RHBA-2010:0522-1: exim bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0522.html
Websense、30日間無料試用で情報漏えい防止ソフト普及を推進
http://itpro.nikkeibp.co.jp/article/NEWS/20100709/350118/?ST=security
遠隔コード実行対策が4件、Microsoftの7月定例アップデート予告
http://itpro.nikkeibp.co.jp/article/NEWS/20100709/350098/?ST=security
LibTIFF multiple vulns
http://securityreason.com/securityalert/7566
multiple http client unexpected download filename
http://securityreason.com/securityalert/7566
+ BIND 9.7.1-P1 released
https://www.isc.org/software/bind/971-p1
http://ftp.isc.org/isc/bind9/9.7.1-P1/9.7.1-P1
+ Apache Tomcat 6.0.28 released
http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.28
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html
+ High: Transfer-Encoding denial of service vulnerability
http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.28
+ Low: Information disclosure in authentication headers
http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.28
+ RHSA-2010:0519-1: Important: libtiff security update
http://rhn.redhat.com/errata/RHSA-2010-0519.html
+ RHSA-2010:0520-1: Important: libtiff security update
http://rhn.redhat.com/errata/RHSA-2010-0520.html
+ CVE-2010-0421 Array index error in Pango related to GDEF tables Denial of Service (DoS)
http://blogs.sun.com/security/entry/cve_2010_0740_array_index
+ Linux Kernel CVE-2010-2066 Donor File Security Bypass Vulnerability
http://www.securityfocus.com/bid/41466
- Linux Kernel 'pppol2tp_xmit' Null Pointer Deference Denial of Service Vulnerability
http://www.securityfocus.com/bid/41077
[ANNOUNCE] Apache Ivy 2.2.0-rc1 released
http://ant.apache.org/ivy/
Oracle Critical Patch Update Pre-Release Announcement - July 2010
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html
Microsoft Security Bulletin Advance Notification for July 2010
http://www.microsoft.com/technet/security/bulletin/ms10-jul.mspx
RHBA-2010:0509-1: yum-utils bug fix updateyum-utils bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0509.html
RHBA-2010:0510-1: lvm2 bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0510.html
RHBA-2010:0513-1: gnupg bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0513.html
RHBA-2010:0515-1: xen bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0515.html
RHBA-2010:0512-1: pam bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0512.html
RHEA-2010:0511-1: openssh enhancement update
http://rhn.redhat.com/errata/RHEA-2010-0511.html
Independent Researcher : Real Player 0day for WinXP
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33065
SuSE : Acrobat Reader
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33063
Ubuntu Security Notice : libpng vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33062
Cisco : Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33064
XSS vulnerability in CruxCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00056.html
XSS vulnerability in CruxCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00054.html
XSS vulnerability in CruxPA
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00055.html
XSS vulnerability in CruxPA
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00053.html
XSS vulnerability in CruxPA
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00051.html
XSS vulnerability in CruxPA
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00052.html
[USN-960-1] libpng vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00050.html
[scip_Advisory 4143] Shemes Grabbit Malicious NZB Date Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00059.html
[USN-959-1] PAM vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00049.html
Pligg Installation File XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00061.html
半年で1000万種類のウイルスが出現、ほとんどは「亜種」
米マカフィーが報告、累計では4000万種類以上
http://itpro.nikkeibp.co.jp/article/Research/20100708/350081/?ST=security
「62%の子供がネット上で好ましくない経験」---米Symantecのメリット氏
http://itpro.nikkeibp.co.jp/article/NEWS/20100708/350075/?ST=security
JVNVU#346351 LibTIFF に脆弱性
http://jvn.jp/cert/JVNVU346351/index.html
JVNDB-2010-001650 Apple Mac OS X の iChat におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001650.html
JVNDB-2010-001649 Apple Mac OS X のヘルプビューアにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001649.html
JVNDB-2010-001648 Apple Mac OS X の Folder Manager における任意のフォルダを削除される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001648.html
JVNDB-2010-001647 Apple Mac OS X の DesktopServices におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001647.html
JVNDB-2010-001646 Apple Mac OS X 上で稼働する CUPS における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001646.html
JVNDB-2010-001645 Apple Mac OS X 上で稼働する CUPS におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001645.html
JVNDB-2010-001644 Apache HTTP Server の mod_proxy_http における、重要なレスポンスを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001644.html
JVNDB-2010-001503 rpc.pcnfsd の _msgout 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001503.html
JVNDB-2009-002474 PHP におけるスーパーグローバル配列 SESSION の割り込み領域が破壊される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002474.html
JVNDB-2009-002473 PHP の htmlspecialchars 関数におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002473.html
JVNDB-2009-002404 PHP における multipart/form-data POST リクエストの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002404.html
JVNDB-2009-002402 PHP の tempnam 関数における safe_mode の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002402.html
New poll on MSRC
http://isc.sans.edu/diary.html?storyid=9145
Pirate Bay account database compromised
http://isc.sans.edu/diary.html?storyid=9148
Ubuntu privilege escalation via PAM
http://isc.sans.edu/diary.html?storyid=9151
iSCSI Enterprise Target Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024175.html
Ubuntu update for libpng
http://secunia.com/advisories/40472/
Podcast Generator "filename" Directory Traversal Vulnerability
http://secunia.com/advisories/40467/
SUSE update for acroread
http://secunia.com/advisories/40487/
Sijio Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/40492/
Pligg "username" SQL Injection Vulnerability
http://secunia.com/advisories/40516/
Cisco Industrial Ethernet 3000 Hardcoded SNMP Community Names
http://secunia.com/advisories/40407/
IBM BladeCenter Advanced Management Module Multiple Vulnerabilities
http://secunia.com/advisories/40445/
Ghost Recon Advanced Warfighter Two Vulnerabilities
http://secunia.com/advisories/40465/
Ubuntu update for pam
http://secunia.com/advisories/40512/
Drupal Hierarchical Select Module Script Insertion Vulnerability
http://secunia.com/advisories/40440/
Drupal MultiSafepay Integration Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/40469/
Fedora update for python-mako
http://secunia.com/advisories/40510/
Cisco IE 3000 Hard-Coded SNMP Community Names Vulnerability
http://www.vupen.com/english/advisories/2010/1754
IBM BladeCenter Advanced Management Module Vulnerabilities
http://www.vupen.com/english/advisories/2010/1753
Fedora Security Update Fixes RPM Package Manager Vulnerabilities
http://www.vupen.com/english/advisories/2010/1752
Fedora Security Update Fixes Bugzilla Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/1751
Fedora Security Update Fixes Mako Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1750
Turbolinux Security Update Fixes Samba Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1749
Mandriva Security Update Fixes Heimdal Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1748
Ubuntu Security Update Fixes PAM Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/1747
Sun Java Web Server 7.0 u7 Exploit with DEP bypass
http://www.exploit-db.com/exploits/14287/
Real Player 12.0.0.879 0day for WinXP
http://www.exploit-db.com/exploits/14275/
UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution - OSX Snow Leopard (ROP)
http://www.exploit-db.com/exploits/14272/
FathFTP 1.7 ActiveX Buffer Overflow
http://www.exploit-db.com/exploits/14269/
EA Battlefield 2 and Battlefield 2142 Multiple Arbitrary File Upload Vulnerabilities
http://www.exploit-db.com/exploits/14267/
Ubuntu PAM MOTD File Tampering (Privilege Escalation)
http://www.exploit-db.com/exploits/14273/
Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/41462
Ubisoft Ghost Recon Advanced Warfighter Integer Overflow and Array Indexing Overflow Vulnerabilities
http://www.securityfocus.com/bid/41459
Pithcms Multiple File Include Vulnerabilities
http://www.securityfocus.com/bid/41461
Linux Kernel GFS/GFS2 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39101
W3M NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/40837
Linux Kernel 'btrfs' File Permissions Security Bypass Vulnerability
http://www.securityfocus.com/bid/41467
Linux Kernel ethtool 'info.rule_cnt' Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41223
Linux Kernel 'pppol2tp_xmit' Null Pointer Deference Denial of Service Vulnerability
http://www.securityfocus.com/bid/41077
Linux Kernel 'find_keyring_by_name()' Local Memory Corruption Vulnerability
http://www.securityfocus.com/bid/39719
Ghostscript 'gs_init.ps' With '-P-' Flag Search Path Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/40467
Ghostscript Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/40426
CruxCMS 'search.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/27588
Cisco Unified MeetingPlace Web Conference Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/25237
OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40502
Joomla! ArtForms Component Multiple Vulnerabilities
http://www.securityfocus.com/bid/41457
Cisco Unified MeetingPlace Web Conference Login Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/26364
LibTIFF Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/41088
LibTIFF Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/41295
LibTIFF FAX3 Decoder Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40823
Mini-stream Ripper '.pls' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41332
35mmslidegallery Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/18414
iSCSI Enterprise Target Multiple Implementations iSNS Message Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41327
Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40884
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
Mini-stream Software CastRipper '.pls' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40626
Pango Glyph Definition Table Denial of Service Vulnerability
http://www.securityfocus.com/bid/38760
PAM MOTD Module Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/41465
CUPS Web Interface Unspecified Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/40889
CUPS Web Interface Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40897
CUPS 'cupsDoAuthentication()' Infinite Loop Denial of Service Vulnerability
http://www.securityfocus.com/bid/41126
CUPS 'cupsFileOpen' function Symlink Attack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/41131
CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability
http://www.securityfocus.com/bid/40943
Adobe Acrobat and Reader (CVE-2010-2208) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41244
Adobe Acrobat and Reader Flash Content Parsing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41245
Adobe Acrobat and Reader CVE-2010-2211 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41243
Adobe Acrobat and Reader CVE-2010-2210 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41242
Adobe Acrobat and Reader 'AcroForm.api' GIF Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41241
Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41240
Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41239
Adobe Acrobat and Reader 'newfunction' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41236
Adobe Acrobat and Reader 'AcroForm.api' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41238
Adobe Acrobat and Reader CVE-2010-2203 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41235
Adobe Acrobat and Reader 'pushstring' and 'debugfile' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41237
Adobe Acrobat and Reader 'newclass' Flash Content Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41232
Adobe Acrobat and Reader CLOD Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41234
Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/41231
Adobe Acrobat and Reader CVE-2010-1295 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41230
Adobe Flash Player, Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40586
Linux Kernel GFS2 File Attribute Security Bypass Vulnerability
http://www.securityfocus.com/bid/40356
Linux Kernel Btrfs Cloned File Security Bypass Vulnerability
http://www.securityfocus.com/bid/40241
Avahi 'avahi-core/socket.c' Zero Size Packet Denial Of Service Vulnerability
http://www.securityfocus.com/bid/41075
UFO: Alien Invasion IRC Client Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/41004
Microsoft Windows Help And Support Center Trusted Document Whitelist Bypass Vulnerability
http://www.securityfocus.com/bid/40725
EA Battlefield 2 and Battlefield 2142 Multiple Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/41262
PG Social Networking 'myprofile.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/41489
Clicktech ClickGallery 'gallery.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41487
Joomla! Music Manager Component 'album.html' Local File Include Vulnerability
http://www.securityfocus.com/bid/41485
Grabit 'NZB' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41483
Oracle July 2010 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/41482
LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/41480
Microsoft July 2010 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/41474
Podcast Generator 'download.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/41473
Linux Kernel CVE-2010-2066 Donor File Security Bypass Vulnerability
http://www.securityfocus.com/bid/41466
0 件のコメント:
コメントを投稿