:: IT Security Neophyte Investigator's MEMO ::: 23日月曜日、大安

2012年4月23日月曜日

23日月曜日、大安

+ CVE-2012-0053 Information Disclosure vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0053_information_disclosure
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053

+ CVE-2012-0031 Resource Management Errors vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0031_resource_management
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031

+ CVE-2011-4317 Improper Input Validation vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2011_4317_improper_input
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317

+ CVE-2011-3607 Buffer Overflow vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2011_3607_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607

+ Multiple vulnerabilities in Apache HTTP Server 1.3
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_http1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053

+ Critical Patch Update - April 2012 (日本語版)
http://www.oracle.com/technetwork/jp/topics/ojkb158094-1595211-ja.html
http://www.oracle.com/technetwork/jp/topics/top-1596514-ja.html

+ Linux kernel 3.0.29, 3.2.16, 3.3.3 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.29
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.16
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3

+ OpenSSH 6.0 released
http://www.openssh.com/txt/release-6.0

+ Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2123

Check Point response to OpenSSL ASN1 BIO vulnerability (CVE-2012-2110)
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk71821&src=securityAlerts
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110

サーバメンテナンス遅延のお知らせ（2012年4月20日）
http://www.trendmicro.co.jp/support/news.asp?id=1770

HS12-010: Cross-site Scripting Vulnerability in Hitachi IT Operations Products
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-010/index.html

HS12-012: CA ARCserve Backupに関するセキュリティ問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-012/index.html

「go.jp」の97％が送信ドメイン認証、なりすましメールを検知可能に
政府機関をかたる偽メール対策を強化、受信側での対応を推奨
http://itpro.nikkeibp.co.jp/article/NEWS/20120423/392582/?ST=security

JVN#00000601 TwitRocker2 (Android 版) における WebView クラスに関する脆弱性
http://jvn.jp/jp/JVN00000601/index.html

JVNDB-2011-005041 ICONICS GENESIS32 および BizViz におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005041.html

JVNDB-2011-005040 ICONICS GENESIS32 および BizViz における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005040.html

JVNDB-2009-002714 Ghostscript の errprintf 関数におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002714.html

JVNDB-2010-003612 Ghostscript における任意の PostScript コマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003612.html

JVNDB-2010-003611 GhostScript の parser 関数におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003611.html

JVNDB-2010-003610 Ghostscript における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003612.html

JVNDB-2011-003470 JasPer の jpc_crg_getparms 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003470.html

JVNDB-2011-003469 JasPer の jpc_cox_getcompparms 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003469.html

JVNDB-2011-003541 lighttpd の base64_decode 関数における整数符号エラーの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003541.html

JVNDB-2011-003563 Ruby におけるサービス運用妨害 (CPU 資源の消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003563.html

JVNDB-2011-003172 Apache HTTP Server の mod_proxy モジュールにおけるイントラネットサーバにリクエストを送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003172.html

JVNDB-2011-002785 Apache HTTP Server における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002785.html

JVNDB-2012-001075 Apache HTTP Server におけるサービス運用妨害 (シャットダウン中のデーモンクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001075.html

JVNDB-2012-001258 Apache HTTP Server の protocol.c における HTTPOnly cookies の値を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001258.html

JVNDB-2009-002713 Quagga の BGP デーモンにおけるサービス運用妨害 (クラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002713.html

JVNDB-2012-002044 Pluck SiteLife にクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002044.html

JVNDB-2011-003659 Apache HTTP Server の log_cookie 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003659.html

JVNDB-2011-002351 Apache HTTP Server の mod_proxy モジュールにおけるイントラネットサーバにリクエストを送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002351.html

JVNDB-2012-001592 OpenSSL の mime_hdr_cmp 関数におけるサービス運用妨害 (NULL ポインタデリファレンスおよびアプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001592.html

JVNDB-2011-003689 7-Technologies AQUIS における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003689.html

JVNDB-2012-000033 TwitRocker2 (Android 版) における WebView クラスに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000033.html

JVNDB-2012-002098 Siemens Scalance X Industrial Ethernet スイッチにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002098.html

JVNDB-2012-002097 複数の Siemens 製品におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002097.html

JVNDB-2012-002096 複数の Siemens 製品の Web サーバにおけるアクセス権を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002096.html

JVNDB-2012-002095 複数の ABB 製品におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002095.html

JVNDB-2012-002044 (JVNVU#400619) Pluck SiteLife にクロスサイトスクリプティングの脆弱性 4.3 2012/04/11 2012/04/20
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002044.html

JVNDB-2012-000033 (JVN#00000601) TwitRocker2 (Android 版) における WebView クラスに関する脆弱性 2.6 2012/04/20 2012/04/20
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000033.html

JVNDB-2012-002098 Siemens Scalance X Industrial Ethernet スイッチにおけるバッファオーバーフローの脆弱性 7.8 2012/04/05 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002098.html

JVNDB-2012-002097 複数の Siemens 製品におけるスタックベースのバッファオーバーフローの脆弱性 6.1 2012/04/05 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002097.html

JVNDB-2012-002096 複数の Siemens 製品の Web サーバにおけるアクセス権を取得される脆弱性 10.0 2012/04/05 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002096.html

JVNDB-2012-002095 複数の ABB 製品におけるスタックベースのバッファオーバーフローの脆弱性 7.7 2012/04/18 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002095.html

JVNDB-2012-002094 Apache HTTP Server の envvars における権限を取得される脆弱性 6.9 2012/03/02 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002094.html

JVNDB-2012-002093 IrfanView 用 FlashPix PlugIn におけるヒープベースのバッファオーバーフローの脆弱性 9.3 2012/04/18 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002093.html

JVNDB-2012-002092 HP System Management Homepage におけるデータを改ざんされる脆弱性 3.2 2012/04/16 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002092.html

JVNDB-2012-002091 HP System Management Homepage におけるサービス運用妨害 (DoS) の脆弱性 3.5 2012/04/16 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002091.html

JVNDB-2012-002090 AdAstrA TRACE MODE Data Center における任意のファイルを読まれる脆弱性 5.0 2012/04/18 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002090.html

JVNDB-2012-002088 複数の VMware 製品におけるゲスト OS の権限を取得される脆弱性 8.3 2012/04/12 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002088.html

JVNDB-2012-002087 nginx の ngx_http_mp4_module.c におけるバッファオーバーフローの脆弱性 5.1 2012/04/17 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002087.html

JVNDB-2012-002086 nginx における重要な情報を取得される脆弱性 5.0 2012/04/17 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002086.html

JVNDB-2012-002085 SyndeoCMS の starnet/index.php におけるクロスサイトスクリプティングの脆弱性 3.5 2012/04/17 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002085.html

JVNDB-2012-002084 Google SketchUp における任意のコードを実行される脆弱性 9.3 2012/04/17 2012/04/19
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002084.html

JVNDB-2012-001879 複数の製品の ELF ファイルパーサにおけるマルウェア検知を回避される脆弱性 4.3 2012/03/21 2012/04/18
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001879.html

XSS in Kaseya version 6.2.0.0 web interface
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00160.html

DC4420 - London DEFCON - April meet - Tuesday April 24th 2012
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00144.html

[security bulletin] HPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running o
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00159.html

IPv6 host scanning in IPv6
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00158.html

[security bulletin] HPSBUX02761 SSRT100823 rev.1 - HP-UX Running Apache, Remote Denial of Se
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00143.html

Specially crafted webdav request allows reading of local files on liferay 6.0.x
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00157.html

[SECURITY] [DSA 2454-1] openssl security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00142.html

OCIPasswordChange API leaks information of password hash (CVE-2012-0511)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00156.html

Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00155.html

HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00154.html

HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00153.html

SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00152.html

Liferay 6.1 can be compromised in its default configuration
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00151.html

SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00150.html

Specially crafted Json service request allows full control over a Liferay portal instance
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00149.html

Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00148.html

OCIPasswordChange API leaks information of password hash (CVE-2012-0511)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00147.html

Incomplete protection of Oracle Database locked accounts (CVE-2012-0510)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00146.html

IBM Rational ClearQuest Buffer Overflow in ActiveX Control RegisterSchemaRepoFromFileByDbSet() Function Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026958

OpenSSL asn1_d2i_read_bio() Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026957

EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1026956

WordPress Release Security Update
http://isc.sans.edu/diary/WordPress+Release+Security+Update/13024

REMOTE: Liferay 6.0.x Webdav File Reading Vulnerability
http://www.exploit-db.com/exploits/18763

DoS/PoC: Samsung NET-i ware <= 1.37 Multiple Vulnerabilities
http://www.exploit-db.com/exploits/18765

ReadyDesk Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/48904/

ownCloud Password Reset Vulnerability
http://secunia.com/advisories/48856/

SUSE update for libtiff
http://secunia.com/advisories/48893/

Shibboleth Service Provider OpenSSL DER Format Data Processing Vulnerability
http://secunia.com/advisories/48896/

Shibboleth Identity Provider LDAPS Hostname Verification Security Issue
http://secunia.com/advisories/48910/

ChatBlazer Enterprise Server Client "user" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48905/

WordPress Download Manager Plugin "cid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48927/

IBM Java 6 Multiple Vulnerabilities
http://secunia.com/advisories/48913/

IBM Java 5 Multiple Vulnerabilities
http://secunia.com/advisories/48915/

WordPress Zingiri Web Shop Plugin Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/48909/

TwitRocker2 for Android WebView Class Security Bypass Security Issue
http://secunia.com/advisories/48894/

Hitachi JP1/IT Desktop Management Cross-Site Scripting and Denial of Service Vulnerabilities
http://secunia.com/advisories/48843/

RubyGems Remote Repository SSL Certificate Verification Security Issue
http://secunia.com/advisories/48807/

IBM Rational ClearQuest ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/48933/

Comodo Internet Security PE File Processing Denial of Service Vulnerability
http://secunia.com/advisories/48928/

Debian update for openssl
http://secunia.com/advisories/48895/

Ubuntu update for openssl
http://secunia.com/advisories/48899/

Oracle Products Multiple Remote Code Execution and Security Bypass
http://www.vupen.com/english/ADV-2012-0214.php

Apache HTTP Server "LD_LIBRARY_PATH " Privilege Escalation
http://www.vupen.com/english/ADV-2012-0213.php

Apache OFBiz Request Processing Unspecified Code Execution
http://www.vupen.com/english/ADV-2012-0212.php

Apache OFBiz Data Processing Multiple Cross Site Scripting Issues
http://www.vupen.com/english/ADV-2012-0211.php

HP System Management Homepage Multiple Remote Vulnerabilities
http://www.vupen.com/english/ADV-2012-0210.php

Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017

Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014

Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018

Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011

Oracle Java SE CVE-2012-0500 Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52015

Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016

Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013

Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012

Oracle Java SE CVE-2012-0498 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52019

Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194

Oracle Virtual Desktop Infrastructure (VDI) CVE-2011-3571 Remote Vulnerability
http://www.securityfocus.com/bid/51467

TYPO3 Exception Handler Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53047

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0462 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52467

Mozilla Firefox/Thunderbird/SeaMonkey 'array.join' CVE-2012-0464 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52465

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0456 SVG Filters Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52461

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0461 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52464

Mozilla Firefox/Thunderbird/SeaMonkey HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/52463

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0458 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52460

Mozilla Firefox, Thunderbird, and SeaMonkey Drag and Drop Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52458

Mozilla Firefox/SeaMonkey/Thunderbird 'window.fullScreen' Security Bypass Vulnerability
http://www.securityfocus.com/bid/52456

Mozilla Firefox/Thunderbird/SeaMonkey 'cssText' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52457

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0457 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52459

Oracle Database Server OCIPasswordChange API Security Bypass Vulnerability
http://www.securityfocus.com/bid/53101

xRadio '.xrl' File Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46290

Adobe Flash Player Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/32896

Anchor CMS 'id' Parameter Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53181

Kaseya System Version 'adminName' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53180

ownCloud Password Reset Security Bypass Vulnerability
http://www.securityfocus.com/bid/53179

Shibboleth Identity Provider LDAPS Hostname Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/53178

WordPress Download Manager Plugin 'cid' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53176

Hitachi JP1/IT Desktop Management - Manager Multiple Vulnerabilities
http://www.securityfocus.com/bid/53175

RubyGems SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/53174

TwitRocker2 CVE-2012-1243 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53173

VLC Media Player Divide-By-Zero Denial of Service Vulnerability
http://www.securityfocus.com/bid/53169

Pendulab ChatBlazer 'username' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53168

Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166

:: IT Security Neophyte Investigator's MEMO ::

2012年4月23日月曜日

23日月曜日、大安

0 件のコメント:

コメントを投稿

2012年4月23日月曜日

23日 月曜日、大安

0 件のコメント:

コメントを投稿

23日月曜日、大安