courier-0.65.0.20100628 SNAPSHOT
http://www.courier-mta.org/download.php#courier
courier-imap-4.8.0.20100628 SNAPSHOT
http://www.courier-mta.org/download.php#imap
sqwebmail-5.4.1.20100628 SNAPSHOT
http://www.courier-mta.org/download.php#sqwebmail
maildrop-2.5.0.20100628 SNAPSHOT
http://www.courier-mta.org/download.php#maildrop
UPDATE: CTX125319: Vulnerability in Citrix XenServer Could Result in Denial of Service
http://support.citrix.com/article/CTX125319
プレス発表
「情報セキュリティ対策ベンチマーク バージョン3.3」と「診断の基礎データの統計情報」を公開
~中小企業の対策状況は、4年間を通じて向上。資産分類や事業継続に課題が~
http://www.ipa.go.jp/about/press/20100629.html
dootzky oblog Persistant XSS, CSRF, Admin Bruteforce
http://securityreason.com/securityalert/7540
Linker IMG <==1.0 (index.php) Remote File Vulns http://securityreason.com/securityalert/7539
Acc PHP eMail v1.1 - Cross Site Request Foregery
http://securityreason.com/securityalert/7538
JVNDB-2010-001584 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001584.html
JVNDB-2010-001583 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001583.html
JVNDB-2010-001582 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001582.html
JVNDB-2010-001581 Apple Safari の WebKit における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001581.html
JVNDB-2010-001580 Apple Safari の WebKit におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001580.html
JVNDB-2010-001579 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001579.html
JVNDB-2010-001578 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001578.html
JVNDB-2010-001577 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001577.html
JVNDB-2010-001576 Apple Safari の WebKit におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001576.html
JVNDB-2010-001575 Apple Safari の WebKit におけるクリップボードを変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001575.html
JVNDB-2010-001574 Apple Safari の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001574.html
JVNDB-2010-001573 Apple Safari の WebKit におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001573.html
JVNDB-2010-001572 Apple Safari の WebKit の Cascading Style Sheets 実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001572.html
JVNDB-2010-001571 Apple Safari の WebKit における他のサイトから画像を読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001571.html
- PHP "spl_object_storage_attach()" Use-After-Free Vulnerability
http://secunia.com/advisories/40268/
phpMyAdmin 3.3.4 is released
http://sourceforge.net/news/?group_id=23067&id=288637
http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.3.4%2FphpMyAdmin-3.3.4-notes.html/view
Sudo 1.7.3rc1 was released
http://www.sudo.ws/sudo/news.html
Windowsの脆弱性を突くゼロデイ攻撃、国内のWebサーバーに「わな」
「ガンブラー」攻撃の一種、Webアクセスでウイルス感染の恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20100629/349695/?ST=security
Icy Silence : D-Link DAP-1160 Unauthenticated Remote Configuration
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32994
Debian : New xulrunner packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32984
Debian : New kvirc packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32985
Independent Researcher : Chrome and Safari users open to stealth HTML5 Application Cache attack
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32997
MustLive : Redirectors: the phantom menace
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32996
Independent Researcher : Nuance OmniPage 16 Professional installs multiple vulnerable Microsoft runtime libraries
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32995
Hewlett-Packard : HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrary Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32993
Slackware Linux : mozilla-firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32979
Slackware Linux : mozilla-thunderbird
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32980
Slackware Linux : seamonkey
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32981
Slackware Linux : bind
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32982
Slackware Linux : cups
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32983
VMware : ESX 3.5 third party update for Service Console kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32987
ZDI : Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32988
ZDI : Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32989
High-Tech Bridge SA : SQL injection vulnerability in WebDB
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32990
High-Tech Bridge SA : XSS vulnerability in ForumCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32991
Windows のヘルプとサポートセンターの未修正の脆弱性に関する注意喚起
http://www.jpcert.or.jp/at/2010/at100016.txt
ref_fuzz and other fun bugs
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00240.html
London DEFCON June meet - DC4420 - Wed 30th June 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00241.html
IS-2010-004 - D-Link DAP-1160 Unauthenticated Remote Configuration
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00237.html
Denial-of-Service Vulnerability in IDA Pro
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00238.html
[SECURITY] [DSA 2065-1] New kvirc packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00236.html
[SECURITY] [DSA 2064-1] New xulrunner packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00235.html
Nuance OmniPage 16 Professional installs multiple vulnerable Microsoft runtime libraries
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00233.html
New IETF Internet-Drafts on TCP timestamps
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00239.html
PUBLIC ADVISORY: 06.21.10: Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=874
Down the RogueAV and Blackhat SEO rabbit hole
http://isc.sans.edu/diary.html?storyid=9085
D-Link DAP-1160 Router Lets Remote Users Modify the Configuration
http://securitytracker.com/alerts/2010/Jun/1024156.html
OneCMS Multiple Vulnerabilities
http://secunia.com/advisories/39395/
WordPress Cimy Counter Plugin "fn" Redirection Weakness
http://secunia.com/advisories/40258/
UltraISO MDS/XMD File Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/40384/
OpenVMS Auditing Information Disclosure Vulnerability
http://secunia.com/advisories/40361/
Bilder Upload Script File Upload Vulnerability
http://secunia.com/advisories/40379/
Mollify Removed Folders Access Security Issue
http://secunia.com/advisories/40376/
IBM FileNet Unspecified Security Bypass Vulnerability
http://secunia.com/advisories/40413/
2daybiz Custom T-Shirt Design Script Multiple Vulnerabilities
http://secunia.com/advisories/40362/
Debian update for kvirc
http://secunia.com/advisories/40349/
OlyKit Swoopo Clone 2010 "id" SQL Injection Vulnerability
http://secunia.com/advisories/40360/
libpng Two Vulnerabilities
http://secunia.com/advisories/40302/
Joomla JE Story Submit Component "view" File Inclusion Vulnerability
http://secunia.com/advisories/40390/
Joomla JE Media Player Component "view" File Inclusion Vulnerability
http://secunia.com/advisories/40398/
Debian update for xulrunner
http://secunia.com/advisories/40344/
Fedora update for python-paste
http://secunia.com/advisories/40414/
Paste Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40408/
Slackware update for bind
http://secunia.com/advisories/40397/
PHP "spl_object_storage_attach()" Use-After-Free Vulnerability
http://secunia.com/advisories/40268/
ARSC Really Simple Chat "arsc_message" Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2010/1609
2daybiz custom T-shirt design Multiple SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1608
VMware ESX Security Update Fixes Multiple Kernel Vulnerabilities
http://www.vupen.com/english/advisories/2010/1607
IBM WebSphere Application Server Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1606
Fedora Security Update Fixes Python-Paste Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2010/1605
Fedora Security Update Fixes GnuTLS Plaintext Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1604
Fedora Security Update Fixes CUPS Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1603
Debian Security Update Fixes KVIrc Directory Traversal and Format String
http://www.vupen.com/english/advisories/2010/1602
Debian Security Update Fixes Xulrunner Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1601
Slackware Security Update Fixes CUPS Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1600
Slackware Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1599
Slackware Security Update Fixes Seamonkey Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1598
Slackware Security Update Fixes Firefox Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1597
Slackware Security Update Fixes BIND Cache Poisoning Vulnerabilities
http://www.vupen.com/english/advisories/2010/1596
UFO: Alien Invasion v2.2.1 Remote Code Execution (OSX)
http://www.exploit-db.com/exploits/14091/
GSM SIM Utility sms file Local SEH BoF
http://www.exploit-db.com/exploits/14098/
Kingsoft Writer 2010 Stack buffer overflow
http://www.exploit-db.com/exploits/14092/
FCKeditor 'CurrentFolder' Parameter Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/31812
Trend Micro InterScan Web Security Virtual Appliance Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/41039
Sysax Multi Server 'SFTP' Module Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/41013
NetArt Media iBoutique.MALL 'cat' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36404
Novell ZENworks Configuration Management Preboot Service Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40486
CUPS 'lppasswd' Tool Localized Message String Security Weakness
http://www.securityfocus.com/bid/38524
Novell iManager Schema Create Class Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40480
KVIrc DCC Directory Traversal and Multiple Format String Vulnerabilities
http://www.securityfocus.com/bid/40746
UFO: Alien Invasion IRC Client Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/41004
Python Paste 'paste.httpexceptions' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/41160
BlazeVideo BlazeDVD Professional '.PLF' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35918
Mozilla Firefox CVE-2010-1200 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41090
Mozilla Firefox/Thunderbird/SeaMonkey DOM Nodes Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41087
Mozilla Firefox CVE-2010-1202 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41094
Mozilla Firefox and SeaMonkey Plugin Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41102
Mozilla Firefox/SeaMonkey Attachment With Content-Disposition HTTP Header Bypass Vulnerability
http://www.securityfocus.com/bid/41103
Mozilla Firefox & SeaMonkey 'nsCycleCollector::MarkRoots()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41100
Mozilla Firefox/Thunderbird/SeaMonkey XSLT Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41082
Mozilla Firefox CVE-2010-1201 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41093
PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/40948
Joomla! JE Section/Property Finder Component Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/39754
FoxMediaTools FoxPlayer '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38127
Multiple Mini-stream Software Products '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34494
LXR Cross Referencer Version Prior to 0.9.7 Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/41193
Kingsoft Writer '.doc' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41192
BlaherTech Placeto CMS 'Username' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/41190
PTCPay GeN4 'buyupg.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41189
D-Link DAP-1160 Wireless Access Point DCC Protocol Security Bypass Vulnerability
http://www.securityfocus.com/bid/41187
Customer Paradigm PageDirector 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/41184
0 件のコメント:
コメントを投稿