+ RHSA-2010:0146-1: Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0146.html
Squid 2.7.STABLE9 released
http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE9-RELEASENOTES.html
JVNDB-2010-001159 Apache HTTP Server の mod_isapi における脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001159.html
JVNDB-2010-001158 libpng における圧縮された補助チャンクの処理に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001158.html
JVNDB-2010-001157 CUPS の cupsd におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001157.html
JVNDB-2010-001156 Internet Explorer において VBScript および Windows Help を使用する際に任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001156.html
JVNDB-2009-002319 SSL および TLS プロトコルに脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002319.html
JVNDB-2009-001918 Microsoft Virtual PC の VMM におけるゲスト OS 内で任意のカーネルモードコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001918.html
JPCERT/CC WEEKLY REPORT
http://www.jpcert.or.jp/wr/2010/wr101001.html
SAP MaxDB Stack Overflow in 'serv.exe' Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023719.html
Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38027
Linux Kernel 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/38185
Linux Kernel 'do_pages_move()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38144
Linux Kernel 'ebtables' Security Bypass Vulnerability
http://www.securityfocus.com/bid/37762
Linux Kernel 'print_fatal_signal()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37724
+ RHSA-2010:0143-1: Moderate: cpio security update
http://rhn.redhat.com/errata/RHSA-2010-0143.html
+ RHSA-2010:0144-1: Moderate: cpio security update
http://rhn.redhat.com/errata/RHSA-2010-0144.html
+ RHSA-2010:0145-1: Moderate: cpio security update
http://rhn.redhat.com/errata/RHSA-2010-0145.html
http://www.securityfocus.com/bid/16057
http://www.securityfocus.com/bid/26445
http://www.securityfocus.com/bid/38628
+ RHSA-2010:0147-1: Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0147.html
+ Multiple Security Vulnerabilities in BIND DNSSEC Software Shipped With Solaris May Cause Bogus NXDOMAIN Responses
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275890-1
+ BIND 9.7.0-P1, 9.6.2-P1, 9.6-ESV, 9.5.2-P3, 9.4-ESV-R1 released
https://www.isc.org/files/release-notes/970p1.html
https://www.isc.org/files/release-notes/962p1.html
https://www.isc.org/files/release-notes/96esv.html
https://www.isc.org/files/release-notes/952p3.html
https://www.isc.org/files/release-notes/94esvr1.html
- RHSA-2010:0142-1: Moderate: tar security update
http://rhn.redhat.com/errata/RHSA-2010-0142.html
[ANNOUNCE] Apache FtpServer 1.0.4 released
http://mina.apache.org/ftpserver/downloads.html
[courier-announce] Courier 0.64.2 released
http://www.courier-mta.org/download.php
Document ID: 347311: Relationship between vds.exe, vxvdsdyn.exe, vdsdyn.dll, and VxVDS.exe and the implications when vxvdsdyn.exe and VxVDS.exe are unregistered
http://seer.entsupport.symantec.com/docs/347311.htm
Debian : New drbd8 packages fix privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32004
Red Hat : Moderate: cpio security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32006
Red Hat : Moderate: tar security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32007
Red Hat : Moderate: tar security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32008
Red Hat : Moderate: cpio security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32009
Red Hat : Moderate: cpio security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32010
Debian : New pulseaudio packages fix insecure temporary directory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32003
Independent Researcher : Vulnerability httpdx v1.5.3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32011
Independent Researcher : Pars CMS SQL Injection Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32014
Independent Researcher : Zigurrat CMS SQL Injection Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32015
Independent Researcher : ZoneAlarm 9 (ForceField) Security Disclosure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32017
Independent Researcher : Multiple DOM-Based XSS in Dojo Toolkit SDK
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32018
RedHat : Moderate: pango security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32005
ZDI : Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32012
[USN-913-1] libpng vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00143.html
[USN-912-1] Audio File Library vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00138.html
ZDI-10-031: Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00137.html
ZDI-10-030: Apple WebKit CSS run-in Attribute Rendering Remote Code Execution Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00142.html
SugarCRM Stored XSS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00136.html
rPSA-2010-0022-1 sendmail sendmail-cf
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00135.html
rPSA-2010-0018-1 bind bind-utils caching-nameserver
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00140.html
Last Call for Papers, CONFidence 2010, 25-26May, Last Call for Papers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00141.html
[SECURITY] [DSA 2017-1] New pulseaudio packages fix insecure temporary directory
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00139.html
「メーカー数は30社から50社、収益は270億円以上」――偽ソフトの実態
「製品数は6年間で3000種類以上」、米マカフィーが報告
http://itpro.nikkeibp.co.jp/article/NEWS/20100317/345898/?ST=security
Trouble Ticket Express Exploit in the Wild a Day After the Vulnerability Announcement
http://isc.sans.org/diary.html?storyid=8437
Internet Explorer 9 "Platform Preview" Now Available From Microsoft
http://isc.sans.org/diary.html?storyid=8440
MyBB Template Parser PHP Code Execution Vulnerability
http://secunia.com/advisories/38941/
Joomla SectionEx Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/38954/
HiWeb Wiesbaden Preisschlacht Products "aid" SQL Injection
http://secunia.com/advisories/38942/
Joomla GAnalytics Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/38953/
Embedthis Appweb "waitCallback()" Denial of Service Vulnerability
http://secunia.com/advisories/38984/
Joomla JA News Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/38952/
WFTPD Server/Pro REST Denial of Service Vulnerability
http://secunia.com/advisories/38948/
IBM HTTP Server mod_isapi Module Unloading Vulnerability
http://secunia.com/advisories/38978/
Joomla RokDownloads Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/38982/
Web Wiz Forums Cross-Site Request Forgery
http://secunia.com/advisories/38997/
Trouble Ticket Express "fid" Arbitrary Command Execution Vulnerability
http://secunia.com/advisories/38944/
RemoteExec Computers List Buffer Overflow Vulnerability
http://secunia.com/advisories/38733/
ParsCMS "id" SQL Injection Vulnerability
http://secunia.com/advisories/39007/
ArGoSoft FTP Server .NET Directory Traversal Vulnerability
http://secunia.com/advisories/38990/
Fedora update for libpng10
http://secunia.com/advisories/39000/
Fedora update for viewvc
http://secunia.com/advisories/39002/
Ziggurat Farsi CMS "id" SQL Injection Vulnerability
http://secunia.com/advisories/39006/
PhpKobo Address Book "LANG_CODE" Local File Inclusion Vulnerabilities
http://secunia.com/advisories/38938/
osDate "config[forum_installed]" File Inclusion Vulnerabilities
http://secunia.com/advisories/38943/
HP Broadcom Integrated NIC Management Firmware Vulnerability
http://secunia.com/advisories/39003/
Red Hat update for tar
http://secunia.com/advisories/38987/
rPath update for sendmail
http://secunia.com/advisories/38998/
rPath update for bind
http://secunia.com/advisories/38999/
Red Hat update for tar
http://secunia.com/advisories/39008/
Red Hat update for cpio
http://secunia.com/advisories/38986/
Red Hat update for cpio
http://secunia.com/advisories/38936/
Red Hat update for cpio
http://secunia.com/advisories/38923/
IBM HTTP Server "mod_isapi" Module Unloading Vulnerability
http://www.vupen.com/english/advisories/2010/0634
WFTPD "REST" Command Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0633
RemoteExec Computers List ".rec" File Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0632
HP PCs Broadcom Integrated NIC Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/0631
MicroWorld eScan for Linux "uname" Command Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0630
Redhat Security Update Fixes Cpio Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0629
Redhat Security Update Fixes Tar Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0628
Redhat Security Update Fixes Pango Array Indexing Vulnerability
http://www.vupen.com/english/advisories/2010/0627
Fedora Security Update Fixes Libpng Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0626
Fedora Security Update Fixes Cronie Timestamp Race Condition
http://www.vupen.com/english/advisories/2010/0625
Fedora Security Update Fixes ViewVC Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0624
rPath Security Update Fixes Sendmail Certificate Spoofing Vulnerability
http://www.vupen.com/english/advisories/2010/0623
rPath Security Update Fixes BIND Cache Poisoning Vulnerabilities
http://www.vupen.com/english/advisories/2010/0622
OpenBSD Security Update Fixes ftpd Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0621
OpenBSD Security Update Fixes OpenSSL Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0620
Debian Security Update Fixes DRBD Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/0619
Debian Security Update Fixes PulseAudio Temporary Directory Issue
http://www.vupen.com/english/advisories/2010/0618
SuSE Security Update Fixes Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2010/0617
Microsoft Virtual PC Hypervisor Virtual Machine Monitor Security Bypass Vulnerability
http://www.securityfocus.com/bid/38764
RETIRED: Phpkobo Address Book Script 'LANG_CODE' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38753
Phpkobo Multiple Products 'LANG_CODE' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38731
Joomla! 'com_rwcards' Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38267
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
Libpng 1-bit Interlaced Images Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35233
Audio File Library (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33066
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
OpenOffice VBA Macro Restrictions Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/38245
OpenOffice Prior to 3.2 Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/38218
WebKit CSS 'run-in' Display Use-After-Free Error Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38690
Joomla! RokDownloads Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38741
Microsoft Windows Movie Maker and Producer '.mswmm' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38515
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118
cronie 'crontab' Symbolic Link Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38391
Apache 'mod_isapi' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38494
Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
http://www.securityfocus.com/bid/30131
ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37865
Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37543
ViewVC 'lib/viewvc.py' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38650
GNU TAR and CPIO safer_name_suffix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/26445
CPIO File Size Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/16057
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38628
Online Community CMS Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/38777
Windisc '.bnz' File Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38775
RogioBiz PHP File Manager 'file_manager.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/38774
Front Door Username Field SQL Injection Vulnerability
http://www.securityfocus.com/bid/38773
SugarCRM Text Filtering Online Documents Section HTML Injection Vulnerability
http://www.securityfocus.com/bid/38772
Chumby Multiple Products Remote Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/38771
Preisschlacht V4 Flash System 'aid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38770
SAP MaxDB 'serv.exe' Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38769
PulseAudio Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/38768
MyBB Template Parser Remote PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/38766
Trouble Ticket Express File Attachment Module Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/38765
IS Decisions RemoteExec '.rec' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38763
WFTPD 'REST' Command Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38762
Joomla! 'com_as' Component 'catid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38757
0 件のコメント:
コメントを投稿