+ Zimbra Collaboration Suite 6.0.6, 5.0.23 released
http://www.zimbra.com/downloads/os-downloads.html
http://files2.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.6.pdf
http://files2.zimbra.com/website/docs/archives/5.0/Zimbra%20OS%20Release%20Notes%205.0.23.pdf
- jetty 7.0.2 released
http://dist.codehaus.org/jetty/jetty-hightide-7.0.2/
http://svn.codehaus.org/jetty/jetty/branches/jetty-7/VERSION.txt
- マイクロソフト セキュリティ情報の事前通知 - 2010 年 4 月
http://www.microsoft.com/japan/technet/security/bulletin/ms10-apr.mspx
Firefox Lorentz beta available for download and testing
http://developer.mozilla.org/devnews/index.php/2010/04/08/firefox-lorentz-beta-available-for-download-and-testing/
DreamCoder for PostgreSQL ver 2.4 released
http://www.postgresql.org/about/news.1192
Linux監視に使用するポートを標準の22以外に変更すると、アーカイブエラーが発生する
http://www.say-tech.co.jp/support/bom-for-windows/linux22/index.shtml
テキストログ監視にてエラー「0x80070005」が出力される
http://www.say-tech.co.jp/support/bom-for-windows/0x80070005/index.shtml
セキュリティ製品のファイアウォール機能による通信遮断について
http://www.say-tech.co.jp/support/bom-for-windows/post-45/index.shtml
メンテナンスのお知らせ:Trend Micro InterScan Messaging Hosted Security (IMHS)
http://www.trendmicro.co.jp/support/news.asp?id=1394
JVNDB-2009-001957 Mozilla NSS における X.509 証明書を偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001957.html
JVNDB-2009-001151 OpenSSL の ASN1_STRING_print_ex 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001151.html
Adobe launch issue response/work around.
http://isc.sans.org/diary.html?storyid=8599
IBM Systems Director Incorrect File Permissions Let Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Apr/1023831.html
- Oracle Critical Patch Update Pre-Release Announcement - April 2010
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html
- Microsoft April 2010 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/39313/references
- April 2010 Bulletin Release Advance Notification
http://blogs.technet.com/msrc/archive/2010/04/08/april-2010-bulletin-release-advance-notification.aspx
- Microsoft Security Bulletin Advance Notification for April 2010
http://www.microsoft.com/technet/security/bulletin/ms10-apr.mspx
Independent Researcher : TCPDF Library Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32256
Independent Researcher : Foxit 3.2.0.303 and Before Command Execution PoC
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32257
Independent Researcher : Full-Disclosure klout.com cookie vulnerability PoC
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32254
プレス発表:「MODx」におけるセキュリティ上の弱点(脆弱性)の注意喚起
http://www.ipa.go.jp/about/press/20100408.html
[USN-925-1] MoinMoin vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00071.html
Vulnerabilities in CMS SiteLogic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00070.html
DeepSec 2010 - Call for Papers and Experts
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00067.html
[HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00068.html
TCPDF Library Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00069.html
Vulnerabilities in Dunia Soccer
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00066.html
ネットスター、URLフィルタリング用リストを最短5分で迅速配信
http://itpro.nikkeibp.co.jp/article/NEWS/20100409/346853/?ST=security
PDFの「危険な仕様」、Adobe Readerは設定変更で回避
Foxit Readerは修正版を公開、アドビも対応する可能性あり
http://itpro.nikkeibp.co.jp/article/NEWS/20100409/346851/?ST=security
JavaScript obfuscation in PDF: Sky is the limit
http://isc.sans.org/diary.html?storyid=8587
Continuing ISC / SANS Network Outage
http://isc.sans.org/diary.html?storyid=8590
Fyodor nmap author would like your help on two things.
http://isc.sans.org/diary.html?storyid=8593
Microsoft Patch Tuesday April 2010 Pre-Release
http://isc.sans.org/diary.html?storyid=8596
our primary datacenter is currently experiencing a network outage
http://isc.sans.org/diary.html?storyid=8584
RHBA-2010:0346-1: glibc bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0346.html
IBM WebSphere Portal Login Flaw Has Unspecified Impact
http://securitytracker.com/alerts/2010/Apr/1023830.html
BPTutors Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39167/
Pulse CMS Multiple Vulnerabilities
http://secunia.com/advisories/39046/
MODx Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/39298/
IBM Systems Director Agent Insecure File Permissions
http://secunia.com/advisories/39194/
IBM WebSphere Portal Unspecified Login Vulnerability
http://secunia.com/advisories/39305/
Drupal Views Module Arbitrary Code Execution Vulnerability
http://secunia.com/advisories/39364/
Drupal Views Module Cross-Site Scripting and Script Insertion Vulnerabilities
http://secunia.com/advisories/39363/
Drupal Smileys Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39362/
Drupal Internationalization Module Script Insertion Vulnerabilities
http://secunia.com/advisories/39361/
ShopSystem "id" SQL Injection Vulnerability
http://secunia.com/advisories/39310/
Joomla! User Status Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39208/
Joomla webERPcustomer Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39209/
SUSE Update for Multiple Packages
http://secunia.com/advisories/39317/
IBM Systems Director Agent Insecure File Permissions Vulnerability
http://www.vupen.com/english/advisories/2010/0830
IBM WebSphere Portal Login Process Unspecified Vulnerability
http://www.vupen.com/english/advisories/2010/0829
CA XOsoft Buffer Overflow and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2010/0828
ClamAV File Processing Memory Corruption and Scan Bypass Issues
http://www.vupen.com/english/advisories/2010/0827
Redhat Security Update Fixes krb5 Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0826
Redhat Security Update Fixes Kernel Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0825
Ubuntu Security Update Fixes krb5 Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0824
Ubuntu Security Update Fixes OpenJDK Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0823
SuSE Security Update Fixes Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2010/0822
NextGEN Gallery for WordPress "mode" Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0821
MediaWiki HTML and API Login Cross Site Request Forgery Vulnerability
http://www.vupen.com/english/advisories/2010/0820
McAfee Email Gateway Privilege Escalation and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2010/0819
MIT Kerberos kadmind "init_2_svc()" Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0818
SuSE Security Update Fixes OpenSSL Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0817
Debian Security Update Fixes Mahara SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0816
Mahara Security Update Fixes SQL Injection and Security Bypass Issues
http://www.vupen.com/english/advisories/2010/0815
Mandriva Security Update Fixes NSS TLS Plaintext Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0814
Miniature Java Web Server <= 1.71 Multiple Vulnerabilities http://www.exploit-db.com/exploits/12114
Oracle April 2010 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/39333
ClamAV Security Bypass And Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/39262
myMP3-Player '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38835
MoinMoin 'Despam' Action HTML Injection Vulnerability
http://www.securityfocus.com/bid/39110
udisks 'probers/udisks-dm-export.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39265
Joomla! AWD Wall Component 'cbuser' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/38194
Pulse CMS 'view.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38356
Joomla! UIajaxIM Component Arbitrary Script Injection Vulnerability
http://www.securityfocus.com/bid/35798
Foxit Reader Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39109
Multiple Vendor 'librpc.dll' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38472
Apple QuickTime FLC Encoded '.fli' Movie File Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39152
Apple QuickTime CoreMedia H.263 Encoded '.3g2' Movie Files Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39167
TUGZip 3.5 ZIP File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39180
RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/39020
Linux Kernel 'nameidata' Null Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/39186
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Apple Mac OS X FreeRADIUS Component EAP-TLS Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/39234
RETIRED: Oracle Java SE and Java For Business March 2010 Advanced Notification
http://www.securityfocus.com/bid/38973
gnome-screensaver Unlock Dialog Race Condition Lock Bypass Vulnerability
http://www.securityfocus.com/bid/38211
Oracle Java SE and Java for Business CVE-2010-0088 Remote Java Runtime Environme Vulnerability
http://www.securityfocus.com/bid/39081
Oracle Java SE and Java for Business CVE-2010-0848 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39078
Joomla! Realtyna Translator Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39337
AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
http://www.securityfocus.com/bid/39334
AWD Solution AWDwall Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39331
Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/39329
Smileys Module For Drupal Delete URI Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/39316
TCPDF 'params' Attribute Remote Code Execution Weakness
http://www.securityfocus.com/bid/39315
Microsoft April 2010 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/39313
MODx Evolution Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/39310
Joomla! 'com_articles' Component 'sid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39307
APSB10-09: Security Advisory for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb10-09.html
0 件のコメント:
コメントを投稿