+ Linux kernel 2.6.37-rc2 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2
[ANNOUNCE] Apache Traffic Server 2.1.4-unstable released
http://trafficserver.apache.org/downloads.html
Linux kernel 2.6.37-rc2 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2
http://www.linux.org/news/2010/11/16/0001.html
JVNDB-2010-002305 Adobe Shockwave Player に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002305.html
JVNDB-2010-002304 Pidgin の libpurple におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002304.html
JVNDB-2010-002303 Pidgin の MSN プロトコルプラグインの msn_emoticon_msg 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002303.html
JVNDB-2010-002302 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002302.html
JVNDB-2008-002490 Interstage Application Server におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002490.html
JVNDB-2010-002301 Linux カーネルにおける RDS プロトコルの実装に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002301.html
「CIOへセキュリティ情報を直接上げている国内ユーザーはゼロ」、トーマツが驚きの調査結果
http://itpro.nikkeibp.co.jp/article/NEWS/20101116/354167/?ST=security
Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
http://securitytracker.com/alerts/2010/Nov/1024740.html
CUPS Web Interface Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40897
CUPS Web Interface Unspecified Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/40889
CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44530
CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability
http://www.securityfocus.com/bid/40943
CUPS 'cupsFileOpen' function Symlink Attack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/41131
? Internet Explorer-SA-11/14/2010: Internet Explorer - Saved XSS vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34273
[ANNOUNCE] James Server 3.0-M2 released
http://james.apache.org/
About the security content of Mac OS X Server v10.6.5 (10H575)
http://support.apple.com/kb/HT4452
HPSBPI02575 SSRT090255 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333
世界で最もゾンビPCが多い都市は?、マカフィー調査
http://itpro.nikkeibp.co.jp/article/NEWS/20101116/354158/?ST=security
JPCERT/CCが警告、「Gumblarの活動は終わっていない」
http://itpro.nikkeibp.co.jp/article/NEWS/20101115/354137/?ST=security
迷惑メール対策技術DKIMの普及を目指す団体、ヤフーや楽天など6社が設立
http://itpro.nikkeibp.co.jp/article/NEWS/20101115/354124/?ST=security
Slackware Linux : [SSA:2010-317-01] slackware-security mozilla-thunderbird
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34268
Independent Researcher : CakePHP <= 1.3.5 / 1.2.8 unserialize() Vulnerability http://www.criticalwatch.com/support/security-advisories.aspx?AID=34274
InterN0T : vBulletin 4.0.8 - Persistent XSS via Profile Customization
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34275
MustLive : Internet Explorer - Saved XSS vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34273
Debian : [DSA 2038-3] New pidgin packages fix regression
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34271
Mandriva : [MDVSA-2010:230] poppler
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34269
Mandriva : [MDVSA-2010:231] poppler
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34270
JVNDB-2010-001512 MySQL におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001512.html
Packet Storm - New Site
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00131.html
vBulletin 4.0.8 - Persistent XSS via Profile Customization
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00128.html
Saved XSS vulnerability in Internet Explorer
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00130.html
[SECURITY] [DSA 2038-3] New pidgin packages fix regression
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00126.html
TWSL2010-006: Multiple Vulnerabilities in Camtron CMNC-200 IP Camera
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00127.html
Mozilla Firefox 3.6.12 Remote Denial Of Service
http://isc.sans.edu/diary.html?storyid=9937
Minibis hits beta with Version 2.1
http://isc.sans.edu/diary.html?storyid=9940
IBM OmniFind - several vulnerabilities
http://securityreason.com/securityalert/7896
IBM OmniFind Crawler Denial of Service Vulnerability
http://securityreason.com/securityalert/7895
IBM OmniFind CSRF Vulnerability
http://securityreason.com/securityalert/7894
IBM OmniFind Buffer Overflow Vulnerability
http://securityreason.com/securityalert/7893
IBM OmniFind Privilege Escalation Vulnerability
http://securityreason.com/securityalert/7892
Microsoft Outlook Content Parsing Integer Underflow Vulnerability
http://www.securiteam.com/securitynews/6X0361F0AI.html
Adobe Reader ICC Parsing Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/6I03A1F0AE.html
MailEnable SMTP Service Two Denial of Service Vulnerabilities
http://www.securiteam.com/windowsntfocus/6Y0371F0AY.html
IBM Tivoli Provisioning Manager for OS Deployment TCP to ODBC Code Execution Vulnerability
http://www.securiteam.com/securitynews/6Z0381F0AS.html
Novell iManager getMultiPartParameters Arbitrary File Upload Code Execution Vulnerability
http://www.securiteam.com/securitynews/6A0391F0AO.html
Norton Mobile Security Discloses Potentially Sensitive Information to Other Applications
http://securitytracker.com/alerts/2010/Nov/1024739.html
RealPlayer Image Map Flaws Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Nov/1024738.html
Ricoh Aficio Products Web Image Monitor Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42178/
LuCI Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/42279/
LuCI Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42230/
CakePHP "unserialize()" PHP Code Execution Vulnerability
http://secunia.com/advisories/42211/
Babylon Cross-Application Scripting Vulnerability
http://secunia.com/advisories/42202/
WordPress Event Registration Plugin "event_id" SQL Injection Vulnerability
http://secunia.com/advisories/42265/
Foswiki Topic Settings Privilege Escalation Security Issue
http://secunia.com/advisories/42275/
RealPlayer RealMedia Image Map Parsing Vulnerabilities
http://secunia.com/advisories/42203/
Chameleon Social Networking Forum "New Thread" Script Insertion
http://secunia.com/advisories/42206/
Fedora update for bristol
http://secunia.com/advisories/42272/
OneOrZero AIMS "item_types" SQL Injection Vulnerability
http://secunia.com/advisories/42251/
Fujitsu Interstage Products Information Disclosure Vulnerability
http://secunia.com/advisories/42222/
OpenTTD Denial of Service Vulnerability
http://secunia.com/advisories/42205/
Hitachi EUR Products Unspecified Code Execution Vulnerability
http://secunia.com/advisories/42207/
Joomla! JSupport Component Script Insertion and SQL Injection Vulnerabilities
http://secunia.com/advisories/42262/
Fedora update for bugzilla
http://secunia.com/advisories/42271/
Fedora update for moodle
http://secunia.com/advisories/42273/
Symantec Norton Mobile Security for Android Information Disclosure
http://www.vupen.com/english/advisories/2010/2982
Fujitsu Interstage Products J2EE Application Unauthorized File Access
http://www.vupen.com/english/advisories/2010/2981
FreeNAS "cmd" Parameter Remote Command Injection Vulnerability
http://www.vupen.com/english/advisories/2010/2980
IBM Runtimes for Java Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2979
IBM Systems Director Agent "reset_diragent_keys" Insecure Permissions
http://www.vupen.com/english/advisories/2010/2978
Redhat Security Update Fixes Kernel Code Execution and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2010/2977
Fedora Security Update Fixes Tomcat Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/2976
Fedora Security Update Fixes Bugzilla Input Validation Vulnerabilities
http://www.vupen.com/english/advisories/2010/2975
Fedora Security Update Fixes Moodle Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2974
Fedora Security Update Fixes DHCP Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2973
Fedora Security Update Fixes Bristol Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2972
Fedora Security Update Fixes Gromacs Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2971
Mandriva Security Update Fixes Poppler Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2970
Mandriva Security Update Fixes kdegraphics Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2969
Mandriva Security Update Fixes Xpdf Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2968
Slackware Security Update Fixes Thunderbird Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/2967
Remote: Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit
http://www.exploit-db.com/exploits/15548/
Local: Foxit Reader 4.1.1 Stack Overflow Exploit - Egghunter Mod
http://www.exploit-db.com/exploits/15542/
GNU glibc 'ld.so' ELF Header Parsing Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40063
GNU glibc 'strfmon()' Function Integer Overflow Weakness
http://www.securityfocus.com/bid/36443
Webkit Floating Point Datatype Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/43047
RETIRED: Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/44778
RETIRED: Apple Mac OS X CoreGraphics PDF Handling Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44809
FileCOPA FTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/44759
MarketSaz 'fckeditor' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40971
Multiple Fujitsu Interstage Products Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44848
Multiple Pre Projects Applications Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/41750
Foxit Reader and Phantom Title Parsing Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43785
YUI Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/44420
Bugzilla Response Splitting and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/44618
Banshee 'LD_LIBRARY_PATH' Multiple Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/44752
Bristol 'LD_LIBRARY_PATH' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44335
Apache Tomcat 'Transfer-Encoding' Information Disclosure and Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/41544
Pidgin Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38294
ISC DHCP Server Relay-Forward Empty Link-Address Field Denial of Service Vulnerability
http://www.securityfocus.com/bid/44615
Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44874
LuCI 'sysauth.htm' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/44871
IBM WebSphere Application Server JAX-WS Denial Of Service Vulnerability
http://www.securityfocus.com/bid/44862
OneOrZero AIMS 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44859
OneOrZero AIMS 'item_types' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44856
CakePHP 'unserialize()' PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/44852
Real Networks RealPlayer RealMedia Image Map Parsing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/44847
vBulletin 'Profile Customization' Feature HTML Injection Vulnerability
http://www.securityfocus.com/bid/44873
BSI Advance Hotel Booking System 'page' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44854
OpenTTD Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/44844
DBSite 'ID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44870
AWCM CMS Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/44868
Build A Niche Store Admin Login Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/44867
Webmatic 'p' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44863
0 件のコメント:
コメントを投稿