2' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38018
Sun Solaris 'CODE_GET_VERSION IOCTL' Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38016
Sun Java SE November 2009 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36881
Sun Java Runtime Environment Proxy Mechanism Implementation Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35943
Sun Java Runtime Environment XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35958
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
Sun Java SE Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/35922
Sun Java Runtime Environment Audio System Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35939
Sun Java Runtime Environment Unpack200 JAR Unpacking Utility Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35944
JNLPAppletLauncher Arbitrary File Creation Vulnerability
http://www.securityfocus.com/bid/35946
GNU Automake Insecure Directory Permissions Vulnerability
http://www.securityfocus.com/bid/37378
PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37079
PHP 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37389
GD Graphics Library '_gdGetColors' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36712
FUSE 'fusermount' Race Condition Vulnerability
http://www.securityfocus.com/bid/37983
GNU Gzip Dynamic Huffman Decompression Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37888
GNU gzip LZW Compression Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37886
Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37543
Git Parameter Processing Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35338
Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37985
Joomla! 'com_gambling' Component 'gamblingEvent' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38033
Joomla! JE Quiz Component 'eid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38032
Joomla! 'com_job' Component 'id_job' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38031
TYPO3 T3Blog HTML Forms Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/38030
Drupal MP3 Player MP3 Filename HTML Injection Vulnerability
http://www.securityfocus.com/bid/38029
Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38027
Bugzilla Group Selection During Bug Move Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38026
Bugzilla Directory Access Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38025
Joomla! Documents Seller Component 'category_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38024
MoinMoin Unspecified Security Vulnerability
http://www.securityfocus.com/bid/38023
Joomla! 'com_yelp' Component 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38022
Evernew Free Joke Script 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38020
Joomla! 'com_simplefaq' Component 'catid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38015
Joomla! 'com_jeeventcalendar' Component 'event_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38012
Maian Greetings Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/38008
C++ Sockets Library HTTP Headers Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38021
Joomla! 'com_dms' Component 'category_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38017
0 件のコメント:
コメントを投稿