MySQL 5.1.46 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco IOS Software MPLS Packet Vulnerability
http://www.cisco.com/warp/public/707/cisco-amb-20100324-ldp.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Unified Communications Manager Express and Cisco IOS Software H.323 and SIP DoS Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-amb-20100324-voice.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability
http://www.cisco.com/warp/public/707/cisco-amb-20100324-tcp.shtml
欧州における情報セキュリティ関連動向調査報告書
Study on EU Information Security Situation
http://www.ipa.go.jp/security/fy21/reports/fraunhofer/index.html
JPCERT/CC WEEKLY REPORT 2010-03-25
http://www.jpcert.or.jp/wr/2010/wr101101.html
JVNDB-2010-001186 Apple Safari の Cascading Style Sheet 実装 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001186.html
JVNDB-2010-001185 Apple Safari における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001185.html
JVNDB-2010-001184 Apple Safari の PubSub における Cookie が設定される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001184.html
JVNDB-2010-001183 Apple Safari の ImageIO における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001183.html
JVNDB-2010-001182 Apple Safari の ImageIO における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001182.html
JVNDB-2010-001181 Apple Safari の ImageIO における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001181.html
JVNDB-2010-001180 Apple Safari の ColorSync における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001180.html
JVNDB-2009-001925 libtiff の LZWDecodeCompat 関数におけるバッファアンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001925.html
JVNDB-2008-001453 Apache HTTP Server の ap_proxy_http_process_response() 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001453.html
JVNDB-2007-001201 GNU tar の safer_name_suffix 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001201.html
JVNDB-2005-000872 GNU cpio における大きなサイズのファイル処理によるバッファーオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000872.html
Google、Gmailに不審なアクセスを警告する機能を追加
http://itpro.nikkeibp.co.jp/article/NEWS/20100325/346176/?ST=security
Microsoft PowerPoint LinkedSlideAtom Heap Overflow Vulnerability
http://www.securiteam.com/windowsntfocus/5FP3K0U0UQ.html
Microsoft PowerPoint OEPlaceholderAtom Use-After-Free Vulnerability
http://www.securiteam.com/windowsntfocus/5EP3J0U0UQ.html
Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability
http://www.securiteam.com/unixfocus/5DP3I0U0UA.html
HP Project and Portfolio Management Center Input Validation Hole Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Mar/1023749.html
+ Two Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273551-1
+ HPSBUX02508 SSRT100007 rev.1 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02009860
+ OpenSSL 0.9.8n is now available
http://www.openssl.org/source/
+ OpenSSL Security Advisory: "Record of death" vulnerability in OpenSSL 0.9.8f through 0.9.8m
http://www.openssl.org/news/secadv_20100324.txt
http://securitytracker.com/alerts/2010/Mar/1023748.html
++ Cisco Security Advisory: Cisco IOS Software IPsec Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100324-ipsec.shtml
+ Cisco Security Advisory: Cisco IOS Software NAT Skinny Call Control Protocol Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100324-sccp.shtml
+ Cisco Security Advisory: Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100324-ldp.shtml
+ Cisco Security Advisory: Cisco IOS Software H.323 Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml
+ Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f32.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml
+ Cisco Security Advisory: Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml
[ANNOUNCE] Release of Apache MyFaces Extensions Validator 1.1.3, 1.2.3 and 2.0.3
http://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310821&styleName=Html&version=12314098
http://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310821&styleName=Html&version=12313876
http://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310821&styleName=Html&version=12313875
HPSBMA02436 SSRT080064 rev.1 - HP Project and Portfolio Management Center (PPMC), Remote Cross Site Scripting (XSS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01762443&docLocale=en&admit=109447626+1269488162970+28353475
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml
Independent Researcher : Multiple vulnerabilities in Deliver
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32076
Ubuntu Security Notice : Samba vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32071
Ubuntu Security Notice : Puppet vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32072
Debian : New mediawiki packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32073
Digital Security Research Group : SAP GUI - Insecure method, code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32079
悪人向け「ウイルス検査サービス」登場! 対策ソフト回避が目的
既存の無料サービスには“限界”、1ファイル当たり15セントから
http://itpro.nikkeibp.co.jp/article/NEWS/20100324/346088/?ST=security
PCI DSSで効果的な二つのセキュリティ技術、ビジネスアシュアランスが講演
http://itpro.nikkeibp.co.jp/article/NEWS/20100324/346148/?ST=security
「2010年はエンドポイントセキュリティの見直し時期」とガートナーの石橋氏
http://itpro.nikkeibp.co.jp/article/NEWS/20100324/346161/?ST=security
Symlink attack with Solaris Update manager and Sun Patch Cluster
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00209.html
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00210.html
Cisco Security Advisory: Cisco IOS Software IPsec Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00211.html
Cisco Security Advisory: Cisco IOS Software NAT Skinny Call Control Protocol Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00205.html
Secunia Research: Pulse CMS login.php Arbitrary File Writing Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00202.html
Secunia Research: Pulse CMS Arbitrary File Deletion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00206.html
Secunia Research: Pulse CMS Arbitrary File Writing Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00203.html
Multiple vulnerabilities in Deliver
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00207.html
[USN-918-1] Samba vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00201.html
[USN-917-1] Puppet vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00208.html
CVE-2009-4505 OpenCMS OAMP Comments Module XSS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00196.html
"$referer" export lead to the cross-site flaws in all versions of Discuz!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00200.html
[HITB-Announce] HITBSecConf2009 - Malaysia Videos Released! *Correction*
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00197.html
Symlink attack with Solaris Update manager
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00204.html
[USN-916-1] Kerberos vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00198.html
CVE-2009-2907: SpringSource Hyperic HQ multiple XSS vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00199.html
[SECURITY] [DSA 2022-1] New mediawiki packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00195.html
Wax nostalgic - commodore64 updated to present time
http://isc.sans.org/diary.html?storyid=8485
Cisco security updates
http://isc.sans.org/diary.html?storyid=8488
Vulnerability Note VU#181737: IntelliCom NetBiter Config HICP hostname buffer overflow
http://www.kb.cert.org/vuls/id/181737
OpenSSL Record Processing Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023748.html
Cisco IOS Unified CME or Unified SRST SCCP Processing Bugs Let Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023745.html
Cisco IOS SIP Processing Flaws Let Remote Users Deny Service and Potentially Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023744.html
Cisco IOS TCP Option Processing Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023743.html
Cisco IOS H.323 Processing Flaws Let Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023742.html
Cisco IOS IKE Packet Processing Flaw Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023741.html
Cisco IOS MPLS LDP Processing Flaw Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023740.html
Cisco IOS Skinny NAT Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Mar/1023739.html
Cisco IOS Unified Communications Manager Express Denial of Service Vulnerabilities
http://secunia.com/advisories/39069/
HP TCP/IP Services for OpenVMS NTP Multiple Vulnerabilities
http://secunia.com/advisories/39066/
Ubuntu update for puppet
http://secunia.com/advisories/39050/
Pulse CMS Multiple Vulnerabilities
http://secunia.com/advisories/39011/
Ubuntu update for samba
http://secunia.com/advisories/39049/
ABO.CMS Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/38965/
Joomla! SMEStorage Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39071/
Insky CMS "ROOT" File Inclusion Vulnerabilities
http://secunia.com/advisories/39112/
Joomla J!Research Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39079/
Joomla Real Estate Property Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39074/
Lexmark Laser Printers Flood Protection Denial of Service
http://secunia.com/advisories/39056/
Lexmark Laser Printers PJL Buffer Overflow
http://secunia.com/advisories/39053/
Serv-U Multiple Security Issues
http://secunia.com/advisories/39060/
Fedora update for glpi
http://secunia.com/advisories/39015/
Debian update for mediawiki
http://secunia.com/advisories/39022/
Ubuntu update for krb5
http://secunia.com/advisories/39023/
Red Hat update for kernel-rt
http://secunia.com/advisories/39033/
Kerberos SPNEGO Denial of Service Vulnerability
http://secunia.com/advisories/39010/
HP TCP/IP Services for OpenVMS NTP Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0697
Serv-U Security Update Fixes Security Bypass and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2010/0696
Lexmark Printers PJL Processing Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0695
Lexmark Printers FTP Flood Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0694
MIT Kerberos SPNEGO GSS-API Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0693
Mozilla Products Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/0692
Fedora Security Update Fixes GLPI phpCAS Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2010/0691
Redhat Security Update Fixes Kernel Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2010/0690
SuSE Security Update Fixes Kernel Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2010/0689
Turbolinux Security Update Fixes httpd Information Disclosure Issue
http://www.vupen.com/english/advisories/2010/0688
Mandriva Security Update Fixes Cpio Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0687
Mandriva Security Update Fixes Libpng Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0686
Debian Security Update Fixes MediaWiki Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0685
Serv-U Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/38923
Adobe Flash Media Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37420
Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37419
RETIRED: Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities
http://www.securityfocus.com/bid/38918
Linux Kernel KVM Segment Selector Loading Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38467
Linux Kernel KVM 'handle_dr()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37221
Linux Kernel KVM Multiple Privilege Escalation and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38158
Linux Kernel 'sctp_rcv_ootb()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38857
tDiary TrackBack Transmission Plugin Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/38413
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37255
NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35017
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
Samba Symlink Directory Traversal Vulnerability
http://www.securityfocus.com/bid/38111
Puppet Supplementary Groups Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36628
Reductive Labs Puppet '/tmp' Insecure File Permissions Vulnerabilities
http://www.securityfocus.com/bid/38474
Linux Kernel 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/38185
GNU TAR and CPIO safer_name_suffix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/26445
GNU Tar Dot_Dot Function Remote Directory Traversal Vulnerability
http://www.securityfocus.com/bid/25417
Multiple SpringSource Products Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/38913
Mozilla Firefox 'multipart/x-mixed-replace' Image Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38921
Mozilla Firefox 'window.location' Same Origin Policy Security Bypass Vulnerability
http://www.securityfocus.com/bid/38919
Multiple MicroWorld eScan Products Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/38750
MIT Kerberos 'gss_accept_sec_context()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38904
MIT Kerberos KDC 'handle_tgt_authdata()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38260
phpCAS Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/38883
Pulse CMS 'delete.php' Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/38947
Mozilla Firefox/Thunderbird/Seamonkey CVE-2010-0167 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/38944
Mozilla Firefox 'gfxTextRun::SanitizeGlyphRuns()' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38943
Joomla! 'com_software' Component 'software_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38942
Joomla! 'com_wallpapers' Component 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38941
Cisco IOS For Communication Manager Express SCCP (CVE-2010-0586) Denial of Service Vulnerability
http://www.securityfocus.com/bid/38940
Mozilla Firefox 'TraceRecorder::traverseScopeChain()' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38939
Cisco IOS Multiprotocol Label Switching (MPLS) Malformed Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/38938
Cisco IOS NAT SCCP Fragmentation Support Denial of Service Vulnerability
http://www.securityfocus.com/bid/38937
Cisco IOS For Communication Manager Express SCCP (CVE-2010-0585) Denial of Service Vulnerability
http://www.securityfocus.com/bid/38936
Cisco IOS SIP Message (CVE-2010-0579) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38935
Cisco IOS H.323 Interface Memory Leak Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38934
Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38933
Cisco IOS IPsec Internet Key Exchange (IKE) Malformed Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/38932
Cisco IOS H.323 Interface Queue Resource Exhaustion Denial of Service Vulnerability
http://www.securityfocus.com/bid/38931
Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/38930
Cisco IOS SIP Message (CVE-2010-0580) Denial of Service Vulnerability
http://www.securityfocus.com/bid/38929
Sun Connection Update Manager for Solaris Multiple Insecure Temporary File Creation Vulnerabilities
http://www.securityfocus.com/bid/38928
Mozilla Firefox Image Preloading Content-Policy Check Security Bypass Vulnerability
http://www.securityfocus.com/bid/38927
OpenCMS OAMP Comments Module Add Comment HTML Injection Vulnerability
http://www.securityfocus.com/bid/38926
Deliver Local Privilege Escalation and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38924
Joomla! 'com_jresearch' Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/38917
0 件のコメント:
コメントを投稿