[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SecurityFocus Newsletter #245 2004-4-12->2004-4-16

To: bugtraq-jp@xxxxxxxxxxxxxxxxx
Subject: SecurityFocus Newsletter #245 2004-4-12->2004-4-16
From: Yasuhiro Nishimura <y.nisimr@xxxxxxxxx>
Date: Tue, 13 Jul 2004 11:08:50 +0900
$B@>B<(B@$B%i%C%/$G$9!#(B
(B
(BSecurityFocus Newsletter $BBh(B 245 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B
(B
(B---------------------------------------------------------------------------
(BBugTraq-JP $B$K4X$9$k(B FAQ($BF|K\8l(B):
(Bhttp://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0lH$/$@$5$$(B
(B---------------------------------------------------------------------------
(B---------------------------------------------------------------------------
(BSecurityFocus Newsletter $B$K4X$9$k(BFAQ($B1Q8l(B):
(Bhttp://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
(BBugTraq $B$K4X$9$k(B FAQ($B1Q8l(B):
(Bhttp://www.securityfocus.com/popups/forums/bugtraq/faq.shtml
(B---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02qe$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
(B  $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
(B  $B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
(B  $B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
(B1) http://online.securityfocus.com/archive/79
(B---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02ql9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
(B  $BHG$r$4Ej9FD:$/$+!"4F=$l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
(B---------------------------------------------------------------------------
(BThis translation is encoded and posted in ISO-2022-JP.
(B
$B86HG(B:
(BDate: 19 Apr 2004 22:40:14 -0000
(BMessage-ID: <20040419224014.1533.qmail@xxxxxxxxxxxxxxxxxxxxxx>
(B
(BSecurityFocus Newsletter #245
(B-----------------------------
(B
(BThis Issue is Sponsored By: SecurityFocus
(B
(BI. FRONT AND CENTER($BF|K\8lLu$J$7(B)
(B     1. Solaris 10 Security
(B     2. Basic Web Session Impersonation
(B     3. Forensic Analysis of a Live Linux System, Part Two
(BII. BUGTRAQ SUMMARY
(B     1. Scorched 3D Server Memory Corruption Vulnerabilities
(B     2. Open WebMail Arbitrary Directory Creation Vulnerability
(B     3. Sun Cluster Global File System Denial of Service Vulnerabili...
(B     4. 1st Class Internet Solutions 1st Class Mail Server Multiple ...
(B     5. IBM HTTP Server PQ86671 and PQ85834 Fixes Released - Multipl...
(B     6. Crackalaka IRC Server Remote Denial of Service Vulnerability
(B     7. RSniff Remote Denial of Service Vulnerability
(B     8. HP AAA Server Denial of Service Vulnerability
(B     9. X-Micro WLAN 11b Broadband Router Backdoor Administration Ac...
(B     10. Linux Kernel Sigqueue Blocking Denial Of Service Vulnerabili...
(B     11. Microsoft Internet Explorer Bitmap File Processing Denial of...
(B     12. Microsoft Outlook Express Malformed EML File Denial of Servi...
(B     13. Eazel Nautilus Trash Folder Handler Buffer Overflow Vulnerab...
(B     14. TikiWiki Project Multiple Input Validation Vulnerabilities
(B     15. Blackboard Learning System Multiple Cross-Site Scripting Vul...
(B     16. Citadel/UX Insecure File Permissions Vulnerability
(B     17. SurgeLDAP User.CGI Directory Traversal Vulnerability
(B     18. Nuked-Klan Multiple Vulnerabilities
(B     19. Ipswitch IMail Express Web Messaging Buffer Overrun Vulnerab...
(B     20. KDE Konqueror Bitmap File Processing Denial of Service Vulne...
(B     21. Microsoft Windows LSASS Buffer Overrun Vulnerability
(B     22. Microsoft Windows H.323 Remote Buffer Overflow Vulnerability
(B     23. Microsoft Jet Database Engine Remote Code Execution Vulnerab...
(B     24. Microsoft Negotiate SSP Remote Buffer Overflow Vulnerability
(B     25. Microsoft Windows 2000 Domain Controller LDAP Denial Of Serv...
(B     26. Microsoft Windows SSL Library Denial of Service Vulnerabilit...
(B     27. Microsoft Windows Private Communications Transport Protocol ...
(B     28. Microsoft Virtual DOS Machine Local Privilege Escalation Vul...
(B     29. Microsoft ASN.1 Library Double Free Memory Corruption Vulner...
(B     30. Microsoft Windows Help And Support Center URI Validation Cod...
(B     31. Microsoft Windows WMF/EMF Image Formats Remote Buffer Overfl...
(B     32. Microsoft Windows Object Identity Network Communication Vuln...
(B     33. Microsoft Windows Local Descriptor Table Local Privilege Esc...
(B     34. Microsoft Windows COM Internet Service/RPC Over HTTP Remote ...
(B     35. Microsoft Windows Utility Manager Local Privilege Escalation...
(B     36. Microsoft Windows Management Local Privilege Escalation Vuln...
(B     37. Microsoft Windows Logon Process Remote Buffer Overflow Vulne...
(B     38. Microsoft Windows RPCSS Service Remote Denial Of Service Vul...
(B     39. PHP-Nuke CookieDecode Cross-Site Scripting Vulnerability
(B     40. TUTOS Multiple Input Validation Vulnerabilities
(B     41. BEA WebLogic Authentication Provider Privilege Inheritance V...
(B     42. BEA WebLogic Server/Express Potential Password Disclosure We...
(B     43. BEA WebLogic Server and WebLogic Express Certificate Chain U...
(B     44. BEA WebLogic Local Password Disclosure Vulnerability
(B     45. Novell Nsure Identity Manager Password Hint Plaintext Storag...
(B     46. PHP-Nuke Multiple SQL Injection Vulnerabilities
(B     47. Neon WebDAV Client Library Format String Vulnerabilities
(B     48. Qualcomm Eudora MIME Message Nesting Denial of Service Vulne...
(B     49. CVS Client RCS Diff File Corruption Vulnerability
(B     50. Rhino Software Zaep AntiSpam Cross-Site Scripting Vulnerabil...
(B     51. CVS Server Piped Checkout Access Validation Vulnerability
(B     52. Linux Kernel ISO9660 File System Buffer Overflow Vulnerabili...
(B     53. MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerab...
(B     54. Linux Kernel JFS File System Information Leakage Vulnerabili...
(B     55. Microsoft Outlook/Outlook Express Remote Denial Of Service V...
(B     56. Mozilla Messenger Remote Denial Of Service Vulnerability
(B     57. PostNuke Pheonix Multiple Module SQL Injection Vulnerabiliti...
(B     58. Red Hat Linux GNU Mailman Remote Denial Of Service Vulnerabi...
(B     59. ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerabi...
(B     60. Xonix X11 Game Insecure Privilege Dropping Vulnerability
(B     61. ssmtp Mail Transfer Agent Multiple Format String Vulnerabili...
(B     62. Linux Kernel XFS File System Information Leakage Vulnerabili...
(B     63. Linux Kernel EXT3 File System Information Leakage Vulnerabil...
(B     64. PHPBugTracker Multiple Input Validation Vulnerabilities
(B     65. SCT Campus Pipeline Email Attachment Script Injection Vulner...
(B     66. Cisco IPsec VPN Client Group Password Disclosure Vulnerabili...
(B     67. Gemitel Affich.PHP Remote File Include Command Injection Vul...
(B     68. Real Networks Helix Universal Server Denial of Service Vulne...
(B     69. Macromedia ColdFusion MX File Upload Denial Of Service Vulne...
(B
(B
(BI. FRONT AND CENTER($BF|K\8lLu$J$7(B)
(B---------------------------------
(B
(BII. BUGTRAQ SUMMARY
(B-------------------
(B1. Scorched 3D Server Memory Corruption Vulnerabilities
(BBugTraq ID: 10086
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 09 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10086
$B$^$H$a(B:
(B
(BScorched 3D Server $B%3%s%]!<%M%s%H$O!"%a%b%j$,=q$-49$($i$l$kJ#?t$NLdBj$r(B
$BJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#Js9p$K$h$k$H!"$3$l$i$NLdBj$N(B1$B$D$O!"(B
$B%/%i%$%"%s%H$,%5!<%P$N(B chat box $B%F%-%9%HF~NO%U%#!<%k%I$K2aBg$J?t$N=q<0;X(B
$BDj;R$rM?$($?:]$KH/@8$9$k!"%R!<%W%Y!<%9$N%P%C%U%!%*!<%P!<%U%m!<$G$"$k!#(B
(B
$B6-3&%A%'%C%/$K4XO"$9$k!"$=$NB>$N>\:YITL@$NLdBj$bJs9p$5$l$F$$$k!#(B
(B
$B$3$l$i$NLdBj$rMxMQ$9$k$3$H$G!"%5!<%P$,%/%i%C%7%e$9$k$+!"@x:_E*$KG$0U$9$k(B
$B%3!<%I$,http://www.securityfocus.com/bid/10087
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BOpen WebMail $B$O!"%j%b!<%H$N967bhttp://www.securityfocus.com/bid/10088
$B$^$H$a(B:
(B
(BSun Cluster $B$O!"FC8"$r;}$?$J$$%m!<%+%k$N967buBV$K$7!"%5!<%S%9ITG=>uBV$r0z$-5/$3$9LdBj$rJz$($F$$$k5?$$$,$"$k!#(B
(B
(BSolaris 8$B!"(BSolaris 9 $BMQ$N(B Sun Cluster 3.0 $B$*$h$S(B 3.1 $B$,!"$3$NLdBj$K$h$k(B
$B1F6A$rhttp://www.securityfocus.com/bid/10089
$B$^$H$a(B:
(B
(B1st Class Mail Server $B$K$O!"%j%b!<%H967b$N%P!<%8%g%s$bF1MM$K1F6A$rhttp://www.securityfocus.com/bid/10091
$B$^$H$a(B:
(B
(BIBM$B$O!"(BIBM HTTP $B%5!<%P$KB8:_$9$kJ#?t$NLdBj$r=$@5$9$k(B PQ86671 $B$*$h$S(B 
(BPQ85834 $BN_@QE*$J=$@5%W%m%0%i%`$r8x3+$7$F$$$k!#(B
(B
(BPQ86671 $B$O(B SSL $B$KH/8+$5$l$?%5!<%S%9ITG=>uBV$K4Y$kLdBj$r=$@5$9$k$?$a$K8x(B
$B3+$5$l$F$$$k!#$3$NLdBj$O!"FCDj$N0U?^E*$KAH$_N)$F$i$l$?(B SSL $B%l%3!<%I$K$h(B
$B$j%5!<%S%9ITG=$K4Y$kLdBj$G$"$k!#L$8!>Z$G$"$k$,!"$3$NLdBj$O!"(BBID 8746
(B(OpenSSL SSLv2 Client_Master_Key Remote Denial Of Service Vulnerability) 
$B$^$?$O(BBID 8732(OpenSSL ASN.1 Parsing Vulnerabilities) $B$K5-=R$5$l$F$$$kLd(B
$BBj$r=$@5$7$F$$$k2DG=@-$,$"$k!#(BPQ86671 $B$O!"(BIBM HTTP $B%5!<%P(B 1.3.12$B!"(B
(B1.3.12.1$B!"(B1.3.12.2$B!"(B1.3.12.3$B!"(B1.3.12.4$B!"(B1.3.12.5$B!"(B1.3.12.6$B!"(B1.3.12.7$B!"(B
(B1.3.19$B!"(B1.3.19.1$B!"(B1.3.19.2$B!"(B1.3.19.3$B!"(B1.3.19.4$B!"(B1.3.19.5$B!"(B1.3.26$B!"(B
(B1.3.26.1$B!"(B1.3.26.2$B!"$*$h$S(B 1.3.28 $BMQ$K%j%j!<%9$5$l$F$$$k!#(B
(B
(BPQ85834 $B$OF1MM$K!"(BIBM HTTP $B%5!<%P$K1F6A$r5Z$\$9J#?t$NLdBj$r=$@5$9$k$?$a(B
$B$K8x3+$5$l$F$$$k!#$3$N=$@5%W%m%0%i%`$K$h$C$F=$@5$5$l$kLdBj$O?7http://www.securityfocus.com/bid/10092
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BCrackalaka $B$O!"967buBV$,0z$-5/$3$5$l$kLdBj$rJz$($F$$$k5?$$$,$"$k!#(B
(B
(BCrackalaka 1.0.8 $B$,$3$NLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k$,!"B>(B
$B$N%P!<%8%g%s$bF1MM$KLdBj$rJz$($F$$$k2DG=@-$,$"$k!#(B
(B
(B7. RSniff Remote Denial of Service Vulnerability
(BBugTraq ID: 10093
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 09 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10093
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BRSniff $B$K$O%/%i%$%"%s%H$,7+$jJV$7(B RSniff $B$N%G!<%b%s$K@\B3(B
$B$7!"%m%0%$%s$d@\B3@ZCG$N$?$a$N(B 'AUTHENTICATE' $B%3%^%s%I$rAw$i$J$$:]!"%j%b!<(B
$B%H$+$i967b2DG=$J%5!<%S%9ITG=$K4Y$kLdBj$rJz$($F$$$k5?$$$,$"$k!#%5!<%P$OLs(B 
(B1024 $B2s$N0-0U$N$"$k@\B3$,9T$o$l$h$&$H$7$?8e!"?7$7$$@\B3$r5v2D$9$k$3$H$K(B
$B<:GT$9$k!#(B
(B
(BRSniff 1.0 $B$O$3$NLdBj$rJz$($F$$$k!#(B
(B
(B8. HP AAA Server Denial of Service Vulnerability
(BBugTraq ID: 10094
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 09 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10094
$B$^$H$a(B:
(B
(BHP $B$O!"(BAAA $B%5!<%P$K1F6A$r5Z$\$9!"%j%b!<%H$+$i967b$KMxMQ2DG=$J%5!<%S%9IT(B
$BG=>uBV$,0z$-5/$3$5$l$kLdBj$r5-:\$7$?7Y9p(B SSRT3622 $B$rH/9T$7$?!#$5$i$J$k>\(B
$B:Y$O!"%"%I%P%$%6%j(B($B%I%-%e%a%s%H(B ID:HPSBUX01011)$B$,8=;~E@$G$OMxMQITG=$G$"(B
$B$k$H?d;!$5$l$k$?$a!"L$>\$G$"$k!#967bZ$5$l$kI,MW$,$J$$$H?d;!$5$l$k!#$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l(B
$B9g!"D94|$K$o$?$k%5!<%S%9ITG=>uBV$,0z$-5/$3$5$l!"%f!<%6$NG'>Z$,IT2DG=$K$J(B
$B$k$?$a!"%M%C%H%o!<%/%5!<%S%9$N40A4$JDd;_$,0z$-5/$3$5$l$k2DG=@-$,$"$k!#(B
(B
$B$3$N(BBID$B$O99$J$k>pJs$,8x3+$5$lhttp://itrc.hp.com
(B
(B9. X-Micro WLAN 11b Broadband Router Backdoor Administration Ac...
(BBugTraq ID: 10095
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 10 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10095
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BX-Micro 11b Broadband Router $B$N%U%!!<%`%&%'%"$K$O!"L58z2=(B
$BITG=$JAH$_9~$_$N4IM}%"%+%&%s%H$,B8:_$9$k!#%f!<%6L>$*$h$S%Q%9%o!<%I$,(B 
(B"super" $B$N$3$N%"%+%&%s%H$O!"%P%C%/%I%"$K$J$k$H?d;!$5$l!"$3$N%"%+%&%s%H$N(B
$BB8:_$rCN$k%j%b!<%H$N967b(B
$BJ}$N%$%s%?!<%U%'!<%9$G@\B3$rBT$AZ$r9T$$!"$3$N%&%'%V%$%s%?!<%U%'%$%9$r2p$7$F!"%G%P(B
$B%$%9$N@)8f8"$rC%Z$r:Q$^$;$?8e$K!"967be$K?7$?$J%U%!!<%`%&%'%"$r%$%s%9%H!<%k2DG=$G$"$k!#(B
(B
(B**$BJs9p$K$h$k$H!"(BWLAN 11b Broadband Router $B%P!<%8%g%s(B 1.6.0.1 $B$bL58z2=IT(B
$BG=$JAH$_9~$_$N4IM}%"%+%&%s%H$,B8:_$9$k!#%f!<%6L>$*$h$S%Q%9%o!<%I$,(B "1502" 
$B$N$3$N%"%+%&%s%H$O!"%P%C%/%I%"$K$J$k$H?d;!$5$l!"$3$N%"%+%&%s%H$NB8:_$rCN(B
$B$k%j%b!<%H$N967bhttp://www.securityfocus.com/bid/10096
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BLinux Kernel $B$K$O!"0-0U$"$k%m!<%+%k$N%f!<%6$,%7%9%F%`A4BN(B
$B$K1F6A$r5Z$\$9%5!<%S%9ITG=>uBV$r0z$-5/$3$9$3$H$,2DG=$K$J$k$H?d;!$5$l$kLd(B
$BBj$,B8:_$9$k!#$3$NLdBj$O(B Kernel $B%7%0%J%k%-%e!<(B (struct sigqueue) $B$r2p$7(B
$B$F0z$-5/$3$5$l!"$3$NLdBj$rMxMQ$7$?967b$K$h$j!"2aBg$J?t$N%9%l%C%I$r%>%s%S(B
$B>uBV$N$^$^$K$9$k$3$H$K$h$C$F!"%7%9%F%`%W%m%;%9%F!<%V%k$N8O3i$,0z$-5/$3$5(B
$B$l$k!#(B
(B
(B11. Microsoft Internet Explorer Bitmap File Processing Denial of...
(BBugTraq ID: 10097
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 12 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10097
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BInternet Explorer $B$O!"0U?^E*$KAH$_N)$F$i$l$?%S%C%H%^%C%W%U%!(B
$B%$%k$r=hM}$9$k:]!"%5!<%S%9ITG=>uBV$,0z$-5/$3$5$l$kLdBj$rJz$($F$$$k5?$$$,(B
$B$"$k!#967be$G%5!<%S%9ITG=>uBV$r0z$-5/(B
$B$3$92DG=@-$,$"$k!#(B
(B
$B$3$N967b$O!"%a%b%j;q8;$r8O3i$5$;!"%3%s%T%e!<%?>e$G%5!<%S%9ITG=>uBV$r0z$-(B
$B5/$3$92DG=@-$,$"$k!#(B
(B
(B12. Microsoft Outlook Express Malformed EML File Denial of Servi...
(BBugTraq ID: 10098
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 12 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10098
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BOutlook Express $B$O!"967buBV$,0z$-5/$3$5$l$kLdBj$rJz$($F(B
$B$$$k5?$$$,$"$k!#(B
(B
(BOutlook Express 6.0 $B$,!"$3$NLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#(B
(B
(B13. Eazel Nautilus Trash Folder Handler Buffer Overflow Vulnerab...
(BBugTraq ID: 10099
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 12 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10099
$B$^$H$a(B:
(B
(BNautilus $B$O%P%C%U%!%*!<%P!<%U%m!<$,0z$-5/$3$5$l$kLdBj$rJz$($F$$$k5?$$$,(B
$B$"$k$HJs9p$5$l$F$$$k!#(B
(B
$BJs9p$K$h$k$H!"$3$NLdBj$O!"$3$N%=%U%H%&%'%"$,0-0U$"$k%G%#%l%/%H%j$r:o=|$7!"(B
$B$=$N8e!"$=$N%G%#%l%/%H%j$,(B "Trash" $B%U%)%k%@Fb$GA`:n$5$l$k>l9g$KH/@8$9$k!#(B
(B
$B967bhttp://www.securityfocus.com/bid/10100
$B$^$H$a(B:
(B
(BTikiWiki $B$NJ#?t$N%b%8%e!<%k$K$O!"J#?t$NLdBj$,H/8+$5$l$F$$$k!#$3$l$i$NLd(B
$BBj$K$h$j!"%j%b!<%H$N967bpJs$N3+<(!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0!"(B
(BHTML $B%?%0$NCmF~!"(BSQL $BJ8$NCmF~!"K\MhJ]8n$5$l$?HO0O30$N%G%#%l%/%H%j$X$NAj(B
$BBPE*$J%"%/%;%9!"0U?^$9$k%U%!%$%k$N%"%C%W%m!<%I$H$$$C$?MM!9$J967b$rhttp://www.securityfocus.com/bid/10101
$B$^$H$a(B:
(B
(BBlackboard Learning System $B$OJ#?t$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$r(B
$BJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#$3$l$i$NLdBj$O!"%f!<%6$,F~NO$7$?(B 
(BURI $B$NFbMF$KBP$9$k$3$N%=%U%H%&%'%"$K$h$kBEEv@-3NG'$,ITE,@Z$G$"$k$3$H$K5/(B
$B0x$7$F$$$k!#(B
(B
$BJs9p$K$h$k$H!":G=i$NLdBj$O(B "addressbook.pl" $B%9%/%j%W%H$K1F6A$r5Z$\$7!"(B2 
$BHVL\$NLdBj$O(B "tasks.pl" $B%9%/%j%W%H$K1F6A$r5Z$\$9!#$^$?!"(B3 $BHVL\$NLdBj$O(B 
(B"calendar.pl" $B%9%/%j%W%H$N(B 3 $B$D$N(B URI $B%Q%i%a!<%?$K1F6A$r5Z$\$9$HJs9p$5$l(B
$B$F$$$k!#(B
(B
$BA4$F$NLdBj$K$*$$$F!"%f!<%6$,M?$($?%Q%i%a!<%?$O!"967bBP>]$H$J$k%f!<%6$N%V(B
$B%i%&%6>e$G2rl9g!"967bBP>]%f!<%6$N(B Web $B%V%i%&%6(B
$B>e$K$*$$$F0-0U$"$k%3!<%I$,Z(B
$BMQ>pJs$N@`$N967b$,2DG=$K$J$k$H?d;!$5$l$k!#(B
(B
(B16. Citadel/UX Insecure File Permissions Vulnerability
(BBugTraq ID: 10102
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 12 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10102
$B$^$H$a(B:
(B
(BCitadel/UX $B$OIT==J,$J%U%!%$%k%Q!<%_%C%7%g%s$N@_Dj$K$h$kLdBj$rJz$($F$$$k(B
$B5?$$$,$"$k$HJs9p$5$l$F$$$k!#Js9p$K$h$k$H!"$3$NLdBj$O!"$3$N%=%U%H%&%'%"$,(B
$B%$%s%9%H!<%k;~$K(B "data" $B%G%#%l%/%H%j$H$=$N%G%#%l%/%H%jFb$N%U%!%$%k$KBP$7(B
$B$F!"%;%-%e%"$G$J$$%Q!<%_%C%7%g%s$r@_Dj$7$F$$$k$?$a$K@8$8$k!#(B
(B
$B$3$NLdBj$K$h$kD>@\$N7k2L$H$7$F!"%3%s%T%e!<%?$KBP$7$FBPOCE*$K%7%'%k%"%/%;(B
$B%92DG=$J%f!<%6$O!"$3$N%=%U%H%&%'%"$N%G!<%?%Y!<%9$*$h$S%G!<%?%U%!%$%k$K3J(B
$BG<$5$l$F$$$k!"@x:_E*$K=EMW$J%G!<%?$r3+<($9$k2DG=@-$,$"$k!#(B
(B
(B17. SurgeLDAP User.CGI Directory Traversal Vulnerability
(BBugTraq ID: 10103
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 12 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10103
$B$^$H$a(B:
(B
(BSurgeLDAP $B$O!"AH$_9~$_(B Web $B4IM}MQ%5!<%P$K4^$^$l$k%9%/%j%W%H$N(B1 $B$D$K!"K\(B
$BMhJ]8n$5$l$?HO0O30$N%G%#%l%/%H%j$XAjBPE*$K%"%/%;%9$7F@$kLdBj$rJz$($F$*$j!"(B
$B@x:_E*$K%U%!%$%k$,3+<($5$l$k5?$$$,$"$k!#(B
(B
$B%j%b!<%H$N967bA[(B
$B%k!<%H%G%#%l%/%H%j$NHO0O30$KB8:_$9$k%7%9%F%`%U%!%$%k$K%"%/%;%9$9$k$3$H$,(B
$B2DG=$G$"$k!#$3$N(B Web $B4IM}MQ%5!<%P$K$h$jFI$_http://www.securityfocus.com/bid/10104
$B$^$H$a(B:
(B
(BNuked-Klan $B$OJ#?t$NLdBj$rJz$($F$$$k5?$$$,$"$k!#$3$l$i$NLdBj$K$O!"%m!<%+(B
$B%k%U%!%$%k$N%$%s%/%k!<%I$r2p$7$F>pJs$,3+<($5$l$kLdBj!"%j%b!<%H$N967bhttp://www.securityfocus.com/bid/10106
$B$^$H$a(B:
(B
(BIpswitch IMail Express $B$K$O!"%j%b!<%H$+$i967b$KMxMQ2DG=$J%P%C%U%!%*!<%P!<(B
$B%U%m!<$NLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#$3$NLdBj$O!"(BWeb
(BMessaging $B%3%s%]!<%M%s%H$KB8:_$7$F$*$j!"(BHTML $B7A<0$N%a%C%;!<%8$N6-3&%A%'%C(B
$B%/$,IT==J,$G$"$k$3$H$K5/0x$9$k!#(B
(B
$B$3$NLdBj$O!"$3$N%=%U%H%&%'%"$N8"8B$G0U?^$9$k%3!<%I$rhttp://www.securityfocus.com/bid/10107
$B$^$H$a(B:
(B
(BKonqueror $B$K$O!"0-0U$"$k%S%C%H%^%C%W%U%!%$%k$r=hM}$9$k:]$K%5!<%S%9ITG=>u(B
$BBV$,0z$-5/$3$5$l$kLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#967be$G%5!<%S%9ITG=>uBV$r0z$-5/$3$9$3$H$,2DG=$G$"$k!#(B
(B
$B$3$N967b$O!"%a%b%j%j%=!<%9$r>CHq$9$k$3$H$G!"%3%s%T%e!<%?>e$G%5!<%S%9ITG=(B
$B>uBV$r0z$-5/$3$92DG=@-$,$"$k!#(B
(B
$B$3$NLdBj$O!"(BFreebsd5.2-CURRENT $B$G(B KDE 3.2.1 $B$,F0:n$9$k%3%s%T%e!<%?$K$*$$(B
$B$F8!>Z$5$l$F$$$k$,!"B>$N4D6-$GF0:n$9$kB>$N%P!<%8%g%s$bF1MM$KLdBj$rJz$($F(B
$B$$$k2DG=@-$,$"$k!#$3$NLdBj$O(B KDE $B$N6&M-%S%C%H%^%C%W=hM}%3%s%]!<%M%s%H$K(B
$BB8:_$7$F$$$k2DG=@-$,$"$j!"$3$N%3%s%]!<%M%s%H$rMxMQ$9$kB>$N%"%W%j%1!<%7%g(B
$B%s$KBP$9$k967b$r2DG=$K$9$k$H?d;!$5$l$k!#(B
(B
$B$3$NLdBj$O!"(BBID 10097 (Microsoft Internet Explorer Bitmap File
(BProcessing Denial of Service Vulnerability) $B$K5-:\$5$l$F$$$kLdBj$HN`;w$7(B
$B$F$$$k!#(B
(B
(B21. Microsoft Windows LSASS Buffer Overrun Vulnerability
(BBugTraq ID: 10108
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10108
$B$^$H$a(B:
(B
(BMicrosoft Windows LSASS (Local Security Authority Subsystem Service) $B$K(B
$B$O!"%j%b!<%H$+$i967b$KMxMQ2DG=$J%P%C%U%!%*!<%P!<%U%m!<$NLdBj$rJz$($F$$$k(B
$B5?$$$,$"$k!#6qBNE*$KLdBj$rJz$($k%7%9%F%`%3%s%]!<%M%s%H$O(B LSASRV.DLL $B$G$"(B
$B$k!#$3$NLdBj$rMxMQ$9$k967b$K@.8y$7$?>l9g!"%j%b!<%H$N967b%f!<%6$K$h$C$F(B
$B967b$KMxMQ$5$l$k2DG=@-$,$"$k!#(BMicrosoft Windows Server 2003 $B$*$h$S(B 
(BMicrosoft Windows XP 64-Bit Edition 2003 $B$K$*$$$F$O!"$3$NLdBj$O!"G'>Z$5(B
$B$l$?%f!<%6$K$h$C$F$N$_!"%m!<%+%k$+$i967b$KMxMQ$5$l$k2DG=@-$,$"$k$HJs9p$5(B
$B$l$F$$$k!#(BMicrosoft $B$O!"$3$l$i$N4D6-$G$O%m!<%+%k$N4IM}e$N%j%9%/$O$b$?$i$5$J$$$H?d;!$5$l$k!#(B
(B
$B$3$NLdBj$rMxMQ$9$k967b$O!"%o!<%`$KAH$_9~$`$3$H$,2DG=$G$"$k$H?d;!$5$l$k!#(B
(B
(B22. Microsoft Windows H.323 Remote Buffer Overflow Vulnerability
(BBugTraq ID: 10111
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10111
$B$^$H$a(B:
(B
(BMicrosoft Windows H.323 $B%W%m%H%3%k$Nl9g!"(B
$B0U?^$9$k%3!<%I$Ne$G(B NetMeeting $B$J$I$N(B H.323 $B$rMxMQ$9$k%"%W%j%1!<(B
$B%7%g%s$,2TF0$7$F$$$k>l9g$N$_967b$KMxMQ2DG=$G$"$k!#(B
(B
(B23. Microsoft Jet Database Engine Remote Code Execution Vulnerab...
(BBugTraq ID: 10112
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10112
$B$^$H$a(B:
(B
(BMicrosoft Jet Database Engine (Jet) $B$O!"%j%b!<%H$N967bl9g!"967bhttp://www.securityfocus.com/bid/10113
$B$^$H$a(B:
(B
(BMicrosoft Negotiate Security Software Provider (SSP) $B%$%s%?!<%U%'%$%9$O!"(B
$B%j%b!<%H$+$i967b$KMxMQ2DG=$J%P%C%U%!%*!<%P!<%U%m!<$NLdBj$rJz$($F$$$k5?$$(B
$B$,$"$k!#B?$/$N>l9g!"$3$NLdBj$rMxMQ$9$k967b$O!"%5!<%S%9ITG=>uBV$r0z$-5/$3(B
$B$9$,!"0U?^$9$k%3!<%I$Nhttp://www.securityfocus.com/bid/10114
$B$^$H$a(B:
(B
$B%I%a%$%s%3%s%H%m!<%i$H$7$FF0:n$7$F$$$k(B Microsoft Windows 2000 Server $B$O!"(B
$B%5!<%S%9ITG=>uBV$,0z$-5/$3$5$l$kLdBj$,$"$k$HJs9p$5$l$F$$$k!#(B
(B
$B$3$NLdBj$O!"1F6A$ruBV$r0z$-5/$3$9$3$H$,2DG=$G$"$k!#(B
(B
(B26. Microsoft Windows SSL Library Denial of Service Vulnerabilit...
(BBugTraq ID: 10115
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10115
$B$^$H$a(B:
(B
(BMicrosoft Windows SSL $B%i%$%V%i%j$K$O!"%5!<%S%9ITG=>uBV$,0z$-5/$3$5$l$kLd(B
$BBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#Js9p$K$h$k$H!"967buBV$r0z$-5/$3$9!#(B
(B
(BWindows 2000 $B$*$h$S(B Windows XP $B$K$*$$$F!"$3$NLdBj$rMxMQ$9$k967b$K@.8y$7(B
$B$?>l9g!"%3%s%T%e!<%?$O(B SSL $B@\B3$rhttp://www.securityfocus.com/bid/10116
$B$^$H$a(B:
(B
(BMicrosoft Windows $B3Fl9g!"%j%b!<%H$N967be$G0-0U$"$k%3!<(B
$B%I$7!"7k2L$H$7$F%3%s%T%e!<%?$r40A4$K?/32$G$-$k2DG=@-$,$"$k!#(B
(B
$B$3$NLdBj$O!"%m!<%+%k$N%f!<%6$,0-0U$"$k%Q%i%a!<%?$rLdBj$rJz$($k%3%s%]!<%M(B
$B%s%H$KBPOC<0$^$?$OJL$N%"%W%j%1!<%7%g%s$r2p$7$FEO$9$3$H$K$h$j0-MQ2DG=$G$"(B
$B$k$HJs9p$5$l$F$$$k!#(B
(B
$B$3$NLdBj$O(B Web $B%5!<%P$H$$$C$?(B SSL $B$,M-8z$K$J$C$F$$$k%3%s%T%e!<%?$K$N$_1F(B
$B6A$,5Z$V$HJs9p$5$l$F$$$k$,!"FCDj$N>u672<$G$O(B Windows 2000 $B%I%a%$%s%3%s%H(B
$B%m!<%i$b1F6A$rl9g$N$_$G$"$k!#Js9p$K$h$k$H!"$3$NLd(B
$BBj$rMxMQ$9$k967b$r@.8y$5$;$k$?$a$K$O!"(BPCT 1.0 $B$*$h$S(B SSL 2.0 $B$NN>J}$,M-(B
$B8z$G$"$kI,MW$,$"$k!#(B
(B
(B28. Microsoft Virtual DOS Machine Local Privilege Escalation Vul...
(BBugTraq ID: 10117
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10117
$B$^$H$a(B:
(B
(BVirtual DOS Machine (VDM) $B$K$O!"%m!<%+%k$N%f!<%6$,8"8B>:3J2DG=$JLdBj$,B8(B
$B:_$9$k!#$3$NLdBj$O!"967bhttp://www.securityfocus.com/bid/10118
$B$^$H$a(B:
(B
(BMicrosoft ASN.1 $B%i%$%V%i%j$O!"%R!<%W%a%b%jNN0h$rFs=E3+J|$7$F$7$^$&LdBj$K(B
$B$h$j%a%b%jFbMF$,=q$-49$($i$l$kLdBj$rJz$($F$$$k5?$$$,$"$k!#$3$NLdBj$K$h$j!"(B
$B%j%b!<%H$N967be$G0U?^$7$?%3!<%I$ruBV$K4Y$k2DG=@-$,$"$k$,!"$3$NLdBj$O%3%s%T%e!<%?>e(B
$B$N(B SYSTEM $B8"8B$rC%http://www.securityfocus.com/bid/10119
$B$^$H$a(B:
(B
(BMicrosoft $B$O(B Help and Support Center $B$K(B HCP URI $B$NBEEv@-3NG'J}K!$K4XO"$9(B
$B$kLdBj$,B8:_$9$k$HJs9p$7$F$$$k!#Js9p$K$h$k$H!"$3$NLdBj$O0-0U$"$k(B Web $B%Z!<(B
$B%8$^$?$O(B HTML $B7A<0$NEE;R%a!<%k$r2p$7$F!"%/%i%$%"%s%H%3%s%T%e!<%?>e$G0U?^(B
$B$7$?%3!<%I$re(B
$B$N4{CN$N>l=j$KG[CV$9$k$3$H$K$h$j!"$3$NLdBj$r0-MQ$7$F0-0U$"$k%3%s%F%s%D$r(B
$B%m!<%+%k%>!<%s$Gr7o$K$D$$$F$O(B
$BFC$KIU$1$F$$$J$$!#(B
(B
(B31. Microsoft Windows WMF/EMF Image Formats Remote Buffer Overfl...
(BBugTraq ID: 10120
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10120
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BMicrosoft Windows $B$O!"(BWMF/EMF $B2hA|%U%!%$%k$rIA2h$9$k:]!"%j(B
$B%b!<%H$+$i%P%C%U%!%*!<%P!<%U%m!<$r0z$-5/$3$5$l$kLdBj$rJz$($F$$$k5?$$$,$"(B
$B$k!#967buBV$K4Y$k$,!"967bhttp://www.securityfocus.com/bid/10121
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BMicrosoft Windows $B$O!"K\Mh$O5v2D$5$l$F$$$J$$%M%C%H%o!<%/DL(B
$B?.$r2DG=$K$9$k%*%V%8%'%/%H(B ID $B$r@8@.$9$kJ}K!$KLdBj$rJz$($F$$$k5?$$$,$"$k!#(B
$B$3$NLdBj$O!"%W%m%;%9$,0BA4$G$O$J$$>uBV$Ge$NITHw$K5/0x$9(B
$B$k!#(B
(B
$B$3$NLdBj$O%m!<%+%k$N967be$NK\Mh$O5v2D(B
$B$5$l$F$$$J$$%]!<%H$r3+$/$?$a$KMxMQ$5$l$k2DG=@-$,$"$k!#$3$NLdBj$K$h$j!"1F(B
$B6A$rhttp://www.securityfocus.com/bid/10122
$B$^$H$a(B:
(B
(BMicrosoft Windows $B$N(B Local Descriptor Table $B%W%m%0%i%_%s%0%$%s%?%U%'!<%9(B
$B$O!"8"8B>:3J$,2DG=$JLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#(B
(B
$BJs9p$K$h$k$H!"$3$NLdBj$K$h$j!"%m!<%+%k$N967b:3J$7$?8"8B$G0U(B
$B?^$7$?%3!<%I$rhttp://www.securityfocus.com/bid/10123
$B$^$H$a(B:
(B
(BCOM Internet Service $B$*$h$S(B RPC over HTTP $B%5!<%S%9$K$O!"%5!<%S%9ITG=>uBV(B
$B$K4Y$kLdBj$,B8:_$9$k$HJs9p$5$l$F$$$k!#$3$NLdBj$O!"$3$l$i$N%5!<%S%9$,0-0U(B
$B$"$k%M%C%H%o!<%/1~Ez$rE,@Z$K=hM}$7$J$$$3$H$K5/0x$9$k!#(B
(B
$B$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"%j%b!<%H$N967be$G0U?^$7$?%3!<%I$r\$G$"$k!#(B
(B
(B35. Microsoft Windows Utility Manager Local Privilege Escalation...
(BBugTraq ID: 10124
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10124
$B$^$H$a(B:
(B
(BMicrosoft Utility Manager $B$O%m!<%+%k$K$*$$$F8"8B>:3J2DG=$JLdBj$rJz$($F$$(B
$B$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#Js9p$K$h$k$H!"%m!<%+%k$N%f!<%6$O$3$N%=%U%H(B
$B%&%'%"$K1F6A$r5Z$\$7!"0U?^$9$k%3!<%I$rhttp://www.securityfocus.com/bid/10125
$B$^$H$a(B:
(B
(BMicrosoft Windows Management $B$O%m!<%+%k$K$*$$$F8"8B>:3J2DG=$JLdBj$rJz$((B
$B$F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#Js9p$K$h$k$H!"%m!<%+%k$N%f!<%6$O$3$N%=(B
$B%U%H%&%'%"$rMxMQ$9$k$3$H$K$h$j!"8"8B$r>:3J$5$;$k2DG=@-$,$"$k!#(B
(B
$B%m!<%+%k$N967bhttp://www.securityfocus.com/bid/10126
$B$^$H$a(B:
(B
(BMicrosoft Windows $B$N%m%0%*%s%W%m%;%9$G$"$k(B "winlogon" $B$O%j%b!<%H$+$iMxMQ(B
$B$5$l$k2DG=@-$,$"$k%P%C%U%!%*!<%P!<%U%m!<$NLdBj$rJz$($F$$$k5?$$$,$"$k$HJs(B
$B9p$5$l$F$$$k!#Js9p$K$h$k$H!"$3$NLdBj$OLdBj$rJz$($k%[%9%H$,(B Active
(BDirectory $B%I%a%$%s$N%a%s%P!<$G$"$k:]$KB8:_$9$k!#%m%0%*%s>pJs$r=hM}$9$k:]!"(B
(BWindows $B$N%m%0%*%s%W%m%;%9$O(B Active Directory $B$+$i%G!<%?$rFI$_9~$`!#$3$N(B
$BFI$_9~$_8F$S=P$7$O!"8F$P$l$?%G!<%?$r%W%m%;%9%a%b%j$Nhttp://www.securityfocus.com/bid/10127
$B$^$H$a(B:
(B
(BRPCSS $B%5!<%S%9$K%5!<%S%9ITG=>uBV$K4Y$kLdBj$,B8:_$9$k$HJs9p$5$l$F$$$k!#$3(B
$B$NLdBj$O!"$3$N%"%W%j%1!<%7%g%s$,0U?^E*$K:n@.$5$l$?%M%C%H%o!<%/%a%C%;!<%8(B
$B$rE,@Z$K=hM}$7$J$$$3$H$K5/0x$9$k!#(B
(B
$B$3$NLdBj$rMxMQ$9$k967b$K@.8y$7$?>l9g!"%j%b!<%H$N967b$N(B Windows $B4D6-$N%3%s%T%e!<(B
$B%?$Oe$Ghttp://www.securityfocus.com/bid/10128
$B$^$H$a(B:
(B
(BPHP-NuKe $B$O%j%b!<%H$+$iMxMQ$5$l$k2DG=@-$,$"$k%/%m%9%5%$%H%9%/%j%W%F%#%s(B
$B%0$NLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#$3$NLdBj$O!"(B
(B'cookiedecode()' $B4X?t$,%f!<%6$,EO$9(B Cookie $B$N%Q%i%a!<%?$NL5322=$rE,@Z$K(B
$B=hM}$7$J$$$3$H$K5/0x$9$k!#(B
(B
$B$3$l$i$NLdBj$K$h$j!"%j%b!<%H$N967bl9g!"0-0U$"$k%3!<%I$O5>@7e$G2rZMQ>pJs(B
$B$N@`$N967b$,2DG=$K$J$k$H?d;!$5$l$k!#(B
(B
(B40. TUTOS Multiple Input Validation Vulnerabilities
(BBugTraq ID: 10129
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10129
$B$^$H$a(B:
(B
(BTUTOS $B$NMM!9$J%b%8%e!<%k$KJ#?t$NLdBj$,3NG'$5$l$F$$$k!#$3$l$i$NLdBj$K$h$j!"(B
$B%j%b!<%H$N967bpJs$N3+<(!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$rMxMQ$9(B
$B$k967b!"$*$h$S(B SQL $BJ8$rCmF~$9$k967b$H$$$C$?MM!9967b$,http://www.securityfocus.com/bid/10130
$B$^$H$a(B:
(B
(BBEA WebLogic Server and Express $B$O!"4IM}5$r0z$-5/$3$92DG=@-$,$"$kLdBj$rJz$((B
$B$F$$$k5?$$$,$"$k!#$3$NLdBj$O%G%U%)%k%H$NG'>Z%W%m%P%$%@$KB8:_$7!"IT@5$J4I(B
$BM}http://www.securityfocus.com/bid/10131
$B$^$H$a(B:
(B
(BBEA $B$O!"(BWebLogic Server $B$*$h$S(B WebLogic Express $B$K1F6A$r5Z$\$9LdBj$rJs9p(B
$B$7$F$$$k!#$3$NLdBj$K5/0x$7$F!"$3$l$i$N%=%U%H%&%'%"$NLdBj$rJz$($k%P!<%8%g(B
$B%s$OJ?J8$N%G!<%?%Y!<%9$N%Q%9%o!<%I$r@_Dj%U%!%$%k$K=q$-9~$`2DG=@-$,$"$k!#(B
$BJs9p$K$h$k$H!"$3$NLdBj$O%5!<%P$,BP>]$H$7$F$$$J$$(B JDBC $B%3%M%/%7%g%s%W!<%k(B
$B$rMxMQ$7!"@_Dj$5$l$?%Q%9%o!<%I$rJ];}$7$F$$$k:]$K$N$_@8$8$k!#(B
(B
$B967bhttp://www.securityfocus.com/bid/10132
$B$^$H$a(B:
(B
(BBEA WebLogic Server$B!"(BWebLogic Express $B$O!"967bhttp://www.securityfocus.com/bid/10133
$B$^$H$a(B:
(B
(BWebLogic Server $B$*$h$S(B Express $B$O!"%m!<%+%k$K$*$$$F%f!<%6L>!"%Q%9%o!<%I(B
$B$,O31L$7$F$7$^$&LdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#$3$NLdBj$O!"(B
$B%7%9%F%`5/F0;~$KMxMQ$5$l$k%f!<%6L>!"%Q%9%o!<%I$r3+<(2DG=$J!"FCDj$NFbIt4X(B
$B?t$Ne$NITHw$K5/0x$9$k!#(B
(B
$B$3$NLdBj$rMxMQ$9$k$3$H$G!"%m!<%+%k$N967b!"%Q%9%o!<%I$rMxMQ$7$FG'>Z$rDL2a$9$k$3$H$,2DG=$H$J$k!#$=$N%f!<%6L>!"(B
$B%Q%9%o!<%I$OI,$:$7$b4IM}http://www.securityfocus.com/bid/10134
$B$^$H$a(B:
(B
(BNovell Nsure $B$O!"(BNovell Identity Manager Password Policies $B$,%$%s%9%H!<(B
$B%k$5$l!"(Buniversal password $B%*%W%7%g%s$,M-8z$H$J$C$F$$$k>l9g$KLdBj$rJz$((B
$B$F$$$k2DG=@-$,$"$k!#(B
(B
$B%Q%9%o!<%I$N%R%s%H$,J?J8$GJ]B8$5$l$k$?$a!"$3$N%R%s%H$,O31L$7$F$7$^$&2DG=(B
$B@-$,$"$k!#(B
(B
$B$3$NJ}K!$K$h$C$F<}=8$5$l$?>pJs$O!"967bBP>]$N%3%s%T%e!<%?$KBP$9$k$5$i$J$k(B
$B967b$r;E3]$1$k$?$a$KM-MQ$H$J$k2DG=@-$,$"$k!#(B
(B
(B46. PHP-Nuke Multiple SQL Injection Vulnerabilities
(BBugTraq ID: 10135
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 13 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10135
$B$^$H$a(B:
(B
(BPHP-Nuke $B$O(B SQL $BJ8$,A^F~$5$l$k!"J#?t$NLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5(B
$B$l$F$$$k!#$3$l$i$NLdBj$O!"%f!<%6$NF~NOCM$NL5322=$,IT==J,$G$"$k$3$H$K5/0x(B
$B$9$k!#(B
(B
$B$3$l$i$NLdBj$N7k2L$H$7$F!"967bpJs$X%"%/%;%92DG=$H$J$k$h$&$J!"B>$N967b$b(B
$Bhttp://www.securityfocus.com/bid/10136
$B$^$H$a(B:
(B
(BNeon client library $B$O!"%j%b!<%H$+$iMxMQ2DG=$J!"=q<0;XDj;R$r4^$`J8;zNs$N(B
$Be$G!"0U?^$7$?%3!<%I$rhttp://www.securityfocus.com/bid/10137
$B$^$H$a(B:
(B
(BEudora $B$O!"2aEY$KF~$l;R9=B$$K$J$C$F$$$k(B MIME $B$r4^$`EE;R%a!<%k$r=hM}$9$k(B
$B:]!"%5!<%S%9ITG=>uBV$K4Y$kLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l$F$$$k!#$3(B
$B$NLdBj$O!"$3$N%=%U%H%&%'%"$,?<$$3,AX$KF~$l;R$5$l$F$$$k%a%C%;!<%8$r%G%3!<(B
$B%I$7$h$&$H$9$k:]$KH/@8$9$k$3$H$,4{CN$H$J$C$F$$$k!#(B
(B
$B$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"967b\$G$"$k!#(B
(B
$B0-0U$N$"$k%a%C%;!<%8$,%/%i%$%"%s%H$N%a!<%k%9%W!<%k$K;D$k$?$a!"LdBj$rJz$((B
$B$k>u67$,1JB3$9$k2DG=@-$,$"$kE@$KN10U$9$Y$-$G$"$k!#(B
(B
(BEudora 6.0.3 $B$,$3$NLdBj$rJz$($F$$$k$HJs9p$5$l$F$$$k$,!"B>$N%P!<%8%g%s$b(B
$BF1MM$K1F6A$rhttp://www.securityfocus.com/bid/10138
$B$^$H$a(B:
(B
(BCVS $B%/%i%$%"%s%H$K$*$$$FLdBj$,H/8+$5$l$F$$$k!#Js9p$K$h$k$H!"(Brivision
(Bcontrol system (RCS) $B$N(B diff $B%U%!%$%k$K$*$1$kLdBj$rMxMQ$9$k$3$H$G!"967b(B
$Bhttp://www.securityfocus.com/bid/10139
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H(B Zaep AntiSpam $B$O%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$rJz$($F(B
$B$$$k5?$$$,$"$k!#$3$NLdBj$O!"$3$N%=%U%H%&%'%"$K$h$k!"%f!<%6$,M?$($?(B URI 
$BF~NOCM$KBP$9$kL5322=$,IT==J,$G$"$k$3$H$K5/0x$9$k!#(B
(B
$B$3$NLdBj$K$h$j!"%j%b!<%H$N967bl9g!"$3$N0-0U$"$k%3!<%I$O967bBP>]$H$J$k%f!<(B
$B%6$N(B Web $B%V%i%&%6$G2rhttp://www.securityfocus.com/bid/10140
$B$^$H$a(B:
(B
(BCVS $B%5!<%P$O%"%/%;%98"$NBEEv@-3NG'$KLdBj$rJz$($F$$$k5?$$$,$"$k$HJs9p$5$l(B
$B$F$$$k!#Js9p$K$h$k$H!"$3$N%=%U%H%&%'%"$O!"%Q%$%W$5$l$?%A%'%C%/%"%&%H$NBE(B
$BEv@-3NG'$r==J,$K9T$o$J$$!#$^$?!"$3$N%=%U%H%&%'%"$O(B cvsroot $B$NHO0O30$N%Q(B
$B%9$KBP$9$k%Q%$%W$5$l$?%A%'%C%/%"%&%H$NMW5a$r]$N%5!<%P$KBP$7$F$5$i$J$k967b$r;E3](B
$B$1$k$N$KM-MQ$K$J$k$H?d;!$5$l$k!#(B
(B
(B52. Linux Kernel ISO9660 File System Buffer Overflow Vulnerabili...
(BBugTraq ID: 10141
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 14 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10141
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H(B Linux $B%+!<%M%k$K$O%m!<%+%k$K$*$$$F(B ISO9660 $B%U%!%$%k%7%9%F%`(B
$B$,%P%C%U%!%*!<%P!<%U%m!<$r0z$-5/$3$9LdBj$rJz$($F$$$k5?$$$,$"$k!#$3$NLdBj(B
$B$O!"%U%!%$%k%7%9%F%`$N>pJs$r=hM}$9$k:]$K!"%P%C%U%!$N6-3&%A%'%C%/$,E,@Z$K(B
$B9T$o$l$J$$$3$H$K5/0x$9$k!#$3$NLdBj$r0-MQ$9$k$?$a$K$O!"967bhttp://www.securityfocus.com/bid/10142
$B$^$H$a(B:
(B
(Bmysqld_multi $B$O!"0l;~%U%!%$%k$r0BA4$K$G0l;~%U%!%$%k$r:n@.$9$k2DG=@-(B
$B$,$"$k!#(B
(B
$B967bl9g$K7k2L$H$7$FLdBj$rJz$($k(B
$B%9%/%j%W%H$,http://www.securityfocus.com/bid/10143
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H(B JFS $B%U%!%$%k%7%9%F%`$,@0M}$5$l$kJ}K!$K4XO"$7$F(B Linux $B%+!<%M(B
$B%k$KLdBj$,B8:_$9$k!#6qBNE*$K$O!"(Broot $B%f!<%6$,@x:_E*$K$3$l$i$N%U%!%$%k%7(B
$B%9%F%`>e$NFbL)$^$?$O=EMW$J>pJs$X$N%"%/%;%98"$rC%pJs$K4{$K%"%/%;%9$7$h$&$H$7$F$$$J$$>l9g$K(B
$B$N$_%;%-%e%j%F%#>e$N%j%9%/$,B8:_$9$k!#(B
(B
(B55. Microsoft Outlook/Outlook Express Remote Denial Of Service V...
(BBugTraq ID: 10144
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 14 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10144
$B$^$H$a(B:
(B
(BMicrosoft Outlook $B$*$h$S(B Outlook Express $B$O!"%j%b!<%H$+$i%5!<%S%9ITG=>u(B
$BBV$r0z$-5/$3$5$l$kLdBj$rJz$($F$$$k5?$$$,$"$k!#$3$NLdBj$O!"EE;R%a!<%k$NK\(B
$BJ8$K(B NULL $B$,B8:_$7$?>l9g$K@8$8$k$HJs9p$5$l$F$$$k!#(B
(B
$B$3$NLdBj$rJz$($k%=%U%H%&%'%"$,>e=R$N0-0U$"$kEE;R%a!<%k$r=hM}$9$k:]$K!"(B
(BGUI $B$OH?1~$rDd;_$9$k!#(B
(B
$B$3$NLdBj$rMxMQ$9$k967b$K$h$j!"%j%b!<%H$N967buBV$K4Y$i$;$k$3$H(B
$B$,2DG=$G$"$k$H?d;!$5$l$k!#(B
(B
(B56. Mozilla Messenger Remote Denial Of Service Vulnerability
(BBugTraq ID: 10145
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 14 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10145
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BMozilla Messenger $B$O!"%j%b!<%H$+$i%5!<%S%9ITG=>uBV$r0z$-5/(B
$B$3$5$l$kLdBj$rJz$($F$$$k5?$$$,$"$k!#$3$NLdBj$O!"EE;R%a!<%k$NK\J8$K$F(B 
(BNULL $B$r=hM}$9$k:]$K@8$8$k!#(B
(B
$BJs9p$K$h$k$H!"$3$N$h$&$J0-0U$"$kEE;R%a!<%k$rl9g!"$3$NLdBj$rJz(B
$B$($k%=%U%H%&%'%"$N(B GUI $B$OE,@Z$J1~Ez$,ITG=$H$J$k!#(B
(B
$B%j%b!<%H$N967bhttp://www.securityfocus.com/bid/10146
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BPostNuke Pheonix $B$O!"J#?t$N%b%8%e!<%k$K$*$$$F%j%b!<%H$+$i(B 
(BSQL $BJ8$rCmF~$5$l$kLdBj$rJz$($F$$$k5?$$$,$"$k!#$3$NLdBj$O!"$3$N%=%U%H%&%'(B
$B%"$K$h$k!"%f!<%6$,M?$($?(B URI $BF~NO%G!<%?$KBP$9$kL5322=$,IT==J,$G$"$k$3$H(B
$B$K5/0x$9$k!#(B
(B
$B$3$NLdBj$K$h$j!"%j%b!<%H$N967bpJs$X$NIT@5$J%"%/%;%9!"$^$?$O!"(B
$B%G!<%?%Y!<%9$N%G!<%?GK2u$K7R$,$k2DG=@-$,$"$k!#$^$?!"(BSQL $BJ8$rCmF~$9$k967b(B
$B$O!"LdBj$rJz$($k%=%U%H%&%'%"$,MxMQ$9$k%G!<%?%Y!<%9$Nhttp://www.securityfocus.com/bid/10147
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BBID 9620 (GNU Mailman Malformed Message Remote Denial Of
(BService Vulnerability) $B$G<($5$l$F$$$kLdBj$r=$@5$9$k$?$a$K(B RedHat $B$K$h$j(B
$B%j%j!<%9$5$l$?%"%C%W%G!<%H(B(RHSA-2004:019) $B$O!"%5!<%S%9ITG=>uBV$K4Y$kLdBj(B
$B$r$b$?$i$9!#(B
(B
$B$3$NLdBj$rMxMQ$9$k%j%b!<%H$N967be!"@5Ev$J%f!<%68~$1$N%5!<%S%9Ds6!$rMxMQITG=>uBV$K4Y$i$;$k$3$H$,2DG=(B
$B$G$"$k$H?d;!$5$l$k!#(B
(B
(B59. ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerabi...
(BBugTraq ID: 10148
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 14 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10148
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BZoneAlarm Pro/Plus MailSafe $B$N0lIt$N%P!<%8%g%s$KLdBj$,B8:_(B
$B$9$k!#$3$N%=%U%H%&%'%"$O!"FCDj$N3HD%;R$NE:IU%U%!%$%k$r3VN%$9$k$h$&$K@_Dj(B
$B$5$l$F$$$k2DG=@-$,$"$k!#Js9p$K$h$k$H!"@)8B$5$l$F$$$kE:IU%U%!%$%k$N%U%!%$(B
$B%kL>$KFCDj$N3HD%J8;z$,4^$^$l$F$$$k>l9g!"$3$N%=%U%H%&%'%"$OE:IU%U%!%$%k$r(B
$B3VN%$7$J$$2DG=@-$,$"$k!#(B
(B
(B60. Xonix X11 Game Insecure Privilege Dropping Vulnerability
(BBugTraq ID: 10149
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10149
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BXonix $B$O!"967b:3J$,2DG=$K$J$k$H?d;!$5$l$kLdBj$rJz(B
$B$($F$$$k5?$$$,$"$k!#$3$NLdBj$O!"$3$N%=%U%H%&%'%"$,8"8B$r9_3J$5$;$J$$$3$H(B
$B$K5/0x$9$k!#$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"%m!<%+%k$N967b$N%P!<%8%g%s$b(B
$BF1MM$K1F6A$r\:Y$,ITB-$7$F$$$k$?$a!"8=;~E@$G$O$5$i$J$k>pJs$O8x3+$5$l$F$$$J$$!#$3$N(B 
(BBID $B$O!"$5$i$J$k>pJs$,8x3+$5$lhttp://www.securityfocus.com/bid/10150
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(Bssmtp $B$O!"%j%b!<%H$N967bl9g!"967bhttp://www.securityfocus.com/bid/10151
$B$^$H$a(B:
(B
(BLinux $B%+!<%M%k$K$O!"(BXFS $B%U%!%$%k%7%9%F%`$K=q$-9~$_$r9T$&:]$K>pJs$,3+<($5(B
$B$l$kLdBj$,B8:_$9$k$HJs9p$5$l$F$$$k!#$3$NLdBj$O!"@_7W>e$NITHw$K5/0x$7$F$*(B
$B$j!"0lIt$N%+!<%M%k>pJs$N3+<($r0z$-5/$3$9!#(B
(B
$BJs9p$K$h$k$H!"$3$NLdBj$rMxMQ$9$k967b$K$O!"967bpJs$K%"%/(B
$B%;%9$9$k0U?^$,$J$$>l9g$N$_!"%;%-%e%j%F%#>e$N6<0R$H$J$k!#(B
(B
(B63. Linux Kernel EXT3 File System Information Leakage Vulnerabil...
(BBugTraq ID: 10152
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10152
$B$^$H$a(B:
(B
(BLinux $B%+!<%M%k$K$O!"(Bext3 $B%U%!%$%k%7%9%F%`$K=q$-9~$_$r9T$&:]$K>pJs$,3+<((B
$B$5$l$kLdBj$,B8:_$9$k$HJs9p$5$l$F$$$k!#$3$NLdBj$O!"@_7W>e$NITHw$K5/0x$7$F(B
$B$*$j!"0lIt$N%+!<%M%k>pJs$N3+<($r0z$-5/$3$9!#(B
(B
$BJs9p$K$h$k$H!"$3$NLdBj$rMxMQ$9$k967b$K$O!"967bpJs$K%"%/(B
$B%;%9$9$k0U?^$,$J$$>l9g$N$_!"%;%-%e%j%F%#>e$N6<0R$H$J$k!#(B
(B
(B64. PHPBugTracker Multiple Input Validation Vulnerabilities
(BBugTraq ID: 10153
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10153
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BphpBugTracker $B$O!"F~NOCM$NBEEv@-3NG'$NLdBj$rJ#?tJz$($F$$$k!#(B
$B$3$N%=%U%H%&%'%"$O!"(BSQL $BJ8$,CmF~$5$l$kJ#?t$NLdBj!"%/%m%9%5%$%H%9%/%j%W%F%#(B
$B%s%0$NLdBj!"$*$h$S(B HTML $B%?%0$,CmF~$5$l$kLdBj$rJz$($F$$$k5?$$$,$"$k!#$3$l(B
$B$i$NLdBj$O!"A4$F!"$3$N%=%U%H%&%'%"$K$h$k%f!<%6$,M?$($?F~NOCM$KBP$9$kL532(B
$B2=$,IT==J,$G$"$k$3$H$K5/0x$9$k!#(B
(B
(BSQL $BJ8$,CmF~$5$l$kLdBj$K$h$j!"%j%b!<%H$N967bpJs$X$NIT@5$J%"%/%;%9!"$^$?$O!"%G!<%?%Y!<%9%G!<%?$NGK2u$K7R$,$k2DG=@-$,(B
$B$"$k!#$^$?!"(BSQL $BJ8$rCmF~$9$k967b$O!"$3$N%=%U%H%&%'%"$,MxMQ$9$k%G!<%?%Y!<(B
$B%9ZMQ>pJs!"$*$h$S!"$=$NB>$N=EMW$J>pJs$N@`$N967b$b9T$o$l$k2DG=@-$,$"$k!#(B
(B
(B65. SCT Campus Pipeline Email Attachment Script Injection Vulner...
(BBugTraq ID: 10154
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10154
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BCampus Pipeline $B$O!"%j%b!<%H$+$iEE;R%a!<%k$NE:IU%U%!%$%k$K(B
$B%9%/%j%W%H$rCmF~$5$l$kLdBj$rJz$($F$$$k5?$$$,$"$k!#$3$NLdBj$O!"$3$N%=%U%H(B
$B%&%'%"$K$h$k!"%f!<%6$,EE;R%a!<%kFb$GM?$($?(B HTML $B%?%0$*$h$S%9%/%j%W%H%3!<(B
$B%I$NL5322=$,IT==J,$G$"$k$3$H$K5/0x$9$k!#(B
(B
$B$3$NLdBj$K$h$j!"%j%b!<%H$N967b]$H$J$k%f!<%6$NEE;R%a!<%k%"%+%&%s%H$rA`:n(B
$B2DG=$K$J$k!#967bZMQ>pJs$N@`]$H$J$k%"%+(B
$B%&%s%H$KBP$9$k$5$i$J$k%;%-%e%j%F%#>e$N6<0R$K7R$,$k2DG=@-$,$"$k!#$3$l$K$D(B
$B$$$F$O!"L$8!>Z$G$"$k$3$H$KN10U$9$Y$-$G$"$k!#(B
(B
(B66. Cisco IPsec VPN Client Group Password Disclosure Vulnerabili...
(BBugTraq ID: 10155
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10155
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BCisco IPsec VPN $B%/%i%$%"%s%H$O!"7k2L$H$7$F(B Group Password 
$B$X$N%;%-%e%j%F%#>e$N6<0R$,0z$-5/$3$5$l$k2DG=@-$,$"$kLdBj$rJz$($F$$$k5?$$(B
$B$,$"$k!#Js9p$K$h$k$H!"$3$NLdBj$O!"(BGroup Password $B$,%W%m%;%9%a%b%j$K3JG<(B
$B$5$l$k:]$K!"2?$i$+$NJ}K!$G0E9f2=$^$?$O1#JC2=$5$l$J$$$3$H$K5/0x$9$k!#(B
(B
(B67. Gemitel Affich.PHP Remote File Include Command Injection Vul...
(BBugTraq ID: 10156
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10156
$B$^$H$a(B:
(B
(BGemitel $B$K$h$kF~NOCM$N=hM}$KLdBj$,3NG'$5$l$F$$$k!#$3$N$?$a!"%j%b!<%H$N%f!<(B
$B%6$O!"LdBj$rJz$($k%=%U%H%&%'%"$rMxMQ$9$k%3%s%T%e!<%?$KIT@5$K%"%/%;%92DG=(B
$B$G$"$k$H?d;!$5$l$k!#(B
(B
$BFCDj$N%U%!%$%k$N%$%s%/%k!<%I%Q%9$r2~JQ2DG=$G$"$j!"967b$N%3%s%T%e!<(B
$B%?$+$i$N0U?^$9$k(B PHP $B%U%!%$%k$N%$%s%/%k!<%I$K7R$,$k2DG=@-$,$"$k!#(B
(B
(B68. Real Networks Helix Universal Server Denial of Service Vulne...
(BBugTraq ID: 10157
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10157
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BReal Networks Helix Universal Server $B$O!"%j%b!<%H$+$i%5!<(B
$B%S%9ITG=>uBV$r0z$-5/$3$5$l$kLdBj$K$h$k1F6A$ruBV$r0z$-5/$3$92DG=@-$,$"$k!#(B
(B
(B69. Macromedia ColdFusion MX File Upload Denial Of Service Vulne...
(BBugTraq ID: 10158
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Apr 15 2004
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/10158
$B$^$H$a(B:
(B
$BJs9p$K$h$k$H!"(BMacromedia ColdFusion MX $B$K$O!"%j%b!<%H$N967buBV$K4Y$i$;$k$3$H$,2DG=$K$J$k$H?d;!$5$l$k!"(B
$B%5!<%S%9ITG=>uBV$,0z$-5/$3$5$l$kLdBj$,B8:_$9$k!#$3$NLdBj$O!"LdBj$rJz$($k(B
$B%5!<%P$,!"%"%C%W%m!<%Ihttp://www.securityfocus.com/news/8472
(B
(B2. War of words rages over Internet taps
$BCx'$9$k!#(B
(B
(Bhttp://www.securityfocus.com/news/8454
(B
(B3. Lamo sentencing postponed
$BCxhttp://www.securityfocus.com/news/8425
(B
(B4. SurfControl secures MessageSoft
$BCxhttp://www.securityfocus.com/news/8474
(B
(B5. PGP to integrate anti-virus defences
$BCxhttp://www.securityfocus.com/news/8470
(B
(B6. The average PC: spyware hotel
$BCxhttp://www.securityfocus.com/news/8469
(B
(B
(BIV. SECURITYFOCUS TOP 6 TOOLS
(B-----------------------------
(B
(B1. Data Keeper v1.05
$B:nhttp://www.synack.com/dkeeper.html
$BF0:n4D6-(B: MacOS
$B$^$H$a(B: 
(B
(BData Keeper $B$O!"0BA4$JJ8=q:n@.$*$h$SJ]B8$r9T$&%"%W%j%1!<%7%g%s$G$9!#FCD'(B
$B$H$7$F!"%f!<%6%Q%9%o!<%I$*$h$S(B SHA 256 $B$r;H$C$F@8@.$5$l$?(B 256 $B%S%C%H$N0E(B
$B9f80$r;}$D(B TwoFish $B0E9f!"2hA|$HGX7J$r4^$`%j%C%A%F%-%9%H$N%5%]!<%H!"$*$h(B
$B$S0u:~$r%5%]!<%H$7$^$9!#J8=q$O!"%f!<%6$,;XDj$7$?;~4V4V3V$G<+F0E*$K0E9f2=(B
$B$5$l$^$9!#%Q%9%o!<%I$^$?$O(B ID $B$NHV9f$N8!=P$r:GE,2=$7!"0E9f2=$5$l$?J8=q$r(B
$B?WB.$KE83+$G$-$k$h$&$K@_7W$5$l$F$$$^$9!#(B
(B
(B2. XML Security Library v1.2.5
$B:nhttp://www.aleksey.com/xmlsec/
$BF0:n4D6-(B: N/A
$B$^$H$a(B: 
(B
(BXML Security Library $B$O(B LibXML2 $B$*$h$S(B OpenSSL $B$KM3Mh$9$k(B C $B8@8l$N%i%$%V(B
$B%i%j$G$9!#$3$N%i%$%V%i%j$Ohttp://la-samhna.de/samhain/
$BF0:n4D6-(B: AIX$B!"(BDigital UNIX/Alpha$B!"(BFreeBSD$B!"(BHP-UX$B!"(BLinux$B!"(BSolaris$B!"(BUnixware
$B$^$H$a(B: 
(B
(Bsamhain $B$O!"%U%!%$%k$N40A4@-$N%A%'%C%/!"%U%!%$%k%D%j!<$+$i$N(B SUID $B$,@_Dj(B
$B$5$l$?%U%!%$%k$N8!:w!"$*$h$S%+!<%M%k%b%8%e!<%k7?$N(B rootkit $B$N8!=P(B(Linux 
$B$N$_(B)$B$r9T$&$3$H$,2DG=$J%G!<%b%s$G$9!#$3$N%=%U%H%&%'%"$O!"%9%?%s%I%"%m!<(B
$B%s$^$?$O!"=8Cf4IM}$N$?$a%5!<%P(B/$B%/%i%$%"%s%H4V$N@\B3$K6/NO$J0E9f(B (192-bit
(BAES) $B$rMxMQ$7$?%5!<%P(B/$B%/%i%$%"%s%H7?$H$7$FMxMQ2DG=$G$"$j!"%*%W%7%g%s$G!"(B
$B%5!<%P>e$K%G!<%?%Y!<%9$*$h$S@_Dj%U%!%$%k$N3JG<$,2DG=$G$9!#JQ99$rKI;_$9$k(B
$B$?$a!"=pL>IU$N%G!<%?%Y!<%9(B/$B@_Dj%U%!%$%k!"$*$h$S=pL>IU$-$N%l%]!<%H(B/$B4F::%m(B
$B%0$r%5%]!<%H$7$F$$$^$9!#$3$N%=%U%H%&%'%"$O!"(BLinux$B!"(BFreeBSD$B!"(BSolaris$B!"(BAIX$B!"(B
(BHP-UX$B!"$*$h$S(B Unixware $B$G$NF0:n$,3NG'$5$l$F$$$^$9!#(B
(B
(B4. Epylog v1.0
$B:nhttp://linux.duke.edu/projects/epylog/
$BF0:n4D6-(B: UNIX
$B$^$H$a(B: 
(B
(BEpylog $B$O!"(BUnix OS $B>e$G$NDj4|E*$J%7%9%F%`%m%0$N4F;k!"FI$_$d$9$$=q<0$G=P(B
$BNO$rI=<($9$k$?$a$N%m%0=PNO$N2r@O(B ($B2r@O%b%8%e!<%k$O8=;~E@$G$O(B Linux $BMQ$N(B
$B$_(B)$B!"$*$h$S:G=*%l%]!<%H$N4IM}e$G$b;HMQ2DG=$G$9$,!"$=$N$h$&$JL\E*$K$O!"(Blogwatch $B$N$h$&$JB>$N(Bb$B%Q%C(B
$B%1!<%8$NJ}$,$*$=$i$/E,$7$F$$$^$9!#(B
(B
(B5. Rootkit Hunter v1.06
$B:nhttp://www.rootkit.nl/
$BF0:n4D6-(B: UNIX
$B$^$H$a(B: 
(B
(BRootkit Hunter $B$O!"4{CN$*$h$SL$CN$N(B rootkit$B!"%P%C%/%I%"!"%9%K%U%!$r8+$D(B
$B$1=P$9$?$a$K%U%!%$%k$d%7%9%F%`$r%9%-%c%s$7$^$9!#$3$N%Q%C%1!<%8$O0l$D$N%7%'(B
$B%k%9%/%j%W%H!"$$$/$D$+$N%F%-%9%H%Y!<%9$N%G!<%?%Y!<%9!"$*$h$S%*%W%7%g%s$N(B 
(BPerl $B%b%8%e!<%k$rF1:-$7$F$$$^$9!#$3$N%=%U%H%&%'%"$O$[$H$s$IA4$F$N(B Unix 
$B$KM3Mh$9$k(B OS $B>e$GF0:n$7$^$9!#(B
(B
(B6. Plugdaemon v2.5.3
$B:nhttp://www.taronga.com/plugdaemon/
$BF0:n4D6-(B: UNIX
$B$^$H$a(B: 
(B
(Bplugdaemon $B$O!"%m!<%I%P%i%s%7%s%0(B "plug" $B%W%m%-%7$G$9!#%m!<%I%P%i%s%7%s(B
$B%0$^$?$O%U%'%$%k%*!<%P!<$rMxMQ$7$?!"(B1$B$D$^$?$OJ#?t$N%[%9%H$X$N(B TCP $B@\B3$N(B
$BE>Aw!"$*$h$S!"(BHTTPS $B%W%m%-%7$r2p$7$?@\B3$N%k!<%F%#%s%0$,2DG=$G$9!#%"%/%;(B
$B%9@)8f$O!"(Bsource $B%$%s%?!<%U%'%$%9$^$?$OAw?.85(B IP $B$K$h$j9T$o$l$^$9!#308~(B
$B$-@\B3$O!";XDj$7$?(B IP $B%"%I%l%908$F$K?6$j8~$1$k$3$H$,2DG=$G$9!#(B
(B
(B--
$BLu(B: $B@>B<9/MN(B(NISHIMURA Yasuhiro)$B!">.NS9nL&(B(KOBAYASHI Katsumi)$B!"(B
$BA}ED@;;R(B(MASUDA Kiyoko)$B!"A}EDCR0l(B(MASUDA Tomokazu)$B!"(B
$BGOCeFF(B(UMAKI Atsushi)$B!"3QED8<;J(B(KAKUDA Motoshi)$B!"(B
$B>!3$D>?M(B(KATSUMI Naoto)$B!"9b66=SB@O:(B(TAKAHASHI Shuntarou)$B!"(B
$B?e>B9n?M(B(MIZUNUMA Katsuhito)$B!"EDCfM%5#(B(TANAKA Yuuki)
$BAjGO4pK.(B(SOUMA Motokuni)
$B4F=$(B: $B@>B<9/MN(B(NISHIMURA Yasuhiro)
(BLAC Co., Ltd.
(Bhttp://www.lac.co.jp/security/
Attachment: smime.p7s
Description: S/MIME cryptographic signature
Next by Date: SecurityFocus Newsletter #246 2004-4-19->2004-4-23
Next by thread: SecurityFocus Newsletter #246 2004-4-19->2004-4-23
Index(es):
- Date
- Thread