Postfix 2.8 Snapshot 20100617
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100617.HISTORY
Microsoft、官民連携でオンライン詐欺対策プロジェクト
http://itpro.nikkeibp.co.jp/article/NEWS/20100618/349381/?ST=security
End of the road for Cisco CSA
http://isc.sans.edu/diary.html?storyid=9025
Linux Kernel XFS "xfs_swapext()" Security Bypass
http://secunia.com/advisories/40205/
Debian Security Update Fixes pmount Insecure File Permission Issue
http://www.vupen.com/english/advisories/2010/1520
Debian Security Update Fixes Sudo Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/1519
Mandriva Security Update Fixes Sudo Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/1518
Mandriva Security Update Fixes Samba Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/1517
+ MySQL 5.1.48 released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
+ RHSA-2010:0490-1: Important: cups security update
http://rhn.redhat.com/errata/RHSA-2010-0490.html
++ Linux Kernel XSF 'SWAPEXT' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40920
Thunderbird 3.0.5 Now Available
http://www.mozillamessaging.com/en-US/about/press/archive/-01
http://www.mozillamessaging.com/en-US/thunderbird/3.0.5/releasenotes/
http://developer.mozilla.org/devnews/index.php/2010/06/17/thunderbird-3-0-5-update-is-now-available-for-free-download/
Apache HTTP Server 2.3.6-alpha Released
http://www.apache.org/dist/httpd/Announcement2.3.txt
RHSA-2010:0459-2: Moderate: openoffice.org security update
http://rhn.redhat.com/errata/RHSA-2010-0459.html
Document ID: 355626: CommandCentral Storage (CCS) 5.1.1 Managed Host (MH) installation or un-installation can cause some Storage Foundation for Windows (SFW) 5.x features to stop working.
http://seer.entsupport.symantec.com/docs/355626.htm
Debian : New sudo packages fix environment sanitization bypass vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32910
Justin C. Klein Keane : Drupal FileField Module XSS Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32919
Mandriva : sudo
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32906
Stratsec : Netware SMB Remote Stack Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32917
Apple : iTunes 9.2
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32908
Debian : New samba packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32909
iDEFENSE : Samba 3.3.12 Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32916
Independent Researcher : THQ website has multiple SQL injection bugs, and a reflected XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32918
Inj3ct0r Team : Nakid CMS (fckeditor) Remote Arbitrary File Upload Exploit
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32921
Mandriva : cacti
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32905
Onapsis : SAP J2EE Telnet Administration Security Check Bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32915
減らない迷惑メール、「アドレス収集目的」が最も“迷惑”
ランダムな内容で大量送信する攻撃など、シマンテックが最新動向を発表
http://itpro.nikkeibp.co.jp/article/Research/20100617/349363/?ST=security
JVNTA10-162A Adobe Flash および AIR に脆弱性
http://jvn.jp/cert/JVNTA10-162A/index.html
JVNDB-2010-001537 Adobe Flash ActionScript AVM2 newfunction 命令に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001537.html
JVNDB-2010-001536 OpenOffice.org における任意の Python コードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001536.html
JVNDB-2010-001535 Accoria Rock Web Server に複数の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001535.html
JVNDB-2010-001534 Interstage Portalworks および Interstage Interaction Manager のポータル機能におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001534.html
JVNDB-2010-001466 RHEL の MMIO 命令デコーダにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001466.html
JVNDB-2010-001465 Linux kernel の drivers/connector/connector.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001465.html
JVNDB-2010-001203 x86_64 プラットフォーム上の Linux kernel の load_elf_binary 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001203.html
JVNDB-2009-002319 SSL および TLS プロトコルに脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002319.html
Digital Copy Machines - Security Risk?
http://isc.sans.edu/diary.html?storyid=9010
Internet Fraud Alert Kicks Off Today
http://isc.sans.edu/diary.html?storyid=9013
FYI - Another bogus site
http://isc.sans.edu/diary.html?storyid=9016
TitanFTP Server COMB directory traversal
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00183.html
[SECURITY] [DSA 2063-1] New pmount packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00181.html
Vulnerabilities in Firebook
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00180.html
[security bulletin] HPSBUX02543 SSRT100152 rev.1 - HP-UX Running Apache with PHP, Remote Den
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00182.html
TEHTRI-Security released 13 0days against web tools used by evil attackers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00179.html
[ MDVSA-2010:119 ] samba
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00178.html
[ MDVSA-2010:118 ] sudo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00176.html
[SECURITY] [DSA 2062-1] New sudo packages fix environment sanitization bypass vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00177.html
TurboFTP Server Directory Traversal Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00175.html
[MajorSecurity SA-074]CMS RedAks 2.0 - Multiple Cross-site Scripting issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00174.html
iDefense Security Advisory 06.16.10: Samba 3.3.12 Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00173.html
[security bulletin] HPSBOV02540 SSRT090249 rev.1 - HP SSL for OpenVMS, Remote Unauthorized Data
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00172.html
[SECURITY] [DSA 2061-1] New samba packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00168.html
[Onapsis Security Advisory 2010-005] SAP J2EE Telnet Administration Security Check Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00167.html
ZDI-10-110: Adobe Flash Player Multiple Tag JPEG Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00170.html
ZDI-10-109: Adobe Flash Player Multiple Atom MP4 Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00171.html
ZDI-10-108: HP OpenView NNM ovwebsnmpsrv.exe Command Line Argument Remote Code Execution Vul
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00165.html
[ MDVSA-2010:117 ] cacti
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00166.html
[USN-951-1] Samba vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00169.html
Vulnerability Note VU#221257: Symantec AppStream and Workspace Streaming vulnerable to arbitrary code download and execution
http://www.kb.cert.org/vuls/id/221257
Novell Access Manager Arbitrary File Upload Vulnerability
http://secunia.com/advisories/40198/
Debian update for sudo
http://secunia.com/advisories/40114/
2daybiz Network Community Script "id" and "alb" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/40247/
2daybiz Online Classified Script "sid" Cross-Site Scripting
http://secunia.com/advisories/40213/
Novell NetWare SMB "AccountName" Buffer Overflow Vulnerability
http://secunia.com/advisories/40199/
AspTR Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/40158/
Splunk "Referer" Header Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40187/
Titan FTP Server "XCRC" Directory Traversal Vulnerability
http://secunia.com/advisories/40237/
Avaya Products krb5 GSS-API NULL Pointer Dereference Vulnerability
http://secunia.com/advisories/40209/
Debian update for samba
http://secunia.com/advisories/40221/
Drupal Views Module Multiple Vulnerabilities
http://secunia.com/advisories/40246/
Drupal Studio theme pack Module Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40245/
Drupal Ubercart MIGS Module Security Issue
http://secunia.com/advisories/40244/
Drupal Content Construction Kit Information Disclosure Vulnerabilities
http://secunia.com/advisories/40243/
Drupal Ogone Ubercart Module Security Bypass Vulnerability
http://secunia.com/advisories/40242/
SAP J2EE Telnet Interface Credentials Reflection Vulnerability
http://secunia.com/advisories/40223/
Drupal Views Module "Administer Views" Permission Security Issue
http://secunia.com/advisories/40224/
Drupal FileField Module Script Insertion Vulnerability
http://secunia.com/advisories/40186/
IBM AIX update for OpenSSH
http://secunia.com/advisories/40234/
TeamSpeak Server Multiple Vulnerabilities
http://secunia.com/advisories/40230/
Apple iTunes Multiple Vulnerabilities
http://secunia.com/advisories/40196/
Ziproxy PNG Image Processing Vulnerability
http://secunia.com/advisories/40156/
HP SSL for OpenVMS Multiple Vulnerabilities
http://secunia.com/advisories/40235/
Fedora update for xinha
http://secunia.com/advisories/40236/
Fedora update for pcsc-lite
http://secunia.com/advisories/40239/
Fedora update for openssl
http://secunia.com/advisories/40240/
Red Hat update for samba and samba3x
http://secunia.com/advisories/40210/
Travel Website Script / Easy Travel Portal "country" SQL Injection Vulnerability
http://secunia.com/advisories/40200/
Symantec AppStream / Workspace Streaming Authentication Security Bypass
http://secunia.com/advisories/40233/
Ubuntu update for samba
http://secunia.com/advisories/40159/
File Sharing Wizard Version 1.5.0 (SEH) Exploit
http://www.exploit-db.com/exploits/13903/
BlazeDVD v5.1 (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass on Win7
http://www.exploit-db.com/exploits/13905/
Winamp v5.572 local BOF exploit (EIP & SEH DEP Bypass)
http://www.exploit-db.com/exploits/13907/
Batch Audio Converter Lite Edition <= v1.0.0.0 Stack Buffer Overflow (SEH) http://www.exploit-db.com/exploits/13909/
Novell Access Manager Administration Console File Upload Vulnerability
http://www.vupen.com/english/advisories/2010/1516
IBM AIX Security Update Fixes OpenSSH Information Disclosure Issues
http://www.vupen.com/english/advisories/2010/1515
Novell NetWare "CIFS.NLM" SMB Request Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1514
HP SSL for OpenVMS Security Bypass and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2010/1513
Apple iTunes Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/1512
Symantec Workspace Streaming Unauthorized Downloads Vulnerability
http://www.vupen.com/english/advisories/2010/1511
Fedora Security Update Fixes Xinha Security Bypass File Upload
http://www.vupen.com/english/advisories/2010/1510
Fedora Security Update Fixes OpenSSL Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1509
Fedora Security Update Fixes PCSC-Lite Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1508
Redhat Security Update Fixes Samba SMB1 Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/1507
Redhat Security Update Fixes OpenOffice.org Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/1506
Debian Security Update Fixes Samba SMB1 Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/1505
Ubuntu Security Update Fixes Samba SMB1 Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/1504
Mandriva Security Update Fixes Cacti SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1503
SAP J2EE Engine Telnet Interface Lets Remote Authenticated Users Bypass Some Administrative Access Controls
http://securitytracker.com/alerts/2010/Jun/1024114.html
Easy Travel Portal Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/40924
RETIRED: Anblik PenPal 'admin/login.asp' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/40925
Apache Tomcat Windows Installer Insecure Password Vulnerability
http://www.securityfocus.com/bid/36954
Apache Tomcat WAR File Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37944
Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37945
PHP 'tempnam()' 'safe_mode' Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/36555
PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37079
PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35440
PHP 'session.save_path()' Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/37390
PHP 5.2.10 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/36449
PHP 'proc_open()' 'safe_mode_protected_env_var' Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/37138
PHP 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37389
Ananda Real Estate List.ASP SQL Injection Vulnerability
http://www.securityfocus.com/bid/21771
BlazeVideo BlazeDVD Professional '.PLF' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35918
Symantec Workspace Streaming Server Authentication Arbitrary File Download Vulnerability
http://www.securityfocus.com/bid/40611
Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40884
Adobe Flash Player and AIR (CVE-2010-2174) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40805
Adobe Flash Player and AIR (CVE-2010-2173) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40800
Adobe Flash Player (CVE-2010-2167) Multiple Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40802
Todd Miller Sudo 'secure path' Security Bypass Vulnerability
http://www.securityfocus.com/bid/40538
OpenSSL 'EVP_VerifyFinal' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33150
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/38562
FCKeditor 'CurrentFolder' Parameter Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/31812
Xinha Dynamic Configuration Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40033
PCSC-Lite 'PCSCD' Daemon Unspecified Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40758
Microsoft Windows Media Decompression (CVE-2010-1880) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40464
Microsoft Internet Explorer Developer Toolbar (CVE-2010-1261) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40416
Cacti 'rra_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/40149
OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40502
OpenSSL 'EVP_PKEY_verify_recover()' Invalid Return Value Security Bypass Vulnerability
http://www.securityfocus.com/bid/40503
Firebook Multiple Cross Site Scripting and Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/40941
Batch Audio Converter '.wav' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40940
pmount Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/40939
Novell Access Manager Administration Console 'getEntry()' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40931
Ananda Image Gallery 'default.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40929
File Sharing Wizard 'HEAD' Command Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40928
PithCMS 'lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/40926
Drupal FileField Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/40923
Omid Samadbin Software Index Image Upload Remote Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40921
Linux Kernel XSF 'SWAPEXT' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40920
TurboFTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/40919
Teamspeak Webserver Versions Prior to 3.0.0-beta25 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/40918
Novell Netware SMB Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40908
0 件のコメント:
コメントを投稿