NTP 4.2.6p2-RC4 released
http://archive.ntp.org/ntp4/ChangeLog-stable-rc
NTP 4.2.7p32 Development released
http://archive.ntp.org/ntp4/ChangeLog-dev
RHBA-2010:0438-1: kexec-tools bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0438.html
プレス発表
2010年度IPA中小企業情報セキュリティセミナー開催について
http://www.ipa.go.jp/about/press/20100525.html
ウェブサイト運営者向けセキュリティ対策セミナー開催のお知らせ
~ウェブサイトを安全に運営するための勘どころ~
http://www.ipa.go.jp/security/vuln/seminar/lab_semi_web_2010.html
JVNDB-2010-001462 Linux Kernel の ULE decapsulation functionality におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001462.html
JVNDB-2010-001461 Linux Kernel の azx_position_ok 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001461.html
JVNDB-2010-001460 Linux Kernel の processcompl_compat 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001460.html
JVNDB-2010-001459 RHEL の Linux kernel 用の特定のレッドハットパッチにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001459.html
JVNDB-2010-001458 X.Org の X server の fbComposite 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001458.html
JVNDB-2010-001457 PHP の xmlrpc 拡張におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001457.html
JVNDB-2010-001456 MySQL の mysql_uninstall_plugin 関数における任意のプラグインを削除される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001456.html
JVNDB-2010-001333 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001333.html
JVNDB-2010-001332 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001332.html
JVNDB-2010-001331 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001331.html
JVNDB-2010-001329 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001329.html
JVNDB-2010-001328 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001328.html
JVNDB-2010-001326 複数の Oracle 製品の Pack200 コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001326.html
JVNDB-2010-001325 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001325.html
JVNDB-2010-001324 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001324.html
JVNDB-2010-001323 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001323.html
JVNDB-2010-001322 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001322.html
JVNDB-2010-001319 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001319.html
JVNDB-2010-001318 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001318.html
Fedora update for pidgin
http://secunia.com/advisories/39918/
SolarWinds TFTP Server Read Request Processing Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/May/1024019.html
McAfee Email Gateway (IronMail) Access Control Flaw Lets Remtoe Authenticated Users Execute Privileged Commands
http://securitytracker.com/alerts/2010/May/1024018.html
- BIND 9.7.1b1 is now available
http://ftp.isc.org/isc/bind9/9.7.1b1/9.7.1b1
RHBA-2010:0436-1: gnome-vfs2 bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0436.html
Secunia : Ziproxy Two Integer Overflow Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32665
Debian : New barnowl packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32654
Debian : New dvipng packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32655
Independent Researcher : denial-of-service vulnerability in the Microsoft Malicious Software Removal Tool
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32668
Justin C. Klein Keane : Global Redirect 6.x-1.2 Arbitrary Redirection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32669
MustLive : New vulnerabilities in plugin DS-Syndicate for Joomla
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32667
rPath : openssl openssl-scripts
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32666
Independent Researcher : SDS Parent Connect SQL Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32671
Maksymilian Arciemowicz : Sun Solaris 10 libc/*convert (*cvt) buffer overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32672
Maksymilian Arciemowicz : Sun Solaris 10 filesystem rm(1), find(1), etc, Denial-of-service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32673
Maksymilian Arciemowicz : Sun Solaris 10 ftpd Cross-site request forgery
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32674
米IBM、「ウイルス混入USBメモリー」を誤って配布
セキュリティ会議の会場で配布、古いウイルスが2種類混入
http://itpro.nikkeibp.co.jp/article/NEWS/20100525/348416/?ST=security
JVNDB-2010-001455 IBM DB2 の REPEAT 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001455.html
JVNDB-2010-001454 Linux 上で稼働する IBM DB2 におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001454.html
JVNDB-2009-002540 Sun Solaris における lx ブランドゾーンに関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002540.html
JVNDB-2010-001453 Apache Tomcat における BASIC または DIGEST 認証の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001453.html
JVNDB-2010-001330 Oracle Sun Java が Java アプレットの署名を正しく検証しない脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001330.html
JVNDB-2010-001321 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001321.html
JVNDB-2010-001313 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001313.html
JVNDB-2010-001312 複数の Oracle 製品の Java Web Start または Java Plug-in コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001312.html
JVNDB-2010-001311 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001311.html
JVNDB-2010-001310 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001310.html
JVNDB-2010-001309 複数の Oracle 製品の Java Web Start または Java Plug-in コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001309.html
JVNDB-2010-001308 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001308.html
McAfee Email Gateway Web Access Security Bypass Vulnerability
http://secunia.com/advisories/39881/
WordPress Simple:Press Plugin Multiple Vulnerabilities
http://secunia.com/advisories/39923/
Kingsoft WebShield KAVSafe.sys IOCTL Handling Vulnerability
http://secunia.com/advisories/39916/
SolarWinds TFTP Server Denial of Service Vulnerability
http://secunia.com/advisories/39896/
ECShop "encode" SQL Injection Vulnerability
http://secunia.com/advisories/39930/
Ziproxy Two Integer Overflow Vulnerabilities
http://secunia.com/advisories/39941/
Ubuntu update for postgresql
http://secunia.com/advisories/39907/
Debian update for dvipng
http://secunia.com/advisories/39914/
IBM AIX update for OpenSSL
http://secunia.com/advisories/39932/
Debian update for barnowl
http://secunia.com/advisories/39908/
Blogsa FlashTagCloud Widget "tagcloud" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39936/
Apache Axis2/Java "modules" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39906/
Flash Tag Cloud control for ASP.NET "tagcloud" Cross Site Scripting Vulnerability
http://secunia.com/advisories/39902/
Fedora update for aria2
http://secunia.com/advisories/39872/
ScriptsFeed Recipes Listing Portal "loginid" SQL Injection Vulnerability
http://secunia.com/advisories/39929/
Employee Timeclock Software Backup Information Disclosure
http://www.securiteam.com/windowsntfocus/5JP3H151FM.html
Apache mod_isapi Dangling Pointer Vulnerability
http://www.securiteam.com/windowsntfocus/5PP3N151FS.html
GNU Tar and GNU Cpio Heap Based Buffer Overflow Vulnerability
http://www.securiteam.com/unixfocus/5IP3G151FA.html
Skype URI Handler Input Validation Vulnerability
http://www.securiteam.com/securitynews/5LP3J151FO.html
Apple iTunes ColorSync Profile Integer Overflow Vulnerability
http://www.securiteam.com/securitynews/5IP3F151GA.html
HP Performance Insight Remote Execution of Arbitrary Commands Vulnerability
http://www.securiteam.com/securitynews/5QP3O151FS.html
XnView DICOM Parsing Integer Overflow Vulnerability
http://www.securiteam.com/securitynews/5KP3I151FY.html
IBM AIX Security Update Fixes OpenSSL Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1216
Apache Axis2/Java "modules" Parameter Cross Site Sripting Vulnerability
http://www.vupen.com/english/advisories/2010/1215
ClamAV "cli_pdf()" and "cli_scanicon()" Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1214
HP-UX "rpc.pcnfsd" Daemon Remote Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1213
SGI IRIX "rpc.pcnfsd" Daemon Remote Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1212
IBM AIX and VIOS "rpc.pcnfsd" Remote Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1211
Pidgin 'msn_slplink_process_msg()' NULL Pointer Dereference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36071
Pidgin Libpurple Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/36277
Pidgin Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38294
Pidgin OSCAR Plugin Invalid Memory Access Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36719
Libpurple MSN-SLP Emoticon Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37524
Libpurple MSN Protocol Custom Emoticons Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40138
OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39013
Cisco DPC2100 Multiple Security Bypass and Cross-Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/40346
aria2 Metalink File Handling Directory Traversal Vulnerability
http://www.securityfocus.com/bid/40142
Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/38545
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/40215
PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37973
PostgreSQL 'RESET ALL' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/40304
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703
DS-Syndicate Joomla! Component 'feed_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/31819
e107 BBCode Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/40252
OpenSSL 'dtls1_retrieve_buffered_fragment()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38533
OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/38562
BarnOwl 'owl_message_get_cc_without_recipient()' Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38809
GNU Libtool 'libltdl' Library Search Path Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37128
OpenOffice EMF File Parser Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/36291
OpenOffice Word Document Table Parsing Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36200
Simple:Press Plugin for WordPress Security Bypass and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/40345
Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40344
Apache Axis2 'xsd' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/40343
0 件のコメント:
コメントを投稿