http://lists.centos.org/pipermail/centos-announce/2010-May/016638.html
InterScan Messaging Security Suite 7.0 Solaris 版 Service Pack1 Patch2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1403
管理コンソールにおいてインジェクション攻撃を受ける可能性がある脆弱性および脆弱性に対する修正プログラムの提供について
http://www.trendmicro.co.jp/support/news.asp?id=1404
HS10-009: Hitachi Web ServerのSSLクライアント認証におけるCRL失効確認不可の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-009/index.html
HS10-008: Hitachi Web ServerのSSL機能におけるDoS脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-008/index.html
HS10-007: TP1/Message ControlにおけるDoS脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-007/index.html
プレス発表
「CapsSuite Small Edition PatchMeister」におけるセキュリティ上の弱点(脆弱性)の注意喚起
http://www.ipa.go.jp/about/press/20100517_2.html
プレス発表
「WebSAM DeploymentManager」におけるセキュリティ上の弱点(脆弱性)の注意喚起
http://www.ipa.go.jp/about/press/20100517.html
JVN#82749282 CapsSuite Small Edition PatchMeister におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/jp/JVN82749282/index.html
JVN#90872372 WebSAM DeploymentManager におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/jp/JVN90872372/index.html
JVN#90248889 Interstage Application Server におけるリクエスト処理に関する脆弱性
http://jvn.jp/jp/JVN90248889/index.html
JVNDB-2010-000020 CapsSuite Small Edition PatchMeister におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000020.html
JVNDB-2010-000019 WebSAM DeploymentManager におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000019.html
JVNDB-2010-000018 Interstage Application Server におけるリクエスト処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000018.html
+ Linux kernel 2.6.34 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
http://www.linux.org/news/2010/05/16/0001.html
- MOPS-2010-028: PHP phar_wrapper_open_url Format String Vulnerabilities
http://php-security.org/2010/05/14/mops-2010-028-php-phar_wrapper_open_url-format-string-vulnerabilities/index.html
- MOPS-2010-027: PHP phar_parse_url Format String Vulnerabilities
http://php-security.org/2010/05/14/mops-2010-027-php-phar_parse_url-format-string-vulnerabilities/index.html
- MOPS-2010-026: PHP phar_wrapper_unlink Format String Vulnerability
http://php-security.org/2010/05/14/mops-2010-026-php-phar_wrapper_unlink-format-string-vulnerability/index.html
- MOPS-2010-025: PHP phar_wrapper_open_dir Format String Vulnerability
http://php-security.org/2010/05/14/mops-2010-025-php-phar_wrapper_open_dir-format-string-vulnerability/index.html
- MOPS-2010-024: PHP phar_stream_flush Format String Vulnerability
http://php-security.org/2010/05/14/mops-2010-024-php-phar_stream_flush-format-string-vulnerability/index.html
- PHP 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities
http://www.securityfocus.com/bid/40173
MOPS-2010-031: e107 Usersettings loginname SQL Injection Vulnerability
http://php-security.org/2010/05/16/mops-2010-031-e107-usersettings-loginname-sql-injection-vulnerability/index.html
MOPS-2010-030: CMSQlite mod Parameter Local File Inclusion Vulnerability
http://php-security.org/2010/05/15/mops-2010-030-cmsqlite-mod-parameter-local-file-inclusion-vulnerability/index.html
MOPS-2010-029: CMSQlite c Parameter SQL Injection Vulnerability
http://php-security.org/2010/05/15/mops-2010-029-cmsqlite-c-parameter-sql-injection-vulnerability/index.html
ALERT WEEKLY SUMMARY REPORT
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275470-1
sk44779: Check Point response to "KHOBE ? 8.0 earthquake for Windows desktop security software"
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk44779&src=securityAlerts
Apache JSieve 0.4 released
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10412&styleName=Html&version=12313855
Apache Mailet Standard 1.0 released
http://james.apache.org/mailet/standard/
Database .NET 3.2 has released!
http://www.postgresql.org/about/news.1200
サポートセンター 電話回線メンテナンスのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1413
Document ID: 347848: Error
http://seer.entsupport.symantec.com/docs/347848.htm
RHBA-2010:0409-1: strace bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0409.html
Independent Researcher : Mathematica on Linux /tmp/MathLink vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32593
Debian : New phpgroupware packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32588
Gardien Virtuel : Multiple vulnerabilities in Kapitalist/capitalist
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32592
Hewlett-Packard : HP MFP Digital Sending Software Running on Windows, Local Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32598
High-Tech Bridge SA : Blind SQL injection vulnerability in NPDS REvolution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32596
High-Tech Bridge SA : XSS vulnerability in NPDS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32597
Independent Researcher : Joomla Component advertising (com_aardvertiser) File Inclusion Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32595
「iPhone 4Gを差し上げます」、怪しいメールやツイートが相次ぐ
目的は個人情報の収集、リンクをクリックすると怪しいサイトへ
http://itpro.nikkeibp.co.jp/article/NEWS/20100517/348060/?ST=security
JVNDB-2010-001441 Oracle Sun Product Suite の Sun Cluster コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001441.html
JVNDB-2010-001440 Oracle Sun Product Suite の Sun Cluster コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001440.html
JVNDB-2010-001439 Oracle Sun Product Suite の Solaris コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001439.html
JVNDB-2010-001438 Oracle Sun Product Suite の Solaris コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001438.html
JVNDB-2010-001437 Oracle Sun Product Suite の Sun Convergence コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001437.html
JVNDB-2010-001436 Oracle Sun Product Suite の Solaris コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001436.html
JVNDB-2010-001435 Oracle Sun Product Suite の Solaris コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001435.html
JVNDB-2010-001434 Oracle Sun Product Suite の Sun Management Center コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001434.html
JVNDB-2010-001433 Oracle Sun Product Suite の Sun Java System Access Manager コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001433.html
JVNDB-2010-001432 Oracle Sun Product Suite の Sun Java System Communications Express コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001432.html
JVNDB-2010-001431 Oracle Sun Product Suite の Sun Convergence コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001431.html
JVNDB-2010-001430 Oracle Sun Product Suite の Solaris コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001430.html
JVNDB-2010-001429 Oracle Sun Product Suite の Sun Java System Directory Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001429.html
JVNDB-2010-001428 Oracle Sun Product Suite の Sun Ray Server Software コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001428.html
JVNDB-2010-001144 Pidgin の gtkimhtml.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001144.html
JVNDB-2010-001143 Pidgin の libpurple におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001143.html
JVNDB-2010-001120 Adobe Flash Player および Adobe AIR におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001120.html
JVNDB-2010-001119 複数の Adobe 製品 におけるクロスドメインの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001119.html
JVNDB-2009-001955 Mozilla NSS の正規表現の解析における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001955.html
JVNDB-2009-001536 Cyrus SASL ライブラリにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001536.html
JVNDB-2009-001495 Evolution Data Server (別名 evolution-data-server) における複数の整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001495.html
JVNDB-2009-001492 Evolution Data Server (別名 evolution-data-server) の ntlm_challenge 関数におけるプロセスメモリ情報の漏洩またはサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001492.html
JVNDB-2007-000615 RSA key reconstruction vulnerability
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000615.html
Symantec triggers on World of Warcraft update
http://isc.sans.org/diary.html?storyid=8803
Upcoming MySQL patch fixes several critical vulnerabilites
http://isc.sans.org/diary.html?storyid=8806
Phony Phone Scam
http://isc.sans.org/diary.html?storyid=8791
Google Acknowledges Grabbing Personal Data
http://isc.sans.org/diary.html?storyid=8794
Onboard Computers Subject to Attack?
http://isc.sans.org/diary.html?storyid=8797
CfP: GameSec 2010 - Deadline extended to 31 May 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00124.html
phpGroupWare SQL Injections and Local File Inclusion Vulnerabilities (CVE-2010-0403 and CVE-2010-0404)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00127.html
Mathematica on Linux /tmp/MathLink vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00126.html
Vulnerability in tagcloud for Kasseler CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00123.html
[SECURITY] [DSA-2046-1] New phpgroupware packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00128.html
Nmap 5.30BETA1 Released
http://seclists.org/nmap-hackers/2010/3
NPDS REvolution Cross-Site Request Forgery and Script Insertion Vulnerabilities
http://secunia.com/advisories/39828/
NPDS REvolution Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/39824/
Debian update for phpgroupware
http://secunia.com/advisories/39731/
phpGroupWare SQL Injection and Local File Inclusion Vulnerabilities
http://secunia.com/advisories/39665/
ocPortal Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39745/
Press Release Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/39826/
RuubikCMS Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/advisories/39729/
Joomla Dione Form Wizard Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39755/
HP MFP Digital Sending Software Unauthorised Access
http://secunia.com/advisories/39825/
Joomla Konsultasi Component "sid" SQL Injection Vulnerability
http://secunia.com/advisories/39816/
Fedora update for mod_auth_shadow
http://secunia.com/advisories/39823/
Fedora update for php-ZendFramework
http://secunia.com/advisories/39827/
Zend Framework Dojo Toolkit Redirection Weaknesses and Cross-Site Scripting
http://secunia.com/advisories/39822/
Fedora update for mysql
http://secunia.com/advisories/39821/
Ubuntu update for kdenetwork
http://secunia.com/advisories/39787/
HP MFP Digital Sending Software Local Unauthorized Access Issue
http://www.vupen.com/english/advisories/2010/1151
IrfanView PSD File Processing Two Heap Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2010/1150
Fedora Security Update Fixes Zend Framework Dojo Vulnerabilities
http://www.vupen.com/english/advisories/2010/1149
Fedora Security Update Fixes Apache mod_auth_shadow Issue
http://www.vupen.com/english/advisories/2010/1148
Fedora Security Update Fixes MySQL Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/1147
Debian Security Update Fixes phpGroupWare Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1146
phpGroupWare SQL Injections and Local File Inclusion Vulnerabilities
http://www.vupen.com/english/advisories/2010/1145
Ubuntu Security Update Fixes KDE KGet Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1144
Cisco PGW 2200 Softswitch Multiple Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1143
KDE KGet Directory Traversal and File Download Vulnerabilities
http://www.vupen.com/english/advisories/2010/1142
Pidgin Libpurple MSN SLP Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1141
HP Insight Control Server Migration Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1140
HP Systems Insight Manager Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2010/1139
Ghostscript Buffer Overflow an Memory Corruption Vulnerabilities
http://www.vupen.com/english/advisories/2010/1138
cURL/libcURL CURLOPT_ENCODING Option Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38162
pam_krb5 Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35112
phpGroupWare Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/40168
phpGroupWare 'app' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/40167
Cisco Router and Security Device Manager Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40174
PHP 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities
http://www.securityfocus.com/bid/40173
Microsoft PowerPoint Viewer TextBytesAtom Record Stack Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38107
Apple Safari 'window.parent.close()' Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39990
Adobe Shockwave Player 3D Object Parsing Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40077
Microsoft Visio Attribute Validation Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39300
TYPSoft FTP Server 'RETR' Command Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40181
SmallFTPD 'DELE' Command Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40180
JE Ajax Event Calendar 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/40179
JE Job Joomla! Component 'view' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/40178
Press Release Script 'page.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40172
RuubikCMS 'index.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40171
Link Bid Script 'links.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40170
Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/40169
0 件のコメント:
コメントを投稿