phpMyAdmin 3.3.6 is released
http://sourceforge.net/news/?group_id=23067&id=291082http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.3.6%2FphpMyAdmin-3.3.6-notes.html/view
Squid 3.1.7 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_7.html
Squid 3.1.6 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_6.html
Postfix 2.8-20100829-nonprod
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100829-nonprod.HISTORY
プレス発表
デジタル複合機の脆弱性に関する調査報告書の公開
~多機能化するデジタル複合機に潜む脆弱性の多角的な調査~
http://www.ipa.go.jp/about/press/20100830.html
JPCERT/CC WEEKLY REPORT 2010-08-25
http://www.jpcert.or.jp/wr/2010/wr103201.html
McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution
http://www.exploit-db.com/exploits/14818/
+ Linux kernel 2.6.27.53, 2.6.32.21, 2.6.34.6, 2.6.35.4 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4
- Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml
Postfix 2.8 Snapshot 20100827
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100827.HISTORY
CommandCentral Storage (CCS) 5.1.1 Managed Host (MH) installation or un-installation can cause some Storage Foundation for Windows (SFW) 5.x features to stop working.
http://seer.entsupport.symantec.com/docs/358390.htm
Check Point Software Technologies : [CVE-2010-1801] Apple CoreGraphics (Preview) Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33565
High-Tech Bridge SA : [HTB22586] SQL injection vulnerability in CompuCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33566
High-Tech Bridge SA : [HTB22584] XSS vulnerability in CompuCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33567
High-Tech Bridge SA : [HTB22568] XSS vulnerability in Webmatic
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33568
High-Tech Bridge SA : [HTB22570] XSRF (CSRF) in Webmatic
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33569
High-Tech Bridge SA : [HTB22564] XSS vulnerability in Auto CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33570
High-Tech Bridge SA : [HTB22575] XSS vulnerability in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33571
High-Tech Bridge SA : [HTB22571] SQL injection vulnerability in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33572
High-Tech Bridge SA : [HTB22573] Local File Inclusion in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33573
High-Tech Bridge SA : [HTB22579] File Content Disclosure in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33575
Mark van Tilburg : BugTracker.net 3.4.3 SQL Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33578
wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00339.html
Flash Player 9 DLL Hijacking Exploit (schannel.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00342.html
[USN-979-1] okular vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00340.html
JVNVU#707943 Windows プログラムの DLL 読み込みに脆弱性
http://jvn.jp/cert/JVNVU707943/index.html
JVNDB-2010-001890 複数の Cisco 製品の IKE におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001890.html
JVNDB-2010-001889 Cisco Adaptive Security Appliances の SIP 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001889.html
JVNDB-2010-001888 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001888.html
JVNDB-2010-001887 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001887.html
JVNDB-2010-001886 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001886.html
JVNDB-2010-001885 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001885.html
JVNDB-2010-001884 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001884.html
JVNDB-2010-001883 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001883.html
JVNDB-2009-002544 Blue Coat ProxySG の HTTP Host ヘッダにおけるアクセスコントロール回避の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002544.html
Abandoned free email accounts
http://isc.sans.edu/diary.html?storyid=9457
DLL hijacking - what are you doing ?
http://isc.sans.edu/diary.html?storyid=9460
FTP Brute Password guessing attacks
http://isc.sans.edu/diary.html?storyid=9454
CorelDRAW Graphics Suite Insecure Library Loading Vulnerability
http://secunia.com/advisories/41148/
DivX Plus Player Insecure Library Loading Vulnerability
http://secunia.com/advisories/41108/
BugTracker.NET Custom Field SQL Injection Vulnerability
http://secunia.com/advisories/41150/
Prometeo CMS "ID" SQL Injection Vulnerability
http://secunia.com/advisories/41138/
IBM WebSphere Application Server Web Services Time Stamp Security Issue
http://secunia.com/advisories/41173/
Red Hat update for gdm
http://secunia.com/advisories/41139/
Joomla! / Mambo Remository Component Arbitrary File Upload Vulnerability
http://secunia.com/advisories/41161/
Fedora update for bugzilla
http://secunia.com/advisories/41128/
Fedora update for kdegraphics
http://secunia.com/advisories/41132/
CyberLink Power2Go Insecure Library Loading Vulnerability
http://secunia.com/advisories/41174/
CyberLink PowerDirector Insecure Library Loading Vulnerability
http://secunia.com/advisories/41142/
Autodesk AutoCAD Insecure Library Loading Vulnerability
http://secunia.com/advisories/41156/
hinnendahl Kontakt Formular "script_pfad" Local File Inclusion Vulnerability
http://secunia.com/advisories/41155/
hinnendahl CMS & News Script light "script_pfad" File Inclusion Vulnerability
http://secunia.com/advisories/41160/
PHP Gastebuch Script "script_pfad" Local File Inclusion Vulnerability
http://secunia.com/advisories/41157/
RealPlayer Multiple Vulnerabilities
http://secunia.com/advisories/41154/
RealPlayer SP Multiple Vulnerabilities
http://secunia.com/advisories/41096/
SUSE update for Multiple Packages
http://secunia.com/advisories/41171/
Drupal BlastChat Client Module "Itemid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41172/
Ubuntu update for kdegraphics
http://secunia.com/advisories/41086/
Joomla! / Mambo BlastChat Client Component "Itemid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41129/
Hycus CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/41141/
「このソフトなら駆除できます」――偽ソフトを薦めるウイルス
複数の偽ソフトをリストアップ、「VirusTotal」風のサイトで配布
http://itpro.nikkeibp.co.jp/article/NEWS/20100830/351528/?ST=security
Cisco IOS XR BGP Attribute Processing Flaw Permits Denial of Service Attacks
http://securitytracker.com/alerts/2010/Aug/1024371.html
RealPlayer Bugs Let Remote Users Obtain Files and Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024370.html
HP MagCloud iPad App, Remote Unauthorized Access Bypass
http://securityreason.com/securityalert/7697
Omnistar Recruiting (resume_register.php job2) XSS Vulnerability
http://securityreason.com/securityalert/7696
AJauctionPro Oopd 3.0 (Search) Remote XSS Vulnerability
http://securityreason.com/securityalert/7695
SAP Business One 2005 6.80.320 Remote Buffer Overflow
http://securityreason.com/securityalert/7694
Silurus Classifieds 1.0 Remote XSS Vulnerabilities
http://securityreason.com/securityalert/7693
RealPlayer Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2216
IBM WebSphere Application Server WS-Security Policy Timestamp Issue
http://www.vupen.com/english/advisories/2010/2215
HP-UX Software Distributor Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2214
Adobe ExtendScript Toolkit Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2213
Adobe Extension Manager File Processing Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2212
Roxio MyDVD File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2211
Adobe InDesign File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2210
Adobe Premiere Pro File Processing Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2210
Roxio Creator File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2208
NetBSD Security Update Fixes CODA Memory Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/2207
Fedora Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2206
Fedora Security Update Fixes Multiple Bugzilla Vulnerabilities
http://www.vupen.com/english/advisories/2010/2205
SuSE Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2204
Redhat Security Update Fixes GDM Missing TCP Wrappers Support
http://www.vupen.com/english/advisories/2010/2203
Mandriva Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2202
nginx v0.6.38 Heap Corruption Exploit
http://www.exploit-db.com/exploits/14830/
SnackAmp 3.1.2 Malicious SMP Buffer Overflow Vulnerability (SEH)
http://www.exploit-db.com/exploits/14831/
SnackAmp 3.1.2 Malicious WAV Buffer Overflow Vulnerability (POC)
http://www.exploit-db.com/exploits/14832/
Leadtools ActiveX Raster Twain v16.5 (LtocxTwainu.dll) Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/14824/
0 件のコメント:
コメントを投稿