+ J2SE JDK/JRE 1.6.0_21 released
http://java.sun.com/javase/6/webnotes/6u21.html
+ Cisco Security Advisory: Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100707-snmp.shtml
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00040.html
http://securitytracker.com/alerts/2010/Jul/1024173.html
http://www.securityfocus.com/bid/41436
[ANNOUNCE] AnySQL Maestro 10.7 released
http://www.sqlmaestro.com/products/anysql/maestro/
An IP(7P) Spoofing Security Vulnerability in Mid-range Sun Fire Server's Firmware May Allow Unauthorized Access to System Controllers
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019814.1-1
Postfix 2.7.2 stable release candidate 2 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.7.2-RC2.HISTORY
Postfix 2.8 Snapshot 20100707 released
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100707.HISTORY
高負荷状態のサーバを監視した場合、パフォーマンスカウンタ監視が失敗することがある
http://www.say-tech.co.jp/support/bom-for-windows/post-39/index.shtml
DeepSec 2010 - Call for Papers - REMINDER
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00036.html
ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00042.html
RunCMS XSS Vulnerability via User Agent
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00043.html
Pligg Installation File XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00048.html
MODx Installation File XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00041.html
Exponent Slideshow XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00047.html
DCP-Portal Multiple XSS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00039.html
[ MDVSA-2010:130 ] heimdal
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00038.html
[ MDVSA-2010:129 ] heimdal
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00045.html
Cisco Security Advisory: Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Serie
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00040.html
Sandbox 2.0.3 Multiple Remote Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00044.html
[ MDVSA-2010:128 ] lftp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00046.html
電話で「ウイルスに感染してますよ」、技術サポートを売り込む詐欺
偽のセキュリティ問題をリストアップ、「解消したければ契約を」
http://itpro.nikkeibp.co.jp/article/NEWS/20100708/350060/?ST=security
JVNDB-2010-001643 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001643.html
JVNDB-2010-001642 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001642.html
JVNDB-2010-001641 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001641.html
JVNDB-2010-001640 Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001640.html
JVNDB-2010-001639 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001639.html
JVNDB-2010-001638 Adobe Flash Player および Adobe AIR における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001638.html
JVNDB-2010-001637 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001637.html
JVNDB-2010-001636 Adobe Flash Player および Adobe AIR における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001636.html
JVNDB-2010-001635 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001635.html
JVNDB-2010-001634 Adobe Flash Player および Adobe AIR におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001634.html
JVNDB-2010-001633 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001633.html
JVNDB-2010-001632 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001632.html
JVNDB-2010-001631 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001631.html
JVNDB-2010-001630 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001630.html
JVNDB-2010-001629 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001629.html
JVNDB-2010-001071 Apache Tomcat におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001071.html
JVNDB-2010-001070 Apache Tomcat におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001070.html
JVNDB-2009-002405 PHP の proc_open 関数における任意の環境でプログラムを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002405.html
JVNDB-2009-002356 Apache Tomcat の Windows インストーラにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002356.html
JVNDB-2009-002179 PHP における exif のチェックに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002179.html
JVNDB-2009-002178 PHP の php_openssl_apply_verification_policy 関数における証明書の検証処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002178.html
JVNDB-2009-002177 PHP の imagecolortransparent 関数におけるカラーインデックスの処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002177.html
JVNDB-2009-001875 PHP の exif_read_data 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001875.html
JVNDB-2008-001963 SSH 通信において一部データが漏えいする可能性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001963.html
JVNDB-2008-001577 OpenSSH における X11 転送ポートをハイジャックされる脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001577.html
Independent Researcher : Citibank CitiDirect - forced usage of vulnerable version of Java Runtime Environment
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33056
Independent Researcher : pam_captcha username harvest vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33057
Mandriva : lftp
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33054
SuSE : IBM Java 5
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33055
Facebook, Facebook, What Do YOU See?
http://isc.sans.edu/diary.html?storyid=9142
Ruby "ARGF.inplace_mode" Buffer Overflow Vulnerability
http://secunia.com/advisories/40442/
Sandbox Multiple Vulnerabilities
http://secunia.com/advisories/40447/
Fedora update for avahi
http://secunia.com/advisories/40480/
Avahi DNS Denial of Service Vulnerability
http://secunia.com/advisories/40470/
Joomla AutarTimonial Component "limit" SQL Injection Vulnerability
http://secunia.com/advisories/40449/
Fedora update for mediawiki
http://secunia.com/advisories/40477/
Fedora update for mediawiki
http://secunia.com/advisories/40436/
Xlight FTP Server "SFTP" Directory Traversal Vulnerability
http://secunia.com/advisories/40473/
Suse update for java-1_5_0-ibm
http://secunia.com/advisories/40489/
Panda Anti-Rootkit RKPavProc.sys IOCTL Handling Privilege Escalation
http://secunia.com/advisories/40506/
Panda Products RKPavProc.sys IOCTL Handling Privilege Escalation
http://secunia.com/advisories/40462/
Unreal Engine "UGameEngine::UpdateConnectingMessage()" Buffer Overflow
http://secunia.com/advisories/40466/
Ubuntu update for thunderbird
http://secunia.com/advisories/40372/
Fedora update for mingw32-libtiff
http://secunia.com/advisories/40478/
Fedora update for rpm
http://secunia.com/advisories/40488/
Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities
http://securityreason.com/securityalert/7564
EA Battlefield 2 and Battlefield 2142 Multiple Arbitrary File Upload Vulnerabilities
http://securityreason.com/securityalert/7563
REVISION: iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities
http://securityreason.com/securityalert/7562
Qt 4.6.3 "QSslSocketBackendPrivate::transmit()" Denial of Service
http://securityreason.com/securityalert/7561
Cisco Industrial Ethernet 3000 Series Switch Default SNMP Credentials Let Remote Users Access the Device
http://securitytracker.com/alerts/2010/Jul/1024173.html
RHBA-2010:0507-1: up2date bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0507.html
Panda Products "RKPavProc.sys" Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/1746
BrotherScripts Auction "id" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1745
BrotherScripts Auto Classifieds "id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1744
BrotherScripts Business Directory "id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1743
BrotherScripts Events Directory "id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1742
RightInPoint Lyrics V3 engine "artist_id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1741
Pre Multi-Vendor Shopping Malls "username" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1740
AutarTimonial for Joomla "limit" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1739
NeoRecruit for Joomla "Itemid" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1738
Sandbox SQL Injection and Arbitrary File Upload Vulnerabilities
http://www.vupen.com/english/advisories/2010/1737
Novell ZENworks Linux Management Tomcat Vulnerabilities
http://www.vupen.com/english/advisories/2010/1736
Fedora Security Update Fixes Avahi Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1735
Fedora Security Update Fixes MediaWiki Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1734
Fedora Security Update Fixes Libtool fastjar Directory Traversal Issue
http://www.vupen.com/english/advisories/2010/1733
Fedora Security Update Fixes gcc fastjar Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2010/1732
Fedora Security Update Fixes MinGW32-LibTIFF Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1731
Fedora Security Update Fixes RPM Package Manager Vulnerabilities
http://www.vupen.com/english/advisories/2010/1730
SuSE Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1729
Ubuntu Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1728
Mandriva Security Update Fixes lftp File Overwrite Vulnerability
http://www.vupen.com/english/advisories/2010/1727
Hero DVD Remote Buffer Overflow Exploit
http://www.exploit-db.com/exploits/14257/
GSM SIM Utility Local Exploit Direct Ret ver.
http://www.exploit-db.com/exploits/14258/
HP NNM 7.53 ovwebsnmpsrv.exe Buffer Overflow (SEH)
http://www.exploit-db.com/exploits/14256/
CMS ISWEB SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/32823
Mako 'cgi.escape()' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/41278
Bugzilla 'time-tracking' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41141
RPM Package Update File Attribute Security Bypass Vulnerability
http://www.securityfocus.com/bid/40512
Mozilla Firefox/SeaMonkey Attachment With Content-Disposition HTTP Header Bypass Vulnerability
http://www.securityfocus.com/bid/41103
Mozilla Firefox and SeaMonkey Plugin Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41102
Mozilla Thunderbird Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38831
MIT Kerberos 5 Multiple Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/19427
MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40235
CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability
http://www.securityfocus.com/bid/40943
CUPS Web Interface Unspecified Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/40889
CUPS Web Interface Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40897
Mozilla Firefox/Thunderbird/SeaMonkey XSLT Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41082
Mozilla Firefox CVE-2010-1200 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41090
Unreal Engine 'UpdateConnectingMessage()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41424
Sandbox Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/41420
CastRipper '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34915
Avahi 'avahi-core/socket.c' Zero Size Packet Denial Of Service Vulnerability
http://www.securityfocus.com/bid/41075
EvoCam HTTP GET Request Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40489
HP OpenView Network Node Manager CVE-2010-1964 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40873
Worxware DCP-Portal Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/41453
Drupal MultiSafepay Integration Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/41451
Drupal Hierarchical Select Module Multiple Unspecified HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/41450
Altair Engineering PBS Pro 'pbs_mom' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/41449
RunCms 'check.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/41448
Exponent CMS 'slideshow.js.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/41447
Cisco Industrial Ethernet 3000 Series Switches Hardcoded SNMP Community Names Security Vulnerability
http://www.securityfocus.com/bid/41436
Simple Document Management System 'detail.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41431
Sijio SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/41430
Panda Multiple Products 'RKPavProc.sys' IOCTL Request Multiple Vulnerabilities
http://www.securityfocus.com/bid/41428
Green Shop 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41425
Hero DVD Player Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41423
0 件のコメント:
コメントを投稿