[ANNOUNCE] Apache ZooKeeper 3.3.0
http://hadoop.apache.org/zookeeper/docs/r3.3.0/releasenotes.html
[ANNOUNCE] MyFaces Core v2.0.0-beta-3 Release
http://myfaces.apache.org/download.html
JVNVU#181737 IntelliCom NetBiter Config HICP におけるバッファオーバーフローの脆弱性
http://jvn.jp/cert/JVNVU181737/index.html
JVNDB-2010-001055 Linux kernel の fasync_helper 関数における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001055.html
JVNDB-2009-002409 libc における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002409.html
JVNDB-2009-002319 SSL および TLS プロトコルに脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002319.html
+ SA39080: Linux Kernel Bluetooth L2CAP Denial of Service
http://secunia.com/advisories/39080/
ALERT WEEKLY SUMMARY REPORT
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275470-1
HPSBOV02497 SSRT090245 rev.2 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01961959
MySQL 5.5.4 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-4.html
Suhosin-Extension 0.9.31 released
http://www.hardened-php.net/suhosin/changelog.html#version_0.9.31
Cisco IOS Software H.323 Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml
Cisco Security Advisory: Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100324-ldp.shtml
Independent Researcher : Possible RDP vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32112
Mandriva : kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32110
Hewlett-Packard : HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32113
Independent Researcher : Permanent-type Cross-Site Vulnerability in all version of Discuz!
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32115
Independent Researcher : Multiple Vulnerabilities in EASY Enterprise DMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32116
Vulnerabilities in TooFAST
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00223.html
[ MDVSA-2010:067 ] kernel
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00221.html
[security bulletin] HPSBUX02509 SSRT100032 rev.1 - HP-UX Running NFS/ONCplus, NFS Inadverten
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-03/msg00222.html
偽の「アップルストア」メールに注意、ウイルスとスパムのダブル攻撃
リンクをクリックするだけで感染の恐れ、「iPad」人気に便乗か?
http://itpro.nikkeibp.co.jp/article/NEWS/20100329/346337/?ST=security
Direct News File Inclusion Vulnerabilities
http://secunia.com/advisories/39106/
eZ Publish Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/39101/
HP-UX NFS/ONCplus Unintentional NFS Configuration Weakness
http://secunia.com/advisories/39111/
Linux Kernel Bluetooth L2CAP Denial of Service
http://secunia.com/advisories/39080/
Broadcom NetXtreme ASF Buffer Overflow Vulnerability
http://secunia.com/advisories/39107/
Unity Two Denial of Service Vulnerabilities
http://secunia.com/advisories/39097/
Website Baker Database Backup Authentication Bypass Vulnerability
http://secunia.com/advisories/39072/
freeSSHd String Processing Denial of Service Vulnerability
http://secunia.com/advisories/39021/
vBulletin Multiple Vulnerabilities
http://secunia.com/advisories/39113/
HP Secure Web Server for OpenVMS Two Vulnerabilities
http://secunia.com/advisories/39061/
Aris agXchange ESM Redirection Weakness and Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39058/
RakNet "ProcessOfflineNetworkPacket()" Integer Underflow Vulnerability
http://secunia.com/advisories/39108/
Cisco TFTP Server Denial of Service Vulnerability
http://secunia.com/advisories/39116/
Fedora update for php
http://secunia.com/advisories/39132/
Fedora update for libpng
http://secunia.com/advisories/39131/
Red Hat update for httpd
http://secunia.com/advisories/39115/
HP-UX NFS/ONCplus Inadvertently Enables NFS
http://securitytracker.com/alerts/2010/Mar/1023758.html
GnuTLS Certificate Serial Number Processing Stack Overflow May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Mar/1023756.html
Interchange Lets Remote Users Conduct HTTP Response Splitting Attacks
http://securitytracker.com/alerts/2010/Mar/1023755.html
Honeynet Project: 2010 Forensic Challenge #3
http://isc.sans.org/diary.html?storyid=8518
HP-UX Running NFS/ONCplus, Inadvertently Enabled NFS
http://isc.sans.org/diary.html?storyid=8512
Create a Summary of IP Addresses from PCAP Files using Unix Tools
http://isc.sans.org/diary.html?storyid=8515
Getting the EXE out of the RTF again
http://isc.sans.org/diary.html?storyid=8506
SIFT2.0 SANS Investigative Forensics Toolkit released
http://isc.sans.org/diary.html?storyid=8509
SAP GUI "SAPBExCommonResources" Command Execution Vulnerability
http://www.vupen.com/english/advisories/2010/0723
Broadcom NetXtreme ASF Packets Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0722
HP CSWS for OpenVMS Commmand Injection and DoS Issues
http://www.vupen.com/english/advisories/2010/0721
HP Project and Portfolio Management Center Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2010/0720
HP-UX Security Update Fixes Sendmail Certificate Spoofing Vulnerability
http://www.vupen.com/english/advisories/2010/0719
Fedora Security Update Fixes Libpng Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0718
Fedora Security Update Fixes ManiaDrive PHP Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0717
Fedora Security Update Fixes PHP Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/0716
Stud_PE <= v2.6.05 Stack Overflow PoC exploit http://www.exploit-db.com/exploits/11911
Mini-stream Ripper 3.1.0.8 => Local stack overflow exploit
http://www.exploit-db.com/exploits/11909
CPIO File Size Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/16057
Broadcom NetXtreme ASF Packet Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38759
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38628
vBulletin Multiple Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38977
Wazzum Dating Software Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/38873
Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38362
Oracle Java SE and Java For Business March 2010 Advanced Notification
http://www.securityfocus.com/bid/38973
httpdx Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/38718
Invision Power Board Currency Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/38717
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38027
Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36260
Apache mod_proxy_ftp Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/36254
PHP LCG Entropy Security Vulnerability
http://www.securityfocus.com/bid/38430
PHP 'tempnam()' 'safe_mode' Validation Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/38431
PHP 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/38182
Apple Safari iPhone/iPod touch Malformed Webpage Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38994
WebMaid CMS Multiple Remote and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/38993
Apple Safari for iPhone/iPod touch Malformed 'Throw' Exception Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38992
Apple iPhone Malformed VML Data Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38990
Apple iPhone/iPod Touch Safari Malformed Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38989
SuperNews 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38988
eZ Publish SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/38985
Joomla! dcsFlashGames Component 'catid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38981
Flirt Matching SMS System 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38980
I can not read your messages ...
返信削除