+ Jetty 6.1.25 released
http://svn.codehaus.org/jetty/jetty/branches/jetty-6.1/VERSION.txt
Sudo 1.7.4b4 was released
http://www.sudo.ws/sudo/devel.html#1.7.4b4
Cisco Security Advisory: CDS Internet Streamer: Web Server Directory Traversal Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100721-spcdn.shtml
マイクロソフト社が運営されているポータルサイトmsnの「便利なツール」にアクセスした際に、Webサイトがブロックされる現象について
http://www.trendmicro.co.jp/support/news.asp?id=1446
Debian : DSA 2074-1 New ncompress packages fix execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33185
Red Hat : RHSA-2010:0544-01 Moderate: thunderbird security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33188
Red Hat : RHSA-2010:0545-01 Critical: thunderbird security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33189
Red Hat : RHSA-2010:0546-01 Critical: seamonkey security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33190
Red Hat : RHSA-2010:0547-01 Critical: firefox security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33191
Ubuntu Security Notice : USN-940-2 Kerberos vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33182
ZDI : ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33192
ZDI : ZDI-10-131: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33193
ZDI : ZDI-10-132: Mozilla Firefox Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33194
ZDI : ZDI-10-133: Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33195
ZDI : ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33196
ZDI : ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33197
Debian : DSA 2073-1 New mlmmj packages fix directory traversal
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33184
Hewlett-Packard : HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33201
Independent Researcher : CVE-2010-2382: Solaris flar unsafe use of temporary files
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33198
Independent Researcher : CVE-2010-2382: Solaris nfslogd unsafe use of temporary files
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33199
Independent Researcher : CVE-2010-2384: Solaris wbem unsafe use of temporary files
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33200
Windowsの「ゼロデイ脆弱性」に回避策、ただし“副作用”に注意
ショートカットアイコンを白いアイコンに、スタートメニューも白くなる
http://itpro.nikkeibp.co.jp/article/NEWS/20100722/350536/?ST=security
JVNDB-2010-001718 Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001718.html
JVNDB-2010-001717 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001717.html
JVNDB-2010-001716 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001716.html
JVNDB-2010-001715 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001715.html
JVNDB-2010-001714 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001714.html
JVNDB-2010-001713 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001713.html
JVNDB-2010-001712 Adobe Reader および Acrobat の AcroForm.api における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001712.html
JVNDB-2010-001711 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001711.html
JVNDB-2010-001710 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001710.html
JVNDB-2010-001709 UNIX 上で稼動する Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001709.html
JVNDB-2010-001708 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001708.html
JVNDB-2010-001707 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001707.html
UPDATE: MS09-014 - Critical: Cumulative Security Update for Internet Explorer (963027)
http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx?pubDate=2010-07-21
So-netで不正アクセス被害が2000件超、IP電話の不正利用も
http://itpro.nikkeibp.co.jp/article/NEWS/20100722/350514/?ST=security
無料の「Microsoft Security Essentials」次期版ベータが提供開始に
http://itpro.nikkeibp.co.jp/article/NEWS/20100722/350520/?ST=security
JPCERT/CC WEEKLY REPORT 2010-07-22
http://www.jpcert.or.jp/wr/2010/wr102701.html
HP TCP/IP Services for OpenVMS Running NTP Execution of Code and DoS Vulnerabilities
http://www.securiteam.com/securitynews/5FP3N0A20A.html
Cisco Video Cameras and 4-Port Gigabit Security Routers Authentication Bypass Vulnerability
http://www.securiteam.com/securitynews/5GP3O0A20A.html
HP ServiceCenter Cross Site Scripting Vulnerability
http://www.securiteam.com/securitynews/5AP3H0A21Y.html
HP MFP Digital Sending Software Running on Windows Unauthorized Access Vulnerability
http://www.securiteam.com/windowsntfocus/5ZP3H0A20A.html
CA PSFormX and WebScan ActiveX Controls Multiple Vulnerabilities
http://www.securiteam.com/securitynews/5ZP3G0A21E.html
CA ARCserve Backup Sensitive Information Disclosure Vulnerability
http://www.securiteam.com/securitynews/5YP3F0A21K.html
Adobe Acrobat and Reader pushstring Memory Corruption Vulnerability
http://www.securiteam.com/securitynews/5EP3M0A20A.html
Adobe Acrobat and Reader 1023 Tag Buffer Overflow Vulnerability
http://www.securiteam.com/securitynews/5BP3J0A20A.html
Adobe Acrobat and Reader newclass Memory Corruption Vulnerability
http://www.securiteam.com/securitynews/5CP3K0A20A.html
Adobe Acrobat and Reader newfunction Memory Corruption Vulnerability
http://www.securiteam.com/securitynews/5DP3L0A20A.html
Adobe Reader CLOD Progressive Mesh Continuation Resolution Code Execution Vulnerability
http://www.securiteam.com/securitynews/5AP3I0A20A.html
Zoph Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.securiteam.com/securitynews/5YP3G0A20A.html
vBulletin FAQ Unspecified Vulnerability
http://secunia.com/advisories/40675/
RSA Federated Identity Manager Redirection Weakness
http://secunia.com/advisories/40704/
Red Hat update for java-1.6.0-ibm
http://secunia.com/advisories/40702/
Arora Qt "QTextEngine::LayoutData::reallocate()" Vulnerability
http://secunia.com/advisories/40624/
Qt "QTextEngine::LayoutData::reallocate()" Vulnerability
http://secunia.com/advisories/40588/
RSA Federated Identity Manager URL Redirection Flaw Lets Remote Users Bypass Security Controls
http://securitytracker.com/alerts/2010/Jul/1024239.html
HP OpenView Network Node Manager Buffer Overflow in 'ov.dll' Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024238.html
+ RHSA-2010:0547-1: Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2010-0547.html
+ Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability
http://www.securityfocus.com/bid/41732
[ANNOUNCE] MyJSQLView Version 3.22 Released
http://dandymadeproductions.com/projects/MyJSQLView/index.html
HPSBMA02558 SSRT100158 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02290344
HPSBMA02551 SSRT100065 rev.2 - HP Virtual Connect Enterprise Manager for Windows, Remote Cross Site Scripting (XSS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02283465
bind 9.7.2b1 released
http://ftp.isc.org/isc/bind9/9.7.2b1/9.7.2b1
[security bulletin] HPSBMA02551 SSRT100065 rev.2 - HP Virtual Connect Enterprise Manager for Win
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00192.html
VUPEN Security Research - HP OpenView Network Node Manager "ov.dll" Buffer Overflow Vulnerabilit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00191.html
VUPEN Security Research - HP OpenView Network Node Manager "nnmrptconfig.exe" Buffer Overflow (C
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00189.html
[security bulletin] HPSBMA02558 SSRT100158 rev.2 - HP OpenView Network Node Manager (OV NNM), Re
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00190.html
[Suspected Spam]SQL Injection vulnerability in coWiki
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00188.html
Mozilla Firefox 3.5.x Address Bar Spoofing Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00187.html
Cisco Security Advisory: CDS Internet Streamer: Web Server Directory Traversal Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00186.html
ESA-2010-011: RSA, The Security Division of EMC, announces a fix for potential security vuln
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00182.html
[USN-940-2] Kerberos vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00181.html
[SECURITY] [DSA 2074-1] New ncompress packages fix execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00180.html
ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00179.html
ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00178.html
ZDI-10-133: Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00177.html
ZDI-10-132: Mozilla Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Executi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00176.html
ZDI-10-131: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00175.html
ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00174.html
[Onapsis Security Advisory 2010-006] SAP J2EE Web Services Navigator Cross-Site Scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00173.html
[oCERT-2010-002] Joomla input sanitization errors (XSS)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00183.html
[security bulletin] HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager (OV NNM), Re
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00172.html
[security bulletin] HPSBMA02557 SSRT100025 rev.1- HP OpenView Network Node Manager (OV NNM) Runn
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00185.html
[SECURITY] [DSA 2073-1] New mlmmj packages fix directory traversal
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00184.html
Update on .LNK vulnerability
http://isc.sans.edu/diary.html?storyid=9217
Adobe Reader Protected Mode
http://isc.sans.edu/diary.html?storyid=9220
Dell PowerEdge R410 replacement motherboard firmware contains malware
http://isc.sans.edu/diary.html?storyid=9223
autorun.inf and .lnk Malware (NOT 'Vulnerability in Windows Shell Could Allow Remote Code Execution' 2286198)
http://isc.sans.edu/diary.html?storyid=9229
Cisco Content Delivery System Internet Streamer Directory Traversal Flaw Discloses Files to Remote Users
http://securitytracker.com/alerts/2010/Jul/1024234.html
SAP J2EE Web Services Navigator Interface Cross-Site Scripting
http://secunia.com/advisories/40659/
QQPlayer ASX and CUE File Processing Buffer Overflow Vulnerabilities
http://secunia.com/advisories/40668/
Imagine CMS SQL Injection and Local File Inclusion Vulnerabilities
http://secunia.com/advisories/40643/
Red Hat update for thunderbird
http://secunia.com/advisories/40653/
Red Hat update for thunderbird
http://secunia.com/advisories/40651/
Red Hat update for firefox
http://secunia.com/advisories/40650/
Red Hat update for seamonkey
http://secunia.com/advisories/40649/
Debian update for mlmmj
http://secunia.com/advisories/40658/
Debian update for ncompress
http://secunia.com/advisories/40689/
ncompress "decompress()" Integer Underflow Vulnerability
http://secunia.com/advisories/40655/
Ubuntu update for krb5
http://secunia.com/advisories/40685/
F.E.A.R. / F.E.A.R. 2: Project Origin Memory Corruption Vulnerability
http://secunia.com/advisories/40676/
Fedora update for python-cjson
http://secunia.com/advisories/40627/
123 Flash Chat PHP Chat Module "select_db" Local File Inclusion Vulnerability
http://secunia.com/advisories/40654/
SUSE update for kernel
http://secunia.com/advisories/40645/
Mozilla SeaMonkey Multiple Vulnerabilities
http://secunia.com/advisories/40688/
Mozilla Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/40642/
Fedora update for libpng10
http://secunia.com/advisories/40684/
Intel Software Development Tools for Intel AMT OpenSSL Denial of Service
http://secunia.com/advisories/40394/
Red Hat update for openldap
http://secunia.com/advisories/40687/
Red Hat update for openldap
http://secunia.com/advisories/40677/
Intel Math Kernel Library Insecure File Permissions
http://secunia.com/advisories/40634/
HP OpenView Network Node Manager Unspecified Vulnerability
http://secunia.com/advisories/40686/
SapGUI BI v7100.1.400.8 Heap Corruption Exploit
http://www.exploit-db.com/exploits/14416/
ZipCentral (.zip) Buffer Overflow (SEH)
http://www.exploit-db.com/exploits/14433/
QQPlayer cue File Buffer Overflow Exploit
http://www.exploit-db.com/exploits/14431/
QQPlayer asx File Processing Buffer Overflow Exploit
http://www.exploit-db.com/exploits/14428/
HP OpenView Network Node Manager Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2010/1866
SAP J2EE Web Services Navigator Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1865
Redhat Security Update Fixes Seamonkey Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1864
Redhat Security Update Fixes Firefox Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1863
Redhat Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1862
Intel Math Kernel Library Insecure File Permission Privilege Escalation
http://www.vupen.com/english/advisories/2010/1861
Intel AMT SDK and SCS OpenSSL TLS Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1860
Mozilla Products Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/1859
Redhat Security Update Fixes OpenLDAP Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1858
SuSE Security Update Fixes Kernel Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2010/1857
Ubuntu Security Update Fixes FreeType Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1856
Turbolinux Security Update Fixes Multiple MySQL Vulnerabilities
http://www.vupen.com/english/advisories/2010/1855
Debian Security Update Fixes mlmmj Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2010/1854
HP OpenView Network Node Manager CVE-2010-2704 Multiple Code Execution Vulnerabilities
http://www.securityfocus.com/bid/41839
Multiple ActiveWebSoftwares Products Default.ASP SQL Injection Vulnerability
http://www.securityfocus.com/bid/23109
HP OpenView Network Node Manager 'execvp_nc()' Code Execution Vulnerability
http://www.securityfocus.com/bid/41829
ngIRCd SSL/TLS Support MOTD Request Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/37021
mlmmj (Mailing List Managing Made Joyful) Directory Traversal Vulnerability
http://www.securityfocus.com/bid/41841
Novell Teaming 'ajaxUploadImageFile' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41795
NETGEAR WNDAP330 Management Frame Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36991
Oracle Java SE and Java for Business Unspecified Vulnerabilities
http://www.securityfocus.com/bid/39492
dotDefender Cross-Site Scripting Security Bypass Vulnerability
http://www.securityfocus.com/bid/41560
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
Mozilla Firefox 'about:blank' Document URI Spoofing Vulnerability
http://www.securityfocus.com/bid/41055
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-34 Through -47 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/41824
Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability
http://www.securityfocus.com/bid/41732
GNU gzip LZW Compression Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37886
Mozilla Firefox/Thunderbird/SeaMonkey XSLT Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41082
Mozilla Firefox CVE-2010-1200 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41090
Mozilla Firefox and SeaMonkey Plugin Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41102
Mozilla Firefox/SeaMonkey Attachment With Content-Disposition HTTP Header Bypass Vulnerability
http://www.securityfocus.com/bid/41103
Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39077
MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40235
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
W3M NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/40837
Python-cjson Unicode Character Encoding Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41279
Multiple Mozilla Products Script Filename Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41860
Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41853
RSA Federated Identity Manager URI Redirection Vulnerability
http://www.securityfocus.com/bid/41850
RapidLeech Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/41838
Very interested web sites, thanks :-)
返信削除