+ MySQL 5.1.50 released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html
+ vsftpd 2.3.1 released
http://vsftpd.beasts.org/
- Bind 9.5.3 Beta 1 リリース
http://ftp.isc.org/isc/bind9/9.5.3b1/9.5.3b1
「ウイルスバスター会員契約更新のご案内」のダイレクトメール記載内容の訂正について
http://www.trendmicro.co.jp/support/news.asp?id=1458
ウイルスバスター コーポレートエディションにおける検索エンジンロールバック機能使用時の問題について
http://www.trendmicro.co.jp/support/news.asp?id=1457
UPDATE: MS10-058 - Important: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)
http://www.microsoft.com/technet/security/bulletin/MS10-058.mspx?pubDate=2010-08-18
UPDATE: MS10-055 - Critical: Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)
http://www.microsoft.com/technet/security/bulletin/MS10-055.mspx?pubDate=2010-08-12
Trend Micro Security (for Mac) 1.5 Service Pack 2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1452
Debian : [DSA 2092-1] New lxr-cvs packages fix cross-site scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33474
Windows Kernel win32k!GreStretchBltInternal() Bug Lets Local Users Deny Service
http://securitytracker.com/alerts/2010/Aug/1024345.html
Linux Kernel Stack Memory Management Lets Local Users Gain Root Privileges
http://securitytracker.com/alerts/2010/Aug/1024344.html
+ Sudo 1.7.4p3 released
http://www.sudo.ws/sudo/news.html
http://www.sudo.ws/sudo/stable.html#1.7.4p3
http://www.sudo.ws/sudo/changes.html
+ FreeBSD "setusercontext()" Security Bypass Vulnerability
http://secunia.com/advisories/40923/
http://www.securityfocus.com/bid/42533
+ PHP 'ibase_gen_id()' Function off-by-one Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42516
http://www.exploit-db.com/exploits/14678/
+ Linux Kernel 'net/sched/act_*.c' File Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42529
- Microsoft Windows win32k.sys Driver "GreStretchBltInternal()" Vulnerability
http://secunia.com/advisories/41029/
HPSBST02536 SSRT100057 rev.2 - HP StorageWorks Storage Mirroring, Remote Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02056045
HPSBMA02477 SSRT090177 rev.5 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01926980
HPSBMA02424 SSRT080125 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01723303
Linux Kernel release: 2.6.35.3-rc1
http://www.linux.org/news/2010/08/18/0004.html
Linux Kernel release: 2.6.34.5-rc1
http://www.linux.org/news/2010/08/18/0003.html
Linux Kernel release: 2.6.32.20-rc1
http://www.linux.org/news/2010/08/18/0002.html
Linux Kernel release: 2.6.27.52-rc3
http://www.linux.org/news/2010/08/18/0001.html
Update: Vulnerability in Citrix Online Plug-Ins and ICA Clients Could Result in Arbitrary Code Execution
http://support.citrix.com/article/CTX125975
HP、企業向けセキュリティのFortify Softwareを買収へ
http://itpro.nikkeibp.co.jp/article/NEWS/20100818/351219/?ST=security
ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #-1)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00207.html
Better Security Through Sacrificing Maidens
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00209.html
Web Tool Announcement: ismymailsecure.com
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00208.html
Medium security hole in Rekonq web browser
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00204.html
JPCERT/CC WEEKLY REPORT
http://www.jpcert.or.jp/wr/2010/wr103101.html
JVNDB-2010-001840 PHP の SplObjectStorage における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001840.html
JVNDB-2010-001839 PHP の phar 拡張における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001839.html
JVNDB-2010-001838 PHP の sqlite_single_query および sqlite_array_query 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001838.html
JVNDB-2010-001837 PHP の dechunk フィルタにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001837.html
JVNDB-2010-001836 PHP におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001836.html
JVNDB-2010-001835 PHP の chunk_split 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001835.html
JVNDB-2010-001740 Apache Tomcat における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001740.html
JVNDB-2010-001727 Linux kernel の do_gfs2_set_flags 関数におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001727.html
JVNDB-2010-001725 Linux kernel の Transparent Inter-Process Communication 機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001725.html
JVNDB-2010-001724 Linux kernel の fs/nfs/pagelist.c における脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001724.html
JVNDB-2010-001723 Linux kernel の nfs_wait_on_request 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001723.html
JVNDB-2010-001722 Linux kernel の wake_futex_pi 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001722.html
JVNDB-2010-001721 Linux kernel における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001721.html
JVNDB-2010-001665 Linux kernel の find_keyring_by_name 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001665.html
JVNDB-2010-001664 Linux kernel の sctp_process_unk_param 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001664.html
JVNDB-2010-001071 Apache Tomcat におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001664.html
JVNDB-2010-001070 Apache Tomcat におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001070.html
Adobe out-of-cycle Updates
http://isc.sans.edu/diary.html?storyid=9421
Debian : [DSA 2092-1] New lxr-cvs packages fix cross-site scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33474
InterPhoto Gallery Two Vulnerabilities
http://secunia.com/advisories/40471/
Red Hat update for kernel-rt
http://secunia.com/advisories/41023/
SUSE update for kernel
http://secunia.com/advisories/40984/
Mollify Information Disclosure Vulnerabilities
http://secunia.com/advisories/41019/
FreeBSD "setusercontext()" Security Bypass Vulnerability
http://secunia.com/advisories/40923/
Serv-U Security Bypass and Denial of Service
http://secunia.com/advisories/41018/
Serv-U Security Bypass and Denial of Service
http://secunia.com/advisories/41018/
A-PDF WAV to MP3 Converter File Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/41032/
Ubuntu update for koffice
http://secunia.com/advisories/41033/
KOffice PDF Import Filter Multiple Vulnerabilities
http://secunia.com/advisories/41033/
Microsoft Windows win32k.sys Driver "GreStretchBltInternal()" Vulnerability
http://secunia.com/advisories/41029/
Debian update for lxr-cvs
http://secunia.com/advisories/41010/
Free Simple CMS Remote File Inclusion Vulnerability
http://secunia.com/advisories/41001/
Apache CouchDB Cross-Site Request Forgery
http://secunia.com/advisories/40998/
Ubuntu update for freetype
http://secunia.com/advisories/40982/
Microsoft Windows Missed ACE Bounds Checks (MS10-047)
http://securityreason.com/securityalert/7671
Microsoft Windows nt!NtCreateThread Race Condition (MS10-047)
http://securityreason.com/securityalert/7670
Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
http://securityreason.com/securityalert/7669
Tycoon(CMS) 1.0.9 Record Script Sql vulnerability
http://securityreason.com/securityalert/7668
Open blog 1.2.1 XSRF (CSRF)
http://securityreason.com/securityalert/7667
Open Blog 1.2.1 XSS vulnerability
http://securityreason.com/securityalert/7666
DiamondList 0.1.6 XSRF (CSRF)
http://securityreason.com/securityalert/7665
DiamondList XSS vulnerability
http://securityreason.com/securityalert/7664
Opera "Download" Dialog File Execution Security Issue
http://securityreason.com/securityalert/7663
Palm webOS vCard Processing Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024342.html
Blue Coat ProxySG Privilege Enforcement Mechanism Can Be Bypassed By Remote Authenticated Administrators
http://securitytracker.com/alerts/2010/Aug/1024341.html
A-PDF WAV to MP3 v1.0.0 Universal Local SEH Exploit
http://www.exploit-db.com/exploits/14681/
RockN Wav Editor 1.8 Denial of Service Vulnerability
http://www.exploit-db.com/exploits/14685
Httpdx 1.5.4 Multiple Denial of Service Vulnerabilities (http-ftp)
http://www.exploit-db.com/exploits/14683
Edit v4.6.1.0 Denial of Service Vulnerability
http://www.exploit-db.com/exploits/14679
PHP 5.3.3 ibase_gen_id() off-by-one Overflow Vulnerability
http://www.exploit-db.com/exploits/14678
Linux Kernel Stack Memory Management Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2113
Apache Geronimo Code Execution and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2112
Blue Coat ProxySG Privilege Enforcement Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/2111
Redhat Security Update Fixes Kernel Code Execution and DoS Issues
http://www.vupen.com/english/advisories/2010/2110
Debian Security Update Fixes lxr-cvs Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2109
Turbolinux Security Update Fixes phpMyAdmin Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2109
Ubuntu Security Update Fixes KOffice Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2107
Ubuntu Security Update Fixes FreeType Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2010/2106
Ubuntu Security Update Fixes OpenJDK IcedTea Vulnerabilities
http://www.vupen.com/english/advisories/2010/2105
Pico MP3 Player Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40303
httpdx Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/38718
Websense 'Via' HTTP Header Web Filtering Security Bypass Vulnerability
http://www.securityfocus.com/bid/40465
FoxMediaTools FoxPlayer '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38127
Libpng 1-bit Interlaced Images Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35233
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
OpenLDAP 'modrdn' Request Multiple Vulnerabilities
http://www.securityfocus.com/bid/41770
OpenLDAP X.509 Certificate NULL Character Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36844
Linux Kernel VM/VFS 'invalidatepage()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39569
PHP 'ibase_gen_id()' Function off-by-one Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42516
Smarty Template Engine 'function.math.php' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34918
Smarty Template Engine 'Smarty_Compiler.class.php' Security Bypass Vulnerability
http://www.securityfocus.com/bid/31862
Drupal Simplenews Content Selection Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/42540
FreeBSD 'setusercontext()' Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/42533
Linux Kernel 'net/sched/act_*.c' File Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42529
Mollify Authentication Bypass Vulnerability and Multiple Information Disclosure Weaknesses
http://www.securityfocus.com/bid/42526
Adersoft VbsEdit '.vbs' File Denial Of Service Vulnerability
http://www.securityfocus.com/bid/42525
0 件のコメント:
コメントを投稿