http://mirror.postfix.jp/postfix-release/official/postfix-2.5.10.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.4.14.HISTORY
Firefox 3.6.2 update now available as free download
http://www.mozilla.com/firefox/3.6.2/releasenotes/
ALERT WEEKLY SUMMARY REPORT
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275470-1
JVNDB-2010-001179 複数の VMware 製品の ioctl におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001179.html
JVNDB-2010-001178 複数の VMware 製品の VNnc コーデックにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001178.html
JVNDB-2010-001177 複数の VMware 製品の VNnc コーデックにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001177.html
JVNDB-2010-001176 VMware ACE の ACE 共有フォルダ実装における無効にされた共有フォルダを有効にされる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001176.html
JVNDB-2010-001175 複数の VMware 製品の VI Client におけるパスワードを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001175.html
JVNDB-2010-001174 Apache HTTP Server の ap_read_request 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001174.html
JVNDB-2010-001173 Apache HTTP Server の ap_proxy_ajp_request 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001173.html
JVNDB-2010-001172 KVM の x86 エミュレータにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001172.html
+ Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
+ A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol(NTP) Service
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275590-1
+ Postfix 2.6 Patchlevel 6 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.6.HISTORY
+- IBM Lotus Notes 'names.nsf' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38880
+- IBM Lotus Notes 'names.nsf' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38852
Year 1 prototype release of BIND 10 is now available
http://bind10.isc.org/wiki/Year1Deliverable
http://bind10.isc.org/
cURL: Twelve years old and time for git
http://curl.haxx.se/source.html
Package: Courier 0.64.2 released
https://sourceforge.net/projects/courier/files/courier/0.64.2/courier-0.64.2.tar.bz2/download
Package: maildrop 2.4.3 released
https://sourceforge.net/projects/courier/files/maildrop/2.4.3/maildrop-2.4.3.tar.bz2/download
Dovecot 2.0.beta4 released
http://www.dovecot.org/list/dovecot-news/2010-March/000153.html
Linux kernel 2.6.34-rc2 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.34-rc2
Linux Kernel release: 2.6.34-rc2
http://www.linux.org/news/2010/03/20/0001.html
Nordic Perl Workshop 2010
http://use.perl.org/article.pl?sid=10/03/19/2216230&from=rss
Corelan Security Team : Ken Ward Zipper .zip 0day Stack BOF
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32059
Debian : New spamass-milter packages fix remote command execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32055
Corelan Security Team : Remote Help 0.0.7 Httpd DoS (Format String)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32057
Debian : New pango1.0 packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32053
Debian : New ikiwiki packages fix cross-site scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32054
Mandriva : Security Announce curl
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32052
Independent Researcher : Vulnerability Httpdx v1.5.3b
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32056
Independent Researcher : IBM Lotus 6.x HTTP Response Splitting Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32061
MustLive : Vulnerabilities in WordPress
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32058
Computer Associates : Security Notice for CA ARCserve Backup
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32051
Debian : New php5 packages fix null pointer dereference
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32050
RHBA-2010:0159-1: rhnlib bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0159.html
[SECURITY] [DSA 2020-1] New ikiwiki packages fix cross-site scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00167.html
[SECURITY] [DSA-2019-1] New pango1.0 packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00166.html
[ MDVSA-2010:062 ] curl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00163.html
IBM Lotus 6.x names.nsf Cross Site Scripting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00165.html
Firefox 3.6 for Windows includes a forged CA cert
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00164.html
Aris AGX agXchange ESM Open Redirection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00162.html
announcing skipfish, an automated web app security scanner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00161.html
Vulnerability Httpdx v1.5.3b
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00160.html
IBM Lotus 6.x HTTP Response Splitting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00159.html
There are lost of xss vul in PHPWind v6.0 !
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00158.html
CA20100318-01: Security Notice for CA ARCserve Backup
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00156.html
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00155.html
[USN-915-1] Thunderbird vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00157.html
Skipfish - Web Application Security Tool
http://isc.sans.org/diary.html?storyid=8467
Responding To The Unexpected
http://isc.sans.org/diary.html?storyid=8470
Firefox 3.6.2 to be released March 30
http://isc.sans.org/diary.html?storyid=8458
BitDefender 2010 Update Problem
http://isc.sans.org/diary.html?storyid=8464
I Know What Your Office Equipment Did Last Summer...
http://isc.sans.org/diary.html?storyid=8455
Heimdal Kerberos Length Checking Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023731.html
Mozilla Thunderbird SSPI Authentication and Message Indexing Bugs May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023730.html
Mozilla Seamonkey SSPI Authentication and Message Indexing Bugs May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023729.html
Mozilla Seamonkey Plugin Content Flaw Lets Remote Users Access Files
http://securitytracker.com/alerts/2010/Mar/1023728.html
CA ARCserve Backup Includes a Vulnerable Distribution of Java Runtime Environment
http://securitytracker.com/alerts/2010/Mar/1023727.html
Asterisk T.38 Remote Crash Vulnerability
http://www.securiteam.com/unixfocus/5EP382K0US.html
HP Enterprise Cluster Master Toolkit Local Unauthorized Access
http://www.securiteam.com/unixfocus/5CP362K0UQ.html
RealNetworks RealPlayer 11 HTTP Chunked Encoding Vulnerability
http://www.securiteam.com/unixfocus/5OP3B2K0UK.html
HP-UX running HP CIFS Server Remote Unauthorized Access
http://www.securiteam.com/unixfocus/5DP372K0UU.html
HP OpenVMS RMS Local Escalation of Privilege
http://www.securiteam.com/unixfocus/5FP392K0UI.html
Mozilla Bugzilla Multiple Vulnerabilities
http://www.securiteam.com/unixfocus/5QP3D2K0UK.html
RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability
http://www.securiteam.com/securitynews/5NP3A2K0UC.html
Real Networks RealPlayer Compressed GIF Handling Integer Overflow
http://www.securiteam.com/securitynews/5PP3C2K0UA.html
Online Community Site SQL Injection Vulnerabilities
http://secunia.com/advisories/38963/
IBM OS/400 HTTP Server Information Disclosure Vulnerability
http://secunia.com/advisories/39081/
Mini CMS RibaFS "login" SQL Injection Vulnerability
http://secunia.com/advisories/39018/
GLPI phpCAS Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39086/
GLPI Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39083/
Debian update for spamass-milter
http://secunia.com/advisories/38956/
Webmatic Cross-Site Scripting and Script Insertion Vulnerabilities
http://secunia.com/advisories/39035/
Fedora update for esorex
http://secunia.com/advisories/39075/
Pay Per Watch & Bid Auktions System "id_auk" SQL Injection Vulnerability
http://secunia.com/advisories/39059/
eDisplay Personal FTP Server Buffer Overflow Vulnerabilities
http://secunia.com/advisories/39045/
Teamsite Hack Plugin "userid" SQL Injection Vulnerability
http://secunia.com/advisories/39009/
Secure Dept Portal Security Bypass Vulnerabilities
http://secunia.com/advisories/39085/
Secure Portal Security Bypass Vulnerabilities
http://secunia.com/advisories/39052/
Ken Ward's Zipper Buffer Overflow Vulnerability
http://secunia.com/advisories/39017/
phpCAS Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39055/
notsoPureEdit "content" File Inclusion Vulnerability
http://secunia.com/advisories/39070/
Joomla! JE Form Creator Component "view" Local File Inclusion Vulnerability
http://secunia.com/advisories/39063/
Fedora update for dpkg
http://secunia.com/advisories/39077/
Debian update for ikiwiki
http://secunia.com/advisories/39048/
Debian update for pango1.0
http://secunia.com/advisories/39041/
Heimdal Two Denial of Service Vulnerabilities
http://secunia.com/advisories/39037/
Fedora update for gnu-smalltalk
http://secunia.com/advisories/39082/
GNU Smalltalk libtool Search Path Privilege Escalation Security Issue
http://secunia.com/advisories/39076/
IBM HTTP Server Multiple Vulnerabilities
http://secunia.com/advisories/39044/
Limny Multiple Vulnerabilities
http://secunia.com/advisories/39014/
Crimson Editor Configuration File Buffer Overflow Vulnerability
http://secunia.com/advisories/39042/
SiteDone Custom Edition "articleId" SQL Injection Vulnerability
http://secunia.com/advisories/39038/
CA ARCserve Backup JRE Multiple Vulnerabilities
http://secunia.com/advisories/38929/
Ubuntu update for thunderbird
http://secunia.com/advisories/38977/
Liquid XML Studio LtXmlComHelp8 ActiveX "OpenFile()" Buffer Overflow
http://secunia.com/advisories/38974/
Debian update for php5
http://secunia.com/advisories/38930/
eFront "langname" Parameter Processing Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0681
Secure Dept Portal Unspecified Script Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2010/0680
Secure Portal Unspecified Script Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2010/0679
Ken Ward Zipper ZIP Archive Filename Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0678
phpCAS URL Data Processing Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0677
Jewelry Cart "disproid" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0676
Fw-BofF "configRootDir" and "configDBchoice" File Inclusion Issues
http://www.vupen.com/english/advisories/2010/0675
WebMaid CMS Multiple Parameter File Inclusion Vulnerabilities
http://www.vupen.com/english/advisories/2010/0674
notsoPureEdit "content" Parameter Remote File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0673
4xcms "user" Parameter Processing Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0672
Gift Exchange for Joomla "pkg" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0671
Pay Per Watch & Bid Auktions System "id_auk" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0670
Trouble Ticket Express "fid" Parameter File Download Vulnerability
http://www.vupen.com/english/advisories/2010/0669
IBM HTTP Server Security Update Fixes Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0668
Fedora Security Update Fixes Libpng Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0667
Fedora Security Update Fixes dpkg Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2010/0666
Fedora Security Update Fixes Cpio Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0665
Fedora Security Update Fixes Smalltalk Libtool Untrusted Path Issue
http://www.vupen.com/english/advisories/2010/0664
Fedora Security Update Fixes EsoRex Libtool Untrusted Path Issue
http://www.vupen.com/english/advisories/2010/0663
Debian Security Update Fixes ikiwiki Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0662
Debian Security Update Fixes Pango Array Indexing Vulnerability
http://www.vupen.com/english/advisories/2010/0661
Mandriva Security Update Fixes cURL Data Callback Excessive Length
http://www.vupen.com/english/advisories/2010/0660
CA ARCserve Backup JRE Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2010/0659
Debian Security Update Fixes PHP XML-RPC Denial of Service Issue
http://www.vupen.com/english/advisories/2010/0658
Ubuntu Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0657
Kenward zipper v1.4 0day Stack Buffer Overflow PoC exploit
http://www.exploit-db.com/exploits/11834
Uiga Fan Club and Personal Portal 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38464
Apache Subrequest Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38580
Linux Kernel 'drivers/connector/connector.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38058
Linux Kernel PI Futex Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38165
Linux Kernel 'do_pages_move()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38144
Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37130
GNU Libtool 'libltdl' Library Search Path Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37128
Qualiteam X-Cart 'cart.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38205
Advanced Software Engineering ChartDirector 'cacheId' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36300
Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38555
Yahoo! Player Playlist Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38581
SpamAssassin Milter Plugin 'mlfi_envrcpt()' Remote Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/38578
ikiwiki 'htmlscrubber' Plugin Remote Script Code Injection Vulnerability
http://www.securityfocus.com/bid/38844
Pango Glyph Definition Table Denial of Service Vulnerability
http://www.securityfocus.com/bid/38760
dpkg-source Directory Traversal Vulnerability
http://www.securityfocus.com/bid/38654
Mozilla Firefox Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38298
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38628
cURL/libcURL CURLOPT_ENCODING Option Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38162
OpenPage 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38888
freeSSHd SSH2 Connection Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38887
Powie PowieSys 'shownews' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38886
Ken Ward's Zipper 'filename' Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38885
Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38884
phpCAS Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/38883
GLPI Prior to 0.72.4 Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38882
Mini CMS RibaFS 'admin/login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38881
agXchange ESM 'ucschcancelproc.jsp' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38879
WordPress Password Protection Security Bypass Vulnerability
http://www.securityfocus.com/bid/38876
Remote Help HTTP GET Request Format String Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38875
Wazzum Dating Software Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/38873
Woltlab Burning Board Lexikon Plugin 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38871
Woltlab Burning Board Teamsite Hack Plugin 'userid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38870
Heimdal Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/38868
Pay Per Auction Watch & Bid System 'id_auk' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38878
KDE KSysguard '.sgrd' File Processing Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/38872
Joomla! Gift Exchange Component 'pkg' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38869
Microsoft Windows Media Player AVI File Colorspace Conversion Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38790
Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38491
MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
http://www.securityfocus.com/bid/37749
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37255
Realtek Media Player Playlist Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32860
MediaCoder Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38405
IBM Lotus Notes 'names.nsf' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38880
Webmatic HTML Injection and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38874
PHPWind Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38867
Joomla! 'com_jeformcr' Component 'view' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38866
Dew-Code Dew-NewPHPLinks 'lang' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/38864
Sahana 'stream.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/38863
eDisplay Personal FTP server Multiple Commands Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/38860
Limny 2.01 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/38859
eDisplay Personal FTP Server 'USER' Command Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38855
Xilisoft Video Converter Wizard '.yuv' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38854
IBM Lotus Notes 'names.nsf' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38852
Computer Associates ARCserve Backup JRE Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/38851
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
+ A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol(NTP) Service
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275590-1
+ Postfix 2.6 Patchlevel 6 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.6.HISTORY
+- IBM Lotus Notes 'names.nsf' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38880
+- IBM Lotus Notes 'names.nsf' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38852
Year 1 prototype release of BIND 10 is now available
http://bind10.isc.org/wiki/Year1Deliverable
http://bind10.isc.org/
cURL: Twelve years old and time for git
http://curl.haxx.se/source.html
Package: Courier 0.64.2 released
https://sourceforge.net/projects/courier/files/courier/0.64.2/courier-0.64.2.tar.bz2/download
Package: maildrop 2.4.3 released
https://sourceforge.net/projects/courier/files/maildrop/2.4.3/maildrop-2.4.3.tar.bz2/download
Dovecot 2.0.beta4 released
http://www.dovecot.org/list/dovecot-news/2010-March/000153.html
Linux kernel 2.6.34-rc2 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.34-rc2
Linux Kernel release: 2.6.34-rc2
http://www.linux.org/news/2010/03/20/0001.html
Nordic Perl Workshop 2010
http://use.perl.org/article.pl?sid=10/03/19/2216230&from=rss
Corelan Security Team : Ken Ward Zipper .zip 0day Stack BOF
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32059
Debian : New spamass-milter packages fix remote command execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32055
Corelan Security Team : Remote Help 0.0.7 Httpd DoS (Format String)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32057
Debian : New pango1.0 packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32053
Debian : New ikiwiki packages fix cross-site scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32054
Mandriva : Security Announce curl
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32052
Independent Researcher : Vulnerability Httpdx v1.5.3b
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32056
Independent Researcher : IBM Lotus 6.x HTTP Response Splitting Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32061
MustLive : Vulnerabilities in WordPress
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32058
Computer Associates : Security Notice for CA ARCserve Backup
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32051
Debian : New php5 packages fix null pointer dereference
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32050
RHBA-2010:0159-1: rhnlib bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0159.html
[SECURITY] [DSA 2020-1] New ikiwiki packages fix cross-site scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00167.html
[SECURITY] [DSA-2019-1] New pango1.0 packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00166.html
[ MDVSA-2010:062 ] curl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00163.html
IBM Lotus 6.x names.nsf Cross Site Scripting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00165.html
Firefox 3.6 for Windows includes a forged CA cert
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00164.html
Aris AGX agXchange ESM Open Redirection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00162.html
announcing skipfish, an automated web app security scanner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00161.html
Vulnerability Httpdx v1.5.3b
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00160.html
IBM Lotus 6.x HTTP Response Splitting Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00159.html
There are lost of xss vul in PHPWind v6.0 !
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00158.html
CA20100318-01: Security Notice for CA ARCserve Backup
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00156.html
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00155.html
[USN-915-1] Thunderbird vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00157.html
Skipfish - Web Application Security Tool
http://isc.sans.org/diary.html?storyid=8467
Responding To The Unexpected
http://isc.sans.org/diary.html?storyid=8470
Firefox 3.6.2 to be released March 30
http://isc.sans.org/diary.html?storyid=8458
BitDefender 2010 Update Problem
http://isc.sans.org/diary.html?storyid=8464
I Know What Your Office Equipment Did Last Summer...
http://isc.sans.org/diary.html?storyid=8455
Heimdal Kerberos Length Checking Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023731.html
Mozilla Thunderbird SSPI Authentication and Message Indexing Bugs May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023730.html
Mozilla Seamonkey SSPI Authentication and Message Indexing Bugs May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023729.html
Mozilla Seamonkey Plugin Content Flaw Lets Remote Users Access Files
http://securitytracker.com/alerts/2010/Mar/1023728.html
CA ARCserve Backup Includes a Vulnerable Distribution of Java Runtime Environment
http://securitytracker.com/alerts/2010/Mar/1023727.html
Asterisk T.38 Remote Crash Vulnerability
http://www.securiteam.com/unixfocus/5EP382K0US.html
HP Enterprise Cluster Master Toolkit Local Unauthorized Access
http://www.securiteam.com/unixfocus/5CP362K0UQ.html
RealNetworks RealPlayer 11 HTTP Chunked Encoding Vulnerability
http://www.securiteam.com/unixfocus/5OP3B2K0UK.html
HP-UX running HP CIFS Server Remote Unauthorized Access
http://www.securiteam.com/unixfocus/5DP372K0UU.html
HP OpenVMS RMS Local Escalation of Privilege
http://www.securiteam.com/unixfocus/5FP392K0UI.html
Mozilla Bugzilla Multiple Vulnerabilities
http://www.securiteam.com/unixfocus/5QP3D2K0UK.html
RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability
http://www.securiteam.com/securitynews/5NP3A2K0UC.html
Real Networks RealPlayer Compressed GIF Handling Integer Overflow
http://www.securiteam.com/securitynews/5PP3C2K0UA.html
Online Community Site SQL Injection Vulnerabilities
http://secunia.com/advisories/38963/
IBM OS/400 HTTP Server Information Disclosure Vulnerability
http://secunia.com/advisories/39081/
Mini CMS RibaFS "login" SQL Injection Vulnerability
http://secunia.com/advisories/39018/
GLPI phpCAS Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39086/
GLPI Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39083/
Debian update for spamass-milter
http://secunia.com/advisories/38956/
Webmatic Cross-Site Scripting and Script Insertion Vulnerabilities
http://secunia.com/advisories/39035/
Fedora update for esorex
http://secunia.com/advisories/39075/
Pay Per Watch & Bid Auktions System "id_auk" SQL Injection Vulnerability
http://secunia.com/advisories/39059/
eDisplay Personal FTP Server Buffer Overflow Vulnerabilities
http://secunia.com/advisories/39045/
Teamsite Hack Plugin "userid" SQL Injection Vulnerability
http://secunia.com/advisories/39009/
Secure Dept Portal Security Bypass Vulnerabilities
http://secunia.com/advisories/39085/
Secure Portal Security Bypass Vulnerabilities
http://secunia.com/advisories/39052/
Ken Ward's Zipper Buffer Overflow Vulnerability
http://secunia.com/advisories/39017/
phpCAS Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39055/
notsoPureEdit "content" File Inclusion Vulnerability
http://secunia.com/advisories/39070/
Joomla! JE Form Creator Component "view" Local File Inclusion Vulnerability
http://secunia.com/advisories/39063/
Fedora update for dpkg
http://secunia.com/advisories/39077/
Debian update for ikiwiki
http://secunia.com/advisories/39048/
Debian update for pango1.0
http://secunia.com/advisories/39041/
Heimdal Two Denial of Service Vulnerabilities
http://secunia.com/advisories/39037/
Fedora update for gnu-smalltalk
http://secunia.com/advisories/39082/
GNU Smalltalk libtool Search Path Privilege Escalation Security Issue
http://secunia.com/advisories/39076/
IBM HTTP Server Multiple Vulnerabilities
http://secunia.com/advisories/39044/
Limny Multiple Vulnerabilities
http://secunia.com/advisories/39014/
Crimson Editor Configuration File Buffer Overflow Vulnerability
http://secunia.com/advisories/39042/
SiteDone Custom Edition "articleId" SQL Injection Vulnerability
http://secunia.com/advisories/39038/
CA ARCserve Backup JRE Multiple Vulnerabilities
http://secunia.com/advisories/38929/
Ubuntu update for thunderbird
http://secunia.com/advisories/38977/
Liquid XML Studio LtXmlComHelp8 ActiveX "OpenFile()" Buffer Overflow
http://secunia.com/advisories/38974/
Debian update for php5
http://secunia.com/advisories/38930/
eFront "langname" Parameter Processing Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0681
Secure Dept Portal Unspecified Script Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2010/0680
Secure Portal Unspecified Script Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2010/0679
Ken Ward Zipper ZIP Archive Filename Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0678
phpCAS URL Data Processing Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0677
Jewelry Cart "disproid" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0676
Fw-BofF "configRootDir" and "configDBchoice" File Inclusion Issues
http://www.vupen.com/english/advisories/2010/0675
WebMaid CMS Multiple Parameter File Inclusion Vulnerabilities
http://www.vupen.com/english/advisories/2010/0674
notsoPureEdit "content" Parameter Remote File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0673
4xcms "user" Parameter Processing Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0672
Gift Exchange for Joomla "pkg" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0671
Pay Per Watch & Bid Auktions System "id_auk" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0670
Trouble Ticket Express "fid" Parameter File Download Vulnerability
http://www.vupen.com/english/advisories/2010/0669
IBM HTTP Server Security Update Fixes Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0668
Fedora Security Update Fixes Libpng Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0667
Fedora Security Update Fixes dpkg Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2010/0666
Fedora Security Update Fixes Cpio Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0665
Fedora Security Update Fixes Smalltalk Libtool Untrusted Path Issue
http://www.vupen.com/english/advisories/2010/0664
Fedora Security Update Fixes EsoRex Libtool Untrusted Path Issue
http://www.vupen.com/english/advisories/2010/0663
Debian Security Update Fixes ikiwiki Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0662
Debian Security Update Fixes Pango Array Indexing Vulnerability
http://www.vupen.com/english/advisories/2010/0661
Mandriva Security Update Fixes cURL Data Callback Excessive Length
http://www.vupen.com/english/advisories/2010/0660
CA ARCserve Backup JRE Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2010/0659
Debian Security Update Fixes PHP XML-RPC Denial of Service Issue
http://www.vupen.com/english/advisories/2010/0658
Ubuntu Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0657
Kenward zipper v1.4 0day Stack Buffer Overflow PoC exploit
http://www.exploit-db.com/exploits/11834
Uiga Fan Club and Personal Portal 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38464
Apache Subrequest Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38580
Linux Kernel 'drivers/connector/connector.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38058
Linux Kernel PI Futex Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38165
Linux Kernel 'do_pages_move()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38144
Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37130
GNU Libtool 'libltdl' Library Search Path Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37128
Qualiteam X-Cart 'cart.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38205
Advanced Software Engineering ChartDirector 'cacheId' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36300
Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38555
Yahoo! Player Playlist Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38581
SpamAssassin Milter Plugin 'mlfi_envrcpt()' Remote Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/38578
ikiwiki 'htmlscrubber' Plugin Remote Script Code Injection Vulnerability
http://www.securityfocus.com/bid/38844
Pango Glyph Definition Table Denial of Service Vulnerability
http://www.securityfocus.com/bid/38760
dpkg-source Directory Traversal Vulnerability
http://www.securityfocus.com/bid/38654
Mozilla Firefox Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38298
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38628
cURL/libcURL CURLOPT_ENCODING Option Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38162
OpenPage 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38888
freeSSHd SSH2 Connection Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38887
Powie PowieSys 'shownews' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38886
Ken Ward's Zipper 'filename' Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38885
Apple Safari Nested 'object' Tag Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38884
phpCAS Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/38883
GLPI Prior to 0.72.4 Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38882
Mini CMS RibaFS 'admin/login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38881
agXchange ESM 'ucschcancelproc.jsp' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38879
WordPress Password Protection Security Bypass Vulnerability
http://www.securityfocus.com/bid/38876
Remote Help HTTP GET Request Format String Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38875
Wazzum Dating Software Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/38873
Woltlab Burning Board Lexikon Plugin 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38871
Woltlab Burning Board Teamsite Hack Plugin 'userid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38870
Heimdal Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/38868
Pay Per Auction Watch & Bid System 'id_auk' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38878
KDE KSysguard '.sgrd' File Processing Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/38872
Joomla! Gift Exchange Component 'pkg' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38869
Microsoft Windows Media Player AVI File Colorspace Conversion Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38790
Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38491
MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
http://www.securityfocus.com/bid/37749
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37255
Realtek Media Player Playlist Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32860
MediaCoder Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38405
IBM Lotus Notes 'names.nsf' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38880
Webmatic HTML Injection and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38874
PHPWind Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38867
Joomla! 'com_jeformcr' Component 'view' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38866
Dew-Code Dew-NewPHPLinks 'lang' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/38864
Sahana 'stream.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/38863
eDisplay Personal FTP server Multiple Commands Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/38860
Limny 2.01 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/38859
eDisplay Personal FTP Server 'USER' Command Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38855
Xilisoft Video Converter Wizard '.yuv' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38854
IBM Lotus Notes 'names.nsf' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38852
Computer Associates ARCserve Backup JRE Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/38851
0 件のコメント:
コメントを投稿