今日のセキュリティホール情報
□セキュリティホール情報
■NetSecurity
NetSecurity - 4月25日のWeb改竄情報
NetSecurity - セキュリティホール情報<2005/04/25>
NetSecurity - 廃棄したPCから静岡市小中学校生徒の個人情報が流出
NetSecurity - ミニストップ店舗で、ドコモとNTT東日本の払込取扱票を紛失
NetSecurity - みちのく銀行、顧客情報が記載されたCD−ROMを紛失
NetSecurity - トレンドマイクロのウイルスパターンファイルによってPCに不具合
■SIDfm - セキュリティ情報提供サービス
HP-UX に PMTU Discovery により TCP 接続に DoS 攻撃を受ける問題
Red Hat Linux 3 の Kernel に複数のセキュリティホール
■Secunia - Security and Virus Information
2005-04-25
ACS Blog Unspecified Cross-Site Scripting Vulnerability
ACS Blog Login Check Security Bypass Vulnerability
OneWorldStore "idOrder" Disclosure of Sensitive Information
NetIQ Security Manager Directory Traversal Security Bypass
nProtect Netizen Arbitrary File Placement Vulnerability
SafeStone DetectIT Directory Traversal Security Bypass
BIG-IP / 3-DNS Radius Authentication "login_radius" Security Bypass
PowerLock NetworkSecurity Directory Traversal Security Bypass
Bsafe/Global Security for iSeries Directory Traversal Security Bypass
Castlehill Computer Services SECURE/NET Directory Traversal Security Bypass
Musicmatch Jukebox Two Vulnerabilities
Affix "affix_sock_register()" Privilege Escalation Vulnerability
Novell NSure Audit ASN.1 Message Parsing Denial of Service
phpMyVisites Cross-Site Scripting Vulnerabilities
Chora Parent Frame Page Title Cross-Site Scripting Vulnerability
Forwards Parent Frame Page Title Cross-Site Scripting Vulnerability
Accounts Parent Frame Page Title Cross-Site Scripting Vulnerability
Kronolith Parent Frame Page Title Cross-Site Scripting Vulnerability
Nag Parent Frame Page Title Cross-Site Scripting Vulnerability
Mnemo Parent Frame Page Title Cross-Site Scripting Vulnerability
Horde IMP Parent Frame Page Title Cross-Site Scripting Vulnerability
Passwd Parent Frame Page Title Cross-Site Scripting Vulnerability
Turba Parent Frame Page Title Cross-Site Scripting Vulnerability
Vacation Parent Frame Page Title Cross-Site Scripting Vulnerability
BK Forum SQL Injection Vulnerabilities
StorePortal SQL Injection Vulnerabilities
IBM WebSphere Application Server Cross-Site Scripting Vulnerability
Asp Nuke Cross-Site Scripting and SQL Injection Vulnerabilities
RazLee Firewall+++ Directory Traversal Security Bypass
Woltlab Burning Board "hilight" Cross-Site Scripting Vulnerability
CartWIZ Cross-Site Scripting and SQL Injection Vulnerabilities
■SecurityFocus
HP-UXのTCP/IPスタックにDoS攻撃のリモート脆弱性
■iDEFENSE
Max DBのWeb Agentに複数のリモート脆弱性 Stack Overflow
Max DBのWeb Agentに複数のリモート脆弱性 Lock-Token Stack Overflow
■N.S.L. Security Report
(Linux/Unix)
Squid-2.5.STABLE9 Minor Security パッチリリース
(Windows)
トレンドマイクロ パターンファイル問題修正ツール公開
Microsoft Windows で、イメージを読み込みを使ったDoS攻撃の脆弱性
