InterScan Messaging Security Suite 7.0 Solaris 版 Service Pack1 Patch3 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1475
Cyber Security Awareness Month - Day 4 - Managing EMail
http://isc.sans.edu/diary.html?storyid=9658
SQL Slammer Clean-up: How to Report
http://isc.sans.edu/diary.html?storyid=9664
+ Dovecot 1.2.15, 2.0.5 released
http://www.dovecot.org/list/dovecot-news/2010-October/000175.html
http://www.dovecot.org/list/dovecot-news/2010-October/000176.html
+ Linux kernel 2.6.32.24 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.24
http://www.linux.org/news/2010/10/01/0001.html
+ GCC 4.4.5 released
http://gcc.gnu.org/gcc-4.4/changes.html
+ Microsoft IIS Repeated Parameter Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/43140
- Microsoft IIS 6.0 ASP Stack Overflow (Stack Exhaustion) Denial of Service
http://www.exploit-db.com/exploits/15167/
- [Dovecot-news] ACL handling bugs in v1.2.8+ and v2.0
http://www.dovecot.org/list/dovecot-news/2010-October/000177.html
Subversion 1.6.13 Released
http://subversion.apache.org/docs/release-notes/1.6.html
http://svn.apache.org/repos/asf/subversion/tags/1.6.13/CHANGES
http://subversion.apache.org/security/CVE-2010-3315-advisory.txt
[ANNOUNCE] phpPgAdmin 5.0-beta2 Released
https://sourceforge.net/news/?group_id=37132&id=291728
[ANNOUNCE] Another PostgreSQL Diff Tool 2.2 released
http://apgdiff.startnet.biz/news/version_2_2_is_out.php
[ANNOUNCE] Apache Traffic Server 2.1.3-unstable released
http://trafficserver.apache.org/downloads.html
[ANNOUNCE] Apache FtpServer 1.0.5 released
http://mina.apache.org/ftpserver/downloads.html
BIND 9.5.3rc1 is now available.
http://ftp.isc.org/isc/bind9/9.5.3rc1/9.5.3rc1
jetty@codehaus 7.2.0.RC0
http://svn.codehaus.org/jetty/jetty/branches/jetty-7/VERSION.txt
Database .NET 3.6 released; supports PostgreSQL 9.0
http://www.postgresql.org/about/news.1242
phpPgAdmin 5.0-beta2 Released
http://www.postgresql.org/about/news.1241
Lite Dependency Client libs for Windows
http://www.postgresql.org/about/news.1240
Mapping between CVE numbers and Solaris patches for October 2010 CPU
http://blogs.sun.com/security/entry/cves_for_cpu_october_2010
Mandriva : [MDVSA-2010:191] mailman cross-site scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33782
Science Technology Center : Netbiter webSCADA multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33803
Hewlett-Packard : HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33799
Mandriva : [MDVSA-2010:190] libtiff denial-of-service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33781
Red Hat : [RHSA-2010:0734-01] Low: Red Hat Enterprise Linux 3 - 1-Month End Of Life Notice
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33789
Salvatore "drosophila" Fresta : JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33801
VMware : VMware ESX third party updates for Service Console
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33802
Debian : [DSA-2115-1] New moodle packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33784
Gentoo Linux : [GLSA 201009-09] fence: Multiple symlink vulnerabilites
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33800
「第6回 IPA 情報セキュリティ標語・ポスター」 コンクールの入選候補作品決定とご意見募集
http://www.ipa.go.jp/about/pubcomme/201010/index.html
[STANKOINFORMZASCHITA-10-01] NetbiterR webSCADA multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00001.html
THOTCON 0x2 - Call For Papers is Open -> 10.01.10
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00000.html
Adobe Readerの修正版が10月5日に公開、ゼロデイ脆弱性を解消
Acrobatの修正パッチも公開、「四半期に一度の定例公開」を前倒し
http://itpro.nikkeibp.co.jp/article/NEWS/20101004/352569/?ST=security
JVNVU#800113 複数の DNS 実装にキャッシュポイズニングの脆弱性
http://jvn.jp/cert/JVNVU800113/index.html
JVNDB-2009-002411 BIND 9 の DNSSEC 検証処理における脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002411.html
JVNDB-2010-001062 ISC BIND における DNS キャッシュ汚染の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001062.html
JVNDB-2010-001078 ISC BIND における処理範囲外のデータ処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001078.html
JVNDB-2010-002078 Groupmax Scheduler Server における複数の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002078.html
JVNDB-2010-002077 Accela BizSearch の文書参照画面におけるフィッシング脅威の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002077.html
JVNDB-2010-002076 Windows 上で稼働する複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002076.html
JVNDB-2010-002075 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002075.html
JVNDB-2010-002074 複数の Mozilla 製品におけるクロスサイトスクリプティングに対する保護メカニズムを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002074.html
JVNDB-2010-002073 複数の Mozilla 製品におけるイントラネット上の Web サーバの存在を発見される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002073.html
JVNDB-2010-002072 複数の Mozilla 製品の SafeJSObjectWrapper 実装における同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002072.html
Cyber Security Awareness Month - Day 3 - Recognizing phishing and online scams
http://isc.sans.edu/diary.html?storyid=9652
H went down.
http://isc.sans.edu/diary.html?storyid=9655
Canada's Cyber Security Strategy released today
http://isc.sans.edu/diary.html?storyid=9661
Cyber Security Awareness Month - Day 2 - Securing the Family Network
http://isc.sans.edu/diary.html?storyid=9649
Cyber Security Awareness Month - 2010
http://isc.sans.edu/diary.html?storyid=9640
Cyber Security Awareness Month - Day 1 - Securing the Family PC
http://isc.sans.edu/diary.html?storyid=9643
Zen Cart Multiple Vulnerabilities
http://secunia.com/advisories/41666/
Openswan XAUTH Multiple Vulnerabilities
http://secunia.com/advisories/41689/
Barracuda Spam & Virus Firewall "locale" Directory Traversal Vulnerability
http://secunia.com/advisories/41609/
FreeRADIUS Two Denial of Service Vulnerabilities
http://secunia.com/advisories/41621/
IBM DB2 Administration Server Buffer Overflow Vulnerability
http://secunia.com/advisories/41686/
Novell iManager "getMultiPartParameters()" Arbitrary File Upload Vulnerability
http://secunia.com/advisories/41687/
TikiWiki CMS/Groupware Multiple Vulnerabilities
http://secunia.com/advisories/41670/
Apache XML-RPC Information Disclosure Vulnerability
http://secunia.com/advisories/41682/
Joomla! JE Directory Component "catid" SQL Injection Vulnerability
http://secunia.com/advisories/41681/
IBM DB2 Buffer Overflow in Administration Server May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Oct/1024498.html
Novell iManager Lets Remote Users Upload Arbitrary Files
http://securitytracker.com/alerts/2010/Oct/1024497.html
Microsoft Internet Information Server (IIS) Web Server Stack Overflow in Reading POST Data Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Oct/1024496.html
Synology Disk Station Web commands injection
http://securityreason.com/securityalert/7809
Crabgrass Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2551
massadmin Insecure Temporary File Permissions Vulnerability
http://www.vupen.com/english/advisories/2010/2550
phpMyFAQ URL Processing Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2549
web2ldap Multiple Parameter and Header Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2010/2548
Tiki Wiki CMS Groupware Multiple Input Validation Vulnerabilities
http://www.vupen.com/english/advisories/2010/2547
Novell eDirectory NCP Implementation Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2546
Novell iManager Tomcat Remote File Upload Vulnerability
http://www.vupen.com/english/advisories/2010/2545
IBM DB2 Administration Server Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2544
Memcache Module for Drupal Access bypass and Cross Site Scripting
http://www.vupen.com/english/advisories/2010/2543
Imagemenu Module for Drupal Cross Site Scripting and Request Forgery
http://www.vupen.com/english/advisories/2010/2542
VMware ESX Security Update Fixes Service Console Vulnerabilities
http://www.vupen.com/english/advisories/2010/2541
Mandriva Security Update Fixes LibTIFF Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/2540
Fedora Security Update Fixes Mantis Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2539
Fedora Security Update Fixes PECL-APC Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2538
FileApp 2.0 or earier for iPhone, iPad and iPod Touch Directory Traversal Vulnerability
http://www.exploit-db.com/exploits/15186/
Trend Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution (MSF)
http://www.exploit-db.com/exploits/15168/
AudioTran 1.4.2.4 SafeSEH+SEHOP Exploit
http://www.exploit-db.com/exploits/15184/
Hanso Player Version 1.3.0 (.m3u) Denial of Service Vulnerability
http://www.exploit-db.com/exploits/15193/
GNU Mailman Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/43187
ProletSoft Playlistmaker '.m3u' and '.m3l' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43153
Novell iManager 'getMultiPartParameters()' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/43635
Microsoft IIS Repeated Parameter Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/43140
FreePBX SIP Packet Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/23575
FreePBX 'admin/cdr/call-comp.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/43375
Trend Micro Internet Security Pro ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42717
Particle Wiki Index.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/18273
Tiki Wiki CMS Groupware Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/43507
iGaming CMS 'viewpoll.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/43666
Novell eDirectory Server Malformed Index Denial Of Service Vulnerability
http://www.securityfocus.com/bid/43662
Chipmunk Board 'forumID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/43648
FreeRADIUS Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/43645
PhpMyShopping 'detail_article.php' Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/43641
Evaria ECMS 'Poll.php' Local File Disclosure Vulnerability
http://www.securityfocus.com/bid/43640
jCart Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/43639
Apache XML-RPC SAX Parser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43637
Intellicom Netbiter webSCADA Products 'read.cgi' Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/43636
IBM DB2 prior to 9.5 Fix Pack 6a Unspecified Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43634
Zen Cart Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/43628
0 件のコメント:
コメントを投稿