Squid 3.1.5.1 release
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_5_1.html
Postfix 2.8 Snapshot 20100728
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100728.HISTORY
「文書閲覧ソフトウェアの古い脆弱性を狙った標的型攻撃」についての調査結果の公開~「2009年度
脆弱性を利用した新たなる脅威の分析による調査 最終報告書」~
http://www.ipa.go.jp/security/vuln/report/newthreat201007.html
Dell、中堅企業向けセキュリティソリューションを拡充
http://itpro.nikkeibp.co.jp/article/NEWS/20100729/350785/?ST=security
Microsoftのセキュリティ企業向け情報開示プログラム、Adobe製品の情報も提供へ
http://itpro.nikkeibp.co.jp/article/NEWS/20100729/350783/?ST=security
JVNVU#129889 OpenLDAP に複数の脆弱性
http://jvn.jp/cert/JVNVU129889/index.html
JVNVU#568637 Apple Safari における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU568637/index.html
The 2010 Verizon Data Breach Report is Out
http://isc.sans.edu/diary.html?storyid=9283
Symantec Data Loss Prevention KeyView Filter Memory Corruption Errors Let Remote Users Deny Service
http://securitytracker.com/alerts/2010/Jul/1024263.html
Symantec Mail Security KeyView Filter Memory Corruption Errors Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024262.html
IBM Lotus Notes Memory Corruption Errors in Various File Readers Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024261.html
LVM2 Missing Authentication in Cluster Local Volume Manager Lets Local Users Manage
Volumes in the Clusterhttp://securitytracker.com/alerts/2010/Jul/1024258.html
WM Downloader 3.1.2.2 2010.04.15 Buffer Overflow (SEH)
http://www.exploit-db.com/exploits/14497/
+ make 3.82 released
http://www.gnu.org/software/make/
http://ftp.gnu.org/pub/gnu/make/?C=M;O=D
- HPSBUX02556 SSRT100014 rev.2 - HP-UX Running rpc.ttdbserver, Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02288473
About the security content of Safari 5.0.1 and Safari 4.1.1
http://support.apple.com/kb/HT4276
Samba 3.6.0pre1 Available for Download
http://www.samba.org/
http://www.samba.org/samba/ftp/pre/WHATSNEW-3-6-0pre1.txt
http://news.samba.org/releases/3.6.0pre1/
Secunia : Autonomy KeyView Compound File Parsing Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33257
Secunia : Autonomy KeyView wkssr.dll Floating Point Conversion Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33258
Secunia : Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33259
Secunia : Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33260
Secunia : Autonomy KeyView wkssr.dll Integer Underflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33261
Secunia : Autonomy KeyView wkssr.dll String Indexing Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33262
Debian : DSA 2075-1 New xulrunner packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33255
Debian : DSA 2076-1 New gnupg2 packages fix potential code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33256
MajorSecurity : MajorSecurity SA-079 - PHPKIT WCMS - Multiple stored Cross Site Scripting Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33264
「ゼロデイ対策にはアカウントの使い分けが有効」――専門家が伝授
頻発するゼロデイ攻撃、原因の一つは「企業のセキュリティ向上」
http://itpro.nikkeibp.co.jp/article/NEWS/20100729/350782/?ST=security
JPCERT/CC WEEKLY REPORT
http://www.jpcert.or.jp/wr/2010/wr102801.html
JVNDB-2010-001739 x86_64 プラットフォーム上で稼動する RHEL の LibTIFF におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001739.html
JVNDB-2010-001738 LibTIFF の TIFFVStripSize 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001738.html
JVNDB-2010-001737 LibTIFF の TIFFYCbCrtoRGB 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001737.html
JVNDB-2010-001736 LibTIFF の TIFFRGBAImageGet 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001736.html
JVNDB-2010-001735 LibTIFF の TIFFExtractData マクロにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001735.html
JVNDB-2010-001734 iSNS 実装におけるバッファーオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001734.html
New vulnerabilities in Cetera eCommerce
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00257.html
Vulnerabilities in Cetera eCommerce
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00256.html
PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00254.html
[security bulletin] HPSBMA02549 SSRT090158 rev.2 - HP Insight Control Power Management for Windo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00255.html
Enterprise 4.0.1 - Multiple Low Risk Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00253.html
Secunia Research: Autonomy KeyView wkssr.dll Record Parsing Buffer Overflows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00252.html
Secunia Research: Autonomy KeyView wkssr.dll String Indexing Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00251.html
Secunia Research: Autonomy KeyView wkssr.dll Integer Underflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00250.html
Secunia Research: Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00249.html
Secunia Research: Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00247.html
Secunia Research: Autonomy KeyView wkssr.dll Floating Point Conversion Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00248.html
Secunia Research: Autonomy KeyView Compound File Parsing Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00246.html
Appointinator 1.0.1 Joomla Component Multiple Remote Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00244.html
[SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00242.html
[SECURITY] [DSA 2075-1] New xulrunner packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00243.html
Oracle announced GNOME Display Manager password disclosure weakness
http://isc.sans.edu/diary.html?storyid=9277
hsolinkcontrol Privilege Escalation Vulnerabilities
http://secunia.com/advisories/40713/
TYPO3 Front End User Registration Extension Password Security Issue
http://secunia.com/advisories/40753/
nuBuilder "GLOBALS[StartingDirectory]" File Inclusion Vulnerability
http://secunia.com/advisories/40744/
bozohttp Security Bypass Vulnerability
http://secunia.com/advisories/40737/
MediaWiki Information Disclosure and Cross-Site Scripting
http://secunia.com/advisories/40740/
KVIrc Failed DCC Handshake Notification Command Injection Vulnerability
http://secunia.com/advisories/40727/
Red Hat update for jboss-seam2
http://secunia.com/advisories/40741/
Internet Navigware Server Information Disclosure and Manipulation of Data
http://secunia.com/advisories/40738/
Zabbix PHP Frontend "formatQuery()" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40679/
JBoss Enterprise SOA Platform Multiple Security Issues
http://secunia.com/advisories/40681/
Sun Solaris GNOME Display Manager Password Disclosure Weakness
http://secunia.com/advisories/40690/
GNOME Display Manager Password Disclosure Weakness
http://secunia.com/advisories/40780/
IBM Tivoli Directory Server DB2 Password Information Disclosure
http://secunia.com/advisories/40734/
IBM AIX BIND DNSSEC Cache Poisoning Vulnerability
http://secunia.com/advisories/40730/
Cisco Multiple Products TLS Session Renegotiation Plaintext Injection
http://secunia.com/advisories/40747/
Symantec Products File Parsing Multiple Vulnerabilities
http://secunia.com/advisories/38830/
Lotus Notes File Parsing Multiple Vulnerabilities
http://secunia.com/advisories/38704/
Joomla! Appointinator Component "aid" SQL Injection Vulnerability
http://secunia.com/advisories/40779/
Red Hat update for w3m
http://secunia.com/advisories/40733/
Debian update for xulrunner
http://secunia.com/advisories/40724/
Debian update for gnupg2
http://secunia.com/advisories/40718/
Autonomy Keyview Multiple Vulnerabilities
http://secunia.com/advisories/38690/
Apple Safari Memory Corruption Errors Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024257.html
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024256.html
IBM SolidDB solid.exe Handshake Request Username Field Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/5DP3J2A20U.html
HP-UX Running rpc.ttdbserver Execution of Arbitrary Code vulnerability
http://www.securiteam.com/securitynews/5AP3G2A20O.html
Oracle Secure Backup Web Interface Post-Auth Command Injection Code Execution Vulnerabilities
http://www.securiteam.com/securitynews/5BP3H2A20A.html
HP Systems Insight Manager Execution of Arbitrary Code and Other Vulnerabilities
http://www.securiteam.com/securitynews/5CP3I2A20O.html
nuBuilder 10.04.20 Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7614
UPlusFTP Server v1.7.1.01 [ HTTP ] Remote Buffer Overflow [ Post Auth ]
http://www.exploit-db.com/exploits/14496/
Symantec AMS Intel Alert Handler Service Design Flaw
http://www.exploit-db.com/exploits/14492/
Apache Tomcat http://www.exploit-db.com/exploits/14489
Zemana AntiLogger AntiLog32.sys <= 1.5.2.755 Local Privilege Escalation Vulnerability http://www.exploit-db.com/exploits/14491/
QQPlayer smi File Buffer Overflow Exploit
http://www.exploit-db.com/exploits/14482/
Cisco Products Transport Layer Security Renegotiation Vulnerability
http://www.vupen.com/english/advisories/2010/1942
IBM Tivoli Directory Server DB2 Password Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/1941
IBM AIX Security Update Fixes BIND Cache Poisoning Vulnerability
http://www.vupen.com/english/advisories/2010/1940
IBM Lotus Notes Autonomy Keyview Buffer and Integer Overflows
http://www.vupen.com/english/advisories/2010/1939
Symantec Products Autonomy Keyview Buffer and Integer Overflows
http://www.vupen.com/english/advisories/2010/1938
Autonomy Keyview Multiple Buffer and Integer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2010/1937
Nessus Web Server Plugin Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1936
SAP NetWeaver "action" and "helpstring" Cross Site Scripting
http://www.vupen.com/english/advisories/2010/1935
Turbolinux Security Update Fixes CUPS Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1934
Mandriva Security Update Fixes Samba Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1933
Mandriva Security Update Fixes PHP Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1932
Debian Security Update Fixes GnuPG Use-after-free Vulnerability
http://www.vupen.com/english/advisories/2010/1931
Debian Security Update Fixes Xulrunner Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1930
Redhat Security Update Fixes JBoss Seam Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/1929
Redhat Security Update Fixes w3m Certificate Spoofing Vulnerability
http://www.vupen.com/english/advisories/2010/1928
Fedora Security Update Fixes libvirt Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/1927
Mundi Mail Multiple Remote Command Execution Vulnerabilities
http://www.securityfocus.com/bid/41957
RETIRED: Apple Safari Prior to 5.0.1 and 4.1.1 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/42020
ZABBIX 'formatQuery()' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/42017
OpenLDAP 'modrdn' Request Multiple Vulnerabilities
http://www.securityfocus.com/bid/41770
Easy FTP Server (AKA UplusFTP) 'Path' Parameter Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38321
OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39013
Multiple Mini-stream Software Products '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34494
Quiksoft EasyMail 'AddAttachment()' Method ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36440
IBM AIX FTP Server 'NLST' Command Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41762
EasyMail Objects 'emimap4.dll' ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36409
EasyMail Objects Connect Method Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/22583
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34800
Uiga Church Portal Multiple Vulnerabilities
http://www.securityfocus.com/bid/42011
RETIRED: Joomla! 'com_ninjamonial' Component 'Itemid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/41345
Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40884
Apple Safari Personal Address Book AutoFill Information Disclosure Weakness
http://www.securityfocus.com/bid/41884
HP Insight Control Power Management Unspecified Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/41578
IBM Tivoli Directory Server DB2 Password Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42015
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118
Multiple Java Runtime Implementations UTF-8 Input Validation Vulnerability
http://www.securityfocus.com/bid/30633
Autonomy KeyView Filter Module Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/41928
Pointdev IDEAL Migration & IDEAL Administration '.ipj' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39729
Mongoose Slash Character Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/42051
WebKit 'font-face' and 'use' Elements Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42049
WebKit JavaScript String Object Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42048
WebKit 'foreignObject' Elements Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42046
WebKit JavaScript Array Signedness Error Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42045
WebKit Element Focus Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42044
WebKit Just-In-Time Compiled JavaScript Stubs Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42043
WebKit Regular Expression Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42042
WebKit 'use' Element Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42041
Apple Safari RSS Feed Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42039
WebKit CVE-2010-1787 Floating Elements Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42038
WebKit ':first-letter' and ':first-line' Pseudo-Elements Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42037
WebKit CSS Counters Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42036
WebKit CVE-2010-1783 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42035
WebKit Inline Elements Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42034
Piwik 0.6 Through 0.6.3 Remote File Include Vulnerability
http://www.securityfocus.com/bid/42031
TYPO3 Core TYPO3-SA-2010-012 Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/42029
nuBuilder 'report.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/42027
KVIrc '\r' Carriage Return in DCC Handshake Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/42026
Jira Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/42025
MediaWiki 'profileinfo.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/42024
AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/42023
MediaWiki 'api.php' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42019
0 件のコメント:
コメントを投稿