+ BIND 9.6.2 released
https://www.isc.org/files/release-notes/962.html
Linux kernel 2.6.33-git7
http://www.kernel.org/diff/diffview.cgi?file=/pub/linux/kernel//v2.6/snapshots/patch-2.6.33-git7.bz2
Trend Micro Web Security for Yamaha サポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1376
乱数生成器に関する説明会
http://www.ipa.go.jp/security/event/2009/jcmvp/rng_session.html
[F1]キーを押さないで!---Windowsに新たな脆弱性
VBScriptとヘルプの処理に問題、「実証コード」が既に出回る
http://itpro.nikkeibp.co.jp/article/NEWS/20100302/345226/?ST=security
JVNVU#612021 Internet Explorer において VBScript および Windows Help を使用する際に任意のコードが実行される脆弱性
http://jvn.jp/cert/JVNVU612021/index.html
JVNDB-2010-001103 Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001103.html
JVNDB-2010-001102 Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001102.html
JVNDB-2010-001101 Microsoft Office PowerPoint における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001101.html
JVNDB-2010-001100 Microsoft Office PowerPoint における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001100.html
JVNDB-2010-001099 Microsoft Office PowerPoint におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001099.html
JVNDB-2010-001098 Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001098.html
Windows VBScript Script Engine Flaw in Processing Windows Help Files Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023668.html
- マイクロソフト セキュリティ アドバイザリ (981169): VBScript の脆弱性により、リモートでコードが実行される
http://www.microsoft.com/japan/technet/security/advisory/981169.mspx
Microsoft Internet Explorer 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38463
+ Apache Tomcat Connectors 1.2.30 released
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
http://tomcat.apache.org/connectors-doc/news/20100101.html#1%20March%20-%20JK-1.2.30%20released
+- BIND 9.6.2 released
http://ftp.isc.org/isc/bind9/9.6.2/9.6.2
+ iptables 1.4.7 released
http://www.iptables.org/projects/iptables/downloads.html#iptables-1.4.7
http://www.iptables.org/projects/iptables/files/changes-iptables-1.4.7.txt
+ Samba 3.5.0 Available for Download
http://news.samba.org/releases/3.5.0/
http://samba.org/samba/history/samba-3.5.0.html
+ Sudo version 1.7.2p5 was released
http://www.sudo.ws/sudo/news.html
http://www.sudo.ws/sudo/stable.html
+ Microsoft Security Advisory (981169): Vulnerability in VBScript Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/981169.mspx
http://isc.sans.org/diary.html?storyid=8332
http://secunia.com/advisories/38727/
http://www.kb.cert.org/vuls/id/612021
http://www.vupen.com/english/advisories/2010/0485
+ RHSA-2010:0124-1: Important: systemtap security update
http://rhn.redhat.com/errata/RHSA-2010-0124.html
+ RHSA-2010:0125-1: Moderate: systemtap security update
http://rhn.redhat.com/errata/RHSA-2010-0125.html
http://securitytracker.com/alerts/2010/Mar/1023664.html
Thunderbird 3.0.3 Now Available
http://www.mozillamessaging.com/en-US/about/press/archive/-01
http://www.mozillamessaging.com/en-US/thunderbird/3.0.3/releasenotes/
- Buffer Overflow Vulnerability in Lotus iNotes ActiveX Control
http://www-01.ibm.com/support/docview.wss?uid=swg21421808
RHBA-2010:0127-1: libXi bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0127.html
[ MDVSA-2010:051 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00010.html
[SECURITY] [DSA 2004-1] New Linux 2.6.24 packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00008.html
[SECURITY] [DSA 2004-1] New samba packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00007.html
Oracle Siebel 7.x CRM Cross Site Scripting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00006.html
CONFidence 2010 /25-26 May/, CfP
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00005.html
Month of PHP Security 2010 - CALL FOR PAPERS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00001.html
[USN-905-1] sudo vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00000.html
ARISg5 (Version 5.0) Cross Site Scripting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00002.html
「秘密情報を分割、複数のセンターに保存」――NRIセキュアが実証実験
「分割データからは元データを推測できない」、およそ30社が実験に参加
http://itpro.nikkeibp.co.jp/article/NEWS/20100302/345223/?ST=security
「APECと同等のプラバシ・ポリシーを全社採用」、米Microsoft最高プライバシ責任者が説明
http://itpro.nikkeibp.co.jp/article/NEWS/20100301/345201/?ST=security
Debian : New Linux 2.6.24 packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31883
Debian : New samba packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31882
IE 0-day using .hlp files
http://isc.sans.org/diary.html?storyid=8332
SystemTap Buffer Overflow in __get_argv() May Let Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Mar/1023664.html
- KVM x86 Emulator Flaw Lets Local Users Gain Elevated Privileges on the Guest Operating System
http://securitytracker.com/alerts/2010/Mar/1023663.html
IBM Lotus iNotes Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023662.html
DeDeCMS Authentication Security Bypass
http://secunia.com/advisories/38790/
IBM Lotus Domino Web Access Multiple Vulnerabilities
http://secunia.com/advisories/38755/
IBM Lotus Domino Web Access 6 ActiveX Control Buffer Overflow
http://secunia.com/advisories/38744/
IBM Lotus Domino Web Access / iNotes ActiveX Control Buffer Overflow
http://secunia.com/advisories/38681/
Joomla YaNC Component "listid" SQL Injection Vulnerability
http://secunia.com/advisories/38780/
FtpDisc FTP "GET" Buffer Overflow Vulnerability
http://secunia.com/advisories/38724/
Baykus Yemek Tarifleri Scripti SQL Injection Vulnerabilities
http://secunia.com/advisories/38760/
Blax Blog "kadi" SQL Injection Vulnerability
http://secunia.com/advisories/38758/
ScriptsFeed Business Directory Software "us" and "ps" SQL Injection Vulnerabilities
http://secunia.com/advisories/38771/
ScriptsFeed Dating Software "txtgender" and "txtlookgender" SQL Injection Vulnerabilities
http://secunia.com/advisories/38767/
Pre Classified Listings ASP Multiple Vulnerabilities
http://secunia.com/advisories/38768/
DZ EROTIK Auktionshaus "V4rgo" "id" SQL Injection Vulnerability
http://secunia.com/advisories/38792/
Debian update for linux-2.6.24
http://secunia.com/advisories/38810/
Uiga FanClub SQL Injection and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38756/
Uiga Personal Portal "id" SQL Injection Vulnerability
http://secunia.com/advisories/38757/
Microsoft Windows "MsgBox()" HLP File Execution Vulnerability
http://secunia.com/advisories/38727/
Article Friendly "filename" File Inclusion Vulnerability
http://secunia.com/advisories/38715/
Oracle Siebel Loyalty Management "start.swe" Cross-Site Scripting
http://secunia.com/advisories/38802/
Fedora update for httpd
http://secunia.com/advisories/38813/
Fedora update for squid
http://secunia.com/advisories/38812/
Debian update for samba
http://secunia.com/advisories/38811/
Docebo Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/38422/
Ubuntu update for sudo
http://secunia.com/advisories/38795/
Vulnerability Note VU#612021: Internet Explorer VBScript Windows Help arbitrary code execution
http://www.kb.cert.org/vuls/id/612021
IBM Lotus iNotes ActiveX Control and UltraLite Vulnerabilities
http://www.vupen.com/english/advisories/2010/0496
IBM Lotus iNotes ActiveX Control Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0495
Scriptsfeed Business Directory Remote SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/0494
Scriptsfeed Dating Software Remote SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/0493
phpMySite Remote SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0492
Tracking Requirements and Use Cases Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0491
Blax Blog "kadi" and "sifre" Remote SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/0490
Baykus Yemek Tarifleri Multiple Remote SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/0489
Uiga Personal Portal "id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0488
Uiga FanClub "id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0487
Oracle Siebel Loyalty Management "start.swe" Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2010/0486
Microsoft Windows "MsgBox()" Help File Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/0485
Symantec AntiVirus and Symantec Endpoint Protection Scan Evasion Vulnerability
http://www.securityfocus.com/bid/38219
Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38432
Linux Kernel KVM 'handle_dr()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37221
Sun Java System Directory Server LDAP Search Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/37899
Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38326
Mozilla Firefox/Thunderbird/SeaMonkey HTML Parser Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38287
Microsoft PowerPoint Viewer TextBytesAtom Record Stack Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38107
Adobe Acrobat and Reader CVE-2010-0188 Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38195
PHP LCG Entropy Security Vulnerability
http://www.securityfocus.com/bid/38430
SystemTap 'stat-server' Remote Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/37842
SystemTap '__get_argv()' and '__get_compat_argv()' Local Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/38120
OpenOffice Prior to 3.2 Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/38218
Gravity Board X Multiple SQL Injection Vulnerabilities and Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/34370
Joomla! Pax Gallery 'gid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/33035
RETIRED: Drupal Realname User Reference Widget Module Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38255
RETIRED: Drupal Advanced Help Injection and Export Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/38284
Joomla! LiveTicker 'tid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/33010
Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37992
Linux Kernel 'megaraid_sas' Driver Insecure File Permission Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37019
Linux Kernel 'ebtables' Security Bypass Vulnerability
http://www.securityfocus.com/bid/37762
Linux Kernel CVE-2010-0291 'mmap()' and 'mremap()' Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/37906
Linux Kernel 'print_fatal_signal()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37724
Linux Kernel 'drivers/connector/connector.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38058
Linux Kernel 'hfc_usb.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37036
Linux Kernel 'drivers/scsi/gdth.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37068
Linux Kernel 'drivers/firewire/ohci.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/37339
Linux Kernel with SELinux 'mmap_min_addr' Low Memory NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36051
Linux e1000e Driver 'Jumbo Frame' Handling Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/37523
Linux e1000 Driver 'Jumbo Frame' Handling Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/37519
Linux Kernel 'do_pages_move()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38144
Linux Kernel 'nfs4_proc_lock()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36936
Linux Kernel 'fuse_direct_io()' Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37069
Linux Kernel 'fs/proc/base.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36019
Linux Kernel PI Futex Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38165
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Squid Web Proxy Cache HTCP Request Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38212
Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36260
Apache mod_proxy_ftp Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/36254
Scriptsfeed Business Directory Software 'login.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/38470
DeDeCMS '_SESSION[dede_admin_id]' Parameter Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/38469
Linux Kernel KVM Segment Selector Loading Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38467
Uiga Fan Club Login Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/38466
Blax Blog 'girisyap.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38465
Uiga Fan Club and Personal Portal 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38464
Article Friendly 'filename' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38461
ExtCalendar 'upgrade.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38458
Domino Web Access ActiveX Control Unspecified Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38457
Oracle Siebel 'loyalty_enu/start.swe' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38456
Joomla! 'com_yanc' Component 'listid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38454
0 件のコメント:
コメントを投稿