+ Zimbra Collaboration Suite Open Source Edition 7.1.0 GA Release
http://files.zimbra.com/website/docs/7.0/7_1_OS_Zimbra_Release_Note.pdf
Trend Micro Data Loss Prevention Endpoint 5.5 公開とサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1549
弊社InterScan VirusWall スタンダードエディション 6.02のURLフィルタ機能においてWebサイトが正常にブロックできなくなる事象について
http://www.trendmicro.co.jp/support/news.asp?id=1563
JVNDB-2010-002786 IBM WebSphere Application Server の SOAP with Attachments API for Java (SAAJ) 実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002786.html
JVNDB-2010-002785 IBM WebSphere Application Server の AuthCache パージ実装における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002785.html
JVNDB-2010-002784 IBM WebSphere Application Server の com.ibm.ws.jsp.runtime.WASJSPStrBufferImpl におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002784.html
JVNDB-2010-002783 IBM WebSphere Application Server の org.apache.jasper.runtime.JspWriterImpl.response におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002783.html
JVNDB-2010-002782 IBM WebSphere Application Server の Session Initiation Protocol におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002782.html
JVNDB-2010-002781 IBM WebSphere Application Server のメッセージングエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002781.html
JVNDB-2010-002780 IBM WebSphere Application Server の Service Integration Bus メッセージングエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002780.html
JVNDB-2009-002645 IBM WebSphere Application Server の管理コンソールコンポーネントにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002645.html
JVNDB-2011-001378 vsftpd の vsf_filename_passes_filter 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001378.html
JVNDB-2010-002779 IBM WebSphere Application Server のセキュリティコンポーネントにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002779.html
JVNDB-2011-001377 Linux SCSI target framework の iscsi_rx_handler 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001377.html
JVNDB-2011-001376 複数の Apple 製品の WebKit におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001376.html
JVNDB-2011-001375 複数の Apple 製品の WebKit における CSS のトークンシーケンスを挿入される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001375.html
JVNDB-2011-001374 複数の Apple 製品の WebKit における認証情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001374.html
JVNDB-2010-002674 Linux kernel の copy_semid_to_user 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002674.html
JVNDB-2010-002672 Linux kernel の TIPC 実装における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002672.html
JVNDB-2010-002671 Linux kernel の setup_arg_pages 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002671.html
JVNDB-2011-001003 Xen の do_block_io_op 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001003.html
JVNDB-2010-002670 Xen のバックエンドドライバにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002670.html
JVNDB-2010-002476 Linux kernel の kernel/trace/ftrace.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002476.html
JVNDB-2010-002475 Linux kernel の Direct Rendering Manager サブシステムの Intel i915 ドライバにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002475.html
JVNDB-2010-002473 Linux kernel の Direct Rendering Manager サブシステムの drm_ioctl 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002473.html
JVNDB-2010-002481 Linux kernel の snd_ctl_new 関数における整数オーバーフロー脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002481.html
JVNDB-2010-002479 Linux kernel の sctp_packet_config 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002479.html
Postfix Local Information Disclosure and Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/30691
Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/46767
+ Apache Tomcat 7.0.12 released
http://tomcat.apache.org/
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
+ RHSA-2011:0422-1: Moderate: postfix security update
http://rhn.redhat.com/errata/RHSA-2011-0422.html
+ Linux Kernel 'mpt2sas' Local Privilege Escalation and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/47185
? Multiple Vendors IPv6 Neighbor Discovery Router Advertisement Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45760
- CVE-2011-1183 Apache Tomcat security constraint bypass
http://tomcat.apache.org/security.html
- CVE-2011-1475 Apache Tomcat information disclosure
http://tomcat.apache.org/security.html
- IBM Lotus Domino iCalendar Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43219
CVE-2010-3407
RHSA-2011:0423-1: Moderate: postfix security update
http://rhn.redhat.com/errata/RHSA-2011-0423.html
Linux kernel 2.6.39-rc2 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc2
Sudo version 1.8.1rc3 released
http://www.sudo.ws/sudo/devel.html#1.8.1rc3
Sudo version 1.7.6rc3 released
http://www.sudo.ws/sudo/devel.html#1.7.6rc3
集中監視コンソールアクションが、接続エラー、確認時に実行されない
http://www.say-tech.co.jp/support/bom-for-windows/post-58/index.shtml
AJAX Security Team : StartSite.ir Cross-site Scripting Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35521
Hewlett-Packard : HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosu
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35516
High-Tech Bridge SA : [HTB22911] XSS in Eleanor CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35517
High-Tech Bridge SA : [HTB22912] Multiple SQL Injections in Eleanor CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35518
High-Tech Bridge SA : [HTB22913] Multiple CSRF (Cross-Site Request Forgery) in UseBB
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35519
High-Tech Bridge SA : [HTB22914] Local File Inclusion in UseBB
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35520
Mandriva : [MDVSA-2011:065] logrotate
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35514
Mandriva : [MDVSA-2011:066] rsync
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35515
Mandriva : [MDVSA-2011:067] subversion
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35524
Netsparker : XSS Vulnerability in Redmine 1.0.1 to 1.1.1
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35522
Red Hat : [RHSA-2011:0412-01] glibc: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35511
Red Hat : [RHSA-2011:0413-01] glibc: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35512
Red Hat : [RHSA-2011:0414-01] policycoreutils: Important Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35513
Slackware Linux : [SSA:2011-095-01] proftpd: Security Update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35510
SuSE : [SUSE-SR:2011:006] SuSE: Weekly Summary
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35509
震災便乗の日本語ウイルスメールが続出、対策ソフトで防げない場合も
送信者を政府機関などに偽装、添付の文書ファイルを開くだけで感染
http://itpro.nikkeibp.co.jp/article/NEWS/20110407/359176/?ST=security
無線LANの「タダ乗り」に注意、ネット犯罪の踏み台に悪用される
適切なセキュリティ設定が不可欠、IPAが注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20110407/359175/?ST=security
スパイ映画のような暗号ファイルを作成できる漏えい対策ソフト、ウエストサイドが発売
http://itpro.nikkeibp.co.jp/article/NEWS/20110406/359164/?ST=security
JVNVU#644812 Netgear Prosafe Wireless-N Access Point に複数の脆弱性
http://jvn.jp/cert/JVNVU644812/index.html
JVNVU#668220 IPComp パケットの受信処理に脆弱性
http://jvn.jp/cert/JVNVU668220/index.html
JVNDB-2011-001373 Apple Safari のウインドウの機能における任意のローカルファイルが送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001373.html
JVNDB-2011-001372 複数の Apple 製品の Wi-Fi におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001372.html
JVNDB-2011-001371 Apple Safari のウインドウの機能における任意のローカルファイルが送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001371.html
JVNDB-2011-001370 Apple Safari の HTML5 ドラッグ&ドロップの機能における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001370.html
JVNDB-2011-001369 Apple iOS の Safari にある Safari 設定機能におけるユーザを追跡可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001369.html
JVNDB-2011-001368 Apple iOS の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001368.html
JVNDB-2011-001367 OpenSLP にサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001367.html
JVNDB-2011-001366 Apache Tomcat におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001366.html
JVNDB-2011-001365 Apache HTTP Server 用 mod_dav_svn モジュールにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001365.html
JVNDB-2011-001364 Microsoft Groove 2007 における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001364.html
JVNDB-2011-001363 Microsoft Remote Desktop Connection のクライアントにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001363.html
JVNDB-2011-001362 複数の Microsoft 製品の SBE.dll における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001362.html
JVNDB-2011-001361 複数の Microsoft 製品の DirectShow における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001361.html
JVNDB-2009-002446 NTP におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002446.html
ISC DHCP Meta-Character Filtering Flaw in dhclient Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025300
WordPress Bugs Permit Denial of Service, Cross-Site Scripting, and Cross-Site Request Forgery Attacks
http://www.securitytracker.com/id/1025299
IGSSdataServer.exe <= 9.00.00.11063 directory traversal
http://securityreason.com/securityalert/8178
DATAC RealWin <= 2.1 (Build 6.1.10.10) integer overflow
http://securityreason.com/securityalert/8177
DATAC RealWin <= 2.1 (Build 6.1.10.10) stack overflow
http://securityreason.com/securityalert/8176
GNU glibc < 2.12.2 alloca() Stack Corruption Vulnerability
http://securityreason.com/securityalert/8175
yaws-wiki Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/44013/
NetGear WNAP210 Backup Disclosure and Authentication Bypass Vulnerabilities
http://secunia.com/advisories/44045/
TutorialMS "show" SQL Injection Vulnerability
http://secunia.com/advisories/44000/
Oracle Solaris Backout File Insecure Permissions Security Issue
http://secunia.com/advisories/44047/
qooxdoo Cross-Site Scripting and File Disclosure Vulnerabilities
http://secunia.com/advisories/43818/
Ubuntu update for linux
http://secunia.com/advisories/43979/
eyeOS Cross-Site Scripting and File Disclosure Vulnerabilities
http://secunia.com/advisories/43997/
ISC DHCP "dhclient" Response Processing Input Sanitation Vulnerability
http://secunia.com/advisories/44037/
X.Org xrdb Hostname Command Injection Security Issue
http://secunia.com/advisories/44040/
Red Hat update for glibc
http://secunia.com/advisories/43989/
Red Hat update for glibc
http://secunia.com/advisories/43830/
UseBB Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/43981/
Ruby on Rails "auto_link" Vulnerability
http://secunia.com/advisories/44026/
NetGear WNAP210 Web Interface Password Disclosure and Bypass
http://www.vupen.com/english/advisories/2011/0884
Dell KACE K2000 Deployment Appliance Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2011/0883
Oracle Solaris Back-out Patch Files Passwords Disclosure Vulnerability
http://www.vupen.com/english/advisories/2011/0882
WordPress Cross Site Scripting and Request Forgery Vulnerabilities
http://www.vupen.com/english/advisories/2011/0881
X.Org X11 "xrdb" X Server Resource Database Utility Command Injection
http://www.vupen.com/english/advisories/2011/0880
ISC DHCP "dhclient" Server Response Handling Remote Command Injection
http://www.vupen.com/english/advisories/2011/0879
Ruby on Rails "auto_link()" Method Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2011/0878
Fedora Security Update Fixes Ruby SQL Injection and Cross Site Scripting
http://www.vupen.com/english/advisories/2011/0877
Fedora Security Update Fixes Rsync Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2011/0876
SuSE Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2011/0875
Ubuntu Security Update Fixes Kernel Privilege Escalation and DoS
http://www.vupen.com/english/advisories/2011/0874
Mandriva Security Update Fixes Rsync Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2011/0873
Mandriva Security Update Fixes Logrotate Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2011/0872
LOCAL: MPlayer (r33064 Lite) Buffer Overflow + ROP exploit
http://www.exploit-db.com/exploits/17124/
PHP 'phar/phar_object.c' Format String Vulnerability
http://www.securityfocus.com/bid/46854
PHP Exif Extension 'exif_read_data()' Function Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46365
libzip '_zip_name_locate()' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46354
VLC Media Player '.AMV' and '.NSV' Files Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/47012
X.Org xrdb Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/47189
eyeOS Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/47184
RETIRED: Joomla Component 'com_media' Local File Include Vulnerability
http://www.securityfocus.com/bid/47043
Multiple Vendors IPv6 Neighbor Discovery Router Advertisement Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45760
RETIRED: Hot Links SQL Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/44982
chCounter 'anzahl' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44934
RETIRED: AWCM CMS 'username' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/44930
Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46734
MPlayer '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46926
IBM Lotus Domino iCalendar Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43219
Zend Server Java Bridge 'javamw.jar' Service Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/47060
GreenPants Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/47222
Sonexis ConferenceManager Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/47221
Moonlight Prior to 2.4.1/3.99.3 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/47208
Anfibia Reactor 'email' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/47200
Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47199
Apache Tomcat Login Constraints Security Bypass Vulnerability
http://www.securityfocus.com/bid/47196
PHPBoost 'gallery.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/47195
Redmine 'projects/hg-hellowword/news/' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47193
Classified Ads PLUS Scripts 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/47188
Ruby on Rails Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47186
Linux Kernel 'mpt2sas' Local Privilege Escalation and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/47185
TextPattern 'index.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47182
Xilisoft Video Converter Ultimate '.flv' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47181
Graugon Forum 'admin.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/47180
0 件のコメント:
コメントを投稿