+ Multiple Vendor 'rpc.pcnfsd' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40248
http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
- HPSBUX02519 SSRT100004 rev.1 - BINDを実行するHP-UX、NXDOMAIN応答のリモート侵害
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c02177073
- HPSBUX02518 SSRT100051 rev.1 - HP-UX、ローカルサービス拒否 (DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c02177072
HPSBUX02517 SSRT100058 rev.2 - OpenSSLを実行するHP-UX、不正なリモート情報開示、不正なデータ変更、サービス拒否 (DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c02177070
Java Runtime Environment Remote Denial of Service (DoS) Vulnerability
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000579.1-1
Rumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession() Buffer Overflow
http://www.exploit-db.com/exploits/12677
+ glibc 2.11.2 released
http://ftp.gnu.org/gnu/glibc/?C=M;O=D
+ MySQL 5.1.47 released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html
+ MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
http://securitytracker.com/alerts/2010/May/1024004.html
http://bugs.mysql.com/bug.php?id=40980
+ iptables 1.4.8 released
http://www.iptables.org/news.html#2010-05-20
http://www.iptables.org/projects/iptables/files/changes-iptables-1.4.8.txt
+ PostgreSQL 'RESET ALL' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/40304
Justin C. Klein Keane : Drupal Chaos Tools Suite (Ctools) Module Multiple Vulns
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32644
Mandriva : clamav
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32632
Ubuntu Security Notice : MoinMoin vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32637
XSS bug in US Robotics firmware USR5463-v0_06.bin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00174.html
[ MDVSA-2010:082-1 ] clamav
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00176.html
[USN-941-1] MoinMoin vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00173.html
[HITB-Announce] HITBSecConf2010 - Malaysia Call for Papers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00172.html
[ MDVSA-2010:102 ] ghostscript
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00167.html
Linux Mint 8 mintUpdate Insecure Temporary File Creation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00165.html
[Suspected Spam][USN-940-1] Kerberos vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00169.html
Bind patches are out
http://isc.sans.org/diary.html?storyid=8821
Is this version of PuTTY legit?
http://isc.sans.org/diary.html?storyid=8824
JVNDB-2009-002537 Wireshark の Infiniband 解析部におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002537.html
JVNDB-2009-002536 Wireshark の AFS 解析部におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002536.html
JVNDB-2009-002535 Wireshark の解析部におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002535.html
JVNDB-2009-001024 RealVNC VNC Viewer コンポーネントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001024.html
Novell Access Manager TLS Session Renegotiation Plaintext Injection Vulnerability
http://secunia.com/advisories/39850/
DBCart "id" SQL Injection Vulnerability
http://secunia.com/advisories/39867/
Drupal Wordpress Import Module Arbitrary File Upload Vulnerability
http://secunia.com/advisories/39894/
DotNetNuke Information Disclosure and Script Insertion
http://secunia.com/advisories/39874/
Joomla ActiveHelper LiveHelp Component "DOMAINID" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39870/
Drupal Panels Module PHP Code Execution Vulnerability
http://secunia.com/advisories/39885/
Drupal Chaos Tool Suite Module Multiple Vulnerabilities
http://secunia.com/advisories/39884/
Drupal Simplenews Module Security Bypass Security Issue
http://secunia.com/advisories/39890/
Drupal User Queue Module Cross-Site Request Forgery
http://secunia.com/advisories/39886/
SyncBack Profile Import Buffer Overflow Vulnerability
http://secunia.com/advisories/39865/
IBM WebSphere Application Server File Disclosure Vulnerability
http://secunia.com/advisories/39838/
Drupal External Link Page Module Script Insertion
http://secunia.com/advisories/39888/
Drupal Rotor Banner Module Script Insertion Vulnerabilities
http://secunia.com/advisories/39883/
Drupal Heartbeat Module Script Insertion Vulnerabilities
http://secunia.com/advisories/39893/
Drupal CAPTCHA Module Script Insertion Vulnerability
http://secunia.com/advisories/39892/
Caucho Resin Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39839/
Fedora update for krb5
http://secunia.com/advisories/39818/
Ubuntu update for krb5
http://secunia.com/advisories/39784/
Red Hat update for postgresql84
http://secunia.com/advisories/39898/
Red Hat update for postgresql
http://secunia.com/advisories/39820/
Java on Mac OS X Window Drawing Signedness Error Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/May/1024012.html
Java on Mac OS X Has Memory Access Error in Processing mediaLibImage Objects That Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/May/1024011.html
Ghostscript Stack Overflow in Parser Function Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/May/1024003.html
Novell Access Manager TLS/SSL Session Renegotiation Vulnerability
http://www.vupen.com/english/advisories/2010/1205
Cacti Multiple Parameter SQL and Command Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1204
Cacti Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1203
PHP-Calendar "description" and "lastaction" Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2010/1202
Caucho Resin Data Handling Cross Site Sripting Vulnerability
http://www.vupen.com/english/advisories/2010/1201
IBM WebSphere Application Server Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/1200
HP-UX NFS / ONCplus Unspecified Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/1199
Redhat Security Update Fixes PostgreSQL84 Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1198
Redhat Security Update Fixes PostgreSQL Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1197
Fedora Security Update Fixes krb5 Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1196
Mandriva Security Update Fixes Ghostscript Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1195
Mandriva Security Update Fixes MySQL Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/1194
Mandriva Security Update Fixes krb5 Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1193
Ubuntu Security Update Fixes krb5 Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1192
ComponentOne VSFlexGrid v. 7 & 8 "Archive()" method Remote Buffer Overflow Exploit
http://www.exploit-db.com/exploits/12673
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/40215
PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37973
gdomap Arbitrary Configuration File Line Count 'load_iface()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40062
gdomap Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/40005
Oracle Sun Ray Server Software CVE-2010-0888 Remote Device Services Vulnerability
http://www.securityfocus.com/bid/39420
IBM WebSphere Application Server Long Filename Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40277
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
MoinMoin Hierarchical ACL Security Bypass Vulnerability
http://www.securityfocus.com/bid/35277
ClamAV Security Bypass And Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/39262
Entry Level CMS 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/38422
PostgreSQL 'RESET ALL' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/40304
Renista CMS 'Default.aspx' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40299
3Com Intelligent Management Center Multiple Vulnerabilities
http://www.securityfocus.com/bid/40298
Spaw Editor 'spawfm' Module Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40295
Horde IMP Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40294
U.S.Robotics USR5463 Firmware 'setup_ddns.exe' HTML Injection Vulnerability
http://www.securityfocus.com/bid/40292
SquirrelMail 'mail_fetch' Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40291
Panels Module For Drupal Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/40286
Snipe Gallery 'cfg_admin_path' Parameter Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/40279
What's mean?
返信削除