+ MOAUB #5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit
http://www.exploit-db.com/exploits/14895/
+ Linux kernel 2.4.37.10 released
http://www.kernel.org/
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.10
HS10-026: Groupmax Scheduler Serverにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-026/index.html
Debian update for barnowl
http://secunia.com/advisories/41260/
Fedora update for sblim-sfcb
http://secunia.com/advisories/41289/
FreeType Stack Buffer Overflow and Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/42285
- HPSBMA02572 SSRT100082 rev.1 - HP Operations Agent Running on Windows, Local Elevation of Privileges and Remote Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02497800
- MOAUB #4 - Movie Maker Remote Code Execution (MS10-016)
http://www.exploit-db.com/exploits/14886/
[ANNOUNCE] Apache OpenWebBeans 1.0.0-alpha-2
http://www.apache.org/dyn/closer.cgi/openwebbeans/1.0.0-alpha-2/
Stable and Beta Channel Updates: Google Chrome 6.0.472.53
http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html
squid 3.1.8 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/
UPDATE: HPSBMA02417 SSRT090031 rev.3 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01697543
Mandriva : [MDVSA-2010:169] mozilla-thunderbird
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33617
MustLive : Vulnerabilities in CMS WebManager-Pro
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33620
Protek Research Lab : [PRL-2010-07] Novell Netware OpenSSH Remote Stack Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33619
Ubuntu Security Notice : [USN-982-1] Wget vulnerability file creation and code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33618
YGN Ethical Hacker Group : Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33621
「アイコンを表示するだけで感染」、Windowsの脆弱性悪用ウイルスに注意
USBメモリーなどを経由して感染拡大、IPAが注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20100906/351782/?ST=security
JVNVU#362332: Wind River Systems VxWorks においてデバッグサービスがデフォルトで有効になっている問題
http://jvn.jp/cert/JVNVU362332/index.html
JVNVU#840249: Wind River Systems VxWorks の認証 API (loginLib) における問題
http://jvn.jp/cert/JVNVU840249/index.html
JVNTA10-238A: 緊急 Microsoft Windows における DLL 読み込みに関する脆弱性
http://jvn.jp/cert/JVNTA10-238A/index.html
JVNDB-2010-001944 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001944.html
JVNDB-2010-001943 Adobe Flash Player および Adobe AIR におけるクリックジャッキングに関するユーザにリンクを選択させる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001943.html
JVNDB-2010-001942 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001942.html
JVNDB-2010-001941 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001941.html
JVNDB-2010-001940 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001940.html
JVNDB-2010-001939 Adobe Flash の ActionScript の処理に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001939.html
JVNDB-2010-001938 libvirt における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001938.html
JVNDB-2010-001937 libvirt における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001937.html
JVNDB-2010-001936 dbus-glib の GObject プロパティにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001936.html
JVNDB-2010-001935 Xen の arch/ia64/xen/faults.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001935.html
JVNDB-2010-001934 Linux kernel の Bluetooth ソケットにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001934.html
[security bulletin] HPSBMA02572 SSRT100082 rev.1 - HP Operations Agent Running on Windows, Local
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-09/msg00020.html
VUPEN Security Research - Google Chrome Focus Processing Memory Corruption Vulnerability (VUPEN&
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-09/msg00023.html
[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-09/msg00018.html
[ MDVSA-2010:170 ] wget
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-09/msg00017.html
[ GLSA 201009-01 ] wxGTK: User-assisted execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-09/msg00021.html
US Department of Defense and National Policy
http://isc.sans.edu/diary.html?storyid=9505
Investigating Malicious Website Reports
http://isc.sans.edu/diary.html?storyid=9499
What's not to Like about "Like?"
http://isc.sans.edu/diary.html?storyid=9502
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Sep/1024390.html
Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7724
Movie Maker Remote Code Execution (MS10-016)
http://securityreason.com/securityalert/7723
VMware Tools for Windows Remote Binary Planting Vulnerability
http://www.securiteam.com/windowsntfocus/5HP2V0U2KU.html
VMware Tools for Windows Local Binary Planting Vulnerability
http://www.securiteam.com/windowsntfocus/5IP2W0U2KU.html
SUSE update for kernel
http://secunia.com/advisories/41280/
MantisBT Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41278/
NuSOAP Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41254/
Roxio MyDVD Insecure Library Loading Vulnerability
http://secunia.com/advisories/41152/
Visinia Cross-Site Request Forgery and File Disclosure Vulnerabilities
http://secunia.com/advisories/41189/
HP Operations Agent Two Vulnerabilities
http://secunia.com/advisories/41277/
PhotoImpact Insecure DLL Library Loading Vulnerability
http://secunia.com/advisories/41258/
L0phtCrack Insecure Library Loading Vulnerability
http://secunia.com/advisories/41253/
3Com H3C S9500E Switches Denial of Service Vulnerability
http://secunia.com/advisories/41266/
KeePass Password Safe Insecure Library Loading Vulnerability
http://secunia.com/advisories/41167/
Zope ZServer Denial of Service Vulnerability
http://secunia.com/advisories/41267/
Gentoo update for wxGTK
http://secunia.com/advisories/41192/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/41242/
Ubuntu update for wget
http://secunia.com/advisories/41214/
Fedora update for rekonq
http://secunia.com/advisories/41275/
Fedora update for kernel
http://secunia.com/advisories/41274/
Fedora update for sssd
http://secunia.com/advisories/41273/
Fedora update for wireshark
http://secunia.com/advisories/41272/
HP Operations Agent Code Execution and Privilege Escalation Issues
http://www.vupen.com/english/advisories/2010/2287
Google Chrome Memory Corruptions and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/2286
Fedora Security Update Fixes CAN BCM Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2285
Fedora Security Update Fixes Wireshark Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2284
Fedora Security Update Fixes SSSD Null Password Authentication
http://www.vupen.com/english/advisories/2010/2283
Fedora Security Update Fixes Rekonq Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2282
Mandriva Security Update Fixes Wget File Overwrite Vulnerability
http://www.vupen.com/english/advisories/2010/2281
Mandriva Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2280
Ubuntu Security Update Fixes Wget File Overwrite Vulnerability
http://www.vupen.com/english/advisories/2010/2279
Gentoo Security Update Fixes wxGTK Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2278
Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution
http://www.exploit-db.com/exploits/14878/
Virtual DJ Trial v6.1.2 SEH Buffer Overflow Crash PcC
http://www.exploit-db.com/exploits/14909/
FCrackZip 1.0 Local Buffer Overflow Proof of Concept
http://www.exploit-db.com/exploits/14904/
VLC Media Player http://www.exploit-db.com/exploits/14892/
FFDshow SEH Exception leading to NULL pointer on Read
http://www.exploit-db.com/exploits/14882/
Intel Video Codecs v5 Remote Denial Of Service Vulnerability
http://www.exploit-db.com/exploits/14883/
KSP '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42069
Icarus 'PGN' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34167
HP-UX Software Distributor Unspecified Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/42755
Trend Micro Internet Security Pro ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42717
Joomla! TPDugg Component 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/36321
Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/41963
Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42102
OpenLDAP 'modrdn' Request Multiple Vulnerabilities
http://www.securityfocus.com/bid/41770
Linux Kernel XDR Implementation Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42249
Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/42364
Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42362
Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
http://www.securityfocus.com/bid/42361
Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42358
OpenSSL 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42306
Linux Kernel Controller Area Network Protocol Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/42585
Pligg CMS SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/42967
QxDM 'mfc71enu.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42962
IZArc '.ztv7z.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42961
jetAudio 'wnaspi32.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42960
PhotoImpact Pro 'bwsconst.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42958
HP Operation Agent Privilege Escalation and Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/42957
0 件のコメント:
コメントを投稿