$B%;%-%e%j%F%#%[!<%k(B memo - 2004.11

Last modified: Thu Feb 24 20:04:27 2005 +0900 (JST)

$B"#(B 2004.11.30

$B"#(B Internet Security Systems Protection Alert: Microsoft WINS Server Vulnerability
(ISS, 2004.11.29)

$B!!(BWindows NT 3.51 / 4.0 / 2000 / Server 2003 $B$N(B WINS $B%5!<%P$K7g4Y!#(B buffer overflow $B$9$k7g4Y$,B8:_$7!"$3$l$rMxMQ$9$k$H(B remote $B$+$iG$0U$N%3!<%I$r(B WINS $B%5!<%PMicrosoft WINS $B%5!<%P!<$N@H (ISSKK)$B!#(B

$B!!4XO"J8=q(B 890710 - How to help protect against a WINS security issue (Microsoft) $B$K$O!"2sHr:v$H$7$F!"(BWINS $B%5!<%P$rDd;_$9$k(B / $B:o=|$9$k!"(BWINS $B$,MxMQ$9$k(B 42/tcp $B$H(B 42/udp $B$r%U%!%$%"%&%)!<%k$d%Q%1%C%H%U%#%k%?$K$h$j%U%#%k%?$9$k!"(B WINS $B%5!<%P4V$NF14|$K$D$$$F$O(B IPsec $B$GJ]8n$9$k!"(B $B$,5s$2$i$l$F$$$k!#(B

$B!!$3$N7g4Y$rFM$/96N,%W%m%0%i%`$K$D$$$F!"(BISS $B$O0J2<$N$h$&$K=R$Y$F$$$k(B:

At the time of publication, no exploits are available to the public at large. However, X-Force expects that exploits for this vulnerability will appear in the near future.

$B!!$^$?(B Handler's Diary November 28th 2004 (SANS ISC) $B$O!"pJs$r7G:\$7$F$$$k(B:

There is some activity with irresponsible released exploits against WINS. As a precaution till Microsoft gets a chance to release a patch for it, we can only reiterate the urgent and continued need to make sure you block the unneeded ports in your firewalls (either the XP2 or the corporate firewall). Ports 42, 137-139, 445 both TCP and UDP can be safely blocked for most applications.

So far we doubt this will be a huge thing, but we might be proven wrong. Still the only thing you can do is block the protocols, which you probably already did if you read this.

I$B!G(Bll be the first to acknowledge that big vendors aren$B!G(Bt easy to get to move in order to release a patch for something you discovered in their product. Take on top of that, their legal and marketing spin once they finally do and most people will get frustrated by the process. Still that$B!G(Bs no excuse to release attacking details without giving the world a chance to look into it and get ready for that newly created exploit. If the hackers out there are using it, you can$B!G(Bt really claim to have done it yourself, and if you$B!G(Bve done it all, there$B!G(Bs not really that urgent a need to beat anybody to releasing the details, but an urge to get your 15 minutes of fame. My guess anyway.

2004.12.01 $BDI5-(B:

$B!!85%M%?(B: Wins.exe remote vulnerability (immunitysec.com)$B!#(B

$B!!(BMicrosoft KB $BF|K\8lHG(B: WINS $B$N%;%-%e%j%F%#$NLdBj$+$i%3%s%T%e!<%?$rJ]8n$9$kJ}K!(B (Microsoft)

2004.12.15 $BDI5-(B:

$B!!(Bfix $BEP>l(B: WINS $B$N@H

$B"#(B $BDI5-(B

unarj 2.63 $B0JA0$K(B 2 $B$D$N7g4Y(B

$B!!(Bfix / patch:

pacsec.jp $B$+$i(B

$B!!(BFireWire Presentation and Demos on Video (Red Team, 11/18)$B!#(B

IE 6$B$K?7$?$J%P%C%U%!%*!<%P!<%U%m!Z%3!<%I$O8x$K(B

$B!!(B$B%U%#%s%i%s%I@/I\!"(BIE$B$N;HMQCf;_$r4+9p(B--MS$B$N(BBofra$BBP:v5^$,$l$k(B (CNET, 2004.11.29)$B!#(B $B85%M%?$O(B http://www.ficora.fi/suomi/tietoturva/cert.htm#2004-11-25_1337 (CERT-FI) $B$+$J$"!#(B

$B!!$A$J$_$K(B 2004.11.22 $B$NOC$G$9$,!"$=$N8e(B Sophos $B$O(B minst.exe $B$r(B Troj/Virtum-A $B$H$7$F8!=P$9$k$h$&$K$J$j$^$7$?!#(Bmmdom.exe $B$O%"%I%&%'%"$J$N$G$"$($F8!=P$7$F$$$J$$$h$&$G$9!#(B

$B"#(B $BA4
(ITmedia, 2004.11.30)

$B!!(Bhttp://www.edup.tudelft.nl/~bjwever/advisory_firefox_flaws.html $B$NOC!#

$B"#(B Windows 2000$B$KBP$9$k%5!<%S%9!&%Q%C%/$NDs6!$O$^$@B3$1$F$[$7$$(B
($BF|7P(B IT Pro, 2004.11.27)

$B!!Nc$($P8=:_!$:G?7$N%Q%C%A$^$G$rE,MQ$7$?>uBV$N(BWindows 2000$B$K!$(BWindows$B%3%s%]!<%M%s%H$N(B1$B$D$G$"$k!V(BWINS$B!W$rDI2C$9$k$H!$(BWINS$B$O%;%-%e%j%F%#!&%[!<%k$,;D$C$?>uBV$G%$%s%9%H!<%k$5$l$F$7$^$&!#(BSP4$B$N%j%j!<%98e$K!$(BWINS$B$N%;%-%e%j%F%#>e$N$<$$

$B!!;n$7$F$_$^$7$?!#(BWINS $BDI2C8e$K(B Windows Update $B$9$k$H(B MS04-006 $B$N=$@5%W%m%0%i%`(B KB830352 $B$,I=<($5$l$^$7$?!#(B $B$^$?(B MBSA $B$GD4$Y$k$H!"$3$3$G$b(B MS04-006 $B$,<($5$l$^$7$?!#(B $B$G$9$+$i!"(B

  • $B?75,%3%s%]!<%M%s%HDI2C8e$O(B Windows Update $B$7$h$&(B
  • $B$5$i$K(B MBSA $B$G3NG'$7$h$&(B

$B$G$h$$$N$G$O!#$"$H!"$3$l$C$F!V:FE,MQ!W$8$c$J$$$G$9$h$M!#(B

2004.12.07 $BDI5-(B:

$B!!(B$B%3%s%]!<%M%s%H$rDI2C$7$?$H$-$K!"%;%-%e%j%F%#99?7%W%m%0%i%`$,E,MQ$5$l$J$$8=>]$K$D$$$F(B ($BF|K\$N%;%-%e%j%F%#%A!<%`$N(B Blog, 2004.12.07)$B!#(B $B!V$9$G$K%$%s%9%H!<%k$5$l$F$$$k%3%s%]!<%M%s%H!W$K$D$$$F$O(B XP / Server 2003 $B$N!V%G%e%"%k%b!<%I%$%s%9%H!<%k!W$G2r7h$5$l$F$$$k$,!"!V$^$@%$%s%9%H!<%k$5$l$F$$$J$$%3%s%]!<%M%s%H!W$r2r7h$9$k(B sticky updates $B$O$^$@MBSA $B$G3NG'!"$,8=>u$G$N:GA1

$B!!(BWindows $B$H(B Windows $B%3%s%]!<%M%s%HMQ%Q%C%1!<%8(B $B%$%s%9%H!<%i(B Update.exe $B$NFbIt%a%+%K%:%`(B (Microsoft) $B$O!"$-$A$s$HFI$s$G$*$$$?J}$,$h$5$=$&$@$J$"!#(B

$B"#(B Windows Update$B$KIT6q9g!$(BWindows XP SP2$B$G=EMW$J99?7%W%m%0%i%`$,I=<($5$l$J$$(B
($BF|7P(B IT Pro, 2004.11.29)

$B!!(BWindows XP SP2 $B$G(B Windows Update $B$K@\B3$9$k$H!"(B Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (834707) (MS04-038) $B$N(B patch$B!"(B Windows XP Service Pack 2 $BMQN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (KB834707) $B$,!"$J$<$+I=<($5$l$J$$LOMM!#<+F099?7$K$D$$$F$O2?$b=R$Y$i$l$F$$$J$$$N$G!"B?J,LdBj$J$$$N$G$7$g$&!#(B Windows XP SP2 $B$J?M$OG0$N$?$a!"(B

$B$J$I$7$F$*$$$?J}$,$h$5$=$&$G$9!#(B

2004.11.30 $BDI5-(B:

$B!!(B$B%^%$%/%m%=%U%H!"(BWindows XP SP2$B$K$*$1$k(BWindows Update$B$NIT6q9g$r=$@5(B (Internet Watch, 11/30)$B!#=$@5$5$l$?$h$&$G$9!#(B

$B"#(B 2004.11.29

$B"#(B $BDI5-(B

Sun Alert ID 57591: Security Vulnerability With Java Plug-in in JRE/SDK

$B!!(B.go.jp $BJ}LL$J$I$NEE;R?=@A%7%9%F%`$K$O(B Java $B$r;H$C$?$b$N$,B?$$$o$1$G$9$,!"Nc$K$h$C$F!"$3$N7g4Y$X$NBP1~$O?J$s$G$$$J$$$h$&$G$9!#Nc(B:

$B"#(B 2004.11.26

$B"#(B $BDI5-(B

ZIP $B%U%!%$%k$M$?(B

$B!!(BSYM04-017: Symantec Windows LiveUpdate $B$K%5!<%S%95qH]$*$h$S%G%#%l%/%H%j(I%$B%H%i%P!<%5%k$N$o$:$+$J4m81@-(B ($B%7%^%s%F%C%/(B, 2004.11.23)$B!#(B

JVN#61857DA9: DNS$B%-%c%C%7%e%5!<%P$N(BTCP SYN_SENT $B>uBV$K$h$k%j%=!<%9>CHq(B

$B!!(BInternet-Draft $B$,=P$?$=$&$G$9(B:

$B"#(B $B%&%$%k%9BP:v%=%U%HF3F~:Q$_(BXP SP2$B$G%V%k!<%9%/%j!<%s$K$J$kIT6q9g(B
(Internet Watch, 2004.11.26)

$B!!(BWindows XP SP2 / XP Tablet PC Edition 2005 / Server 2003 $B$K7g4Y!#(B http.sys $B$K7g4Y$,$"$j!"(B

$B>l9g$K!"(Bhttp.sys $B$,%9%?%C%/$rGK2u$7$F$7$^$&!#$=$N7k2L!"(BOS $B$,%V%k!<%5%s%@!<>uBV$K$J$C$F$7$^$&!#(BTDI $B%U%#%k%?%I%i%$%P$O!"E57?E*$K$O%"%s%A%&%$%k%9%=%U%H$d%U%!%$%"%&%)!<%k%=%U%H$K4^$^$l$k$=$&$@!#(B

$B!!$3$N7g4Y$O(B Windows XP gold / SP1 $B$K$OB8:_$7$J$$!#(B

$B!!(BWindows XP SP2 $BMQ$N(B patch (KB887742) $B$O$"$k$,!"(BWindows Server 2003 $BMQ$N(B patch $B$O$^$@$J$$LOMM!#(BWindows XP Tablet PC Edition 2005 $BMQ$N(B patch $B$K$D$$$F$OL@5-$5$l$F$$$J$$$N$@$,!"(B

The Windows XP SP2 features and components are included in Windows XP Tablet PC Edition 2005.

$B$@$=$&$J$N$G!"(BWindows XP SP2 $BMQ$N(B patch $B$rE,MQ$G$-$k$s$8$c$J$$$+$H$$$&5$$,$9$k!#(B

2005.02.24 $BDI5-(B:

$B!!(BKB 887742 $B$NF|K\8lHG$,EP>l(B: 887742 - Windows XP Service Pack 2 $B$^$?$O(B Windows Server 2003 $B$G(B Stop $B%(%i!<(B "Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)" $B$,I=<($5$l$k(B$B!#(B $B$^$?!"(Bpatch $B$,(B Windows Update $B$G$bG[I[$5$l$F$$$k$=$&$@(B ($BF|7P(B IT Pro)$B!#(B $B$?$@$7!"(BWindows Server 2003 $BMQ$N(B patch $B$O$^$@$J$$$7!"(BWindows XP Tablet PC Edition 2005 $B$K(B Windows XP Service Pack 2 $BMQ$N(B patch $B$rE,MQ$7$F$b$$$$$N$+H]$+$bL@3N$G$O$J$$!#(BWindows XP Tablet PC Edition 2005 $B$G(B Windows Update $B$7$F$_$l$PEz$O$o$+$k$N$+$b$7$l$J$$!#(B

$B"#(B 2004.11.25

$B"#(B $BDI5-(B

Microsoft Internet Explorer Two Vulnerabilities

$B!!(BInternet Explorer 6.0 SP2 File Download Security Warning Bypass Exploit (k-otik.com)$B!#>e5-$K$*$1$k!"8e$B%F%9%H%Z!<%8(B $B$r$D$/$j$^$7$?!#(B

$B!!%^%+%U%#!<$O$3$N(B exploit $B$KBP1~$7$?$h$&$G$9(B: Exploit-NotFound$B!#(B

[Full-Disclosure] Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities

$B!!(Bfix / patch:

Bash scripts run via Sudo can be subverted

$B!!(Bfix / patch:

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B unarj 2.63 $B0JA0$K(B 2 $B$D$N7g4Y(B
(various)

$B!!(Bunarj 2.63a $B0JA0$K(B 2 $B$D$N7g4Y!#(B

$B!!(Bunarj $B$8$c$J$/$F(B arj $B$r;H$&$Y$-!"$H$$$&OC$b$"$kLOMM!#(BDebian $B$N(B unstable $B$G$O(B unarj $B$O(B arj $B$N%@%_!<(B$B$i$7$$!#(B

fix / patch:

$B"#(B XSS vulnerability in plugin/color.inc.php (1.4.x)
($B%?%l%3%_(B, 2004.11.25)

$B!!(BPukiWiki 1.4.x $B$K4^$^$l$k(B color $B%W%i%0%$%s$K!"%/%m%9%5%$%H%9%/%j%W%F%#%s%07g4Y$,B8:_$7$?$=$&$G$9!#(Bplugin/color.inc.php 1.13 $B$G=$@5$5$l$F$$$k$=$&$G$9!#(B heno $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2004.11.24

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B $BDI5-(B

[Full-Disclosure] iDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability

$B!!4XO"$+(B: F-Secure Security Bulletin FSC-2004-3: ZIP-files with zero size may bypass scanning$B!#(B $B=$@5%W%m%0%i%`$,$"$k$N$GE,MQ$9$l$P$h$$!#(B

[SA13269] Winamp "IN_CDDA.dll" Buffer Overflow Vulnerability

$B!!(BWinamp 5.06 $B$G$b7g4Y$,=$@5$5$l$F$$$J$$;]$,!"LdBjH/8+[Full-Disclosure] Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]$B!#(B $BLdBjH/8+

$B"#(B Sun Alert ID 57591: Security Vulnerability With Java Plug-in in JRE/SDK
(Sun, 2004.11.22)

$B!!(BJava SDK / JRE 1.4.2_05 $B0JA0!"(B1.4.1 $B$*$h$S(B 1.4.0 $B7ONsA4$F!"(B1.3.1_12 $B0JA0$K7g4Y!#$3$l$i$K4^$^$l$k(B Java Plug-in $B$K7g4Y$,$"$j!"(BJavaScript $B$rMxMQ$7$F!"(BJava $B%;%-%e%j%F%#%^%M!<%8%c$rL58z$K$G$-$F$7$^$&!#$3$N7k2L!"(BJava $B%"%W%l%C%H$r%5%s%I%\%C%/%9$K$h$k@)8B$J$7$GF0:n$5$;$k$3$H$,2DG=$H$J$k!#(B

$B!!(BJava SDK / JRE 1.4.2_06 $B$*$h$S(B 1.3.1_13 $B$G=$@5$5$l$F$$$k!#(B $B$^$?!"(BSDK / JRE 5.0 $B$K$O$3$N7g4Y$O$J$$!#4XO"(B:

2004.11.29 $BDI5-(B:

$B!!(B.go.jp $BJ}LL$J$I$NEE;R?=@A%7%9%F%`$K$O(B Java $B$r;H$C$?$b$N$,B?$$$o$1$G$9$,!"Nc$K$h$C$F!"$3$N7g4Y$X$NBP1~$O?J$s$G$$$J$$$h$&$G$9!#Nc(B:

2004.12.10 $BDI5-(B:

$B!!(B$B%5%s!"(BJava$B%W%i%0%$%s$NG[I[$GIT (CNET, 2004.12.08)$B!#IT

$B!!$$$?$,$-$5$s$+$i(B ($B$"$j$,$H$&$4$6$$$^$9(B):

Java$B%W%i%0%$%s$N%"%C%W%G!<%HG[I[$NLdBj$K$D$$$F(BCNET$B$KJs$8$i$l$F$$$^$7$?$,!":#F|8=:_!"%W%i%0%$%s$N<+F0%"%C%W%G!<%H5!G=!J%3%s%H%m!<%k%Q%M%k$K$h$k$b$N!K$,5!G=$7$F$$$J$$$h$&$G$9!#(B1.4.2_05$B$N%^%7%s$G

$B!!;n$7$K(B J2SE SDK 1.4.2_03 $B$r%$%s%9%H!<%k$7$F!"(BJava Plug-in $B%3%s%H%m!<%k%Q%M%k$+$i%"%C%W%G!<%H$7$F$_$?$i!"$=$3$K8=$l$k$N$O(B J2SE JRE 1.4.2_05-b04 $B$H$$$&$b$N$G$7$?!#$U$%$`!#$J$<(B 1.4.2_06 $B$G$O$J$$$N$G$7$g$&$M$(!#(B

2005.01.07 $BDI5-(B:

$B!!(BSYM05-001: Sun Alert ID 57591:Java Runtime Environment (JRE) ($B%7%^%s%F%C%/(B, 2005.01.04)$B!#(BSymantec Gateway Security 5400 Series v2.0 / v2.0.1 $B!"(BSymantec Enterprise Firewall v8.0 $B$,3:Ev$9$k$=$&$G$9!#(B

$B"#(B 2004.11.23

$B"#(B [Full-Disclosure] Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities
(Full-Disclosure, Tue, 23 Nov 2004 08:22:48 +0900)

$B!!(BCyrus IMAP Server $B$K(B 4 $B$D$N7g4Y!#967b

$B!!(BCyrus IMAP Server 2.2.9 $B$G=$@5$5$l$F$$$k!#(B

fix / patch:

$B"#(B APPLE-SA-2004-11-22 iCal 1.5.4
(Apple, 2004.11.23)

$B!!(BiCal 1.5.3 $B0JA0$K7g4Y!#(B iCal $B$G%+%l%s%@!<$r3+$/$H$-!"$"$k$$$O(B import $B$9$k$H$-$K!"$=$N%+%l%s%@!<$K(B alarm $B$,4^$^$l$F$$$F$b!"2?$N7Y9p$bI=<($5$l$J$+$C$?!#(B alarm $B$K$O%W%m%0%i%`$r3+$$$?$j%a!<%k$rAw$C$?$j$G$-$k5!G=$,$"$k$?$a!"0-0U$"$k%+%l%s%@!<$K$h$C$FG$0U$N%3%^%s%I$,7Y9p$J$7$K

$B!!(BiCal 1.5.4 $B$G=$@5$5$l$F$$$k!#(BiCal 1.5.4 $B$G$O!"$=$N$h$&$J%+%l%s%@!<$r3+$/(B / import $B$9$k:]$K$O>5G'$r5a$a$k$h$&$K$J$C$?$h$&$@!#(B

$B"#(B [SA13269] Winamp "IN_CDDA.dll" Buffer Overflow Vulnerability
(secunia, Tue, 23 Nov 2004 18:54:47 +0900)

$B!!(BWinamp 5.05 $B0JA0$K7g4Y!#(BIN_CDDA.dll $B$K(B stack buffer overflow $B$9$k7g4Y$,$"$j!"(B $B:Y9)$7$?(B .m3u $B%U%!%$%k$rMxMQ$7$FG$0U$N%3!<%I$r\:Y(B: [Full-Disclosure] Winamp - Buffer Overflow In IN_CDDA.dll

$B!!(BWinamp 5.06 $B$G=$@5$5$l$F$$$k!#(B

2004.11.24 $BDI5-(B:

$B!!(BWinamp 5.06 $B$G$b7g4Y$,=$@5$5$l$F$$$J$$;]$,!"LdBjH/8+[Full-Disclosure] Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]$B!#LdBjH/8+

2004.12.06 $BDI5-(B:

$B!!(BWinamp 5.07 $B$,EP>l$7$F$$$^$9!#7g4Y$,=$@5$5$l$?$3$H$K$J$C$F$$$k$h$&$G$9!#(B

$B"#(B [Full-Disclosure] Sun Java Plugin arbitrary package access vulnerability
(Full-Disclosure, Tue, 23 Nov 2004 10:39:38 +0900)

$B!!8m2r$r>7$-$d$9$$FbMF$@$C$?$N$G!"=q$-$J$*$7$^$7$?!#(B $B=q$-D>$7$?$b$N(B: 57591: Security Vulnerability With Java Plug-in in JRE/SDK

$B"#(B 2004.11.22

$B"#(B 883951 - Microsoft Office 2004 for Mac Service Pack 1 (11.1.0) $B$K$D$$$F(B
(Microsoft, 2004.11.19)

$B!!%;%-%e%j%F%#$JOC$H$7$F$O!"(B

FileVault $B$,M-8z$J>l9g$G$b<+F0%P%C%/%"%C%W$,@5>o$KF0:n$7$^$9!#(B
$B%^%/%m$r4^$`=qN`$r3+$/$H$-$N%;%-%e%j%F%#$,6/2=$5$l$^$7$?!#(B
SSL $B$r;HMQ$7$?(B SMTP $B$,6/2=$5$l$^$7$?!#(B

$B$"$?$j$+!#(Bimprove $B$NLu8l$O!V6/2=$9$k!W$h$j$b!V2~A1$9$k!W$NJ}$,E,@Z$J>l9g$,B?$$$H;W$&$N$@$,!#(B

$B!!$"$H!"(BOffice 2004 for Mac SP1 $B$K$D$$$F$O!"$3$s$JOC$b$"$k$=$&$G(B: 888136 - [XL2004] Excel 2004 for Mac $B$r=*N;$9$k;~$N%(%i!<(B "$BHsI=<(%b%8%e!<%k(B AutoExec $BFb$G%3%s%Q%$%k(B $B%(%i!<$,H/@8$7$^$7$?!#(B" (Microsoft)$B!#(B

$B"#(B 890435 - [MacIE] $B;XLf$,(B17 $B%P%$%HI=<($5$l$k!#(B
(Microsoft, 2004.11.19)

$B!!(BMac OS X $BMQ(B IE 5.2 $B$K$*$1$k(B $B>ZL@=q$N(B fingerprint $B$NI=<($K$*$$$F!"(B17 $B%P%$%HL\$,0[>o$K$J$k$3$H$,$"$kLOMM!#(B

1$B%P%$%HL\$+$i(B16$B%P%$%HL\$N>pJs$,@5$7$$>l9g$K$O;XLf>pJs$,@5$7$$$HH=CG$G$-$^$9$N$G(B $B!"8=>]$,H/@8$7$?:]$K$O(B 17 $B%P%$%HL\$OL5;k$7$F2<$5$$!#(B

$B!!$3$N2q$7$J$5$$!#(B

$B"#(B $BDI5-(B

ISA Server 2000 $B$*$h$S(B Proxy Server 2.0 $B$N@H

$B!!(B890097 - $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#99?7%W%m%0%i%`(B MS04-039 $B$N%$%s%9%H!<%k8e$KJ#?t$N>c32$,H/@8$9$k(B (Microsoft)

IE 6$B$K?7$?$J%P%C%U%!%*!<%P!<%U%m!Z%3!<%I$O8x$K(B

$B!!%"%I%&%'%"20$5$s$b$3$N7g4Y$r;H$$$O$8$a$?$h$&$G$9(B:

$B!!(B62.4.84.45 $B$O$^$@@8$-$F$$$k$h$&$G$9!#(Bget $B$G$-$k$b$N$r8!::$7$F$_$k$H!"(B

  • ClamAV 0.80 (main.cvd 28, daily.cvd 600) $B$O(B mmdom.exe $B$r(B Trojan.Dropper.Virmo-1 $B$H$7$F8!=P$7$^$7$?!#(B
  • $B%H%l%s%I%^%$%/%m(B VSAPI v7.000-1011 (2.257.00) $B$O(B minst.exe $B$r(B TROJ_DLOADER.R $B$H$7$F8!=P$7$^$7$?!#(B
  • $B%^%+%U%#!<(B VSE 8.0i (engine 4320, dat 4409) $B$O(B minst.exe $B$r(B Vundo $B$H$7$F8!=P$7$^$7$?!#(B
  • NOD32 (1.928) $B$O(B mmdom.exe $B$r(B Win32/Spy.Agent.NAD $B%H%m%$$H$7$F8!=P$7$^$7$?!#(B
  • Sophos AntiVirus 3.87.0 $B$O2?$b8!=P$7$^$;$s$G$7$?!#(B

$B"#(B 2004.11.19

$B"#(B netVigilance Security Advisory 5: Multiple XSS Vulnerabilities in phpMyAdmin 2.6.0-pl2 and prior
(netvigilance.com, 2004.11.18)

$B!!(BphpMyAdmin 2.6.0-pl2 $B0JA0$KJ#?t$N%/%m%9%5%$%H%9%/%j%W%F%#%s%07g4Y$,$"$k$=$&$G!"(B2.6.0-pl3 $B$GD>$C$?$=$&$G$9!#(B

$B"#(B ZoneAlarm Security Suite / ZoneAlarm Pro Ad-Blocking Instability
(Zone Labs, 2004.11.18)

$B!!(BZoneAlarm Security Suite / ZoneAlarm Pro $B$K7g4Y!#(B ad-blocking $B5!G=$K7g4Y$,$"$j!"(Bweb $B%5%$%H>e$NFCuBV$K$J$k!#(B

$B!!(B2004.11.8 $B$KEP>l$7$?(B 5.5.062 $BHG$G=$@5$5$l$F$$$k!#(B Check For Update $B$rMxMQ$7$F%"%C%W%G!<%H$9$l$P$h$$!#(B

$B"#(B $BDI5-(B

pacsec.jp $B$+$i(B

$B!!(Bpacsec.jp $B$K;22C$7$?J}$+$i!"(BFirewire/IEEE1394$B$KJ*M}E*%;%-%e%j%F%#?/32$K$D$J$,$k@H $B$O62$$$b$N$,$"$C$?;]!"65$($F$$$?$@$$$?!#(B $B%?!<%2%C%H%3%s%T%e!<%?$K(B IEEE1394 $B7PM3$G967bpJs$K%"%/%;%9$G$-$kB>!"%?!<%2%C%H%3%s%T%e!<%?>e$GF0:n$7$F$$$k%W%m%;%9$N8"8B$rD>@\(B (!) $BJQ99$G$-$?$j$9$k!D!D$H$$$&%G%b$,9T$o$l$?LOMM!#(B

[SquirrelMail Security Advisory] Cross Site Scripting in encoded text

$B!!(Bfix / patch:

ISA Server 2000 $B$*$h$S(B Proxy Server 2.0 $B$N@H

$B!!(BISA Server 2000 (SBS 2000 / 2003) $BMQ$N(B patch $B$,2~D{$5$l$F$$$^$9!#(B

  • ISA Server 2000 SP1 $B$GF0:n$9$k$?$a$KI,MW$J%U%!%$%k$,ITB-$7$F$$$?(B
  • Windows 2000 SP3 $B$K$&$^$/%$%s%9%H!<%k$G$-$J$+$C$?(B
Bash scripts run via Sudo can be subverted

$B!!$H$+8@$C$F$$$k4V$K(B sudo 1.6.8p4 $B$,=P$^$7$?$h!#(B

552) The KRB5CCNAME environment variable is preserved during sudo execution for password lookups that use GSSAPI.

$B$@$=$&$G$9!#(B

Microsoft Windows $B$N%;%-%e%j%F%#99?7%W%m%0%i%`(B (840987) (MS04-032)

$B!!(BWORM_GOLTEN.A ($B%H%l%s%I%^%$%/%m(B)$B!#(B Graphics Rendering Engine $B$N@H $B$rMxMQ$9$k%&%$%k%9$@$=$&$G$9!#(B

$B"#(B Microsoft Internet Explorer Two Vulnerabilities
(secunia, 2004.11.17)

$B!!(BSP2 $B$r4^$`(B Internet Explorer 6 $B$K(B 2 $B$D$N7g4Y$,$"$k!"$H$$$&;XE&!#(B

$B!!N>e$KJ]B8$5$;$3$H$,2DG=$H$J$k$H$$$&!#(B

$B!!2sHr$9$k$K$O!"%"%/%F%#%V%9%/%j%W%H$rL58z$H$7!"%U%)%k%@%*%W%7%g%s!VEPO?$5$l$F$$$k3HD%;R$OI=<($7$J$$!W$rL58z$K$9$k(B ($B%A%'%C%/$r30$9(B)$B!#(B

$B!!$J$*!"(BMS$B!"(BIE$B$N@H (ITmedia, 11/18) $B$N$h$&$K!V(Bsecunia $B$,%P%i$7$?!W$H4*0c$$$7$F$$$k?M$,$$$k$h$&$@$,!"(B secunia $B$,Js$8$?7g4Y$rH/8+$7$?$N$O(B cyber flash $B$H$$$&!"(Bsecunia $B$N30$N?M$NLOMM!#(B $B40A4L$8x3+$J$i(B secunia $B$OJs$8$J$$$@$m$&$+$i!"$I$3$+$G$O>\:Y$,8x3+$5$l$F$$$k$N$@$m$&(B ($B21B,EY(B 200%)$B!#(B

2004.11.25 $BDI5-(B:

$B!!(BInternet Explorer 6.0 SP2 File Download Security Warning Bypass Exploit (k-otik.com)$B!#>e5-$K$*$1$k!"8e$B%F%9%H%Z!<%8(B $B$r$D$/$j$^$7$?!#(B

$B!!%^%+%U%#!<$O$3$N(B exploit $B$KBP1~$7$?$h$&$G$9(B: Exploit-NotFound$B!#(B

$B"#(B $BB>$N(B IE $B$M$?(B
(various)

$B"#(B FreeBSD Security Advisory FreeBSD-SA-04:16.fetch
(announce-jp, Fri, 19 Nov 2004 10:59:04 +0900)

$B!!(BFreeBSD $B$KIUB0$N(B fetch $B%3%^%s%I$K7g4Y!#@0?t%*!<%P!<%U%m!<$,860x$K$h$k(B buffer overflow $B$,H/@8!#96N,%5!<%P$K(B fetch $B$G@\B3$7$?>l9g$K!"(Bfetch $BF0:n8"8B$K$h$jG$0U$N%3!<%I$r

$B!!(BFreeBSD 4.8 / 4.10 / 5.2 / 5.3 $BBP1~$N(B patch $B$,MQ0U$5$l$F$$$kB>!":G?7$N(B RELENG_4_7 / RELENG_5_0 $B0J9_$G=$@5$5$l$F$$$k!#(B

$B"#(B JVN#B410A83F: Shuriken Pro3 $B$N(BS/MIME$B5!G=$G=pL>8!>Z;~$K(BFrom$B%"%I%l%9$,3NG'$5$l$J$$(B
(JVN, 2004.11.19)

$B!!(BShuriken Pro3 $B$K7g4Y!#EE;R=pL>%a!<%k$K$*$$$F!">ZL@=q$NEE;R%a!<%k%"%I%l%9$H!"Aw$i$l$F$-$?EE;R%a!<%k$K5-:\$5$l$?EE;R%a!<%k%"%I%l%9$,0[$J$C$F$$$F$b7Y9p$,I=<($5$l$J$$$?$a!"ITE,@Z$JEE;R=pL>%a!<%k$r@5Ev$HH=CG$7$F$7$^$$$+$M$J$$!#(B

$B!!(B2004.11.16 $B0J9_$N(B Shuriken Pro3 $B%"%C%W%G!<%H%b%8%e!<%k(B$B$K$h$jBP1~$5$l$F$$$k!#(B Shuriken Pro3 $B$K$O(B Shuriken Pro3 $B!"(BShuriken Pro3$B!!(B/R.2$B!"(BShuriken Pro3 /R.2 [$B%Y%j%5%$%s(B $B%;%-%e%j%F%#%a!<%k%;%C%H(B]$B$G%G%8%?%k=pL>IU$-$G%a!<%k$rAw?.$7$?:]$K]$K$D(B $B$$$F(B $B$H$$$&OC$b$"$j!"$3$l$K$D$$$F$O(B 2004.06.30 $B0J9_$N%"%C%W%G!<%H%b%8%e!<%k$GBP1~$5$l$F$$$k$h$&$G$9$M!#(B

$B"#(B JVN#7C9208F1: Becky! Internet Mail $B$K$*$1$k(BS/MIME $B$N=pL>8!>Z$K@H
(JVN, 2004.11.17)

$B!!(BBecky! S/MIME plug-in 1.03 $B0JA0$K7g4Y!#(B$B>ZL@=q%A%'%$%s(B$B$d>ZL@=q$NM-8z4|4V$,8!>Z$5$l$J$$$?$a!"<+8J=pL>>ZL@=q$rMxMQ$7$?:>>NEE;R=pL>%a!<%k$K5$$,$D$+$J$+$C$?$j!"4|8B@Z$l$N>ZL@=q$K$h$k=pL>$K5$$,$D$+$J$+$C$?$j$9$k!#(B $B$^$?!">ZL@=q$NEE;R%a!<%k%"%I%l%9$H!"Aw$i$l$F$-$?EE;R%a!<%k$K5-:\$5$l$?EE;R%a!<%k%"%I%l%9$,0[$J$C$F$$$F$b7Y9p$,I=<($5$l$J$$$?$a!"ITE,@Z$JEE;R=pL>%a!<%k$r@5Ev$HH=CG$7$F$7$^$$$+$M$J$$!#(B

$B!!(BBecky! S/MIME plug-in 1.04 $B$G=$@5$5$l$F$$$k!#(BBecky! S/MIME plug-in 1.04 $B$O(B 2004.09.20 $B$K:n@.$5$l$F$$$k$h$&$G$9$M!#(B

$B"#(B InterScan for Lotus Notes: InterScan$B4IM}
($B%H%l%s%I%^%$%/%m(B, 2004.11.17)

$B!!(BInterScan for Lotus Notes 2.51, 2.51J, 2.6, 2.6+SP1 $B$K7g4Y!#(B $B4IM}

$B!!(Bpatch $B$O:#$N$H$3$mB8:_$7$J$$$h$&$@!#2sHrJ}K!$,5-$5$l$F$$$k$N$G!"$$$:$l$+$NJ}K!$r

$B"#(B 2004.11.18

$B"#(B $BDI5-(B

Apache <= 1.3.32 mod_include local buffer overflow Exploit

$B!!(Bfix / patch:

Bash scripts run via Sudo can be subverted

$B!!$I$&$d$i(B sudo 1.6.8p2 $B$OIT==J,$@$C$?$h$&$G!"(Bsudo 1.6.8p3 $B$,=P$F$$$^$9!#(B 1.6.8p2 $B$G=$@5$5$l$?$O$:$N(B

549) Bash exported functions and the CDPATH variable are now stripped from the environment passed to the program to be executed.

$B$,(B 1.6.8p3 $B$G$O(B

549) Bash exported functions are now stripped from the environment passed to the program to be executed.

$B$H$J$C$F$*$j!"?7$?$K(B

550) The CDPATH variable is now stripped from the environment passed to the program to be executed.

551) Fix temp file generation on systems where the _PATH_VARTMP macro lacks a trailing slash.

$B$,DI2C$5$l$F$$$^$9!#$D$^$j!"(B1.6.8p2 $B$G$O(B CDPATH $B$^$o$j$,L$=$@5$G$"$k!"$H!#(B $B$&$%!"(B1.6.8p2 $B$rF~$l$^$/$C$?$N$K!D!D!#(B(T_T)

$B"#(B 2004.11.16

$B"#(B [SA12995] ImageMagick EXIF Parser Buffer Overflow Vulnerability
(secunia, 2004.10.28)

$B!!(BImageMagick 6.1.1 $B0JA0$K7g4Y!#(BEXIF $B7A<0%U%!%$%k$N=hM}$K$*$$$F(B buffer overflow $B$9$k7g4Y$,$"$j!"96N,(B EXIF $B%U%!%$%k$K$h$C$FG$0U$N%3!<%I$NCAN-2004-0981

$B!!(BImageMagick 6.1.2 $B0J9_$G=$@5$5$l$F$$$k!#(B ChangeLog $B$N(B

2004-10-25 Daniel Kobras <kobras@debian.org>
* Fix EXIF code to prevent an overflow of the ifdstack array by one entry.

$B$,$3$N=$@5!#(B

fix / patch:

$B"#(B Yahoo! JAPAN ID$B$H%Q%9%o!<%I$rIT@5$KEp$_
(Yahoo!, 2004.11.15)

$B!!(B[memo:7884] Yahoo!$B$rAu$C$?F|K\8l%U%#%C%7%s%0%a!<%k(B $B$G8l$i$l$F$$$k%U%#%C%7%s%0%a!<%k$NOC!#(B [memo:7890] $B$K$h$k$H!"$3$N%U%#%C%7%s%0$O(B Yahoo! $B%a!<%k(B$B$KB8:_$9$k%/%m%9%5%$%H%9%/%j%W%F%#%s%0@HpJs$r[memo:7895] $B$K$h$k$H!"56%5%$%H$K$b7g4Y$,$"$k$?$a!"56%5%$%H$KAw$i$l$?$O$:$N(B ID / password $B>pJs$,!"qY$5$l$F$$$kB>$N(B Yahoo! $B%f!<%6$KEO$C$F$7$^$&>l9g$,$"$kLOMM!#(B

$B!!2sHrJ}K!$H$7$F$O!"(Bweb $B%V%i%&%6$G(B JavaScript $B$rL58z$H$9$l$P$h$$$h$&$G$9(B [memo:7892]$B!#$7$+$7(B JavaScript $BL58z$J(B web $B%V%i%&%6$G(B Yahoo! $B%a!<%k$K%"%/%;%9$9$k$H!"!V$4MxMQ$N%V%i%&%6$N(BJavaScript$B$N@_Dj$,L58z$K$J$C$F$$$k>l9g$O2<5-$N$C$F!"(BJavaScript$B$N@_Dj$rM-8z$K$7$F$/$@$5$$!W$H8@$o$l$F$7$^$$$^$9$M!#(B

2004.12.06 $BDI5-(B:

$B!!>\:Y$,8x3+$5$l$F$$$^$9(B: $B%d%U!<$+$i$NDLCN$rAu$C$?F|K\8l%U%#%C%7%s%0$G2?$,5/$-$F$$$?$+(B ($B9bLZ9@8w!w<+Bp$NF|5-(B, 2004.12.05)$B!#(B

$B"#(B Samba 3.x QFILEPATHINFO unicode filename buffer overflow
(bugtraq, 2004.11.16)

$B!!(BSamba 3.0.7 $B0JA0$N(B 3.0.x $B$K7g4Y!#(B $B:Y9)$7$?(B TRANSACT2_QFILEPATHINFO $B%j%/%(%9%H$K$h$j(B UJNICODE $B%U%!%$%kL>$G$N(B buffer overflow $B$,H/@8!"(Bremote $B$+$iG$0U$N%3!<%I$NCAN-2004-0882

$B!!(BSamba 3.0.8 $B$G=$@5$5$l$F$$$k!#$^$?(B Samba 3.0.7 $BMQ$N(B patch $B$,MQ0U$5$l$F$$$k!#(B

$B"#(B IPSwitch-IMail-8.13 Stack Overflow in the DELETE Command
(bugtraq, 2004.11.13)

$B!!(BIPSwitch IMail 8.13 $B$K7g4Y!#D9Bg$J(B DELETE $B%3%^%s%I$K$h$j(B buffer overflow $B$,H/@8$9$k$?$a!"(BIMail $B$NG'>Z$rDL2a$G$-$k%f!<%6$,!"(BIMail $B>e$GG$0U$N%3!<%I$r

$B!!:G?7$O(B 8.14 $B$N$h$&$@$1$I!"$3$N7g4Y$,=$@5$5$l$F$$$k$N$+$I$&$+$O$h$/$o$+$i$J$$!#(B $B>pJs$O(B Support $B$N%Z!<%8(B $B$K$$$m$$$m$"$k$_$?$$$J$s$@$1$I!#(B

$B"#(B [SA13191] Skype "callto:" URI Handler Buffer Overflow Vulnerability
(secunia, 2004.11.16)

$B!!(BWindows $BHG$N(B Skype $B$K7g4Y!#(Bcallto: URI $B$NThe vulnerability affects versions 1.0.*.95 through 1.0.*.98 $B$H=q$$$F$$$k$,!"(BWindows $BHG(B Skype $B$N(B Change Log $B$r8+$k8B$j!"$=$l$K9gCW$9$k$N$O(B 1.0.0.97 $B$N$_!#(B

$B!!:G?7$N(B Skype 1.0.0.100 $B$G=$@5$5$l$F$$$kLOMM!#(B

$B!!4XO"(B: [Full-Disclosure] Skype callto:// BoF technical details

$B"#(B 2004.11.15

$B"#(B Bash scripts run via Sudo can be subverted
(Sudo, 2004.11.11)

$B!!(Bsudo 1.6.8p1 $B0JA0$K7g4Y!#(B sudo $B$G(B bash $B%9%/%j%W%H$rl9g!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=$JLOMM!#(Bsudo 1.6.8p2 $B$G=$@5$5$l$F$$$k!#$^$?!"(Bsudoers $B%U%!%$%k$G(B

Defaults env_reset

$B$r@_Dj$9$k$3$H$G2sHr$G$-$k!#(B

2004.11.18 $BDI5-(B:

$B!!$I$&$d$i(B sudo 1.6.8p2 $B$OIT==J,$@$C$?$h$&$G!"(Bsudo 1.6.8p3 $B$,=P$F$$$^$9!#(B 1.6.8p2 $B$G=$@5$5$l$?$O$:$N(B

549) Bash exported functions and the CDPATH variable are now stripped from the environment passed to the program to be executed.

$B$,(B 1.6.8p3 $B$G$O(B

549) Bash exported functions are now stripped from the environment passed to the program to be executed.

$B$H$J$C$F$*$j!"?7$?$K(B

550) The CDPATH variable is now stripped from the environment passed to the program to be executed.

551) Fix temp file generation on systems where the _PATH_VARTMP macro lacks a trailing slash.

$B$,DI2C$5$l$F$$$^$9!#$D$^$j!"(B1.6.8p2 $B$G$O(B CDPATH $B$^$o$j$,L$=$@5$G$"$k!"$H!#(B $B$&$%!"(B1.6.8p2 $B$rF~$l$^$/$C$?$N$K!D!D!#(B(T_T)

2004.11.19 $BDI5-(B:

$B!!$H$+8@$C$F$$$k4V$K(B sudo 1.6.8p4 $B$,=P$^$7$?$h!#(B

552) The KRB5CCNAME environment variable is preserved during sudo execution for password lookups that use GSSAPI.

$B$@$=$&$G$9!#(B

fix / patch:

$B"#(B $BDI5-(B

[UNIX] Apache Multiple Space Header DoS

$B!!(Bfix / patch:

Fixed in Apache httpd 2.0.53-dev: SSLCipherSuite bypass CAN-2004-0885

$B!!(Bfix / patch:

$B"#(B 2004.11.12

$B"#(B 0081-01$B!!(BVERITAS Cluster Server $B$N%;%-%e%j%F%#@H
(CTC, 2004.11.12)

$B!!(BVERITAS Cluster Server Solaris $BHG(B / Linux $BHG$K7g4Y!#(B local user $B$,(B root $B8"8B$rC%

$B"#(B Mozilla Firefox Multiple Vulnerabilities
(secunia, 2004.11.10)

$B!!(BMozilla Firefox $B$N@5<0HG(B 1.0 $B$G$O!"%W%l%j%j!<%9HG$KB8:_$7$?!"(B Known Vulnerabilities in Mozilla $B$K$O5-:\$5$l$F$$$J$$(B 3 $B$D$N7g4Y$,=$@5$5$l$F$$$k$=$&$@!#(B

$B!!(BFirefox $BMxMQ

$B"#(B Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service
(CISCO, 2004.11.10)

$B!!(BCISCO IOS 12.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW $B$K7g4Y!#(BDHCP $B%5!<%P(B / DHCP $B%j%l!<%(!<%8%'%s%H$rF0:n$5$;$F$$$k(B (no service dhcp $B$7$F$$$J$$(B) $B>l9g$K!"FCDj$N:Y9)$7$?!"G[Aw$G$-$J$$$h$&$J(B DHCP $B%Q%1%C%H$rAw$i$l$k$H!"$=$l$,F~NO(B queue $B$KN/$j$D$E$1$F$7$^$&!#$=$N$h$&$J%Q%1%C%H$G(B queue $B$,Kd$a$D$/$5$l$k$H(B DoS $B>uBV$K$J$C$F$7$^$&!#(B

$B!!(BDHCP $B$,I,MW$J$1$l$P(B no service dhcp $B$9$k$3$H$G$3$N7g4Y$r2sHr$G$-$k!#$^$?(B ACL $B$rMxMQ$9$k$3$H$G!"967b$r.$5$/$9$k$3$H$,$G$-$k!#(B

$B!!BP1~$H$7$F$O!"=$@5HG$N(B IOS $B$,MQ0U$5$l$F$$$k$N$G!"$=$l$KF~$l$+$($l$P$h$$!#(B

$B!!4XO"(B:

$B"#(B [UNIX] Apache Multiple Space Header DoS
(securiteam, Tue, 02 Nov 2004 23:14:32 +0900)

$B!!(Bapache 2.0.35$B!A(B2.0.52 $B$K7g4Y!#BgNL$N6uGr%j%/%(%9%H$rAw$k$H!"(Bapache $B$,(B DoS $B>uBV$K$J$C$F$7$^$&!#(B

$B!!:G?7$N(B apache 2.0.x $B3+H/HG$G$O=$@5$5$l$F$$$kLOMM!#(B

fix / patch:

2005.02.11 $BDI5-(B:

$B!!(BApache 2.0.53 $B$,EP>l$7$?!#(B CHANGES_2.0

$B"#(B SYM04-016: Symantec Norton AntiVirus Auto-Protect $B%"%i!<%HDLCN$N@H
($B%7%^%s%F%C%/(B, 2004.11.10)

$B!!$3$N$X$s$NOC(B:

$B!!;XE&

$B!!(BNorton AntiVirus 2005 $BMQ$N(B patch $B$,$"$j!"%5%]!<%H$+$iF~

$B"#(B 2004.11.11

$B"#(B [Full-Disclosure] Linux ELF loader vulnerabilities
(Full-Disclosure, Wed, 10 Nov 2004 20:59:25 +0900)

$B!!(BLinux 2.4.27 $B0JA0(B / 2.6.8 $B0JA0$N(B ELF $B%P%$%J%j%m!<%@$K$*$$$F!"(B setuid $B$5$l$?%P%$%J%j$N=hM}$KJ#?t$N7g4Y$,$"$k$H$$$&;XE&!#(B local user $B$,(B root $B8"8B$rC%

$B!!(BLinux 2.6.9 $B$bF1MM$@$H(B$B%U%)%m!<(B$B$5$l$F$$$k!#(B

$B"#(B [SA13130] Samhain Database Update Code Buffer Overflow Vulnerability
(secunia, 2004.11.09)

$B!!(BSamhain 1.8.9$B!A(B2.0.1 $B$K7g4Y!#(B $B%G!<%?%Y!<%9$r99?7$9$k$?$a$N%3!<%I$K7g4Y$,$"$j!"(Blocal user $B$,(B samhain $BF0:n8"8B$rC%

Fixed buffer overflow in sh_hash_compdata() (only in 'update' code)

$B!!(BSamhain 2.0.2 $B$G=$@5$5$l$F$$$k!#:G?7$O(B 2.0.2a$B!#(B

$B"#(B XSS@truste.org
(bugtraq, Tue, 09 Nov 2004 01:05:49 +0900)

$B!!(Bhttps://www.truste.org/ivalidate.php $B$K%/%m%9%5%$%H%9%/%j%W%F%#%s%0LdBj$,B8:_$9$k$H$$$&;XE&!#(B

$B"#(B [SquirrelMail Security Advisory] Cross Site Scripting in encoded text
(bugtraq, Wed, 10 Nov 2004 15:04:51 +0900)

$B!!(BSquirrelMail 1.4.3a $B0JA0(B / 2004.11.23 $B0JA0$N(B 1.5.1-cvs $B$K7g4Y!#(B $BFCDj$N%X%C%@$K$*$1$k(B encoded text $B$N%G%3!<%I$K:]$7$F%/%m%9%5%$%H%9%/%j%W%F%#%s%0LdBj$,H/@8!#(B 1.4.3a $BMQ$N(B patch $B$,MQ0U$5$l$F$$$k!#(B 1.5.1-cvs $B$K$D$$$F$O!":G?7$N$b$N$O=$@5$5$l$F$$$k!#1JLn$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!(BCVE: CAN-2004-1036

fix / patch:

$B"#(B Vulnerability Issues in Implementations of the DNS Protocol
(NISCC, 2004.11.09)

$B!!FCDj$N(B DNS $Bu67$,$"$jF@$k$?$a!"(BDoS $B>uBV$,H/@8$7F@$k!#(B $B$H$$$&M}2r$G$$$$$N$+$J!#(B

$B!!7g4Y$N$"$k$b$N$H$7$F$O!"(BAxis $BPoslib $B$,<($5$l$F$$$k!#(B $BBP1~$9$k(B JVN$B!"(BNISCC-758884: DNS$B%W%m%H%3%k (JVN) $B$K$O7g4Y$N$"$k$b$N$O5-:\$5$l$F$$$J$$!#(B

$B"#(B 2004.11.10

$B"#(B ISA Server 2000 $B$*$h$S(B Proxy Server 2.0 $B$N@H
(Microsoft, 2004.11.10)

$B!!(BISA Server 2000 $B$*$h$S(B Proxy Server 2.0 $B$K7g4Y!#(B ISA Server 2000 $B$*$h$S(B Proxy Server 2.0 $B$O!"(B DNS $B$N5U0z$-$GF@$i$l$?>pJs$r%-%c%C%7%e$9$k$N$O$$$$$N$@$,!"$3$N5U0z$-%-%c%C%7%e$r@50z$-$K$b;HMQ$7$F$7$^$&(B ($B$J$s$A$e$&>N$r0z$-$*$3$9$3$H$,2DG=!#7k2L$H$7$F!"(B ISA Server 2000 $B$^$?$O(B Proxy Server 2.0 $B$r7PM3$7$F%$%s%?!<%M%C%H$K@\B3$9$k$H!"56%5!<%P$KM6F3$5$l$F$7$^$&2DG=@-$,$"$k!#(B ISA 2000 $B$O(B SBS 2000 / 2003 $B$K$b4^$^$l$F$$$k$N$GCm0U!#(B ISA 2004 $B$K$O$3$N7g4Y$O$J$$!#(B CVE: CAN-2004-0892$B!#(B

$B!!2sHr:v$H$7$F$O!"(BISA Server 2000 $B$*$h$S(B Proxy Server 2.0 $B$N(B DNS $B%-%c%C%7%e%5%$%:$r(B 0 $B$H$9$k!#6qBNE*$JJ}K!$O(B 889189 - How to work around the ISA Server 2000 and Proxy Server 2.0 DNS spoofing vulnerability described in Microsoft Security Bulletin MS04-039 $B$G2r@b$5$l$F$$$k!#(B

$B!!BP1~$H$7$F$O!"(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#(B patch $B$O(B Proxy Server 2.0 SP1 $B$*$h$S(B ISA 2000 SP1 / Feature Pack 1 / SP2 $B$KE,MQ$G$-$k!#(B

2004.11.19 $BDI5-(B:

$B!!(BISA Server 2000 (SBS 2000 / 2003) $BMQ$N(B patch $B$,2~D{$5$l$F$$$^$9!#(B

2004.11.22 $BDI5-(B:

$B!!(B890097 - $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#99?7%W%m%0%i%`(B MS04-039 $B$N%$%s%9%H!<%k8e$KJ#?t$N>c32$,H/@8$9$k(B (Microsoft)

$B"#(B $BDI5-(B

Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (834707) (MS04-038)

$B!!(BMS04-038 $B$N(B 2004.11.10 $BIUJQ99$KBP1~$7!"(Bheartbeat.ocx $B$r(B hrtbeat.ocx $B$K=$@5!#(B

GD Graphics Library integer overflow leading to heap overflow

$B!!(Bfix / patch:

$B"#(B [Full-Disclosure] EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service
(bugtraq, Wed, 10 Nov 2004 03:38:13 +0900)

$B!!(BKerio Personal Firewall 4.0.0$B!A(B4.1.1 $B$K7g4Y!#(BFWDRV.SYS $B$K7g4Y$,$"$j!"D9$5(B 0x00 $B$N(B IP $B%*%W%7%g%s$r@_Dj$7$?(B TCP / UDP / ICMP $B%Q%1%C%H$K$h$C$FL58B%k!<%W$K4Y$C$F$7$^$&!#(B Kerio Personal Firewall 4.1.2 $B$G=$@5$5$l$F$$$k!#(B

$B!!4XO"(B: KSEC-2004-11-04-01 (kerio.com)

$B"#(B 2004.11.09

$B"#(B [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7
(bugtraq, Tue, 09 Nov 2004 02:45:02 +0900)

$B!!(Bsamba 3.0.7 $B0JA0$N(B 3.0.x $B$K7g4Y!#(B $B%o%$%k%I%+!<%IJ8;z$,4^$^$l$?%U%!%$%kL>$KBP$9$kF~NOCM8!>Z$K7g4Y$,$"$j!"(Bremote $B$+$i(B DoS $B967b(B ($B9b(B CPU $BIi2Y(B) $B$rpatch $B$,MQ0U$5$l$F$$$k$N$GE,MQ$9$l$P$h$$!#(B

$B!!4XO"(B:

$B"#(B $BDI5-(B

IE 6$B$K?7$?$J%P%C%U%!%*!<%P!<%U%m!Z%3!<%I$O8x$K(B

$B!!(B[memo:7841] $B$J$I$G:F8=@.8y$,Js9p$5$l$F$$$?$N$G!"(Bweb $B%5!<%P$N@_Dj$r8+D>$7$?$H$3$m!":F8=$K@.8y$7$?!#(BPoC $B%3!<%I$O(B UNICODE $B$G=q$+$l$F$$$k$N$@$1$I!" 

<Files *.html>
    ForceType 'text/html; charset=ISO-2022-JP'
</Files>

$B$K$7$F$"$C$?$N$G!"$J$s$@$+JQ$K$J$C$F$$$?LOMM!#(B

$B!!$H$$$&$o$1$G!"$3$l$O%d%P$$$G$9$M!#$3$N7g4Y$,=$@5$5$l$k$^$G$O!"(BIE $B$NMxMQ$O$7$J$$J}$,$h$5$=$&$G$9!#(BWindows XP SP2 $B$J$i$@$$$8$g$&$V$J$h$&$G$9$,!#(B $B4XO"(B: IE$B$K?7$?$J%;%-%e%j%F%#!&%[!<%k!$(BWeb$B%Z!<%8$d(BHTML$B%a!<%k$r3+$/$@$1$GHo32$r ($BF|7P(B IT Pro, 11/4)$B!#(B

$B!!$"$H!"(BMcAfee VSE 8.0i $B$r%$%s%9%H!<%k$7$F$"$k$H!"(BVSE 8.0i $B$N%P%C%U%!%*!<%P!<%U%m!$B2hA|(B$B!#(B

$B!!(BHandler's Diary November 8th 2004 (SANS ISC)$B!#$3$N7g4Y$rMxMQ$9$k(B MyDoom $B0!l$7$F$$$k$h$&$G$9!#(B

$B!!(Bexploit $BMQ$N(B signature $B$bMQ0U$5$l$F$$$k$h$&$G$9(B:

$B!!4XO"(B: $B%a!<%k$N%j%s%/$r%/%j%C%/$9$k$@$1$G46@w!"(BIE$B$N@H (Internet Watch, 11/9)

$B"#(B 2004.11.08

$B"#(B IE 6$B$K?7$?$J%P%C%U%!%*!<%P!<%U%m!Z%3!<%I$O8x$K(B
(ITmedia, 2004.11.03)

$B!!(BMSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: pyth on does mangleme (with IE bugs!)) $B$N7o$@$H;W$o$l$^$9!#(B $BBP1~J}K!$H$7$F$O!"!V(BIE $B$O;H$o$J$$!W$K$J$k$s$G$9$+$M$(!#(B $B

2004.11.09 $BDI5-(B:

$B!!(B[memo:7841] $B$J$I$G:F8=@.8y$,Js9p$5$l$F$$$?$N$G!"(Bweb $B%5!<%P$N@_Dj$r8+D>$7$?$H$3$m!":F8=$K@.8y$7$?!#(BPoC $B%3!<%I$O(B UNICODE $B$G=q$+$l$F$$$k$N$@$1$I!" 

<Files *.html>
    ForceType 'text/html; charset=ISO-2022-JP'
</Files>

$B$K$7$F$"$C$?$N$G!"$J$s$@$+JQ$K$J$C$F$$$?LOMM!#(B

$B!!$H$$$&$o$1$G!"$3$l$O%d%P$$$G$9$M!#$3$N7g4Y$,=$@5$5$l$k$^$G$O!"(BIE $B$NMxMQ$O$7$J$$J}$,$h$5$=$&$G$9!#(BWindows XP SP2 $B$J$i$@$$$8$g$&$V$J$h$&$G$9$,!#(B $B4XO"(B: IE$B$K?7$?$J%;%-%e%j%F%#!&%[!<%k!$(BWeb$B%Z!<%8$d(BHTML$B%a!<%k$r3+$/$@$1$GHo32$r ($BF|7P(B IT Pro, 11/4)$B!#(B

$B!!$"$H!"(BMcAfee VSE 8.0i $B$r%$%s%9%H!<%k$7$F$"$k$H!"(BVSE 8.0i $B$N%P%C%U%!%*!<%P!<%U%m!$B2hA|(B$B!#(B

$B!!(BHandler's Diary November 8th 2004 (SANS ISC)$B!#$3$N7g4Y$rMxMQ$9$k(B MyDoom $B0!l$7$F$$$k$h$&$G$9!#(B

$B!!(Bexploit $BMQ$N(B signature $B$bMQ0U$5$l$F$$$k$h$&$G$9(B:

$B!!4XO"(B: $B%a!<%k$N%j%s%/$r%/%j%C%/$9$k$@$1$G46@w!"(BIE$B$N@H (Internet Watch, 11/9)

2004.11.22 $BDI5-(B:

$B!!%"%I%&%'%"20$5$s$b$3$N7g4Y$r;H$$$O$8$a$?$h$&$G$9(B:

$B!!(B62.4.84.45 $B$O$^$@@8$-$F$$$k$h$&$G$9!#(Bget $B$G$-$k$b$N$r8!::$7$F$_$k$H!"(B

2004.11.30 $BDI5-(B:

$B!!(B$B%U%#%s%i%s%I@/I\!"(BIE$B$N;HMQCf;_$r4+9p(B--MS$B$N(BBofra$BBP:v5^$,$l$k(B (CNET, 2004.11.29)$B!#(B $B85%M%?$O(B http://www.ficora.fi/suomi/tietoturva/cert.htm#2004-11-25_1337 (CERT-FI) $B$+$J$"!#(B

$B!!$A$J$_$K(B 2004.11.22 $B$NOC$G$9$,!"$=$N8e(B Sophos $B$O(B minst.exe $B$r(B Troj/Virtum-A $B$H$7$F8!=P$9$k$h$&$K$J$j$^$7$?!#(Bmmdom.exe $B$O%"%I%&%'%"$J$N$G$"$($F8!=P$7$F$$$J$$$h$&$G$9!#(B

2004.12.02 $BDI5-(B:

$B!!(Bpatch $B$,=P$?$h$&$G$9(B: Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (889293) (MS04-040) (Microsoft)$B!#(B

$B"#(B Cisco Security Advisory: Vulnerability in Cisco Secure Access Control Server EAP-TLS Authentication
(CISCO, 2004.11.02)

$B!!(BCisco Secure Access Control Server (ACS) 3.3.1 $B$K7g4Y!#(BEAP-TLS $BG'>Z$K$*$$$F!"(B $B7A<0E*$K@5Ev$J>ZL@=q$G$"$l$P!"<+8J=pL>$@$m$&$,2?$@$m$&$,

$B"#(B Medium Risk Vulnerability in WinRAR
(bugtraq, Wed, 03 Nov 2004 00:50:20 +0900)

$B!!(BWinRAR 3.40 $B0JA0$K!V(Bmedium risk vulnerability$B!W$,B8:_$7!"(BWinRAR 3.41 $B$G=$@5$5$l$?$N$@$=$&$@!#>\:Y$K$D$$$F$O(B 2005.02.02 $B$K8x3+$5$l$k$=$&$@!#(B

$B"#(B $B4+9p!'(B Sophos Anti-Virus for Windows $B$H!V%a!<%k%\%C%/%9$r8!:w$9$k!W%*%W%7%g%s(B
(Sophos, 2004.11.03)

$B!!!V%a!<%k%\%C%/%9$r8!:w$9$k!W$O;H$C$A$c%@%a$i$7$$!#(B

$B"#(B $B4+9p!'(BMailMonitor for SMTP - Unix $B%P!<%8%g%s(B2.1 $B$K$*$1$k!"JQ7A$5$l$?%a!<%k$N%;%-%e%j%F%#LdBj(B
(Sophos, 2004.11.05)

$B!!(BSophos MailMonitor for SMTP - UNIX 2.1 $B$K7g4Y!#(B $B>\:YITL@$@$,!":Y9)$7$?%a!<%k$K$h$C$F2?$+$,5/$3$kLOMM!#(B Linux / Solaris $BMQ$N%"%C%W%G!<%H%Q%C%1!<%8$,MQ0U$5$l$F$$$k$N$GE,MQ$9$l$P$h$$!#(B

$B"#(B #57606: Buffer Overflow Vulnerabilities in Sun Java System Web Proxy Server
(Sun, 2004.11.03)

$B!!(BSun Java System Web Proxy Server (Sun ONE Proxy Server) 3.6 SP4 $B0JA0$K7g4Y!#(B buffer overflow $B$9$k7g4Y$,$"$j!"(Bremote $B$+$i(B Web Proxy Server $BF0:n8"8B(B ($B%G%U%)%k%H(B: nobody) $B$"$k$$$O(B Admin Server $BF0:n8"8B(B ($B%G%U%)%k%H(B: root) $B$rC%

$B!!4XO"(B: Buffer Overflow Vulnerabilities in Sun Java System Web Proxy Server (pentest.co.uk)$B!"(B Sun fixes flaw in Java proxy server (techtarget.com)$B!#(Bconnect $B$r$&$^$/07$($J$$$=$&$G!#(B

$B"#(B GD Graphics Library integer overflow leading to heap overflow
(bugtraq, 2004.10.26)

$B!!(BGD 2.0.28 $B0JA0$K7g4Y!#(BPNG $B%U%!%$%k$Ne$GG$0U$N%3!<%I$rCAN-2004-0990

$B!!(BGD 2.0.29 $B$G=$@5$5$l$F$$$k!#:G?7$O(B 2.0.33$B!#(B

fix / patch:

$B"#(B [SA13028] Shadow "passwd_check()" Security Bypass Vulnerability
(secunia, 2004.10.29)

$B!!(Bshadow 4.0.4.1 $B0JA0$K7g4Y!#(Blibmisc/pwdcheck.c $B$N(B passwd_check() $B$K7g4Y$,$"$j!"(B local user $B$,(B chfn $B$d(B chsh $B$rMxMQ$7$F%"%+%&%s%H$N%W%m%Q%F%#$r0U?^$7$J$$7A$GJQ99$G$-$F$7$^$&!#(B CVE: CAN-2004-1001

$B!!(Bshadow 4.0.5 $B$G=$@5$5$l$F$$$k!#(B

fix / patch:

$B"#(B iptables May Fail to Automatically Load Some Modules
(securitytracker.com, 2004.11.01)

$B!!(Biptables 1.2.11 $B$K7g4Y!#FCDj$N>u67$G!"I,MW$J%b%8%e!<%k$,%m!<%I$5$l$J$$!#(B iptables.c $B$H(B ip6tables.c $B$K7g4Y$,4^$^$l$kLOMM!#(B CVS $BHG$G$O=$@5$5$l$F$$$k$=$&$@$,!"$$$D$N;~E@$GD>$C$?$N$+$h$/$o$+$i$J$$!#(B CVS $B$N(B web $B%$%s%?!<%U%'%$%9$O;`$s$G$$$k$h$&$@$7!#(B CVE: CAN-2004-0986

fix / patch:

$B"#(B Linux 2.6$B%+!<%M%k$K%;%-%e%j%F%#!&%[!<%k!"(BSUSE$B@=IJ$N0lIt$K1F6A(B
(japan.linux.com, 2004.11.01)

$B!!(B2.6.7 $B0JA0$N(B Linux 2.6.x $B%+!<%M%k$K7g4Y!#(B iptables $B$K@0?t%"%s%@!<%U%m!<$9$k7g4Y$,$"$j!"(Bremote $B$+$i(B DoS $B967b$r

$B"#(B $BDI5-(B

ZIP $B%U%!%$%k$M$?(B

$B!!(B[Full-Disclosure] [HV-MED] Zip/Linux long path buffer overflow $B$N(B patch $B$,<($5$l$F$$$k(B: $B$=$N(B1$B!"(B $B$=$N(B2$B!#(B

IE$B$K(B2$B

$B!!(B888534 - Internet Explorer $B$N%;%-%e%j%F%#>e$NLdBj(B "$B%/%j%C%/$H%9%/%m!<%k(B" $B$+$i%3%s%T%e!<%?$rJ]8n$9$kJ}K!(B (Microsoft)$B!#(B MS04-038 $B$rE,MQ$7!"%$%s%?!<%M%C%H%>!<%s$*$h$S%$%s%H%i%M%C%H%>!<%s$G!V%U%!%$%k$N%I%i%C%0(B/$B%I%m%C%W!"$^$?$O%3%T!<(B/$BE=$jIU$1!W$rL58z$H$9$l$P2sHr$G$-$k$h$&$G$9!#(B

$B"#(B 2004.11.05

$B!!2?F|$bA0$N%a!<%k$r:#$4$mFI$s$G$$$k%b!<%I!#(B

$B"#(B ZIP $B%U%!%$%k$M$?(B
(various)

2004.11.08 $BDI5-(B:

$B!!(B[Full-Disclosure] [HV-MED] Zip/Linux long path buffer overflow $B$N(B patch $B$,<($5$l$F$$$k(B: $B$=$N(B1$B!"(B $B$=$N(B2$B!#(B

2004.11.26 $BDI5-(B:

$B!!(BSYM04-017: Symantec Windows LiveUpdate $B$K%5!<%S%95qH]$*$h$S%G%#%l%/%H%j(I%$B%H%i%P!<%5%k$N$o$:$+$J4m81@-(B ($B%7%^%s%F%C%/(B, 2004.11.23)$B!#(B

2004.12.06 $BDI5-(B:

$B!!(Bzip 2.3 $BJ}LL(B fix:

$B"#(B Microsoft Security Bulletin Advance Notification Announcement
(Microsoft, 2004.11.04)

$B!!(B$B!V4k6H%f!<%6!<$b(BWindows XP SP2$B$rE,MQ$9$Y$-!W!=!=JF(BMS$B$N%;%-%e%j%F%#:G9b@UG$ ($BF|7P(B IT Pro, 9/24) $B$K$"$k!VFCDj$N8\5R$K%;%-%e%j%F%#>pJs$rA0$b$C$FCN$i$;$k@)EY!W$NDs6!BP>]$,!"(BNDA $B$J?M$N$_$+$i(B IT Pro $B0lHL$K$J$C$?LOMM!#$9$P$i$7$$!#(B $B$?$@$7$3$N>pJs!"(B

However, this information often changes due to the complexity of testing security updates. Therefore, the notification should not be viewed definitive.

$B$"$/$^$GM=Dj$G$"$C$F7hDj$G$O$J$$$N$GCm0U$7$^$7$g$&!#(B

$B!!(B$B $B$KM=Dj$5$l$F$$$k$N$O!"(BISA $B%5!<%P$N!V=EMW!W$J=$@5(B 1 $B7o!"$@$=$&$G$9!#(B

$B"#(B $BDI5-(B

Apache <= 1.3.32 mod_include local buffer overflow Exploit

$B!!(Bfix / patch:

OpenPKG Security Advisory: OpenPKG-SA-2004.038-zlib

$B!!(Bzlib 1.2.2 $B$,=P$?$=$&$G$9!#(B

$B"#(B 2004.11.04

$B"#(B 2004.11.02

$B"#(B 2004.11.01

$B"#(B $BDI5-(B

New URL spoofing bug in Microsoft Internet Explorer

$B!!$5$i$K?7$?$JRe: New URL spoofing bug in Microsoft Internet Explorer$B!#(B $BNc$K$h$C$F(B$B%F%9%H%Z!<%8(B$B$r$D$/$C$F$_$?!#(B IE 6.0 SP2 $B$G$b$R$C$+$+$k$C$]$$(B ($B?'$,JQ$@$1$I(B)$B!#(BMozilla 1.7.3 $B$O$R$C$+$+$i$J$$!#(B Opera 7.54 $B$@$H$R$C$+$+$j$=$&(B ($B$h$/8+$l$PH=CG$G$-$k$+$b$J$N$@$1$I(B)$B!#(B

$B!!4XO"(B: IE$B$N%9%F!<%?%9!&%P!<$r56Au$9$k ($BF|7P(B IT Pro, 2004.11.01)

PuTTY SSH2_MSG_DEBUG Buffer Overflow Vulnerability

$B!!(BWinSCP 3.71 $B$,=P$F$$$^$9!#(BSSH core upgraded to PuTTY 0.56 $B$@$=$&$G$9!#(Bstm_d $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!(BPuTTY 0.56 + IPv6 patch10 + fix01 $B$H$$$&$b$N$,$"$k$=$&$G$9!#(Bstm_d $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

JVN#E59B594B $BDa55%a!<%k$K$*$1$k(BS/MIME$B$N=pL>8!>Z$K@H

$B!!4XO"(B: $B3+H/ ($B9bLZ9@8w!w0q>k8)$D$/$P;T(B $B$NF|5-(B, 2004.10.30)$B!#(B

Apache <= 1.3.32 mod_include local buffer overflow Exploit

$B!!(Bapache 1.3.33 $B$,=P$^$7$?!#$3$N7g4Y$,=$@5$5$l$F$$$^$9!#(B CHANGES_1.3$B!#(B

[$B%;%-%e%j%F%#%[!<%k(B memo]
$B;d$K$D$$$F(B