[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SecurityFocus Newsletter #297 2005-04-11->2005-04-15 [1 of 2]

To: bugtraq-jp@xxxxxxxxxxxxxxxxx
Subject: SecurityFocus Newsletter #297 2005-04-11->2005-04-15 [1 of 2]
From: Tsuneo Ogasawara <t.ogaswr@xxxxxxxxx>
Date: Thu, 22 Sep 2005 20:31:29 +0900
$B>.3^86(B@$B%i%C%/$G$9!#(B
(B
(BSecurityFocus Newsletter $BBh(B 297 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$B"(Bh(B 296 $B9f$O7gHV$H$J$C$F$$$k$h$&$G$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B
(B
$BK\9f$O(B 2 $B2s$KJ,3d$7$F$*FO$1$7$^$9!#(B
(B[1 of 2]
(B---------------------------------------------------------------------------
(BBugTraq-JP $B$K4X$9$k(B FAQ ($BF|K\8l(B):
(Bhttp://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0lH$/$@$5$$(B
(B---------------------------------------------------------------------------
(B---------------------------------------------------------------------------
(BSecurityFocus Newsletter $B$K4X$9$k(B FAQ ($B1Q8l(B):
(Bhttp://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
(BBugTraq $B$K4X$9$k(B FAQ ($B1Q8l(B):
(Bhttp://www.securityfocus.com/popups/forums/bugtraq/faq.shtml
(B---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02qe$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
(B  $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
(B  $B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
(B  $B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
(B1) http://online.securityfocus.com/archive/79
(B---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02ql9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
(B  $BHG$r$4Ej9FD:$/$+!"4F=$l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
(B---------------------------------------------------------------------------
(BThis translation is encoded and posted in ISO-2022-JP.
(B
$B86HG(B:
(BDate: 19 Apr 2005 21:45:16 -0000
(BMessage-ID: <20050419214516.29489.qmail@xxxxxxxxxxxxxxxxxxxxxx>
(B
(BSecurityFocus Newsletter #297
(B-----------------------------
(B
(BI. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
(B     1. Privacy From the Trenches
(B     2. Introduction to Spyware Keyloggers
(B     3. Watching the Watchers
(BII. BUGTRAQ SUMMARY
(B     1. Centrinity FirstClass Client Bookmark Window File Execution ...
(B     2. RadScripts RadBids Gold Multiple Vulnerabilities
(B     3. Citrix MetaFrame Web Client Access Restriction Bypass Vulner...
(B     4. Azerbaijan Development Group AzDGDatingPlatinum Multiple Vul...
(B     5. Sun J2SE Software Development Kit Java Archive Tool Director...
(B     6. File Upload Script PHPBB Module Arbitrary Script Upload Vuln...
(B     7. KDE KMail HTML EMail Remote Email Content Spoofing Vulnerabi...
(B     8. ModernGigabyte ModernBill News.PHP File Include Vulnerabilit...
(B     9. ModernGigabyte ModernBill C_CODE Parameter Cross-Site Script...
(B     10. DC++ Unspecified Download Drive File Appending Vulnerability
(B     11. ModernGigabyte ModernBill Aid Parameter Cross-Site Scripting...
(B     12. TowerBlog User Credential Exposure Weakness
(B     13. OpenOffice Malformed Document Remote Heap Overflow Vulnerabi...
(B     14. Pine RPDump Local File Corruption Vulnerability
(B     15. Zoom Media Gallery Index.PHP SQL Injection Vulnerability
(B     16. RSnapshot Local File Permission Manipulation Vulnerability
(B     17. KDE PCX Image File Handling Buffer Overflow Vulnerability
(B     18. Invision Power Board ST Parameter SQL Injection Vulnerabilit...
(B     19. GwenView Multiple Unspecified Image Handling Heap-Based Memo...
(B     20. IrfanView Multiple Unspecified Image Handling Heap-Based Mem...
(B     21. ImageMagick Multiple Unspecified Image Handling Heap-Based M...
(B     22. WebCT Discussion Board HTML Injection Vulnerability
(B     23. Computer Associates BrightStor ARCserve Backup UniversalAgen...
(B     24. JPortal Banner.PHP SQL Injection Vulnerability
(B     25. Multiple Debugger Vendor Malicious Code Execution Vulnerabil...
(B     26. Light Speed Technologies DeluxeFTP Local Authentication Cred...
(B     27. FreeBSD PortUpgrade Local Insecure Temporary File Handling V...
(B     28. AEwebworks Dating Software AeDating Index.PHP Local File Inc...
(B     29. Windows Kernel Font Buffer Overflow Vulnerability
(B     30. Microsoft Windows Kernel Object Management Denial Of Service...
(B     31. AEwebworks Dating Software AeDating Sdating.PHP SQL Injectio...
(B     32. Microsoft Windows Message Queuing Remote Buffer Overflow Vul...
(B     33. AEwebworks Dating Software AeDating Control Panel Cross-Site...
(B     34. Microsoft MSN Messenger GIF Image Processing Remote Buffer O...
(B     35. Microsoft Windows Kernel CSRSS Local Privilege Escalation Vu...
(B     36. Microsoft Windows Internet Protocol Validation Remote Code E...
(B     37. Microsoft Internet Explorer Content Advisor File Handling Bu...
(B     38. Microsoft Exchange Server SMTP Extended Verb Buffer Overflow...
(B     39. Microsoft Word Unspecified Document File Buffer Overflow Vul...
(B     40. Microsoft Internet Explorer DHTML Object Race Condition Memo...
(B     41. Microsoft Windows Kernel Access Validation Request Buffer Ov...
(B     42. Microsoft Word Malformed Document Buffer Overflow Vulnerabil...
(B     43. Microsoft Internet Explorer Malformed URI Buffer Overflow Vu...
(B     44. Multiple Vendor TCP/IP Implementation ICMP Remote Denial Of ...
(B     45. Comersus Cart Comersus_Search_Item.ASP Cross-Site Scripting ...
(B     46. XAMPP CDS.PHP Remote HTML Injection Vulnerability
(B     47. XAMPP Phonebook.PHP Remote HTML Injection Vulnerability
(B     48. XAMPP Guestbook-EN.PL Remote HTML Injection Vulnerability
(B     49. Salim Gasmi GLD Postfix Greylisting Daemon Buffer Overflow V...
(B     50. IBM Lotus Domino Server Malformed POST Request Remote Buffer...
(B     51. XAMPP Insecure Default Password Disclosure Vulnerability
(B     52. Microsoft Windows Shell Remote Code Execution Vulnerability
(B     53. Salim Gasmi GLD Postfix Greylisting Daemon Format String Vul...
(B     54. Oracle Applications Oracle Forms SQL Injection Vulnerability
(B     55. WIDCOMM Bluetooth Communication Software Directory Traversal...
(B     56. Centra 7 User Information Multiple HTML Injection Vulnerabil...
(B     57. EGroupWare EMail Attachment Information Disclosure Vulnerabi...
(B     58. Pinnacle Cart Index.PHP Cross-Site Scripting Vulnerability
(B     59. Oracle Multiple Vulnerabilities
(B     60. Sygate Security Agent XML Security Policy File Local Bypass ...
(B     61. Sun JavaMail MimeBodyPart.getFileName Directory Traversal Vu...
(B     62. Veritas i3 FocalPoint Server Unspecified Vulnerability
(B     63. PHP Group PHP Multiple Unspecified Vulnerabilities
(B     64. Oracle Database Multiple SQL Injection Vulnerabilities
(B     65. Oracle Database MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow Vuln...
(B     66. JunkBuster Heap Corruption Vulnerability
(B     67. JunkBuster Configuration Modification Vulnerability
(B     68. ACNews Login.ASP SQL Injection Vulnerability
(B     69. PHPBB2 Plus GroupCP.PHP Cross-Site Scripting Vulnerability
(B     70. PHPBB2 Plus Index.PHP Multiple Cross-Site Scripting Vulnerab...
(B     71. PHPBB2 Plus Portal.PHP Multiple Cross-Site Scripting Vulnera...
(B     72. PHPBB2 Plus ViewForum.PHP Cross-Site Scripting Vulnerability
(B     73. PHPBB2 Plus ViewTopic.PHP Cross-Site Scripting Vulnerability
(B     74. LG U8120 Mobile Phone MIDI File Remote Denial Of Service Vul...
(B     75. PHPBB Photo Album Module Album_Search.PHP SQL Injection Vuln...
(B     76. IBM iSeries AS400 POP3 Server Remote Information Disclosure ...
(B     77. PHPBB Photo Album Module Album_Cat.PHP Cross-Site Scripting ...
(B     78. PHPBB Photo Album Module Album_Comment.PHP Cross-Site Script...
(B     79. CPIO CHMod File Permission Modification Race Condition Weakn...
(B     80. IBM WebSphere Application Server Web Server Root JSP Source ...
(B     81. S9Y Serendipity Exit.PHP SQL injection Vulnerability
(B     82. Sumus Game Server Remote Buffer Overflow Vulnerability
(B     83. PHP Group Exif Module IFD Tag Integer Overflow Vulnerability
(B     84. PHP Group Exif Module IFD Nesting Denial Of Service Vulnerab...
(B     85. Sun Java System Web Server Unspecified Denial of Service Vul...
(B     86. Squid Proxy Aborted Connection Remote Denial Of Service Vuln...
(B     87. Musicmatch Jukebox DiagCollectionControl.dll Arbitrary File ...
(B     88. RSA Security RSA Authentication Agent For Web Remote Cross-S...
(B     89. All4WWW-HomePageCreator Index.PHP Arbitrary Remote File Incl...
(B     90. SPHPBlog Search.PHP Cross-Site Scripting Vulnerability
(B     91. Sudo VISudo Insecure Temporary File Creation Vulnerability
(B     92. Oops! Proxy Server Auth Remote Format String Vulnerability
(B     93. Musicmatch Jukebox Absolute Path Specification Weakness
(B     94. Musicmatch Jukebox Unspecified Remote Buffer Overflow Vulner...
(B     95. IlohaMail Email Message Remote HTML Injection Vulnerability
(B     96. Opera SSL Security Feature Design Error Vulnerability
(B     97. Yager Development Yager Game Data Block Buffer Overflow Vuln...
(B     98. Yager Development Yager Game Nickname Buffer Overflow Vulner...
(B     99. Yager Development Yager Game Data Block Denial Of Service Vu...
(B     100. Kerio MailServer WebMail Remote Resource Exhaustion Vulnerab...
(BIII. SECURITYFOCUS NEWS ARTICLES
(B     1. Teenagers struggle with privacy, security issues
(B     2. Privacy groups assail future passport technology
(B     3. Campaign seeks to defang Rafa's hacker image
(B     4. Unholy trio menace Firefox
(B     5. Save us from spam
(B     6. Japan Internet takeover battle ends in alliance
(BIV. SECURITYFOCUS TOP 6 TOOLS
(B     1. Enig3 1.0.0
(B     2. NuFW 1.0.0
(B     3. .NET Security Tool Kit 1.0
(B     4. SecureUML 1.0
(B     5. Validator.NET 1.0
(B     6. ldaupenum 0.02alpha
(B
(B
(BI. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
(B----------------------------------
(B
(BII. BUGTRAQ SUMMARY
(B-------------------
(B1. Centrinity FirstClass Client Bookmark Window File Execution ...
(BBugTraq ID: 13079
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 09 2005
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/13079
$BMWLs(B:
(BFirstClass $B%/%i%$%"%s%H$K$O!"%j%b!<%H$N967bl9g!"?<9o$JLdBj$,H/@8$9$k2DG=@-(B
$B$,$"$j$^$9!#(B
(B
(BFirstClass 8.0 $B$K$*$$$F!"$3$NLdBj$N1F6A$rhttp://www.securityfocus.com/bid/13080
$BMWLs(B:
(BRadBids Gol $B$K$O!"J#?t$NLdBj$,B8:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3$l(B
$B$i$NLdBj$K$O!"G$0U$N%U%!%$%k3+<(!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0!"$*$h$S(B
(BSQL $B9=J8$rCmF~2DG=$JLdBj$,4^$^$l$^$9!#(B
(B
$B0J2<$NLdBj$,H/8+$5$l$F$$$^$9!#(B
(B
$B%j%b!<%H$N967bpJs$O!"967b$N967b$r7$+$l$?$j!"%G!<%?$,3+<($5$l$?(B
$B$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967be$GG$0U$N%9%/(B
$B%j%W%H%3!<%I$rZMQ>pJs$N@`$N%P!<%8%g%s$b1F6A$rhttp://www.securityfocus.com/bid/13081
$BMWLs(B:
$B$3$N%"%W%j%1!<%7%g%s$,1F6A$r\:Y$,ITL@$J$?$a!"99$J$k>pJs$O8=;~E@$G$ODs6!$5$l$F$$$^$;$s!#>\:Y$,8x3+$5(B
$B$lhttp://www.securityfocus.com/bid/13082
$BMWLs(B:
(BAzDGDatingPlatinum $B$K$O!"J#?t$NLdBj$,B8:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^(B
$B$9!#(B
(B
$B0J2<$NLdBj$,H/8+$5$l$F$$$^$9!#(B
(B
$B$3$N%"%W%j%1!<%7%g%s$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$N1F6A$r7$+$l$?$j!"%G!<%?$,3+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967bZMQ>pJs$N@`$N%P!<%8%g%s$b1F6A$rhttp://www.securityfocus.com/bid/13083
$BMWLs(B:
(BJava Archive $B%D!<%k$O!"%G%#%l%/%H%j%H%i%P!<%5%k$NLdBj$N1F6A$rH$K4XO"$9$kJ8;zNs$G$"$k(B '../' $B$,L>A0$K;HMQ$5$l(B
$B$F$$$k%U%!%$%k$r4^$`!"0-0U$"$k%"!<%+%$%V$rDs6!$G$-$^$9!#$3$N$h$&$J%U%!%$(B
$B%k$,Cj=P$5$l$k$H$-!"4{B8$N%G!<%?$,>e=q$-$5$l$k2DG=@-$,$"$j$^$9!#(B
(B
(BLinux $B%W%i%C%H%U%)!<%`$*$h$S(B Microsoft Windows $B%W%i%C%H%U%)!<%`MQ$N(B Sun
(BJava 2 Standard Edition 1.5.0 $B$H(B 1.4.2 $B$K$*$$$F!"LdBj$N1F6A$r$N%Y%s%@$b!"1F6A$rhttp://www.securityfocus.com/bid/13084
$BMWLs(B:
(BFile Upload Script $B$K$O!"G$0U$N%9%/%j%W%H$,%"%C%W%m!<%I$5$l$k5?$$$,$"$k(B
$B$HJs9p$5$l$F$$$^$9!#(B
(B
$BLdBj$NMxMQ$,@.8y$9$k$H!"967be$GG$0U$N%9%/%j%W%H%3!<(B
$B%I$rhttp://www.securityfocus.com/bid/13085
$BMWLs(B:
(BKDE KMail $B$O!"%j%b!<%H$+$iEE;R%a!<%k%a%C%;!<%8$NFbMF$r56Au2DG=$JLdBj$N1F(B
$B6A$rpJs$r56Au$9$k$3$H$K$h$j!"%U%#%C%7%s%0:>5=$d%=!<%7%c%k%(%s%8%K%"%j%s%096(B
$B7b$rhttp://www.securityfocus.com/bid/13086
$BMWLs(B:
(BModernBill $B$K$O!"%j%b!<%H$+$i%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#(B
(B
$B$3$NLdBj$O!"967bl=j$rEO$9$H$-$K0z$-5/$3$5$l$^$9!#(B
(B
(BModernBill 4.3 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$rhttp://www.securityfocus.com/bid/13087
$BMWLs(B:
(BModernBill $B$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$N1F6A$rZ(B
$BMQ>pJs$N@`http://www.securityfocus.com/bid/13088
$BMWLs(B:
(BDC++ $B$K$O!"L$FCDj$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$N$?$a!"%j%b!<%H%f!<(B
$B%6$,!"B>$N%f!<%6$N%@%&%s%m!<%I%I%i%$%V$K3JG<$5$l$F$$$k%U%!%$%k$K%G!<%?$r(B
$BIU2C$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#$3$NLdBj$N@53N$J860x$O!"8=(B
$B;~E@$G$OITL@$G$9!#(B
(B
(BDC++ 0.674 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$rhttp://www.securityfocus.com/bid/13089
$BMWLs(B:
(BModernBill $B$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$N1F6A$rZMQ(B
$B>pJs$N@`http://www.securityfocus.com/bid/13090
$BMWLs(B:
(BTowerBlog $B$K$O!"%j%b!<%H$N967bZL@=q$r3+<($9$k$3$H$r5v$7$F$7(B
$B$^$&5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B
(B
(BWeb $B%k!<%H%G%#%l%/%H%j$KB8:_$9$k%U%!%$%kFb$K%f!<%6$N%Q%9%o!<%I%O%C%7%e$,(B
$B3JG<$5$l$k$?$a!"G$0U$N967bpJs$N3+<($r5v$7$F$7$^(B
$B$&$3$H$,Js9p$5$l$F$$$^$9!#(B
(B
$BB3$$$F!"967bZL@=q$r3+<($9$k2DG=@-$,$"$j$^$9!#$3$l$K$h(B
$B$j!"%7%9%F%`$KBP$7$FB>$N967b$,0z$-5/$3$5$l!"967b7$/$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B
(B
(BTowerBlog 0.6 $B$K$*$$$F!"LdBj$N1F6A$r(B
$B$N%P!<%8%g%s$b1F6A$rhttp://www.securityfocus.com/bid/13092
$BMWLs(B:
(BOpenOffice $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%R!<%WNN0h$G%*!<%P!<%U%m!<$,H/(B
$B@8$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B
(B
$B967bhttp://www.securityfocus.com/bid/13093
$BMWLs(B:
(BPine $B$K$O!"(B'rpdump' $B$G6%9g>uBV$,H/@8$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3(B
$B$NLdBj$O!"%f!<%6$,;XDj$7$?%U%!%$%k$,%m!<%+%k$KB8:_$9$k$+$I$&$+$,%A%'%C%/(B
$B$5$l$k$H$-$+$i!"$3$N%U%!%$%k$,=q$-9~$_$N$?$a$K3+$+$l$k$^$G$N4V$K!"%?%$%_(B
$B%s%0NI$/LdBj$,H/@8$9$k$3$H$KM3Mh$7$^$9!#(B
(B
$BC/$G$b=q$-9~$_$G$-$k%m!<%+%k$N%G%#%l%/%H%j$KB8:_$9$k4{B8$N%U%!%$%k$KBP$7(B
$B$F(B 'rpdump' $B$,8F$S=P$5$l$k$H!"967b$N%P!<(B
$B%8%g%s$b1F6A$rhttp://www.securityfocus.com/bid/13094
$BMWLs(B:
(BzOOm Media Gallery $B$O!"%j%b!<%H$+$i(B SQL $B9=J8$rCmF~2DG=$JLdBj$N1F6A$r7$+$l$?$j!"%G!<%?$,3+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b$N%P!<%8%g%s$b1F6A$rhttp://www.securityfocus.com/bid/13095
$BMWLs(B:
(Brsnapshot $B$O!"%m!<%+%k$G%U%!%$%k8"8B$,A`:n$5$l$kLdBj$N1F6A$re$NITHw$K$h$j!"%7%s%\%j%C%/%j%s%/%U%!%$%k$+$i;2>H$5$l$k%U%!(B
$B%$%k$KBP$7$F%Q!<%_%C%7%g%s$,E,@Z$K3d$jEv$F$i$l$J$$$3$H$KM3Mh$7$^$9!#(B
(B
$B967bhttp://www.securityfocus.com/bid/13096
$BMWLs(B:
(BKDE $B$K$O!"(BPCX $B2hA|%U%!%$%k$N=hM}$G%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,(B
$B$"$k$HJs9p$5$l$F$$$^$9!#$3$NLdBj$O!"(BPCX $B2hA|%G!<%?$NBEEv@-3NG'$,(B 'kimgio'
$B2hA|%i%$%V%i%j$K$h$jE,@Z$K$N2hA|%O%s%I%i$O!"%Y%s%@$K$h$C$F=$@5$5$l$F$$$^$9!#$7$?$,$C$F!"(B
$B$=$NB>$N2hA|%U%!%$%k7A<0$bF1MM$NLdBj$N1F6A$rhttp://www.securityfocus.com/bid/13097
$BMWLs(B:
(BInvision Power Board $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$k(B
$B$HJs9p$5$l$F$$$^$9!#%f!<%6$,;XDj$7$?%G!<%?$N%U%#%k%?$,E,@Z$KE,MQ$5$l$J$$(B
$B$?$a!"967bhttp://www.securityfocus.com/bid/13098
$BMWLs(B:
(BGwenView $B$K$O!"%R!<%WNN0h$G$N%a%b%jGK2u$K4XO"$9$kJ#?t$NL$FCDj$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3$l$i$NLdBj$O!"(Bchunk $B%5%$%:$,2hA|$N(B
$B9b$5!"I}!"$*$h$SJ?LL$NCM$+$iF3$-=P$5$l$k:]$N!"%R!<%W%a%b%j$N3d$jEv$FCf$K(B
$BZ$G$9!#(B
(B
$B>\:Y$,8x3+$5$lhttp://www.securityfocus.com/bid/13099
$BMWLs(B:
(BIrfanView $B$K$O!"%R!<%WNN0h$G$N%a%b%jGK2u$K4XO"$9$kJ#?t$NL$FCDj$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3$l$i$NLdBj$O!"(Bchunk $B%5%$%:$,2hA|$N(B
$B9b$5!"I}!"$*$h$SJ?LL$NCM$+$iF3$-=P$5$l$k:]$N!"%R!<%W%a%b%j$N3d$jEv$FCf$K(B
$BZ$G$9!#(B
(B
$B>\:Y$,8x3+$5$lhttp://www.securityfocus.com/bid/13100
$BMWLs(B:
(BImageMagick $B$K$O!"%R!<%WNN0h$G$N%a%b%jGK2u$K4XO"$9$kJ#?t$NL$FCDj$NLdBj$,(B
$BB8:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3$l$i$NLdBj$O!"(Bchunk $B%5%$%:$,2hA|(B
$B$N9b$5!"I}!"$*$h$SJ?LL$NCM$+$iF3$-=P$5$l$k:]$N!"%R!<%W%a%b%j$N3d$jEv$FCf(B
$B$KZ$G$9!#(B
(B
$B>\:Y$,8x3+$5$lhttp://www.securityfocus.com/bid/13101
$BMWLs(B:
(BWebCT $B$O!"(BHTML $B%?%0$rA^F~2DG=$JLdBj$N1F6A$rZMQ>pJs$N@`$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^(B
$B$9!#(B
(B
(BWebCT 4.1 $B$K$*$$$F!"$3$NLdBj$N1F6A$r(B
$B$N%P!<%8%g%s$b1F6A$rhttp://www.securityfocus.com/bid/13102
$BMWLs(B:
(BBrightStor ARCserve $B$*$h$S(B ARCserve Enterprise $B%(!<%8%'%s%H$O!"%j%b!<%H(B
$B$+$i$N967b$K$h$k%P%C%U%!%*!<%P!<%U%m!<$NLdBj$N1F6A$reE,@Z$K%3%T!<$5$l(B
$B$J$$$3$H$KM3Mh$7$^$9!#(B
(B
$B%j%b!<%H$N967be$GG$0U$N%3!<(B
$B%I$ruBV$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B
(B
(BWin32 $B%W%i%C%H%U%)!<%`MQ$N(B Computer Associates BrightStor ARCserve
(BBackup v11 $B$K$*$$$F!"$3$NLdBj$N5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$=$NB>$N%P!<(B
$B%8%g%s$b1F6A$rhttp://www.securityfocus.com/bid/13103
$BMWLs(B:
(BJPortal $B$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$N1F6A$r7$+$l$?$j!"%G!<%?$,3+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967bhttp://www.securityfocus.com/bid/13104
$BMWLs(B:
$BJ#?t$N%Y%s%@$+$iDs6!$5$l$F$$$k%G%P%C%,$K$O!"0-0U$"$k%3!<%I$,o$K?5=E$J%f!<%6$G$"$C$F$bLdBj$NI8E*$H$J$k2DG=@-$,$"$j$^$9!#(B
(B
(BOllyDbg$B!"(BWinDbg $B$*$h$S(B Microsoft Visual C++ $B$N$9$Y$F$N%G%P%C%,$,LdBj$N1F(B
$B6A$ro$K:$Fq$G$"$k$?$a$K!"$=$NB>$N%G%P%C(B
$B%,$b1F6A$rhttp://www.securityfocus.com/bid/13105
$BMWLs(B:
(BLight Speed Technologies $B$N(B DeluxeFTP $B$O!"%m!<%+%k$GG'>ZMQ>pJs$r3+<(2DG=(B
$B$JLdBj$N1F6A$rZMQ>pJs$,E,@Z$KJ]8n(B
$B$5$l$J$$$3$H$KM3Mh$7$^$9!#(B
(B
$B967bZMQ>pJs$K%"%/%;%9$9$k2DG=@-$,$"$j$^$9!#(B
(B
(B27. FreeBSD PortUpgrade Local Insecure Temporary File Handling V...
(BBugTraq ID: 13106
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 12 2005
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/13106
$BMWLs(B:
(BFreeBSD $B$N(B portupgrade $B$O!"%m!<%+%k$G%;%-%e%j%F%#>eITE,@Z$K%U%!%$%k$,=h(B
$BM}$5$l$kLdBj$N1F6A$re$NITHw$K$h$j!"0l;~%U%!%$(B
$B%k$,%;%-%e%j%F%#>eE,@Z$K=hM}$5$l$J$$$3$H$KM3Mh$7$^$9!#(B
(B
$B967bo$O4IM}http://www.securityfocus.com/bid/13108
$BMWLs(B:
(BaeDating $B$K$O!"%m!<%+%k$G%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#(B
(B
$B$3$NLdBj$O!"967bl=j$rEO$9$H$-$K0z$-5/$3$5$l$^$9!#(B
(B
$B967be$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$re$NG$0U$N%U%!%$%k$r(B Web $B%5!<(B
$B%P$N8"8B$GFI$_http://www.securityfocus.com/bid/13109
$BMWLs(B:
(BMicrosoft Windows $B$N%+!<%M%k$K$O!"%m!<%+%k$G8"8B>:3J$,0z$-5/$3$5$l$k5?$$(B
$B$,$"$j$^$9!#$3$NLdBj$O!"0-0U$"$k%U%)%s%H$,=hM}$5$l$k$H$-$K%P%C%U%!$N%A%'%C(B
$B%/$,uBV$K4Y$k2DG=@-$,$"$j(B
$B$^$9!#$3$NLdBj$K$h$j!"(BWindows XP SP2 $B%W%i%C%H%U%)!<%`>e$G%5!<%S%9ITG=>u(B
$BBV$,0z$-5/$3$5$l$k2DG=@-$,$b$C$H$b9b$$$3$H$,!"(BMicrosoft $B$K$h$jJs9p$5$l$F(B
$B$$$^$9!#$^$?!"(BWindows 98$B!"(B98SE$B!"$*$h$S(B ME $B$K$*$$$F$O!"$3$NLdBj$O=EMW$G$O(B
$B$J$$$3$H$,%Y%s%@$K$h$jJs9p$5$l$F$$$^$9!#$3$l$O!"%*%Z%l!<%F%#%s%0%7%9%F%`(B
$B$G%^%k%A%f!<%6$,%5%]!<%H$5$l$F$$$J$$$?$a$G$"$k2DG=@-$,$"$j$^$9!#(B
(B
(B30. Microsoft Windows Kernel Object Management Denial Of Service...
(BBugTraq ID: 13110
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 12 2005
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/13110
$BMWLs(B:
(BMicrosoft Windows $B$N%+!<%M%k$K$O!"%m!<%+%k$G%5!<%S%9ITG=>uBV$K4Y$k5?$$$,(B
$B$"$j$^$9!#$3$NLdBj$O!"(BWindows $B%+!<%M%k$N%*%V%8%'%/%H4IM}$K4XO"$7$F$$$k$3(B
$B$H$,Js9p$5$l$F$$$^$9!#(B
(B
(B31. AEwebworks Dating Software AeDating Sdating.PHP SQL Injectio...
(BBugTraq ID: 13111
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 12 2005
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/13111
$BMWLs(B:
(BaeDating $B$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$N1F6A$r7$+$l$?$j!"%G!<%?$,3+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967bhttp://www.securityfocus.com/bid/13112
$BMWLs(B:
(BMicrosoft Windows $B$O!"%j%b!<%H$+$i$N967b$K$h$k%P%C%U%!%*!<%P!<%U%m!<$NLd(B
$BBj$N1F6A$r:3J$r0z$-5/$3$92DG=@-$,$"$j$^$9!#(B
(B
$BLdBj$N$"$k%"%W%j%1!<%7%g%s$G$O!"(BMSMQ $B$O%G%U%)%k%H$G%$%s%9%H!<%k$5$l$F$*(B
$B$i$:!"l9g$K!"%3%s%T%e!<%?$,LdBj$N1F6A$rhttp://www.securityfocus.com/bid/13113
$BMWLs(B:
(BaeDating $B$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$N1F6A$rZMQ>pJs$N@`http://www.securityfocus.com/bid/13114
$BMWLs(B:
(BMicrosoft MSN Messenger $B$K$O!"0U?^E*$K:n@.$5$l$?(B Graphic Interchange
(BFormat (GIF) $B2hA|$,=hM}$5$l$k$H$-$K%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3$N$?$a!"967b7$+(B
$B$l$k2DG=@-$,$"$k$3$H$,Js9p$5$l$F$$$^$9!#%/%i%$%"%s%H$+$i%/%i%$%"%s%H$KBP(B
$B$9$k967b$G;HMQ$5$l$k2DG=@-$,9b$$$N$O!"0U?^E*$K:n@.$5$l$?3(J8;z$dI=<(%"%$(B
$B%3%s$G$9!#(B
(B
$BB>$N967bhttp://www.securityfocus.com/bid/13115
$BMWLs(B:
(BMicrosoft Windows $B$O!"%m!<%+%k$G8"8B>:3J$,2DG=$JLdBj$N1F6A$rhttp://www.securityfocus.com/bid/13116
$BMWLs(B:
(BMicrosoft Windows $B$K$O!"%j%b!<%H$+$i%3!<%I$,@\E*$J1F6A$H$7$F%5!<%S%9ITG=>uBV$,0z$-5/$3$5$l(B
$B$k$3$H$,Js9p$5$l$F$$$^$9!#(B
(B
(B37. Microsoft Internet Explorer Content Advisor File Handling Bu...
(BBugTraq ID: 13117
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 12 2005
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/13117
$BMWLs(B:
(BMicrosoft Internet Explorer $B$K$O!"0U?^E*$K:n@.$5$l$?(B Content Advisor $B%U%!(B
$B%$%k$N=hM};~$K%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?(B
$B$$$,$"$j$^$9!#967bhttp://www.securityfocus.com/bid/13118
$BMWLs(B:
(BMicrosoft Exchange Server $B$K$O!"(BSMTP $B3HD%(B verb $B$G%P%C%U%!%*!<%P!<%U%m!<(B
$B$,H/@8$9$k5?$$$,$"$j$^$9!#967b$,@.8y$9$k$H!"G$0U$N%3!<%I$,http://www.securityfocus.com/bid/13119
$BMWLs(B:
(BMicrosoft Word $B$O!"%P%C%U%!%*!<%P!<%U%m!<$NLdBj$N1F6A$rl=j$rL@$i$+$K$7$F$$$^$;$s!#$3$N(B
$BLdBj$K$h$j!"0-0U$"$k%I%-%e%a%s%H$r3+$/%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb(B
$B$G!"G$0U$N%3!<%I$,http://www.securityfocus.com/bid/13120
$BMWLs(B:
(BMicrosoft Internet Explorer $B$G$O!"0-0U$"$k(B Web $B%5%$%H$K%"%/%;%9$9$k%f!<(B
$B%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"%j%b!<%H$N967buBV$,H/@8$9$k$3$H$K$h$j!"967bhttp://www.securityfocus.com/bid/13121
$BMWLs(B:
(BMicrosoft Windows $B$N%+!<%M%k$K$O!"%"%/%;%9MW5a$NBEEv@-3NG'$r9T$&%7%9%F%`(B
$B$G%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#LdBj$NMxMQ$,@.8y$9$k$H!"(B
$B%+!<%M%k$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%Ihttp://www.securityfocus.com/bid/13122
$BMWLs(B:
(BMicrosoft Word $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O!"0U?^E*$K:n@.$5$l$?%I%-%e%a%s%H$,2r@O$5$l$k$H$-$K0z$-5/$3$5$l$^(B
$B$9!#$3$NLdBj$K$h$j!"0-0U$"$k%I%-%e%a%s%H$r3+$/%f!<%6$N%;%-%e%j%F%#%3%s%F(B
$B%-%9%HFb$G!"G$0U$N%3!<%I$,http://www.securityfocus.com/bid/13123
$BMWLs(B:
(BMicrosoft Internet Explorer $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$NLdBj$,B8:_$9$k(B
$B$HJs9p$5$l$F$$$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NO%G!<%?$N6-3&%A%'%C%/(B
$B$,E,@Z$G$J$$$3$H$KM3Mh$7$^$9!#$3$N$?$a!"%G!<%?$r8GDjD9$N%a%b%j%P%C%U%!$K(B
$B%3%T!<$9$k:]$K%*!<%P!<%U%m!<$,0z$-5/$3$5$l$F$7$^$$$^$9!#(B
(B
$B$3$NLdBj$K$h$j!"LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"(B
$B967bhttp://www.securityfocus.com/bid/13124
$BMWLs(B:
$BJ#?t$N%Y%s%@$K$h$k(B TCP/IP Internet Control Message Protocol (ICMP) $B$NuBV$r0z$-5/$3$9J#?t$NLdBj$,B8:_$9$k5?$$$,$"$k$HJs9p(B
$B$5$l$F$$$^$9!#(B
(B
$B%M%C%H%o!<%/%N!<%I$G;HMQ$5$l$k(B ICMP $B$G$O!"(BICMP $B%a%C%;!<%8$GJs9p$5$l$k%M%C(B
$B%H%o!<%/$N<:GT$K4p$E$$$F!"FCDj$N<+F0=hM}$N)$5$l$J$$$3$H$,Js9p$5$l$F$$$^$9!#(BICMP $B%a%C%;!<%8$KM-8z$J%=!<%9!"$*$h$S(B
$BAw?.@h$N(B IP $B%"%I%l%9$H%]!<%H$N%Z%"$,4^$^$l$F$$$k8B$j!"4XO"$9$k@\B3$H$7$F(B
$Bl9g$K(B
$BBP1~$9$k@\B3$r@ZCG$9$k$h$&$K5-=R$7$?;EMM$,MxMQ$5$l$^$9!#$3$NLdBj$KBP$7$F(B
$B3d$jEv$F$i$l$?(B CVE Mitre $B$N<1JL;R8uJd$O(B CAN-2004-0790 $B$G$9!#(B
(B
$B%j%b!<%H$N967b7$/2DG=@-$,$"$j$^$9!#(B
(B
$BJ#?t$N%Y%s%@$K$h$k7$/2DG=@-$,$"$j$^$9!#(B
(B
$BJ#?t$N%Y%s%@$K$h$kl9g$K(B
(BICMP PMTUD $B$KBP$9$k967b$N1F6A$r7$/2DG=@-$,$"$j$^$9!#(B
(B
(B** $B99?7(B: Microsoft $B%W%i%C%H%U%)!<%`$b!"$3$l$i$NLdBj$N1F6A$rhttp://www.securityfocus.com/bid/13125
$BMWLs(B:
(BComersus Cart $B$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$N1F6A$rZ(B
$BMQ>pJs$N@`http://www.securityfocus.com/bid/13126
$BMWLs(B:
(BXAMPP $B$O!"%j%b!<%H$+$i(B HTML $B%?%0$rA^F~2DG=$JLdBj$N1F6A$rZ(B
$BMQ>pJs$N@`http://www.securityfocus.com/bid/13127
$BMWLs(B:
(BXAMPP $B$O!"%j%b!<%H$+$i(B HTML $B%?%0$rA^F~2DG=$JLdBj$N1F6A$rZ(B
$BMQ>pJs$N@`http://www.securityfocus.com/bid/13128
$BMWLs(B:
(BXAMPP $B$O!"%j%b!<%H$+$i(B HTML $B%?%0$rA^F~2DG=$JLdBj$N1F6A$rZ(B
$BMQ>pJs$N@`http://www.securityfocus.com/bid/13129
$BMWLs(B:
(BGLD $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$NLdBj$,B8:_$9$k$HJs9p$5$l$F$$$^$9!#$3$N(B
$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r8GDjD9$N%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"(B
$B%a%b%j%P%C%U%!$N%5%$%:$,==J,$G$"$k$3$H$,E,@Z$K3NG'$5$l$J$$$3$H$KM3Mh$7$^(B
$B$9!#(B
(B
$B%j%b!<%H$N967be$G4IM}http://www.securityfocus.com/bid/13130
$BMWLs(B:
(BLotus Domino Server $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<(B
$B$,H/@8$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B
(B
$B$3$NLdBj$O!"0U?^E*$K:n@.$5$l$?(B HTTP POST $BMW5a$,=hM}$5$l$k:]$K0z$-5/$3$5(B
$B$l$^$9!#(B
(B
$B967b$,@.8y$9$k$H!"%5!<%S%9ITG=>uBV$K4Y$k2DG=@-$,$"$j$^$9!#$^$?!"G$0U$N%3!<(B
$B%I$,)$7$F$$$^$9!#>\:Y$K$D$$$F$O!";29M$N(B IBM $B%"%I%P%$(B
$B%6%j$r;2>H$7$F$/$@$5$$!#(B
(B
$B>\:Y$,8x3+$5$l.3^8691M:(B (OGASAWARA Tsuneo)
(BLAC Co., Ltd.
(Bhttp://www.lac.co.jp/index.html
Attachment: smime.p7s
Description: S/MIME cryptographic signature
Prev by Date: SecurityFocus Newsletter #297 2005-04-11->2005-04-15 [2 of 2]
Previous by thread: SecurityFocus Newsletter #297 2005-04-11->2005-04-15 [2 of 2]
Index(es):
- Date
- Thread