超大型振り込め詐欺 (|| ゚Д゚)トラウマー
ブルネイ国王、2 億円被害=インドネシア選挙資金詐欺 (時事ドットコム)
JPCERT/CC WEEKLY REPORT 2009-05-27
- Microsoft IIS の WebDAV 機能に脆弱性
- ntpd にバッファオーバーフローの脆弱性
- CiscoWorks Common Services TFTP にディレクトリトラバーサルの脆弱性
- NSD にバッファオーバーフローの脆弱性
- Novell GroupWise に複数の脆弱性
- アップルップルの a-News にクロスサイトスクリプティングの脆弱性
- 脆弱性低減対策 「セキュアデザインパターン」 (英語版) 公開
Red Hat Security Advisory
- [RHSA-2009:1075-01] Moderate: httpd security update (RHEL5)
- [RHSA-2009:1066-01] Important: squirrelmail security update (RHEL3, RHEL4, RHEL5)
- [RHSA-2009:1062-01] Important: freetype security update (RHEL2.1)
- [RHSA-2009:1061-02] Important: freetype security update (RHEL5)
- [RHSA-2009:1060-02] Important: pidgin security update (RHEL4, RHEL5)
- [RHSA-2009:1059-02] Important: pidgin security update (RHEL3)
- [RHSA-2009:0329-02] Important: freetype security update (RHEL3, RHEL4)
Exploit Code
- Adobe Acrobat <= 9.1.1 Stack Overflow Crash PoC (osx/win)
- Mozilla Firefox 3.0.10 (KEYGEN) Remote Denial of Service Exploit
- Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl)
- PHP <= 5.2.9 Local Safemod Bypass Exploit (win32)
- Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC
- Mozilla Firefox (unclamped loop) Denial of Service Exploit
- Winamp 5.551 MAKI Parsing Integer Overflow Exploit
- Winamp <= 5.55 (MAKI script) Universal Integer Overflow Exploit
- Winamp <= 5.55 (MAKI script) Universal Seh Overwrite Exploit
- Winamp <= 5.55 (MAKI script) Universal Seh Overwrite PoC
- Winamp 5.551 MAKI Parsing Integer Overflow PoC
- Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (php)
- Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)