$B%;%-%e%j%F%#%[!<%k(B memo - 2003.11

Last modified: Thu Feb 12 20:23:16 2004 +0900 (JST)

$B"#(B 2003.11.28

$B"#(B $BDI5-(B

Multiple integer overflows in XFree86 (local/remote)

[RHSA-2003:286-01] Updated XFree86 packages provide security and bug fixes (7.1, 7.2)
[RHSA-2003:287-01] Updated XFree86 packages provide security and bug fixes (7.3, 8.0)

[KDE SECURITY ADVISORY] KDM vulnerabilities

[RHSA-2003:286-01] Updated XFree86 packages provide security and bug fixes (7.1, 7.2)
[RHSA-2003:287-01] Updated XFree86 packages provide security and bug fixes (7.3, 8.0)
[RHSA-2003:288-01] Updated XFree86 packages provide security and bug fixes (9)

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B Exchange 2003 and Outlook Web Access Issue
(Microsoft, 2003.11.25)

$B!!(BMicrosoft Exchange$B$K=EBg$J%P%0(B--$B%a!<%k%"%+%&%s%H$,8x3+$5$l$k4m81@-(B (CNET) $B$H$7$FOCBj$K$J$C$?7o!#(B

$B!!(BExchange 2003 $B$*$h$S(B Windows Server 2003 $B$K(B SharePoint Services 2.0 $B$r%$%s%9%H!<%k$9$k$H!"(BIIS $B$G$N(B Kerberos $BG'>Z$,L58z$K$J$C$F$7$^$$!"LdBj$,H/@8$7$F$$$?LOMM!#(B from 832769 - [HOWTO] Kerberos $BG'>Z$r;HMQ$9$k$h$&$K(B Windows SharePoint Services $B$r9=@.$9$kJ}K!(B:

Microsoft $B%$%s%?!<%M%C%H%$%s%U%)%a!<%7%g%s%5!<%S%9(B (IIS) $B$N2>A[%5!<%P!<$,(B Windows SharePoint Services $B$G3HD%$5$l$k$H!"2>A[%5!<%P!<$OE}9g(B Windows $BG'>Z(B ($B5l>N!"(BNTLM $B$^$?$O(B Windows NT $B%A%c%l%s%8(B/$B%l%9%]%s%9G'>Z(B) $B$r;HMQ$9$k$h$&$K9=@.$5$l$^$9!#(B

$B!!0lC6JQ99$5$l$k$H!"(BSharePoint Services 2.0 $B$r%"%s%$%s%9%H!<%k$7$F$b85$K$OLa$i$J$$!#L@<(E*$K@_Dj$7D>$9I,MW$,$"$k!#J}K!$O(B 832769 - [HOWTO] Kerberos $BG'>Z$r;HMQ$9$k$h$&$K(B Windows SharePoint Services $B$r9=@.$9$kJ}K!(B $B;2>H!#(B

$B!!$^$?!"(B832749 - Microsoft Exchange Server 2003 $B%U%m%s%H%(%s%I%5!<%P!<$G(B HTTP $B@\B3$N:F;HMQ$rL58z$K$9$kJ}K!(B$B$r

$B"#(B $BM%=($J?M:`$,5o$^$9$N$G(B
(TOTORO$B$N<+BDMn!!F|5-(B, 2003.11.19)

$B!!9u%H%H%m$5$s$K$h$k!"$H$"$k!VM-L>$J=;Bp3+H/4k6H!W$N!V%[!<%`%;%-%e%j%F%#!W%7%9%F%`$,$9$4$$!"$H$$$&$+!"$9$5$^$8$$!"$H$$$&OC!#(BNaked Windows XP Embedded$B!"$C$F46$8$J$s$G$7$g$&$+!#$D$E$-(B:

$B!!$7$+$7$3$N%Y%s%@!

$B!!(BPS. $B%$%s%?!<%M%C%H%&%)%C%A$,MW0x!)(B$B!#$G$7$g$&$M!#;d$b$=$3$G8+$D$1$^$7$?$7!#(B

$B"#(B Secunia Advisory SA10289: Internet Explorer System Compromise Vulnerabilities
(Secunia, 2003.11.25)

$B!!(BIE 5.01 / 5.5 / 6 $B$K$$$/$D$b$N=EBg$J7g4Y!#(B IE 6 SP1 + $B:G?7(B patch (MS03-048) $B$G$b:F8=2DG=$@$=$&$@!#(B

$B!!$$$:$l$K$D$$$F$b!"%"%/%F%#%V%9%/%j%W%H$rL58z$K$9$l$P2sHr$G$-$k!#(B $B%$%s%?!<%M%C%H%>!<%s$N%"%/%F%#%V%9%/%j%W%H$OEvLL!VL58z!W$K@_Dj$7$F$*$3$&!#(B $B$A$J$_$K!"(BUnpatched Internet Explorer Bugs $B$O(B 19 $B$K$J$C$F$^$9$M!#(B

$B!!4XO"5-;v(B: Internet Explorer$B$N?7%;%-%e%j%F%#%[!<%k$O!V6K$a$F4m81!W(B (ZDNet)$B!#(B

2003.12.09 $BDI5-(B:

$B!!(B2003.12 $B$N(B Windows hotfix $B$OMQ0U$5$l$J$$(B: No Security Bulletins for December Monthly Release (Microsoft)$B!#$$$D(B fix $B$5$l$k$N$+$OA4$/ITL@!#(B

2004.02.12 $BDI5-(B:

$B!!(BBackToFramedJpu $B$H(B HijackClickV2 $B$O(B Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#=$@5%W%m%0%i%`(B (832894) (MS04-004) $B$G=$@5$5$l$?!#(B

$B"#(B 2003.11.27

$B"#(B $B6b0fJ[8n;N!V%G%8%?%kJ8=q$rJ]B84IM}$7$J$$$HAJ>Y$GITMx$H$J$k!W(B $B
(Enterprise Watch, 2003.11.27)

$B!!6=L#?<$$$G$9!#(B

$BL1;vAJ>YK!$N>rJ8$G$O!V=pL>!&Fh0u$,$"$l$P@5$7$$J8=q$@$H$5$l!"%G%8%?%k%G!<%?$N>l9g$K$O%G%8%?%k=pL>$,$"$l$P!"F1$807$$$K$J$k!W$H$N$3$H$G!"!V;f%Y!<%9$H%G!<%?$NJ8=q$OK!N'$N>e$G07$$$K0c$$$,$J$/$J$C$F$$$k!W$H8l$C$?!#(B

$B!!!V%G%8%?%k=pL>!W$O!VFh0u!W$N$+$o$j$G$"$C$F!V=pL>!W$N$+$o$j$8$c$J$$$s$G$9$1$I$M!D!D!#$=$l$@$1$@$H!V26$8$c$J$$(B!! $B5!3#$,$d$C$?$s$@(B!!$B!W7O$GIi$1$+$M$J$$5$$,!#(B [port139ml:04498] $B$K$b$"$j$^$9$,!"$I$3$+$G%*%U%i%$%s=pL>$r$7$F$*$/$H3N

$BF1;a$O!"!VJ*M}E*$K;D$9;f%Y!<%9$G$N@0M}!&J]4I$H$$$C$?!H%U%!%$%j%s%0!I$N9M$(J}$G$O$J$/!"%G!<%?$K$*$$$F$OF~pJs4IM}ItLg$NI,MW@-$r8l$C$?!#(B

$B!!EE;R%G!<%?$C$F7A$rJQ$($F@8$-$D$E$1$k$3$H$,$"$^$j$KMF0W$@$+$i!"%^%M%8%a%s%H$7@Z$l$J$$!"$3$H$rA0Ds$H$7$?%j%9%/%^%M%8%a%s%H$r$7%J%$%H$@$a$@$H;W$&$s$G$9$h$M!D!D!#(B DRM $B$b$N(B $B$OBh0lJb$J$N$G$7$g$&$,!"$=$l$@$1$G:Q$`OC$G$O$J$$$@$m$&$7!D!D!#(B

$B"#(B $B%^%$%/%m%=%U%H!"(BWindows$B$N@H
(ENTERPRISE WATCH, 2003.11.27)

$B!!$[$&$i!"$d$C$Q$j(B MS03-051 $B$,8+F($5$l$F$k$7!#(B $B%H%i%V%k!&%a%s%F%J%s%9B.Js(B $B$H(B $B6[5^%l%Y%k$N%;%-%e%j%F%#=$@5%W%m%0%i%`$K$D$$$F(B $B$NFbMF$OF14|$5$;$J$/$A$c!#8eMS03-051 $B$,7Y9p$5$l$F$$$k$s$G$9$h$M!#(B

$B!!(B$B6[5^%l%Y%k$N%;%-%e%j%F%#=$@5%W%m%0%i%`$K$D$$$F(B $B$O!"!V:#0lHV4m81$J%;%-%e%j%F%#%[!<%k$O(B?$B!W$r%Z!<%8@hF,$K0\F0$5$;$?J}$,$h$$$N$G$O$J$$$@$m$&$+!#(Balt $BB0@-$b@_Dj$7$F$[$7$$$7!#2hA|$O$b$&$A$g$C$H>.$5$/$F$b$$$$$s$8$c$J$$$+$J$"!#(B

$B"#(B BIND 8.4.3 Release (8.4.3-REL)
(installer ML, Thu, 27 Nov 2003 01:54:10 +0900)

$B!!(BBIND 8.4.3 $BEP>l!#(BBIND 8.3.7 $B$b=P$F$^$9(B$B!#(B 

Highlights (8.4.2)
	Security Fix: Negative Cache Poison Fix.

$B$@$=$&$G$9!#BP1~$9$k(B CHANGELOG $B$O$3$l$G$7$g$&$+(B: 

1581.   [bug]           apply anti-cache poison techniques to negative
                        answers.

$B!!4XO"(B:

$B!!(Bbind 9 $B$J?M$K$O4X78$J$$!"$HM}2r$7$F$h$$$N$+$J!#(B

fix / patch:
Changelog:
2003.12.04

Vine Linux: [ 2003,12,03 ] bind $B$K%;%-%e%j%F%#%[!<%k(B$B!#(B

2003.12.17

NetBSD: NetBSD Security Advisory 2003-018$B!#(B

$B"#(B 2003.11.26

$B"#(B Opera directory traversal and buffer overflow
(bugtraq, Sat, 22 Nov 2003 17:44:17 +0900)

$B!!(BOpera $B$M$?(B$B$N$D$E$-$NOC!#(B Opera 7.22 $B0JA0$K(B 2 $B$D$N7g4Y!#(B

$B!!(Bopera 7.23 $B$G(B fix $B$5$l$F$$$k(B (Changelog)$B!#(Bopera 7.23 $B$NF|K\8lHG$O$^$@$J$$$,!"

$B!!(Bexploit $B$H$5$l$F$$$k$b$N(B: Opera 7.22 File Creation and Execution Exploit (Malicious Webserver)

$B!!4XO"(B:

$B"#(B Mozilla $B$K$*$1$k4{CN$N@H
(mozilla.gr.jp, 2003 $BG/(B 11 $B7n(B $B99?7(B (info from $B$1$s$N$\$d$-(B))

$B!!$3$s$J%Z!<%8$,$"$C$?$H$O!#$H$j$"$($:!"(BMozilla 1.4 $B0JA0$N?M$OB.$d$+$K(B Moziila 1.5 $B$K(B upgrade $B$7$^$;$&!#$C$F$*A0$@$h(B > $B26!#(B

$B!!1Q8l%*%j%8%J%k(B: Known Vulnerabilities in Mozilla (mozilla.org)$B!#(B

$B"#(B 2003.11.25

$B"#(B Important Bug Workaround for Apache 2.0.48 and 1.3.29
($B!3#R%NF|5-(B, 2003.11.25)

$B!!(BApache 1.3.29 $B$*$h$S(B Apache 2.0.48 $B$G(B

$B>l9g$K!"(BApache $B$,%/%i%C%7%e$7$F$7$^$&LOMM!#(B $B2sHrJ}K!$H$7$F$O!"(BCookieName Apache $B$N$h$&$K!"L@<(E*$K(B CookieName $B$r@_Dj$9$l$P$h$$!#(B Bug 24483 $B$K$O(B Apache 2.0.48 $BMQ$N(B patch $B$b<($5$l$F$$$k!#(B

$B"#(B Windows HotFix Briefings Biweekly$B!J(B11$B7n(B21$BF|HG!K(B
(@IT, 2003.11.21)

$B!!%;%-%e%j%F%#(B hotfix $B$N6/Nu$JI{:nMQ$N?t!9$N2r@b!#(B $BM9JXHV9fJQ49%&%#%6!<%I$K$D$$$F$O!"(B[memo:6662] MS03-050$B$HM9JXHV9fJQ49%&%#%6!<%I(B $B0J2<$N%9%l%C%I$b;2>H!#(B

$B"#(B $B%$%s%?!<%M%C%H;v7oJm(B $BBh(B1$B2s!'GQ4~%Q%=%3%s$X$NCN<1ITB-$,>7$$$?;v7o$rDI$&(B
(INTERNET Watch, 2003.11.25)

$B!!Jd=u5-21AuCV$5$(3N$B%O!<%I%G%#%9%/!&%/%i%C%7%c!<(B (NEC $B%U%#!<%k%G%#%s%0(B) $B$N$h$&$J!V%9%$%C%A0lH/!W$b$N$,$$$$$G$9$+$M$(!#$d$C$Q$j

$B"#(B iTunes$B$N%3%T!<%W%m%F%/%H(BDeCSS$B$N?M$KGK$i$l$k(B
(slashdot.jp, 2003.11.25)

$B!!(BQTFairUse - QuickTime AAC memory dumper (nanocrew.net) $B$r;H$&$H!"(BRAW AAC $B$H$$$&7A<0$N%U%!%$%k$,440216)$B!#(B QTFairUse $B$N%3%s%Q%$%k$K$O(B MinGW $B$H(B MSYS $B$,I,MW$J$N$@$=$&$G$9!#(B

$B!!4XO"(B: iTunes$B$N%3%T!l(B (ZDNet)

$B"#(B [IE] Q824145 (MS03-048) $B$N%$%s%9%H!<%k8e!"%(%/%9%W%m!<%i$N!V4XO"9`L\!W$N%j%s%/(B $B$,5!G=$7$J$$(B
(Microsoft, 2003.11.20)

$B!!(B832270 - $B%9%/%m!<%k%P!<$N6uGrItJ,$r%/%j%C%/$9$k$H2hLL%9%/%m!<%k$,@5$7$/9T$o$l$J$$(B $B$K$D$E$/!"(B MS03-048 $B$NI{:nMQ$NOC!#(B

$B"#(B $BE\Es$N!V9bLZ9@8w!w0q>k8)$D$/$P;T(B $B$NF|5-!W(B
($B9bLZ9@8w!w0q>k8)$D$/$P;T(B $B$NF|5-(B, 2003.11.23$B!A(B24)

$B!!E\Es$N=q$-9~$_!D!D(B

$B!!%]%$%s%H%+!<%I$N>l9g$O!"!V$=$b$=$b%]%$%s%H%+!<%I$J$s$F;H$o$J$$!W!V5-O?$7$F$[$7$/$J$$%b%N$rGc$&$H$-$O%]%$%s%H%+!<%I$r;H$o$J$$!W$H$$$&A*Br$,$G$-$k$@$m$&!#$G$b!V$=$3$i$8$e$&$K(B RFID $B$,Kd$a9~$^$l$F$$$k@$3&!W$G$=$N$h$&$JA*Br$,2DG=$K$J$k$N$+(B? $B$H$$$&$H!"$=$l$O5?Ld$@$m$&$J$"!"$H;W$&!#(B

$B!!$=$l$K$7$F$b!"(Bgoo $B$C$F!D!D!#(B

$B"#(B $BDI5-(B

NISCC Vulnerability Advisory 006489/OpenSSL: Vulnerability Issues in OpenSSL

fix / patch: $B$K(B Mac OS X$B!"(BHitachi Web Server$B!"(BOpera $B$N>pJs$rDI5-!#(B

ACCS$B1?1D%[!<%`%Z!<%8$N%;%-%e%j%F%#LdBj$K$D$$$F!J(B2003/11/11$B!K(B

$B"#(B 2003.11.21

$B"#(B $BDI5-(B

Mac OS X 10.3 $B$M$?(B

FireWire 800$BBP1~%G%#%9%/%I%i%$%V$r$*;H$$$N3'$5$^$X!"=EMW$J$*CN$i$;(B $B$,99?7$5$l$F$$$^$9!D!D$,!"(B3rd party link $B$O$<$s$<$s$J$$$J$"!#(B $B$d$^$6$-$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B ($BCY$/$F$9$$$^$;$s(B)

[Full-Disclosure] Mod_gzip Debug Mode Vulnerabilities

exploit: remote exploit for mod_gzip (with debug_mode)$B!#(B

Workstation $B%5!<%S%9$N%P%C%U%!%*!<%P!<%i%s$K$h$j!"%3!<%I$,

$BDI5-(B:

Microsoft FrontPage Server Extensions $B$N%P%C%U%!%*!<%P!<%i%s$K$h$j!"%3!<%I$,

$B5-=R!&9=@.$rBgI}$KJQ99!#(BVisual InterDev RAD Remote Deployment Support $B$K$D$$$F(B $B$X$N%j%s%/$rDI2C!#(B

$B"#(B Some Debian Project machines compromised
(Full-Disclosure, Fri, 21 Nov 2003 22:02:50 +0900)

$B!!(BDebian Project $B$G;H$o$l$F$$$k5!3#(B

$B$,!"$3$N(B 24 $B;~4V0JFb$K%d%i%l$?LOMM!#$$$/$D$+$N%5!<%S%9$O!"Dd;_$7$?$jJL$N5!3#$K0\$5$l$?$j$7$F$$$k$=$&$@!#(B

$B!!$9$G$K(B mirror $B$5$l$F$$$k!"%"%J%&%s%9D>A0$N(B Debian GNU/Linux 3.0 (woody), release 3.0r2 $B$O!"$3$N%d%i%l$K$O1F6A$5$l$F$$$J$$$3$H$,3NG'$5$l$F$$$k$=$&$@!#(B

$B!!!D!D$H=q$$$F$$$k4V$KF|K\8l%"%J%&%s%9$,(B: [debian-announce:00040] $BJ#?t$N(B Debian Project $B%^%7%s$X$N%;%-%e%j%F%#?/32(B (compromise) $B$K$D$$$F(B (debian.or.jp)$B!#(B In particular $B$O!VFC$K!W$8$c$J$/$F!V6qBNE*$K$O!W$J$s$8$c$J$$$+$J$"!#$8$c$J$$$H!"!V$[$+$N%^%7%s$K0\F0$7$F$$$^$9!W$H$N@09g@-$,

$B!!D%$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

2003.12.01 $BDI5-(B:

$B!!4XO"(B: Debian$B%5!<%P967b(B--$BL$CN$N@H (CNET)$B!#B3Js$KMWCmL\!"$NLOMM!#(B

2003.12.03 $BDI5-(B:

$B!!7g4Y>\:Y(B: Linux kernel do_brk() lacks argument bound checking$B!#(B

2003.12.04 $BDI5-(B:

$B!!%d%i%l>u67>\:Y(B: Debian Investigation Report after Server Compromises$B!#(B

$B"#(B tools, documents, ...
(various)

$B!!(Btools:

$B!!(Bdocuments:

$B!!(BIIS 6.0 Resource Kit $B$H(B IIS 6.0 Resource Kit Tools $B$G$9$+!D!D!#(B IIS 6 $B<+BN!"$^$@$^$H$b$K$$$8$C$F$J$$$+$i$J$"!#(B

$B"#(B 2003.11.20

$B"#(B APPLE-SA-2003-11-19 Security Update 2003-11-19
(apple security-announce ML, Thu, 20 Nov 2003 10:40:26 +0900)

$B!!$A$c$s$H(B Mac OS 10.2.8 $B$H(B Mac OS 10.3 $BMQ$,B7$C$?!"$"$?$i$7$$(B fix $B$NEP>l$G$9!#(B $B$H$j$"$($:(B apple $B$O$d$/$=$/$r[harden-mac:0548] $B$K$h$k$H!"L@5-$5$l$F$$$J$$(B safari $B$N99?7$,4^$^$l$F$$$k$=$&$G$9!#(B undocumented $B$JJQ99!"$O:$$j$^$9$M$(!#(B

$B"#(B $BDI5-(B

Multiple integer overflows in XFree86 (local/remote)

Red Hat, Debian fix $BDI5-!#(BCVE: CAN-2003-0730$B!#(B

Opera $B$M$?(B

$B$j@Z$C$F$$$J$$LOMM(B: $B%Z%s%.%s$b%*%Z%i$rC2$/(B (::operash::)$B!#(B

$B:F7G!'(BSafari$B$K(BCookie$B$,O31L$9$k@H

CookieMonsterFix (hetima.com) 1.0.1 $B$,EP>l$7$^$7$?!#(BMac OS X 10.2.x (safari 1.0) $B$K$bBP1~$5$l$F$$$k$=$&$G$9!#(B

$B"#(B 2003.11.19

$B"#(B $B:F7G!'(BSafari$B$K(BCookie$B$,O31L$9$k@H
($B%j%s%/$H$+HwK:O?$H$+F|5-$H$+!w$O$F$J!s;CDj8x3+Cf!uN}=,Cf(B, 2003.11.19)

$B!!(Bsafari 1.0 / 1.1 $B$K!"(BNetscape 6.2 $B0JA0(B / Mozilla 0.9.6 $B0JA0$HF1MM$N!"(Bcookie $B$,O31H$9$kLdBj$,$"$k$N$@$=$&$G$9!#(BMac OS X 10.3 (safari 1.1) $B$G$O(B CookieMonsterFix (hetima.com) $B$rMxMQ$7$F2sHr$G$-$k$=$&$G$9$,!"(BMac OS X 10.2.x (safari 1.0) $B$G$O$&$^$/F0$+$J$$$=$&$G$9!#8=:_BP1~:n6HCf$@$=$&$G$9!#(B $B$=$l$^$G$O!"(BMac OS X 10.2.x $B$G$O!"(BMozilla 1.5 $B$J$I$rMxMQ$7$?J}$,$h$$$N$G$7$g$&!#(B

2003.11.20 $BDI5-(B:

$B!!(BCookieMonsterFix (hetima.com) 1.0.1 $B$,EP>l$7$^$7$?!#(BMac OS X 10.2.x (safari 1.0) $B$K$bBP1~$5$l$F$$$k$=$&$G$9!#(B

$B!!4XO"(B: $B!X:F7G!'(BSafari$B$K(BCookie$B$,O31L$9$k@H ($B%j%s%/$H$+HwK:O?$H$+F|5-$H$+!w$O$F$J!s;CDj8x3+Cf!uN}=,Cf(B)

2003.12.09 $BDI5-(B:

$B!!(Bofficial fix $BEP>l(B:

$B!!(BSafari $B$G$O$J$/!"$b$C$H$*$*$b$H$G$"$k(B Foundation.framework $B$,=$@5$5$l$?$h$&$G$9(B [harden-mac:0572] [harden-mac:0573]$B!#(B

$B"#(B $B%U%!%_%^!&%/%i%V2q0w>pJsN.=P$N$*OM$S$HD4::7k2L$N$4Js9p(B
($B%U%!%_%^(B, 2003.11.19)

$B%Q%=%3%s$N%a!<%k%^%,%8%s$NG[?.$r4uK>$5$l$?J?@.(B14$BG/(B10$B7n(B17$BF|8=:_$N2q0w$NJ}!9$N8D?M>pJs$,N.=P$7!"$=$N?t$O(B18$BK|(B2780$BL>$,:GBg$G$"$k$b$N$HH=CG$$$?$7$^$7$?!#(B

$B!!$3$N7kO@$K;j$C$?M}M3$,>\:Y$K5-:\$5$l$F$$$F6=L#?<$$!#;DG0$J$,$iN.=P7PO)$^$G$OFCDj$G$-$F$*$i$:!"K!<99T5!4X$K$h$kD4::BT$A$NLOMM!#(B

$B"#(B $BDI5-(B

ACCS$B1?1D%[!<%`%Z!<%8$N%;%-%e%j%F%#LdBj$K$D$$$F!J(B2003/11/11$B!K(B

$BF?L>4uK>$5$s$+$i>pJs$r$$$?$@$$$?(B ($B$"$j$,$H$&$4$6$$$^$9(B)$B!#(B

$B"#(B 2003.11.18

$B"#(B $BDI5-(B

ACCS$B1?1D%[!<%`%Z!<%8$N%;%-%e%j%F%#LdBj$K$D$$$F!J(B2003/11/11$B!K(B

Tea Room for Conference No.1613-1$B!#$&!<$`!#(B

Norton Internet Security 2003 XSS

$B%*%U%#%7%c%k(B: Symantec Network Internet Security (NIS) $B$N%5%$%H ($B%7%^%s%F%C%/(B)$B!#$^$@(B fix $B$5$l$F$$$J$$LOMM!#(B

$B"#(B [Full-Disclosure] OpenBSD kernel overflow, yet still *BSD much better than windows
(Full-Disclosure ML, Tue, 18 Nov 2003 07:18:15 +0900)

$B!!(BOpenBSD 3.4 $B0JA0$K7g4Y!#(Bibcs2 $B%3!<%I$K(B stack overflow $B$9$k7g4Y$,$"$k!#(B $B$3$l$rMxMQ$9$k$H!"(BOpenBSD 3.3 $B0JA0$G$O(B local user $B$,(B root $B8"8B$rC%[1] [2]$B!#(B OpenBSD 3.4 $B$G$O(B DoS $B$K$J$k$h$&$@!#(B

$B!!(Bpatch:

$B"#(B 2003.11.17

$B"#(B List the Unpatched IE Vulnerabilities
(Liu Die Yu, 2003.11.16)

$B!!:G6a@:NOE*$K3hF0$5$l$F$$$k(B Liu Die Yu $B;a$K$h$k!"$^$@(B patch $B$,$J$$(B IE $B7j$N$^$H$a!#(B MS03-048 $B$rE,MQ$7$F$b!"$^$@(B 11 $B8D$"$kLOMM!#(B

$B"#(B Subject: 03-07-18 $B%O%$%F%/HH:a$KBP=h$9$k$?$a$N7:;vK!$N@0Hw$K4X$9$k0U8+(B
($BF|J[O"(B, 2003.07.18)

$B!!(B$B!V%O%$%F%/HH:a$KBP=h$9$k$?$a$N7:;vK!$N@0Hw$K4X$9$k;pLd!W(B ($BK!L3>J(B) $B$KBP$9$k!"F|J[O"$N0U8+=q!#(B

$B!!I,MW$J$3$H$OA4$F=q$+$l$F$$$k$H;W$$$^$9$7!"<~JU$NK!N'$N2r@b=q$H$7$F$b$h$/$G$-$F$$$k$h$&$K;W$$$^$9!#

$B!!$G!"(B$B;pLd(B ($BK!L3>J(B) $B$N$"$H(B$BEz?=(B ($BK!L3>J(B) $B$,(B 2003.09.10 $B$K=P$F$^$9$,!"(B

$BDxEY!"$N$h$&$K8+$($^$9!#$J$s$8$c$3$j$c!D!D!#(B

$B!!$A$J$_$K!"(B$BEz?=(B$B$N!VBh0l!W$,$=$N$^$^K!N'$K$J$C$?$i!"%;%-%e%j%F%#%[!<%k(B memo $B$H(B$B%;%-%e%j%F%#4XO"(B Mailing List $B%"!<%+%$%V(B$B$OJD:?$9$k$3$H$K$J$k$H;W$$$^$9!#%;%-%e%j%F%#%[!<%k(B memo $B%a!<%j%s%0%j%9%H$r0];}$9$k$N$b:$Fq$+$b$7$l$^$;$s!#(B

$B"#(B $BDI5-(B

Workstation $B%5!<%S%9$N%P%C%U%!%*!<%P!<%i%s$K$h$j!"%3!<%I$,

Windows XP $BMQ=$@5%W%m%0%i%`OC$KDI5-!#(B $B1Q8lHG$N(B MS03-043 $B%Z!<%8$G$O!"(Bversion 2.2 (2003.11.14) $B$G$3$N7o$,DI5-$5$l$?!#(B

$B"#(B Exchange$B%5!<%P!"%9%Q%`$K0-MQ$N62$l(B
(ZDNet, 2003.11.15)

$B!V%2%9%H%"%+%&%s%H$,!J(BExchange 5.5$B!?(B2000$B$G!KM-8z$K$J$C$F$$$l$P!"$?$H$(%m%0%$%s$K<:GT$7$F$b!"%2%9%H%"%+%&%s%H$O2?$G$b$G$-$k>uBV$K$"$k$?$a!"%a!<%kAw?.$,2DG=$@!#%5!<%P$r%;%-%e%"$K$9$k$"$i$f$k

$B!!%2%9%H%"%+%&%s%H$rL58z$K$9$l$P$h$$LOMM!#(B $BJ}K!(B: KB 251149: [XIMS] $B%k!<%F%#%s%0$N@)8B$K4X78$J$/(B Guest $B%"%+%&%s%H$r;HMQ$7$F%a!<%k$rCf7Q$G$-$k(B (Microsoft)$B!#(B

$B"#(B JPCERT/CC$B!"JF9q(B CERT/CC $B$H$N%Q!<%H%J!<%7%C%W$N$b$H!"(B $B9qFb%Y%s%@$H$N@HpJs$NN.DL
(JPCERT/CC, 2003.11.13)

$B!!%Y%s%@$C$F2?$@$m$&!#$?$H$($P(B FirstServer $B$O%Y%s%@$K$J$jF@$k$N$@$m$&$+(B? $B%U%j!<%=%U%H%&%'%"$r3+H/$7$F$$$k8D?M$O(B?

$B"#(B 2003.11.14

$B"#(B $BDI5-(B

Workstation $B%5!<%S%9$N%P%C%U%!%*!<%P!<%i%s$K$h$j!"%3!<%I$,

$BDI2C(B:

$B"#(B Microsoft FrontPage Server Extensions $B$N%P%C%U%!%*!<%P!<%i%s$K$h$j!"%3!<%I$,
(Microsoft, 2003.11.12)

$B!!(BFrontPage 2000 Server Extensions, FrontPage Server Extensions 2002, SharePoint Team Services 2002 $B$K(B 2 $B$D$N7g4Y!#(B

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#$?$@$7!"(BFrontPage Server Extensions 2002 $BMQ$N(B patch $B$O(B Windows Update $B$G$OE,MQ$5$l$J$$$N$G!"3:EvOffice Update $B$9$k$HE,MQ$5$l$k!#(B $B$J$*!"(BWindows 2000 SP4 $B$rE,MQ$7$F$"$k>l9g$O!"$3$N7g4Y$OB8:_$7$J$$!#(B $B$^$?!"(BWindows 2000 SP4 $B$*$h$S!V(BMS03-051 patch KB810217 $B$rE,MQ$7$?(B Windows 2000 gold $B!A(B SP3$B!W$G$O(B Visual InterDev RAD Remote Deployment Support $B$r%$%s%9%H!<%k(B / $B%"%s%$%s%9%H!<%k$G$-$J$/$J$C$F$7$^$C$F$$$k$h$&$@!#(B

$B!!(BUNIX $BHG(B FrontPage Server Extensions $B$K$D$$$F$OITL@!#(B $B$b$7>pJs$,=P$k$H$7$?$i!"8=:_(B FrontPage Server Extensions for UNIX $B$r%5%]!<%H$7$F$$$k(B Ready-to-Run Software $B$N%Z!<%8(B http://www.rtr.com/fpsupport/ $B$K5-:\$5$l$k$O$:!#$A$J$_$K!"(BMSDN $B$N(B FrontPage Server Extensions $B$N%Z!<%8(B $B$O$b$d$O%a%s%F%J%s%9$5$l$F$$$J$$$h$&$K8+$($k!#(B

$B!!(BKB: 813360

2003.11.21 $BDI5-(B:

$B!!5-=R!&9=@.$rBgI}$KJQ99!#(BVisual InterDev RAD Remote Deployment Support $B$K$D$$$F(B $B$X$N%j%s%/$rDI2C!#(B

2003.12.17 $BDI5-(B:

$B!!(BReady-to-Run Software $B8x<08+2r(B: pdate on "Microsoft Security Update 813360, ref MS03-051": (rtr.com)$B!#!V(BUNIX versions for the Microsoft FrontPage 2002 Server Extensions$B!W(B $B$K$O$3$N7g4Y$O$J$$$=$&$@!#(BFrontPage 2000 Server Extensions for UNIX $B$K$D$$$F$O2?$b8l$i$l$F$$$J$$$3$H$KCm0U!#(BFrontPage 2000 Server Extensions for UNIX $B$O$b$O$d0];}$5$l$F$$$J$$$N$G!"MxMQ

$B"#(B 2003.11.13

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B 2003.11.12

$B"#(B Oracle9i Application Server $B$K$*$1$k(BSQL$B%$%s%8%'%/%7%g%s@H
(oracle, 2003.11.12)

$B!!(BOracle $B$K$h$k?<9oEYI=5-(B: 1 ($B!VHs>o$K%j%9%/$,9b$/$"$^$j@lLgE*$JCN<1$,$J$/$F$b967b$,2DG=$G$"$k$b$N!#1F6A$,5Z$V@=IJ$KBP$7$F6[5^!J:G$b9b$$M%@hEY!K$K%Q%C%A$NE,MQ$^$?$O2sHr:v$N

$B!!(BOracle9iAS Portal 9.0.2.3.0 $B0JA0!"(B3.0.9.8.5 $B0JA0$K7g4Y!#(B Oracle9iAS Portal $B$X$N%j%/%(%9%H(B URL $B$KBP$7$F(B SQL injection $B967b$,2DG=!#(B $B$3$N7k2L!"(Bremote $B$+$iG'>Z$J$7$G(B Oracle9i $B>e$N%G!<%?$K%"%/%;%9$9$k$3$H$,2DG=$H$J$k!#(B

$B!!2sHr:v$O$J$$!#(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#$^$?(B OracleAS Portal 9.0.4 $B$K$O$3$N7g4Y$O$J$$!#4XO"(B:

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B ACCS$B1?1D%[!<%`%Z!<%8$N%;%-%e%j%F%#LdBj$K$D$$$F!J(B2003/11/11$B!K(B
(ACCS, 2003.11.11)

$B!!!V$"$k8D?M$NJ}!W$O(B office $B$5$s$G$9$M!#(B Tea Room for Conference No.1613 $B$H(B No.1612 $B$b;2>H!#(B $B4XO"(B:

2003.11.18 $BDI5-(B:

$B!!(BTea Room for Conference No.1613-1$B!#$&!<$`!#(B 8 $B7n$N0FFb(B $B$N;~E@$G$O5l(B CGI $B$N(B$B:G?7HG(B$B$+$i$O4{$K7g4Y$OGS=|$5$l$F$$$?$N$@$m$&$,!"5l(B CGI $B$NFCDj$NHG$K7g4Y$,$"$C$F=$@5$5$l!"$5$i$KH4K\E*$K2~A1$5$l$?$N$,?7(B CGI $B$G$"$k$3$H$O!"$3$NJ8LL$+$i$O$o$+$i$J$$$G$9$M$(!#(B

2003.11.19 $BDI5-(B:

$B!!F?L>4uK>$5$s$+$i>pJs$r$$$?$@$$$?(B ($B$"$j$,$H$&$4$6$$$^$9(B)$B!#(B

2003.11.25 $BDI5-(B:

2004.01.30 $BDI5-(B:

$B!!$D$E$-(B: $B7g4Y$r;XE&$9$k$O$:$,8D?M>pJsN.=P!#%;%-%e%j%F%#@lLg2H$KA\::$N$B!#(B

$B"#(B Workstation $B%5!<%S%9$N%P%C%U%!%*!<%P!<%i%s$K$h$j!"%3!<%I$,
(Microsoft, 2003.11.12)

$B!!(BWindows 2000 / XP $B$K7g4Y!#(BWorkstation $B%5!<%S%9$K(B buffer overflow $B$9$k7g4Y$,$"$j!"(Bremote $B$+$i(B local SYSTEM $B8"8B$GG$0U$N%3!<%I$r

$B!!=$@5%W%m%0%i%`$,$"$k$N$GE,MQ$9$l$P$h$$!#(B

$B!!(BWindows XP $BMQ$N=$@5%W%m%0%i%`$O(B MS03-043 $B$H6&DL!#$?$@$7!"(BMS03-043 $B=$@5%W%m%0%i%`$N8E$$HG(B (2003.10.16 $BG[I[3+;O(B) $B$K$O(B$B%U%!%$%k$N0lIt$,@5$7$/%$%s%9%H!<%k$5$l$J$$$H$$$&LdBj(B$B$,$"$C$?!#$3$l$O(B$B?7$7$$(B MS03-043 $B=$@5%W%m%0%i%`(B (2003.10.30 $BG[I[3+;O!"%G%8%?%k=pL>$N%?%$%`%9%?%s%W$,(B 2003.10.22 9:50:05 $B$N$b$N(B) $B$G$O=$@5$5$l$F$$$k$=$&$@$,!"?7$7$$(B MS03-043 $B=$@5%W%m%0%i%`$O(B Windows Update $B$d<+F099?7$G$O99?7$G$-$J$$!#(B $B$^$?!"?7$7$$(B MS03-043 $B=$@5%W%m%0%i%`$G$O%$%s%9%H!<%k$9$k%U%!%$%k$N%P!<%8%g%s$b(B 5.1.2600.1301 $B$+$i(B 5.1.2600.1309 $B$XJQ99$5$l$F$*$j!"?7$7$$$b$N$r%$%s%9%H!<%k$7$J$$$H(B HFNetChk / MBSA $B$K$h$k%U%!%$%k%A%'%C%/$G%(%i!<$K$J$C$F$7$^$&!#(B $B$H$$$&$o$1$G!"(B$B?7$7$$(B MS03-043 $B=$@5%W%m%0%i%`(B$B$re$G!"8DJL$KE,MQ$9$kI,MW$,$"$k!#(B

2003.11.17 $BDI5-(B:

$B!!1Q8lHG$N(B MS03-043 $B%Z!<%8$G$O!"(Bversion 2.2 (2003.11.14) $B$G$3$N7o$,DI5-$5$l$?!#(B Frequently Asked Questions $B$N!V(BWhy is Microsoft reissuing this security update?$B!W0J2<$r;2>H!#(B $BF|K\8lHG(B MS03-043 $B%Z!<%8$K$D$$$F$O!"$^$@2~D{$5$l$F$$$J$$!#(B $BBP1~:n6H$r$7$F$$$k:GCf$J$N$+$J$"!#(B

$B!!$7$+$7!"1Q8lHG(B MS03-049 $B$G$O!V(BMS03-043 $B;2>H!W$H$7$+$J$C$F$$$J$/$F!"(BMS03-043 $B=$@5%W%m%0%i%`$,99?7$5$l$F$$$kOC$,$&$^$/8+$($F$$$J$$!"$H$$$&$N$OLdBj$@$J$"!#(B

$B!!4XO"(B: Microsoft$B!"(BWindows XP$BMQ%;%-%e%j%F%#=$@5%W%m%0%i%`$r:F%j%j!<%9(B (INTERNET Watch)$B!#(B

$B!!(BWindows 2000 $B$N>l9g$O(B MS03-043 $B=$@5%W%m%0%i%`$rE,MQ$7$F$$$F$b%@%a$J$N$G!"(B MS03-049 $B=$@5%W%m%0%i%`$r?75,$KE,MQ$9$k$3$H!#(B

$B!!(BCVE: CAN-2003-0812$B!#(B KB: 828749

$B4XO"(B:

$B4XO"JsF;(B:

exploit:

Changelog:

2003.11.14

$BDI2C(B:

2003.11.17

MS03-043 version 2.2 (2003.11.14) $BOC$rDI5-!#(B

2003.11.21

$BDI5-(B:

$B"#(B $B7n4)(B Windows Update: 2003.11
(Microsoft, 2003.11.12)

$B!!(BWindows Update $B$NB>$K(B Office Update $B$bI,MW$G$9!#(B

$B!!$^$H$a%Z!<%8(B:

$B!!4XO"(B:

$B"#(B 2003.11.11

$B"#(B $BDI5-(B

Mac OS X 10.3 $B$M$?(B

FireWire $BOC$KDI5-(B: A special message for Firewire 800 disk drive users (Apple)$B!"(BFireWire 800$BBP1~@=IJ$r$*;H$$J}$X=EMW$J$*CN$i$;(B ($B%d%NEE4o(B)$B!#(B

$B"#(B 2003.11.10

$B"#(B tools
(various)

$B"#(B 2003.11.07

$B"#(B $BDI5-(B

Apache HTTP Server 1.3.29 Released

Vine Linux: [ 2003,11,06 ] Apache $B$K%;%-%e%j%F%#%[!<%k(B

S/MIME$B!"(BX.400$B5Z$S(BOpenSSL$B$N@H

S/MIME$B$K4X$9$k%;%-%e%j%F%#LdBj$N@bL@(B ($BF|N)(B)$B!"(BNISCC Vulnerability Advisory$B>pJs(B ($BIY;NDL(B) $B$rDI5-!#(B

$B"#(B [OFF2003] $BFCDj$N(BOfficeArt$B$r4^$`%I%-%e%a%s%H$GH/@8$9$kLdBj$N(B Office 2003 $B=$@5%W%m%0%i%`$N35MW(B
(Microsoft, 2003.11.06)

$B!!!V%U%j!<%U%)!<%`$J$I$G:n@.$7$?FCDj$N(B OfficeArt $B$N?^7A$r4^$`!W(BOffice 2003 $B$NJ8=q%U%!%$%k$KBP$7$F!"(B

  1. Office XP $B$G3+$-!"(B[$B?^7AIA2h(B] $B%D!<%k%P!<$G%U%j!<%U%)!<%`$N?^7A$N@~$^$?$OEI$j$D$V$7$rJQ99$7!"J]B8$9$k(B
  2. $B$=$NJ8=q%U%!%$%k$r(B Office 97 / 2000 $B$G3+$-!":FEYJ]B8$9$k(B

$B$H!"J8=q%U%!%$%k$,2u$l$F$7$^$&>l9g$,$"$kLOMM!#(BOffice 2003 $BMQ$N(B patch $B$,$"$k$N$GE,MQ$7$h$&!#(B

$B"#(B 2003.11.05

$B"#(B APPLE-SA-2003-11-04 Terminal
(apple, Wed, 05 Nov 2003 10:24:53 +0900)

$B!!(BMac OS X 10.3 $B$*$h$S(B Mac OS X Server 10.3 $B$KIUB0$N!V(BTerminal$B!W%"%W%j$K7g4Y$,$"$k$=$&$@!#>\:YITL@$@$,!"!V(BTerminal$B!W%"%W%j$+$i8"8B$r1[$($?%"%/%;%9$,2DG=$K$J$kLOMM!#(BMac OS X 10.2 $B0JA0$K$O$3$N7g4Y$O$J$$!#(B patch $B$,=P$F$$$k$N$G%=%U%H%&%'%"%"%C%W%G!<%H$GE,MQ$9$l$P$h$$!#(B

$B!!(BCVE: CAN-2003-0913$B!#(B $B8EJkNC;a$K$h$kK.LuHG(B: [harden-mac:0542]$B!#(B

$B"#(B CUPS < 1.1.19 IPP DoS (CAN-2003-0788)
(Red Hat, Mon, 03 Nov 2003 18:26:00 +0900)

$B!!(BCUPS 1.1.18 $B0JA0$K$*$1$k(B CUPS $B$N(B IPP $B%5%]!<%H$K7g4Y$,$"$j!"(Bremote $B$+$i(B CPU 100% $B>uBV(B (busy loop) $B$K$G$-$F$7$^$&LOMM!#(BCUPS 1.1.19 $B$G$OD>$C$F$$$kLOMM!#(B

fix / patch:

$B"#(B Oracle Collaboration Suite $B%j%j!<%9(B 1 (9.0.3) Oracle Files $B$N@x:_E*$J%;%-%e%j%F%#$N@H
(Oracle, 2003.11.05)

$B!!(BOracle $B$K$h$k?<9oEYI=5-(B: 2 ($B!VCfDxEY$N%j%9%/$,$"$j!"967b$K$O@lLgE*$JCN<1$rI,MW$H$7$^$9!#>e5-(B1$B$[$I6[5^$G$O$"$j$^$;$s$,!"%Q%C%A$NE,MQ$^$?$O2sHr:v$N

$B!!(BOracle Collaboration Suite (OCS) $B%j%j!<%9(B 1 $B$KIUB0$9$k(B Oracle Files 9.0.3.1.x, 9.0.3.2.0, 9.0.3.3.5 $B0JA0$K7g4Y!#(B

$B>l9g$K!"(BOracle Files $B>e$NG$0U$N%f!<%6$,!"K\Mh%"%/%;%9$G$-$J$$$O$:$N%3%s%F%s%D$KBP$7$F%"%/%;%9$9$k$3$H$,2DG=$J$N$@$=$&$@!#(B

$B!!(BOracle Files 9.0.3.3.6 $B$G=$@5$5$l$F$$$k!#(BOracle Files 9.0.4.1.0 $B$K$O$3$N7g4Y$O$J$$!#(B $B$^$?!"2sHrJ}K!$,B8:_$9$k!#>\:Y$O(B$B$3$A$i(B$B$r!#(B

$B!!1Q8lHG(B: Unauthorized Access to Restricted Content in Oracle Files (oracle.com)$B!#(B

$B"#(B [Full-Disclosure] OpenBSD kernel panic, yet still *BSD much better than windows
(Full-Disclosure ML, Wed, 05 Nov 2003 07:13:15 +0900)

$B!!(BOpenBSD $B$N!">/$J$/$H$b(B 3.3 $B$H(B 2.8 $B$K7g4Y!#FC$B%G%b%3!<%I(B$B!#(B 2003.11.04 $B;~E@$G=$@5$5$l$F$$$k!#(B

$B!!(BOpenBSD 3.2 $B0JA0$O$b$O$d0];}$5$l$F$$$J$$!#(B

$B"#(B S/MIME$B!"(BX.400$B5Z$S(BOpenSSL$B$N@H
(2003.11.04, $B7Y;!D#(B)

$B3FpJs(B:

Changelog:

2003.11.07

S/MIME$B$K4X$9$k%;%-%e%j%F%#LdBj$N@bL@(B ($BF|N)(B) $B$rDI5-!#(B

$B"#(B 2003.11.04

$B"#(B $BDI5-(B

MS03-042: Windows $B%H%i%V%k%7%e!<%?(B ActiveX $B%3%s%H%m!<%k$N%P%C%U%!(B $B%*!<%P!<%U%m!<$K$h$j!"%3!<%I$,

$B%"%C%W%G!<%H$5$l$?M}M3(B: 830846 - Windows Update $B$N%$%s%9%H!<%kCf!"1~Ez$,Dd;_$9$k$+!"BgItJ,$^$?$O$9$Y$F$N(B CPU $B%j%=!<%9$,>CHq$5$l$k(B (Microsoft)$B!#(B

MS03-043: $B%a%C%;%s%8%c(B $B%5!<%S%9$N%P%C%U%!(B $B%*!<%P!<%i%s$K$h$j!"%3!<%I$,

$B%"%C%W%G!<%H$5$l$?M}M3(B: 830846 - Windows Update $B$N%$%s%9%H!<%kCf!"1~Ez$,Dd;_$9$k$+!"BgItJ,$^$?$O$9$Y$F$N(B CPU $B%j%=!<%9$,>CHq$5$l$k(B (Microsoft)$B!#(B

MS03-045: $B%j%9%H%\%C%/%9$*$h$S%3%s%\%\%C%/%9$N%3%s%H%m!<%k$N%P%C%U%!(B $B%*!<%P!<%i%s$K$h$j!"%3!<%I$,

$B%"%C%W%G!<%H$5$l$?M}M3(B: 830846 - Windows Update $B$N%$%s%9%H!<%kCf!"1~Ez$,Dd;_$9$k$+!"BgItJ,$^$?$O$9$Y$F$N(B CPU $B%j%=!<%9$,>CHq$5$l$k(B (Microsoft)$B!#(B

[Full-Disclosure] IE Security hole exploited once again - "britney.jpg" irc worm.

[Full-Disclosure] _another_ Internet explorer vulnerability (spread via IRC) - new variation of irc.trojan.fgt$B!#N`;wIJ$,EP>l$7$F$$$k$h$&$G!#(B

Fun with /bin/ls, yet still ls better than windows

Red Hat Linux: [RHSA-2003:309-01] Updated fileutils/coreutils package fix ls vulnerabilities

Apache HTTP Server 1.3.29 Released

Miracle Linux: apache $B%;%-%e%j%F%#(B

$B"#(B $B%D!<%k$$$m$$$m(B
(various)

$B"#(B $B7g4Y$$$m$$$m(B
(various)

[$B%;%-%e%j%F%#%[!<%k(B memo]
$B;d$K$D$$$F(B