InterScan Web Security Suite 3.1 Linux版 Patch 2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1453
ウイルスバスター コーポレートエディション 8.0 および 10.0 Critical Patch 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1459
JVNVU#278785 Devon IT 製品に複数の脆弱性
http://jvn.jp/cert/JVNVU278785/index.html
JVNVU#644319 Ghostscript の TrueType bytecode interpreter に脆弱性
http://jvn.jp/cert/JVNVU644319/index.html
JVN#12683004 SEIL/X シリーズおよび SEIL/B1 における IPv6 Unicast RPF 機能に関する脆弱性
http://jvn.jp/jp/JVN12683004/index.html
JVNDB-2010-000032 SEIL/X シリーズおよび SEIL/B1 における IPv6 Unicast RPF 機能に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000032.html
シマンテック、2011年版のセキュリティーソフトを発表
http://ascii.jp/elem/000/000/549/549707/
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
http://secunia.com/advisories/41087/
Adobe Shockwave Player Has Multiple Flaws That Let Remote Users Execute Arbitrary Code or Deny Service
http://securitytracker.com/alerts/2010/Aug/1024361.html
- MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
http://securitytracker.com/alerts/2010/Aug/1024360.html
Opera v10.61 DLL Hijacking Exploit (dwmapi.dll)
http://www.exploit-db.com/exploits/14732/
+ Dovecot 1.2.14, 2.0.1 released
http://www.dovecot.org/list/dovecot-news/2010-August/000168.html
http://www.dovecot.org/list/dovecot-news/2010-August/000169.html
+ MySQL Multiple Security Issues
http://secunia.com/advisories/41048/
MySQL Connector/ODBC 5.1.7 is available!
http://dev.mysql.com/downloads/connector/odbc/5.1.html
UPDATE: MS10-046 - Critical: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
http://www.microsoft.com/technet/security/bulletin/MS10-046.mspx?pubDate=2010-08-24
About Security Update 2010-005
http://support.apple.com/kb/HT4312
APSB10-20: Security update available for Shockwave Player
http://www.adobe.com/support/security/bulletins/apsb10-20.html
Firefox 4.0 Beta 4 released
http://www.mozilla.com/en-US/firefox/4.0b4/releasenotes/
Kernel release: 2.6.35.4-rc1
http://www.linux.org/news/2010/08/24/0004.html
Kernel release: 2.6.34.6-rc1
http://www.linux.org/news/2010/08/24/0003.html
Kernel release: 2.6.32.21-rc1
http://www.linux.org/news/2010/08/24/0002.html
Kernel release: 2.6.27.53-rc1
http://www.linux.org/news/2010/08/24/0001.html
Aditya K Sood : Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33516
Bkis : [Bkis-04-2010] Multiple Vulnerabilities (XSS, CSRF) in OpenBlog
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33520
Debian : [DSA 2095-1] New lvm2 packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33524
Mandriva : [MDVSA-2010:158] squirrelmail DoS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33512
Secunia : Mono libgdiplus Image Processing Three Integer Overflows
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33525
High-Tech Bridge SA : Directory Traversal in AutoFTP Manager
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33515
High-Tech Bridge SA : [HTB22565] Directory Traversal in 3D FTP Client
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33517
High-Tech Bridge SA : [HTB22567] Directory Traversal in FTPGetter
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33518
High-Tech Bridge SA : [HTB22563] XSS vulnerability in MAXdev
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33523
Mandriva : [MDVSA-2010:156] freetype2 buffer overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33510
Mandriva : [MDVSA-2010:157] freetype2 buffer overflow, DoS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33511
Salvatore "drosophila" Fresta : Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33522
Debian : [DSA 2094-1] New Linux 2.6.26 packages fix several issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33513
Mandriva : [MDVSA-2010:155] mysql server crash
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33509
NGENUITY : [NGENUITY-2010-007] Nagios XI Login XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33519
Secunia : Novell iPrint Client "call-back-url" Buffer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33521
YGN Ethical Hacker Group : phpMyAdmin 3.3.5 / 2.11.10 <= Cross Site Scripting (XSS) Vulnerability http://www.criticalwatch.com/support/security-advisories.aspx?AID=33514
=?UTF-8?B?dDLigLIxMCBDaGFsbGVuZ2UgdG8gYmUgcmVsZWFzZWQgMjAxMC0wOC0=?= =?UTF-8?B?MjggMTA6MDAgR
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00258.html
London DEFCON - DC4420 - August meet - Wednesday 25th August 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00255.html
[ MDVSA-2010:160 ] cacti
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00252.html
WinAppDbg 1.4 is out!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00257.html
[security bulletin] HPSBST02536 SSRT100057 rev.3 - HP StorageWorks Storage Mirroring, Local Unau
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00249.html
[security bulletin] HPSBGN02569 SSRT100200 rev.1 - HP MagCloud iPad App, Remote Unauthorized Acc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00247.html
ZDI-10-159: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00256.html
ZDI-10-158: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00243.html
ZDI-10-156: IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution Vulnerabilit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00245.html
ZDI-10-155: Cisco WebEx Player ARF String Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00250.html
TPTI-10-08: Novell iPrint Client Browser PluginGetDriverFile Uninitialized Pointer Remote Co
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00248.html
[ MDVSA-2010:159 ] gv
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00244.html
[ MDVSA-2010:159 ] gv
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00242.html
[ MDVSA-2010:159 ] gv
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00240.html
フィッシングの個人情報で偽造パスポート――ネットの闇市場で販売中
「偽造パスポートは5000ドル」、クレジットカードや免許証なども品ぞろえ
http://itpro.nikkeibp.co.jp/article/NEWS/20100825/351418/?ST=security
Windowsアプリへの新たな攻撃手法が発覚、多数の製品が影響を受ける
リモートのファイルを開くだけで被害の恐れ、悪質なDLLを読み込まされる
http://itpro.nikkeibp.co.jp/article/NEWS/20100825/351417/?ST=security
PUBLIC ADVISORY: 08.24.10: Adobe Shockwave Player Memory Corruption Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=878
JVNDB-2010-001866 LVM2 のクラスタ論理ボリュームマネージャデーモンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001866.html
JVNDB-2010-001865 Autonomy KeyView の WordPerfect 5.x reader (wosr.dll) におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001865.html
JVNDB-2010-001864 Autonomy KeyView の library におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001864.html
JVNDB-2010-001863 Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001863.html
JVNDB-2010-001862 Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001862.html
JVNDB-2010-001861 Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001861.html
JVNDB-2010-001860 Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001860.html
Vulnerability Note VU#644319: Ghostscript Heap Corruption in TrueType bytecode interpreter
http://www.kb.cert.org/vuls/id/644319
Vulnerability Note VU#278785: DevonIT weak authentication and buffer overflow in /usr/bin/tm-console-bin
http://www.kb.cert.org/vuls/id/278785
Mac OS X Bugs Let Remote Users Intercept TLS/SSL Connections, Impersonate Domain Names, and Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024359.html
HP MagCloud Lets Remote Users Gain Read and Write Access to Application Data
http://securitytracker.com/alerts/2010/Aug/1024357.html
Quagga BGP Daemon Denial of Service and Buffer Overflow Vulnerabilities
http://secunia.com/advisories/41038/
Cisco WebEx Player ARF Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/41039/
Sun Solaris Xorg Server Render Extension Memory Corruption Vulnerability
http://secunia.com/advisories/41049/
TYPO3 phpMyAdmin Extension Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/41042/
HP MagCloud Unauthorised Application Data Access Vulnerability
http://secunia.com/advisories/41062/
e107 Script Insertion and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/41034/
Joomla! Zoom Portfolio Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/41047/
Red Hat update for openoffice.org
http://secunia.com/advisories/41052/
MySQL Multiple Security Issues
http://secunia.com/advisories/41048/
Fedora update for ruby
http://secunia.com/advisories/41082/
Fedora update for php
http://secunia.com/advisories/41081/
Fedora update for openldap
http://secunia.com/advisories/41061/
Fedora update for kernel
http://secunia.com/advisories/41080/
Fedora update for kernel
http://secunia.com/advisories/41091/
netbsd/freebsd Coda Filesystem Kernel Memory Disclosure
http://securityreason.com/securityalert/7685
Remote Binary Planting in Apple iTunes for Windows
http://securityreason.com/securityalert/7684
linux kernel 2.6.33.7 integer overflow in ext4_ext_get_blocks()
http://securityreason.com/securityalert/7683
Lynx 2.8.8 dev4 heap overflow
http://securityreason.com/securityalert/7682
ssmtp 2.62 standardise() Buffer overflow
http://securityreason.com/securityalert/7681
Sun Security Update Fixes Xorg server Render Extension Vulnerability
http://www.vupen.com/english/advisories/2010/2157
Fedora Security Update Fixes Uzbl Shell Command Injection Vulnerability
http://www.vupen.com/english/advisories/2010/2156
Fedora Security Update Fixes OpenLDAP Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2155
Fedora Security Update Fixes Kernel Privilege Escalation and DoS
http://www.vupen.com/english/advisories/2010/2154
Fedora Security Update Fixes PHP Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2153
Fedora Security Update Fixes Ruby WEBrick Cross Site Scripting
http://www.vupen.com/english/advisories/2010/2152
Fedora Security Update Fixes Moodle Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2151
Fedora Security Update Fixes phpMyAdmin Cross Site Scripting
http://www.vupen.com/english/advisories/2010/2150
Redhat Security Update Fixes OpenOffice.org Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2149
Debian Security Update Fixes lvm2 Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/2148
Mandriva Security Update Fixes GNU gv Insecure Temporary File
http://www.vupen.com/english/advisories/2010/2147
Mandriva Security Update Fixes SquirrelMail Denial of Service
http://www.vupen.com/english/advisories/2010/2146
Microsoft Windows Movie Maker <= 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx) http://www.exploit-db.com/exploits/14731
Firefox <= 3.6.8 DLL Hijacking Exploit (dwmapi.dll)
http://www.exploit-db.com/exploits/14730
Windows Live Email DLL Hijacking Exploit (dwmapi.dll)
http://www.exploit-db.com/exploits/14728
Foxit Reader <= 4.0 pdf Jailbreak Exploit
http://www.exploit-db.com/exploits/14727
uTorrent <= 2.0.3 DLL Hijacking Exploit (plugin_dll.dll)
http://www.exploit-db.com/exploits/14726
Microsoft Power Point 2010 DLL Hijacking Exploit (pptimpconv.dll)
http://www.exploit-db.com/exploits/14723
Wireshark <= 1.2.10 DLL Hijacking Exploit (airpcap.dll)
http://www.exploit-db.com/exploits/14721
0 件のコメント:
コメントを投稿