+ FreeBSD-SA-10:04.jail: Insufficient environment sanitization in jail(8)
http://security.freebsd.org/advisories/FreeBSD-SA-10:04.jail.asc
+ FreeBSD-SA-10:05.opie: OPIE off-by-one stack overflow
http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc
+ FreeBSD-SA-10:06.nfsclient: Unvalidated input in nfsclient
http://security.freebsd.org/advisories/FreeBSD-SA-10:06.nfsclient.asc
Microsoft Security Bulletin MS10-020 - Critical: Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) Version: 1.1
http://www.microsoft.com/technet/security/bulletin/MS10-020.mspx?pubDate=2010-05-26
Fedora 13: Rock It!
http://docs.fedoraproject.org/ja-JP/Fedora/13/html/Release_Notes/index.html
VMware Player 3.1 released
http://www.vmware.com/support/player31/doc/releasenotes_player31.html
Linux Kernel release: 2.6.33.5
http://www.linux.org/news/2010/05/26/0003.html
Linux Kernel release: 2.6.32.14
http://www.linux.org/news/2010/05/26/0002.html
Linux Kernel release: 2.6.27.47
http://www.linux.org/news/2010/05/26/0001.html
「Trend Micro InterScan WebManager SCC」サポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1415
Google、Web解析サービスのプライバシー保護機能を強化
http://itpro.nikkeibp.co.jp/article/NEWS/20100527/348541/?ST=security
Facebook、新たなプライバシー設定を実装開始
http://itpro.nikkeibp.co.jp/article/NEWS/20100527/348540/?ST=security
EMC Avamar Unspecified Flaw in gsan Service Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/May/1024036.html
+ Linux kernel 2.6.33.5, 2.6.32.14, 2.6.27.47 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.5
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.14
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.47
+ RHSA-2010:0442-1: Important: mysql security update
http://rhn.redhat.com/errata/RHSA-2010-0442.html
+ HS10-010: Cosminexusにおける画像処理やTLS/SSL通信の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-010/index.html
+ MOPS-2010-041: PHP strip_tags() Interruption Information Leak Vulnerability
http://php-security.org/2010/05/26/mops-2010-041-php-strip_tags-interruption-information-leak-vulnerability/index.html
+ MOPS-2010-042: PHP setcookie() Interruption Information Leak Vulnerability
http://php-security.org/2010/05/26/mops-2010-042-php-setcookie-interruption-information-leak-vulnerability/index.html
+ MOPS-2010-043: PHP strtok() Interruption Information Leak Vulnerability
http://php-security.org/2010/05/26/mops-2010-043-php-strtok-interruption-information-leak-vulnerability/index.html
+ MOPS-2010-044: PHP wordwrap() Interruption Information Leak Vulnerability
http://php-security.org/2010/05/26/mops-2010-044-php-wordwrap-interruption-information-leak-vulnerability/index.html
+ MOPS-2010-045: PHP str_word_count() Interruption Information Leak Vulnerability
http://php-security.org/2010/05/26/mops-2010-045-php-str_word_count-interruption-information-leak-vulnerability/index.html
+ MOPS-2010-046: PHP str_pad() Interruption Information Leak Vulnerability
http://php-security.org/2010/05/26/mops-2010-046-php-str_pad-interruption-information-leak-vulnerability/index.html
+? Firefox, Internet Explorer, Chrome, Opera and other browsers DoS vulnerabilities
http://securityreason.com/securityalert/7425
- NetVault Backup 8.5.1 released
http://www.bakbone.co.jp/products/nvbu851.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Network Building Mediator
http://www.cisco.com/warp/public/707/cisco-sa-20100526-mediator.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Network Building Mediator
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b2dd05.html
APSB10-13: Security update available for Adobe Photoshop CS4
http://www.adobe.com/support/security/bulletins/apsb10-13.html
ALERT WEEKLY SUMMARY REPORT
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275470-1
ウイルス検索エンジン VSAPI 9.120 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1384
UPDATE: HS09-019: Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-019/index.html
HS10-012: CA ARCserve Replicationに関するセキュリティ問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-012/index.html
HS10-011: Groupmax World Wide Web Desktopにおけるクロスサイトスクリプティングの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-011/index.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Network Building Mediator
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00252.html
[ MDVSA-2010:108 ] kolab-horde-framework
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00248.html
[ MDVSA-2010:108 ] kolab-horde-framework
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00250.html
ESA-2010-007: EMC Avamar Denial Of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00251.html
[security bulletin] HPSBMA02442 SSRT090108 rev.1 - HP Business Availability Center Running Apach
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00249.html
=?us-ascii?Q?Cyberoam_SSL_VPN_Client_-_Plain-text_Storage_of_Username_and?= =?us-asc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00246.html
CfP: GameSec 2010 - 5 days left to the deadline
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00244.html
[Suspected Spam][USN-944-1] GNU C Library vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00241.html
[ MDVSA-2010:107 ] mysql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00240.html
Flock web browser v2.5.6 (Remote Memory Corrupt) Crash Exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00239.html
XSS vulnerability in RuubikCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00235.html
SQL injection vulnerability in 360 Web Manager
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00238.html
XSS vulnerability in GetSimple CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00234.html
XSS vulnerability in razorCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00233.html
XSS vulnerability in 360 Web Manager
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00237.html
SQL injection vulnerability in 360 Web Manager
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00236.html
Informatica64 : Bypassing Google Chrome 4 Javascript Filter
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32690
フィッシング詐欺の新手口――「開いているタブが偽サイトに」
研究者がデモを公開、バックグラウンドでタブの内容を変更
http://itpro.nikkeibp.co.jp/article/NEWS/20100527/348511/?ST=security
JPCERT/CC WEEKLY REPORT 2010-05-26
http://www.jpcert.or.jp/wr/2010/wr101901.html
JVNDB-2010-001468 TeX Live 2009 および teTeX の dvipsk/dospecial.c における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001468.html
JVNDB-2010-001467 TeX Live および teTeX の predospecial 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001467.html
JVNDB-2010-001466 RHEL の MMIO 命令デコーダにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001466.html
JVNDB-2010-001465 Linux kernel の drivers/connector/connector.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001465.html
JVNDB-2010-001464 Adobe Photoshop CS4 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001464.html
JVNDB-2010-001463 Microsoft SharePoint Server におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001463.html
JVNDB-2009-002263 Xpdf および Poppler の ImageStream::ImageStream 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002263.html
JVNDB-2009-002262 Xpdf および Poppler の ObjectStream::ObjectStream 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002262.html
JVNDB-2009-001734 CUPS の pdftops フィルタにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001734.html
JVNDB-2009-001285 Xpdf および CUPS におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001285.html
JVNDB-2009-001267 JBIG2 MMR デコーダにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001267.html
JVNDB-2009-001266 JBIG2 MMR デコーダにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001266.html
JVNDB-2009-001265 JBIG2 デコーダにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001265.html
JVNDB-2009-001264 JBIG2 デコーダにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001264.html
JVNDB-2009-001263 JBIG2 デコーダにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001263.html
JVNDB-2009-001262 JBIG2 デコーダにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001262.html
JVNDB-2009-001261 JBIG2 デコーダにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001261.html
Malware modularization and AV detection evasion
http://isc.sans.org/diary.html?storyid=8857
Cisco Network Building Mediator Lets Remote Users Login and Remote Authenticated Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/May/1024027.html
HP TestDirector for Quality Center Lets Remote Users Gain Unauthorized Access
http://securitytracker.com/alerts/2010/May/1024025.html
CuteSITE CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39864/
razorCMS "content" Script Insertion Vulnerability
http://secunia.com/advisories/39961/
Specialized Data Systems Parent Connect SQL Injection Vulnerabilities
http://secunia.com/advisories/39905/
Ubuntu update for glibc and eglibc
http://secunia.com/advisories/39900/
HP Business Availability Center Multiple Vulnerabilities
http://secunia.com/advisories/39944/
IBM Communications Server for AIX APPC Denial of Service
http://secunia.com/advisories/39909/
HP TestDirector for Quality Center Unspecified Unauthorised Access Vulnerability
http://secunia.com/advisories/39943/
Python audioop Module Integer Overflow Vulnerabilities
http://secunia.com/advisories/39937/
SUSE update for Multiple Packages
http://secunia.com/advisories/39967/
Fedora update for html2ps
http://secunia.com/advisories/39957/
Fedora update for cacti
http://secunia.com/advisories/39954/
Fedora update for openssl
http://secunia.com/advisories/39956/
Joomla Component Percha Gallery 1.6 Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7449
Joomla Component Percha Fields Attach 1.0 Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7448
Shopzilla Affiliate search.php cross-site scripting
http://securityreason.com/securityalert/7447
PHP-Calendar "description" and "lastaction" Cross Site Scripting Vulnerabilities
http://securityreason.com/securityalert/7446
gpEasy <= 1.6.1 CSRF Remote Add Admin Exploit http://securityreason.com/securityalert/7445
Joomla Component Percha Downloads Attach 1.1 Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7444
gpEasy CMS XSS vulnerability
http://securityreason.com/securityalert/7443
Joomla Component Percha Image Attach 1.1 Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7442
The iceberg 'Content Management System' SQL Injection Vulnerability
http://securityreason.com/securityalert/7441
Caucho Technology Resin digest.php Cross Site Scripting Vulnerability
http://securityreason.com/securityalert/7440
LiSK CMS XSS vulnerability
http://securityreason.com/securityalert/7439
Lokomedia CMS Two Vulnerabilities
http://securityreason.com/securityalert/7438
Mathematica on Linux /tmp/MathLink vulnerability
http://securityreason.com/securityalert/7437
Lokomedia CMS (sukaCMS) Local File Disclosure Vulnerability
http://securityreason.com/securityalert/7436
Joomla Component Percha Categories 0.6 Tree Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7435
Advanced Poll 2.08 XSS vulnerability
http://securityreason.com/securityalert/7434
DataLife Engine 8.3 RFI Vulnerability
http://securityreason.com/securityalert/7433
LetoDMS (MyDMS) Local file inclusion/execution and multiple CSRF
http://securityreason.com/securityalert/7432
BS.Player v2.51 build 1022 (Media Library) Remote Buffer Overflow Vulnerability
http://securityreason.com/securityalert/7431
MigasCMS 1.0 SQL Injection
http://securityreason.com/securityalert/7430
Opencatalogue 1.024 Local File Include Vulnerability
http://securityreason.com/securityalert/7429
Saurus CMS 4.7.0 cross site scripting
http://securityreason.com/securityalert/7428
TomatoCMS Script Insertion Vulnerabilities
http://securityreason.com/securityalert/7427
TomatoCMS "q" SQL Injection Vulnerability
http://securityreason.com/securityalert/7426
Firefox, Internet Explorer, Chrome, Opera and other browsers DoS vulnerabilities
http://securityreason.com/securityalert/7425
Joomla Component redTWITTER Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7424
IBM Communications Server for AIX APPC Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1244
HP Business Availability Center Multiple Apache Vulnerabilities
http://www.vupen.com/english/advisories/2010/1243
HP TestDirector for Quality Center Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2010/1242
TELE DATA Contact Management Server Directory Traversal Issue
http://www.vupen.com/english/advisories/2010/1241
Zabbix "nav_time" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1240
McAfee Email Gateway Web Access Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/1239
Sun Solaris FTP Server Long Command Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1238
Fedora Security Update Fixes OpenSSL Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1237
Fedora Security Update Fixes html2ps Arbitrary File Disclosure Issue
http://www.vupen.com/english/advisories/2010/1236
Fedora Security Update Fixes Cacti Multiple Input Validation Vulnerabilities
http://www.vupen.com/english/advisories/2010/1235
Redhat Security Update Fixes OpenSSL Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1234
Redhat Security Update Fixes Kernel Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1233
SuSE Security Update Fixes Code Execution and Security Bypass
http://www.vupen.com/english/advisories/2010/1232
Mandriva Security Update MySQL Buffer Overflow and Security Bypass
http://www.vupen.com/english/advisories/2010/1231
REMARK: SecurityFocus Web site did not response...
0 件のコメント:
コメントを投稿