+ HPSBUX02655 SSRT100353 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02783438
+ RHSA-2011:0433-1: Moderate: xorg-x11-server-utils security update
http://rhn.redhat.com/errata/RHSA-2011-0433.html
+ RHSA-2011:0432-1: Moderate: xorg-x11 security update
http://rhn.redhat.com/errata/RHSA-2011-0432.html
+ Linux Kernel SCTP INIT/INIT-ACK Chunk Length Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47308
- MySQL Community Server 5.6.2 has been released
http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html
- HPSBUX02653 SSRT100310 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service (DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02777287
- Linux Kernel "inotify_init1()" Denial of Service Vulnerability
http://secunia.com/advisories/44091/
http://www.securityfocus.com/bid/47296
HPSBPI02656 SSRT090262 rev.1 - Certain HP Photosmart Printers, Remote Unauthorized Access, Cross Site Scripting (XSS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02267197
Apache POI 3.8 beta 2 available
http://poi.apache.org/changes.html
MySQL 5.6.3 (Not yet released)
http://dev.mysql.com/doc/refman/5.6/en/news-5-6-3.html
定期サーバメンテナンスのお知らせ(2011年4月22日)
http://www.trendmicro.co.jp/support/news.asp?id=1559
Trend Micro Network VirusWall Enforcer 1500i / 3500i バージョン 3.1 再公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1561
Trend Micro Network VirusWall Enforcer 1500i/3500i バージョン 3.1用 Critical Patch ビルド 1015 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1562
Debian : [DSA-2215-1] gitolite - Directory Traversal Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35558
Debian : [DSA-2214-1] ikiwiki - Input Validation Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35559
Debian : [DSA-2213-1] x11-xserver-utils - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35560
Independant Researcher : 1024cms Admin Control Panel - Directory Traversal Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35561
Independant Researcher : JCE - SQL Injection Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35562
Mandriva : [MDVSA-2011:072] gwenhywfar - Unspecified Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35556
Mandriva : [MDVSA-2011:071] kdelibs - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35557
Red Hat : [RHSA-2011:0428-01] DHCP - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35554
Red Hat : [RHSA-2011:0421-01] kernel - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35555
プレス発表
「ヤマハルーターシリーズ」におけるセキュリティ上の弱点(脆弱性)の注意喚起
http://www.ipa.go.jp/about/press/20110411.html
ヤマハルーターの機種多数にDoS攻撃を受ける重大な脆弱性、IPヘッダー処理に不具合
http://itpro.nikkeibp.co.jp/article/NEWS/20110411/359310/?ST=security
JVN#55714408 ヤマハルーターシリーズにおけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/jp/JVN55714408/index.html
Layer 2 DoS and other IPv6 Tricks
http://isc.sans.edu/diary.html?storyid=10690
Yet another Adobe Flash/Reader/Acrobat 0 day
http://isc.sans.edu/diary.html?storyid=10696
GMail User Using 2FA Warned of Access From China
http://isc.sans.edu/diary.html?storyid=10687
Tine 2.0 Path disclosure
http://securityreason.com/securityalert/8191
DataDynamics Report Library CoreHandler XSS
http://securityreason.com/securityalert/8190
Linux Kernel 2.4 and 2.6 disclosure of sensitive information
http://securityreason.com/securityalert/8189
Apache Tomcat 7.0.11 information disclosure
http://securityreason.com/securityalert/8188
Apache Tomcat 7.0.11 security constraint bypass
http://securityreason.com/securityalert/8187
KDE Konqueror Error Page Cross-Site Scripting Vulnerability
http://secunia.com/advisories/44065/
PHP-Lance Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/44102/
SUSE update for libvirt
http://secunia.com/advisories/44106/
Kerberos kadmind Denial of Service Vulnerability
http://secunia.com/advisories/44125/
Softbiz B2B Trading Marketplace Script "cid" SQL Injection Vulnerability
http://secunia.com/advisories/44004/
Softbiz Classified Ads PLUS Script "cid" SQL Injection Vulnerability
http://secunia.com/advisories/44006/
Etki Video PRO Two SQL Injection Vulnerabilities
http://secunia.com/advisories/44109/
Debian update for ikiwiki
http://secunia.com/advisories/44079/
PHP-Jokesite "cat_id" SQL Injection Vulnerabilities
http://secunia.com/advisories/44100/
IBM Tivoli Monitoring Unspecified Java Vulnerability
http://secunia.com/advisories/44043/
IT Dashboard "value" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/44033/
Pithos "pithos.ini" Credentials Information Disclosure Security Issue
http://secunia.com/advisories/44059/
SUSE update for libcgroup
http://secunia.com/advisories/44093/
Debian update for gitolite
http://secunia.com/advisories/44075/
IntegraXor SQL Database Insecure Permissions Security Issue
http://secunia.com/advisories/44105/
ikiwiki "meta stylesheet" Script Insertion Vulnerability
http://secunia.com/advisories/44137/
Linux Kernel "inotify_init1()" Denial of Service Vulnerability
http://secunia.com/advisories/44091/
IBM Virtual I/O Server Java Double Literal Parsing Denial of Service Vulnerability
http://secunia.com/advisories/44138/
Novell ZENworks Configuration Management Unspecified Code Execution
http://secunia.com/advisories/44120/
Debian update for x11-xserver-utils
http://secunia.com/advisories/44082/
Debian update for isc-dhcp
http://secunia.com/advisories/44090/
Debian update for dhcp3
http://secunia.com/advisories/44089/
Yamaha RT Series Routers IP Header Parsing Denial of Service Vulnerability
http://secunia.com/advisories/44087/
Red Hat update for dhcp
http://secunia.com/advisories/44127/
Fedora update for libtiff
http://secunia.com/advisories/44135/
VLC Media Player "MP4_ReadBox_skcr()" Buffer Overflow Vulnerability
http://secunia.com/advisories/44022/
Cacti Multiple SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2011/0921
SPIP Unspecified Request Processing Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0920
IBM Rational Build Forge Servlet Redirection Session ID Disclosure
http://www.vupen.com/english/advisories/2011/0919
IBM Virtual I/O Server Java Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0918
Novell ZENworks Configuration Management File Overwrite Code Execution
http://www.vupen.com/english/advisories/2011/0917
VLC Media Player "MP4_ReadBox_skcr()" Heap Corruption Vulnerability
http://www.vupen.com/english/advisories/2011/0916
Redhat Security Update Fixes DHCP Command Injection Vulnerability
http://www.vupen.com/english/advisories/2011/0915
Redhat Security Update Fixes Kernel Privilege Escalation and DoS
http://www.vupen.com/english/advisories/2011/0914
Mandriva Security Update Fixes KDE KSSL Certificate Validation Issue
http://www.vupen.com/english/advisories/2011/0913
Mandriva Security Update Fixes Gwenhywfar Fraudulent SSL Certificates
http://www.vupen.com/english/advisories/2011/0912
Mandriva Security Update Fixes GDM Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2011/0911
Mandriva Security Update Fixes PHP Cron Local Symlink Vulnerability
http://www.vupen.com/english/advisories/2011/0910
Debian Security Update Fixes DHCP Command Injection Vulnerability
http://www.vupen.com/english/advisories/2011/0909
Debian Security Update Fixes Gitolite Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2011/0908
Debian Security Update Fixes ikiwiki Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2011/0907
Debian Security Update Fixes X.Org X11 Command Injection Vulnerability
http://www.vupen.com/english/advisories/2011/0906
Fedora Security Update Fixes LibTIFF Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2011/0905
REMOTE: ManageEngine Applications Manager Authenticated Code Execution
http://www.exploit-db.com/exploits/17152/
LOCAL: AOL Desktop 9.6 RTX Buffer Overflow
http://www.exploit-db.com/exploits/17150/
LOCAL: tmux '-S' Option Incorrect SetGID Privilege Escalation Vulnerability
http://www.exploit-db.com/exploits/17147/
DoS/PoC: Vallen Zipper V2.30 .ZIP File Heap Overflow
http://www.exploit-db.com/exploits/17145/
McAfee Firewall Reporter 'GernalUtilities.pm' Authentication Bypass Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025314
Novell ZENworks Asset Management Directory Traversal Flaw Lets Remote Users Overwrite Files and Execute Arbitrary Code
http://www.securitytracker.com/id/1025313
libvirt Threads Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47148
libvirt Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/46820
libTIFF ThunderCode Decoder Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46951
libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46658
Novell ZENworks Configuration Management ZAM File Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/47295
logrotate 'shred_file()' Log Filename Command Injection Vulnerability
http://www.securityfocus.com/bid/47103
logrotate Insecure Default File Permissions Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47108
logrotate 'writeState()' Function Logfile Name Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47107
Quagga BGP Daemon 'AS_PATHLIMIT' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46943
Quagga BGP Daemon Null Pointer Deference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46942
X.Org xrdb Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/47189
Microsoft Internet Explorer Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/46821
ISC DHCP 'dhclient' Shell Characters in Response Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/47176
Apache 'mod_isapi' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38494
Apache Subrequest Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38580
OpenSSL Ciphersuite Downgrade Security Weakness
http://www.securityfocus.com/bid/45164
OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/38562
Pango Font Parsing 'pangoft2-render.c' Heap Corruption Vulnerability
http://www.securityfocus.com/bid/45842
AOL 9.5 '.rtx' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46071
Ecava IntegraXor Unspecified SQL Injection Vulnerability
http://www.securityfocus.com/bid/47019
Oracle Java Floating-Point Value Denial of Service Vulnerability
http://www.securityfocus.com/bid/46091
RealNetworks GameHouse 'InstallerDlg.dll' ActiveX Control Multiple Vulnerabilities
http://www.securityfocus.com/bid/47133
Gitolite 'ADC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/46473
Red Hat Network Satellite Server Security Bypass and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/47316
Microsoft Host Integration Server Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/47315
Adobe Flash Player CVE-2011-0611 'SWF' File Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/47314
Joomla! Phoca Download Component Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/47313
Microsoft Reader Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/47312
IT Dashboard 'value' POST Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47311
MIT Kerberos kadmind Version String Processing Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/47310
Linux Kernel SCTP INIT/INIT-ACK Chunk Length Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47308
IBM Tivoli Monitoring Java Unspecified Security Vulnerability
http://www.securityfocus.com/bid/47307
McAfee Firewall Reporter 'GernalUtilities.pm' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/47306
K-Link 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/47305
KDE Konqueror Error Page Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47304
Shadow Login Failure Limit Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47303
SPIP Disconnect Database Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47302
Vallen System Zipper '.zip' File Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47301
Pithos 'pithos.ini' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47300
Live Wire For Wordpress Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/47299
Etki Video Pro Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/47298
ManageEngine Applications Manager 'Upload.do' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/47297
Linux Kernel 'inotify_init1()' Double Free Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47296
Yamaha RT Series Routers IP Header Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/47294
VLC Media Player 'MP4' Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47293
PHP-Jokesite 2.0 Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/47292
Dimac CMS XS 'default.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/47291
PHP-Lance Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/47290
Sonexis ConferenceManager 'hostlogin.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/47289
IrfanView '.ico' File Denial of Service Vulnerability
http://www.securityfocus.com/bid/47286
Point Market 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/47288
MikeyZip '.zip' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47287
eForum '/eforum.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/47309
0 件のコメント:
コメントを投稿