ゴールデンウィーク期間の問合せ窓口体制
http://www.trendmicro.co.jp/support/news.asp?id=1397
Debian update for cacti
http://secunia.com/advisories/39572/
+ MySQL 5.1.46 released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html
+ OpenLDAP 2.4.22 Released
http://www.openldap.org/software/release/announce.html
http://www.openldap.org/software/release/changes.html
Anti-Virus updates issue with Endpoint Security Server
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk43593&src=securityAlerts
UTM-1 Edge W Embedded NGX 7.0.48x reflected XSS vulnerability (low severity)
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk34520&src=securityAlerts
Linux Kernel release: 2.6.33.3-rc2
http://www.linux.org/news/2010/04/23/0002.html
Linux Kernel release: 2.6.32.12-rc2
http://www.linux.org/news/2010/04/23/0001.html
PostgreSQL Maestro 10.4 released
http://www.postgresql.org/about/news.1196
New Continuent Tungsten for PostgreSQL v. 1.3
http://www.postgresql.org/about/news.1195
ウイルスパターンファイル 7.115.80 7.115.00 7.115.50 における誤警告情報
http://www.trendmicro.co.jp/support/news.asp?id=1401
RHBA-2010:0375-: kexec-tools bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0375.html
SecurityReason.com : MacOS X 10.6.3 filesystem hfs Denial of Service Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32416
Bonsai : OS Command Injection in Cacti <= 0.8.7e http://www.criticalwatch.com/support/security-advisories.aspx?AID=32411
Hewlett-Packard : HP Virtual Machine Manager (VMM) for Windows, Unauthorized Access, Privilege Elevation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32417
Hewlett-Packard : HP System Management Homepage, XSS, DoS, Execution of Arbitrary Code, Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32418
Hewlett-Packard : HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32420
Astaro Security Gateway、ネクスト・イットが24時間サポートを標準で提供
http://itpro.nikkeibp.co.jp/article/NEWS/20100423/347456/?ST=security
JVNDB-2010-001333 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001333.html
JVNDB-2010-001332 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001332.html
JVNDB-2010-001331 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001331.html
JVNDB-2010-001330 Oracle Sun Java が Java アプレットの署名を正しく検証しない脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001330.html
JVNDB-2010-001329 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001329.html
JVNDB-2010-001328 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001328.html
JVNDB-2010-001327 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001327.html
JVNDB-2010-001326 複数の Oracle 製品の Pack200 コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001326.html
JVNDB-2010-001325 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001325.html
JVNDB-2010-001324 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001324.html
JVNDB-2010-001323 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001323.html
JVNDB-2010-001322 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001322.html
JVNDB-2010-001321 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001321.html
JVNDB-2009-002474 PHP におけるスーパーグローバル配列 SESSION の割り込み領域が破壊される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002474.html
JVNDB-2009-002473 PHP の htmlspecialchars 関数におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002473.html
JVNDB-2009-002404 PHP における multipart/form-data POST リクエストの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002404.html
JVNDB-2009-002200 Samba の smbd におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002200.html
JVNDB-2009-001737 Apache Tomcat における Web アプリケーションに関連するファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001737.html
JVNDB-2009-001736 Apache Tomcat における有効なユーザ名を列挙される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001736.html
JVNDB-2009-000037 Apache Tomcat におけるサービス運用妨害(DoS)の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000037.html
JVNDB-2009-000036 Apache Tomcat における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000036.html
Vulnerability in Referer for DataLife Engine
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00217.html
ZDI-10-078: Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vul
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00218.html
[ MDVSA-2010:071 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00219.html
[HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00212.html
In-portal 5.0.3 Remote Arbitrary File Upload Exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00214.html
[HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00216.html
IWD Group SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00215.html
Novell ZENworks Configuration Management UploadServlet File Upload Bug Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023914.html
Manual Verification of SSL/TLS Certificate Trust Chains using Openssl
http://isc.sans.org/diary.html?storyid=8686
Honey, my laptop is acting funny again
http://isc.sans.org/diary.html?storyid=8689
Shadowserver botnet rules
http://isc.sans.org/diary.html?storyid=8683
Data Redaction: You're Doing it Wrong
http://isc.sans.org/diary.html?storyid=8680
Memorial Web Site Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/39579/
In-portal FCKeditor File Upload Security Issue
http://secunia.com/advisories/39559/
FlashCard "id" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39484/
GetSimple CMS Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39464/
libESMTP Two Spoofing Vulnerabilities
http://secunia.com/advisories/39576/
Microsoft Windows "SfnLOGONNOTIFY()" and "SfnINSTRING()" Denial of Service
http://secunia.com/advisories/39456/
HP Insight Control Virtual Machine Manager Multiple Vulnerabilities
http://secunia.com/advisories/39583/
MDaemon Server Two Denial of Service Vulnerabilities
http://secunia.com/advisories/39542/
Intel C++ Compiler Professional Edition for Linux Privilege Escalation
http://secunia.com/advisories/39511/
HP-UX update for BIND
http://secunia.com/advisories/39582/
IBM DB2 Data Manipulation and Buffer Overflow Vulnerabilities
http://secunia.com/advisories/39500/
AJ Shopping Cart "maincatid" SQL Injection Vulnerability
http://secunia.com/advisories/39551/
3Com H3C SR6600 Series SNMP Denial of Service
http://secunia.com/advisories/39479/
Apache Tomcat Authentication Header Information Disclosure
http://secunia.com/advisories/39574/
Apache ActiveMQ Source Code Disclosure Vulnerability
http://secunia.com/advisories/39567/
Rumba ftp Client 4.2 PASV BoF (SEH)
http://www.exploit-db.com/exploits/12380
HP Digital Imaging (hpodio08.dll) Insecure Method Exploit
http://www.exploit-db.com/exploits/12367
WM Downloader v3.0.0.9 Buffer Overflow (Meta)
http://www.exploit-db.com/exploits/12388
Easyzip 2000 v3.5 (.zip) 0day stack buffer overflow PoC exploit
http://www.exploit-db.com/exploits/12379
ZipWrangler 1.20 (.zip) SEH 0day exploit
http://www.exploit-db.com/exploits/12368
HP Virtual Machine Manager Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2010/0983
IBM DB2 REPEAT Buffer Overflow and TLS Renegotiation Vulnerabilities
http://www.vupen.com/english/advisories/2010/0982
HP-UX BIND Remote DNS Cache Poisoning Vulnerability
http://www.vupen.com/english/advisories/2010/0981
Apache Tomcat WWW-Authenticate Header Hostname Disclosure
http://www.vupen.com/english/advisories/2010/0980
Apache ActiveMQ Request Handling Source Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/0979
PhpTroubleTicket Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0978
phpunity.newsmanager Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0977
phpBugTracker Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0976
PacerCMS Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0975
more.groupware Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0974
ATutor "course" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0973
Karra Multiple SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0972
Cacti 'export_item_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39653
RETIRED: OnePound Shop 'id' Parameter Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/39570
Google Chrome 'chrome://net-internals' Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/39667
Apache 'mod_isapi' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38494
Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38491
Novell ZENworks Configuration Management Remote Execution Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39114
Archery Scores Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39545
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
libESMTP X.509 Certificate 'match_component()' Domain Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/38538
libESMTP NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/38528
IBM DB2 'REPEAT()' Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37976
Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38362
Apache Subrequest Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38580
GetDLE Lab Group Perexody Module for DataLife Engine HTML Injection Vulnerability
http://www.securityfocus.com/bid/39670
Google Chrome 'chrome://downloads' Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/39669
Memorial Web Site Script 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39664
AJ Shopping Cart 'maincatid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39661
GetSimple CMS Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/39660
3Com H3C SR6600 SNMP Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39659
Apple Mac OS X HFS Hard Links Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39658
In-Portal 'config.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/39652
0 件のコメント:
コメントを投稿