Chrome Stable and Beta channels have been updated to 10.0.648.133
http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
phpMyAdmin-3.3.10-rc1 is released
http://sourceforge.net/news/?group_id=23067&id=298391
phpMyAdmin-3.4.0-beta4 is released
http://sourceforge.net/news/?group_id=23067&id=298376
HPSBUX02641 SSRT100412 改訂版1 - Javaを実行するHP-UX、Linux、Solaris、およびWindows用HP OpenView ネットワーク ノードマネージャー(OV NNM)、リモートサービス拒否(DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c02746958
HPSBPI02640 SSRT100410 改訂版1 - Windowsで実行中のHP MFP デジタルセンディング ソフトウェア、認証バイパス
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c02746957
HPSBUX02638 SSRT100339 改訂版1 - OpenSSLを実行するHP-UX、任意コードのリモート実行、サービス拒否(DoS)、認証バイパス
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c02746955
停電などにより電力の供給が停止した後のトレンドマイクロ製品の復旧方法について
http://www.trendmicro.co.jp/support/news.asp?id=1545
InterScan for Microsoft Exchange 10.0 Service Pack 1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1537
マカフィーが、携帯端末向けセキュリティ製品を発表
個人から企業まで、統合的な防御を製品群で実現
http://itpro.nikkeibp.co.jp/article/NEWS/20110314/358294/?ST=security
JVN#01635457 e107 におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN01635457/index.html
LOCAL: ABBS Audio Media Player Buffer Overflow Exploit (M3U/LST)
http://www.exploit-db.com/exploits/16971/
+ Apache Tomcat 7.0.11 released
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
+ 2501696: Vulnerability in MHTML Could Allow Information Disclosure
http://www.microsoft.com/technet/security/advisory/2501696.mspx
+ Multiple vulnerabilities in Adobe Flash Player
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2
http://www.securityfocus.com/bid/46055
+ Linux Kernel InfiniBand Request Handling Denial of Service
http://secunia.com/advisories/43693/
http://www.securityfocus.com/bid/46839
+- Linux Kernel "ldm_frag_add()" Buffer Overflow Vulnerability
http://secunia.com/advisories/43716/
+? PHP <= 5.3.6 shmop_read() Integer Overflow DoS
http://www.exploit-db.com/exploits/16966/
- Important: Security constraint bypass CVE-2011-1088
http://tomcat.apache.org/security-7.html
-+ Linux Kernel "ldm_frag_add()" Buffer Overflow Vulnerability
http://secunia.com/advisories/43738/
Linux Kernel release: 2.6.32.33-rc1
http://www.linux.org/news/2011/03/11/0002.html
Linux Kernel release: 2.6.37.4-rc1
http://www.linux.org/news/2011/03/11/0001.html
Postfix 2.9 Snapshot 20110313 release
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.9-20110313.HISTORY
Debian : [DSA-2188-1] webkit: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35281
Debian : [DSA-2189-1] chromium-browser: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35282
Hewlett-Packard : HP Power Manager (HPPM) Running on Linux and Windows, Cross Site Request Forgery (CSRF), Cross Site
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35284
High-Tech Bridge SA : [HTB22874] Path disclosure in Lazyest Gallery wordpress plugin
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35286
High-Tech Bridge SA : [HTB22875] XSS in Lazyest Gallery wordpress plugin
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35287
High-Tech Bridge SA : [HTB22878] XSS vulnerability in CosmoShop
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35288
High-Tech Bridge SA : [HTB22879] Multiple XSS vulnerabilities in CosmoShop
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35289
High-Tech Bridge SA : [HTB22880] XSS vulnerability in CosmoShop
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35290
High-Tech Bridge SA : [HTB22881] SQL injection vulnerability in CosmoShop
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35291
Red Hat : [RHSA-2011:0330-01] kernel-rt: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35273
Red Hat : [RHSA-2011:0332-01] scsi-target-utils: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35274
Red Hat : [RHSA-2011:0335-01] tomcat6: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35275
Red Hat : [RHSA-2011:0336-01] tomcat5: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35276
Red Hat : [RHSA-2011:0337-01] vsftpd: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35277
Red Hat : [RHSA-2011:0345-01] qemu-kvm: Moderate Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35278
Red Hat : [RHSA-2011:0346-01] openldap: Moderate Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35279
Red Hat : [RHSA-2011:0347-01] openldap: Moderate Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35280
Slackware Linux : [SSA:2011-068-01] seamonkey: Security Update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35271
Slackware Linux : [SSA:2011-068-02] mozilla-firefox: Security Update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35272
Stefan Schurtz : [SSCHADV2011-002] Cross-Site Scripting vulnerability in Nagios
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35285
韓国国内で発生しているDDoS攻撃について
http://www.ipa.go.jp/security/topics/alert20110304.html
コスモ石油工場爆発に関するデマメール、セキュアブレインが注意を呼びかけ
http://itpro.nikkeibp.co.jp/article/NEWS/20110313/358260/?ST=security
JVNVU#574588 Apple TV における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU574588/index.html
JVNVU#643615 Apple Safari における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU643615/index.html
JVNVU#867452 Apple iOS における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU867452/index.html
JVNDB-2011-001230 Adobe Shockwave Player の TextXtra モジュールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001230.html
JVNDB-2011-001229 Adobe Shockwave Player の dirapi.dll モジュールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001229.html
JVNDB-2011-001228 Adobe Shockwave Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001228.html
JVNDB-2011-001227 Adobe Shockwave Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001227.html
JVNDB-2011-001226 Adobe Shockwave Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001226.html
JVNDB-2010-001333 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001333.html
JVNDB-2010-001332 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001332.html
JVNDB-2010-001331 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001331.html
JVNDB-2010-001330 Oracle Sun Java が Java アプレットの署名を正しく検証しない脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001330.html
JVNDB-2010-001329 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001329.html
JVNDB-2010-001328 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001328.html
JVNDB-2010-001327 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001327.html
JVNDB-2010-001326 複数の Oracle 製品の Pack200 コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001326.html
JVNDB-2010-001324 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001324.html
JVNDB-2010-001323 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001323.html
JVNDB-2010-001321 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001321.html
JVNDB-2010-001319 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001319.html
JVNDB-2010-001318 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001318.html
JVNDB-2010-001316 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001316.html
JVNDB-2010-001315 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001315.html
JVNDB-2010-001314 複数の Oracle 製品の HotSpot Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001314.html
JVNDB-2010-001313 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001313.html
JVNDB-2010-001312 複数の Oracle 製品の Java Web Start または Java Plug-in コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001312.html
JVNDB-2010-001309 複数の Oracle 製品の Java Web Start または Java Plug-in コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001309.html
JVNDB-2010-001308 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001308.html
Snort IDS Sensor with Sguil Framework ISO
http://isc.sans.edu/diary.html?storyid=10534
Japan Earthquake: Possible scams / malware
http://isc.sans.edu/diary.html?storyid=10537
iOS 4.3 released, numerous security vulnerabilities patched
http://isc.sans.edu/diary.html?storyid=10525
Red Hat update for tomcat5 and tomcat6
http://secunia.com/advisories/43731/
Nagios "layer" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/43287/
Linux Kernel InfiniBand Request Handling Denial of Service
http://secunia.com/advisories/43693/
Debian update for webkit
http://secunia.com/advisories/43692/
SUSE update for java-1_4_2-ibm
http://secunia.com/advisories/43699/
Debian webkit Multiple Vulnerabilities
http://secunia.com/advisories/43688/
SUSE update for IBMJava2
http://secunia.com/advisories/43710/
Red Hat update for kernel-rt
http://secunia.com/advisories/43732/
Linux Kernel "ldm_frag_add()" Buffer Overflow Vulnerability
http://secunia.com/advisories/43738/
Linux Kernel "ldm_frag_add()" Buffer Overflow Vulnerability
http://secunia.com/advisories/43716/
Kerio Connect "STARTTLS" Plaintext Injection Vulnerability
http://secunia.com/advisories/43678/
Debian update for chromium-browser
http://secunia.com/advisories/43691/
Red Hat update for openldap
http://secunia.com/advisories/43708/
Red Hat update for qemu-kvm
http://secunia.com/advisories/43733/
CometBird Multiple Vulnerabilities
http://secunia.com/advisories/43711/
Red Hat update for openldap
http://secunia.com/advisories/43718/
Fedora update for logwatch
http://secunia.com/advisories/43734/
Pidgin YMSG Denial of Service Weakness
http://secunia.com/advisories/43695/
Adobe Shockwave Player Memory Corruption Vulnerability
http://www.securiteam.com/windowsntfocus/5PP370A3PY.html
HP OpenView Storage Data Protector Denial of Service Vulnerability
http://www.securiteam.com/windowsntfocus/5RP390A3PE.html
HP OpenView Performance Insight Server Execution of Arbitrary Code Vulnerability
http://www.securiteam.com/securitynews/5ZP3A0A3PY.html
Adobe Reader and Acrobat JP2K Invalid Indexing Vulnerability
http://www.securiteam.com/securitynews/5OP360A3PO.html
HP StorageWorks X9000 Network Storage Systems Unauthenticated Access Vulnerability
http://www.securiteam.com/securitynews/5AP3B0A3PO.html
HP Business Availability Center and Business Service Management XSS Vulnerability
http://www.securiteam.com/securitynews/5QP380A3PO.html
QEMU Password Option Error Lets Remote Users Bypass Authentication
http://www.securitytracker.com/id/1025199
Linux Kernel AV7110 Driver dvb_ca_ioctl() Memory Corruption Error Lets Local Users Deny Service
http://www.securitytracker.com/id/1025195
OpenLDAP modrdn Request Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1025191
OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password
http://www.securitytracker.com/id/1025190
OpenLDAP Forwarding Error May Let Remote Users Bypass Authentication for External Applications
http://www.securitytracker.com/id/1025188
vsftpd vsf_filename_passes_filter() Bug Lets Remote Authenticated Users Deny Service
http://www.securitytracker.com/id/1025186
REMOTE: Accellion File Transfer Appliance MPIPE2 Command Execution
http://www.exploit-db.com/exploits/16964
LOCAL: CoolZip 2.0 zip Buffer Overflow Exploit
http://www.exploit-db.com/exploits/16965
DoS/PoC: PHP <= 5.3.6 shmop_read() Integer Overflow DoS
http://www.exploit-db.com/exploits/16966
Google Chrome Style Handling Memory Corruption Code Execution
http://www.vupen.com/english/advisories/2011/0645
Nagios "layer" Parameter Handling Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2011/0644
Pidgin Yahoo Protocol Plugin Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0643
Apple TV Code Execution and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2011/0642
Microsoft Windows MHTML Script Code Injection Vulnerability
http://www.securityfocus.com/bid/46055
libcgroup 'cgrulesengd' Daemon Netlink Messages Event Spoofing Vulnerability
http://www.securityfocus.com/bid/46578
Adobe Flash Player CVE-2011-0608 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46283
Adobe Flash Player CVE-2011-0607 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46282
Adobe Flash Player CVE-2011-0578 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46195
Adobe Flash Player CVE-2011-0575 DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/46197
Adobe Flash Player CVE-2011-0571 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46190
Adobe Flash Player CVE-2011-0574 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46193
Adobe Flash Player CVE-2011-0560 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46188
Adobe Flash Player CVE-2011-0561 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46189
Adobe Flash Player CVE-2011-0559 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46186
Adobe Flash Player Font Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46196
Adobe Flash Player CVE-2011-0572 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46191
Adobe Flash Player CVE-2011-0573 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46192
Adobe Flash Player CVE-2011-0558 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/46194
Wireshark Visual C++ Analyzer Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46416
Wireshark 1.4.3 and 1.2.14 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46626
Wireshark 6LoWPAN Packet Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46636
Wireshark NTLMSSP NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46796
Wireshark Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/43197
Wireshark '.pcap' File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46167
Asterisk UPDTL Packets Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/46474
Google Chrome prior to 8.0.552.215 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/45170
WordPress Prior to 3.0.5 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46249
Apache Tomcat '@ServletSecurity' Annotations Security Bypass Vulnerability
http://www.securityfocus.com/bid/46685
Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/46767
Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46734
Linux Kernel 'fs/partitions/ldm.c' Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/46512
Oracle Weblogic CVE-2010-4437 Remote Session Fixation Vulnerability
http://www.securityfocus.com/bid/45852
Mozilla Firefox and Thunderbird JPEG Image Decoding Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46651
Mozilla Firefox CVE-2011-0062 Multiple Unspecified Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/46647
Mozilla Firefox/SeaMonkey Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/46652
Mozilla Firefox and SeaMonkey JavaScript Non-Local Variables Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46648
Mozilla Firefox and SeaMonkey JavaScript String Values Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46650
Mozilla Firefox and SeaMonkey 'JSON.stringify()' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46661
Mozilla Firefox and SeaMonkey JavaScript Worker Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46663
Mozilla Firefox/SeaMonkey Text Run Construction Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46660
Mozilla Firefox/SeaMonkey 'eval()' Function Security Bypass Vulnerability
http://www.securityfocus.com/bid/46643
Logwatch Log File Special Characters Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/46554
Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46406
Oracle Java Floating-Point Value Denial of Service Vulnerability
http://www.securityfocus.com/bid/46091
Apache Tomcat NIO Connector Denial of Service Vulnerability
http://www.securityfocus.com/bid/46164
Constructr CMS Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/46842
n-cms-equipe 'page' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/46841
SmarterStats Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/46840
Linux Kernel Request Handling 'cm.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/46839
QNX Neutrino RTOS 'LD_DEBUG_OUTPUT' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/46838
Libpurple Yahoo Protocol 'YMSG' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/46837
0 件のコメント:
コメントを投稿