$B%;%-%e%j%F%#%[!<%k(B memo - 2005.11

Last modified: Thu Nov 4 11:28:26 2010 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2005.11.30

$B"#(B $BF|K\#E#R#I$,;XE&!VBg?CG'Dj%W%m%0%i%`$O2~cb2DG=!W(B
(asahi.com, 2005.11.30)

$B!!!V7zJ*$N9=B$7W;;$K;H$&9qEZ8rDLAjG'Dj$N@lMQ$N%W%m%0%i%`!W$K7g4Y$,$"$k$H$$$&;XE&!#(B

$B;THN$NJ8=qJT=8%=%U%H$r;H$&$H7W;;ESCf$N%G!<%?$N=q$-49$($,2DG=$G!"IT@5$J%G!<%?$rF~NO$7$F$b!VE,9g!W$H$N7k2L$,=P$k$3$H$,$o$+$C$?$H$$$&!#$3$N>l9g!"@5$7$$%W%m%0%i%`$r;H$C$?$3$H$r<($9G'DjHV9f$b0u:~$G$-$k$H$$$&!#(B
$B!!F1o$N?3::$G2~$6$s$r8+GK$k$3$H$OFq$7$$!W$H@bL@!#6a$/8!>ZFbMF$r9q8r>J$KJs9p$9$k$H$$$&!#(B

$B!!!V7zJ*$N9=B$7W;;$K;H$&9qEZ8rDLAjG'Dj$N@lMQ$N%W%m%0%i%`!W$H$$$&$N$O3F$B$0$0$C$F$_$k%F%9%H(B)$B!"$I$N2q$BEE;;%W%m%0%i%`?3::(B ($B:bCDK!?MF|K\7zC[%;%s%?!<(B) $B$H$$$&$C$FG'Dj$5$l$k$h$&$J$N$@$,!"$3$3$K$O!V%G!<%?$N2~$6$sIT2DG=@-!W$J$I$H$$$C$?8!::9`L\$OA4$/$J$5$2!#(B

$B!!$J$*!"$3$N;XE&$r9T$C$?(B$BF|K\(B ERI $B$O!"(B$BF|K\#E#R#I$,#4O"F-!"BQ?L8!::873J$NM%0L@-$KI>2A9b$^$k(B (asahi.com, 2005.11.22) $B$J$s$F5-;v$,=P$k$[$I$N2q$B;PMU7zC[;N$K$h$k56Au$r8+H4$1$J$+$C$?%1!<%9$,$"$k(B ($BF|K\(B ERI, 2005.11.29) $B$=$&$G!#(B $B$=$N56Au$,$3$N;XE&$K$D$J$,$C$F$$$k$N$@$m$&$,!"7k6I$N$H$3$m!"87L)$J%/%m%9%A%'%C%/$O9T$o$l$F$$$J$$$H$$$&$3$H$_$?$$$G$9$M$(!#(B $BF|K\(B ERI $B$N3t2A(B (Yahoo)$B!#(B

2005.12.01 $BDI5-(B:

$B!!(B$B%W%m%0%i%`=PNO$N??@5@-$N3NG'$r$I$&9T$C$F$$$?$N$+!)(B ($BIpED7=;K(B, 2005.12.01)

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B $BDI5-(B

Internet Explorer $B$N(B JavaScript $B$N@H

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (911302): Internet Explorer $B$N(B onLoad $B%$%Y%s%H$r=hM}$9$kJ}K!$N@H (Microsoft) $B$,99?7$5$l$F$$$^$9!#$^$@(B patch $B$O$"$j$^$;$s!D!D$,!"(B

$B$3$ND4::$N40N;;~$K!"%^%$%/%m%=%U%H$O%^%$%/%m%=%U%H$N$*5RMM$rJ]8n$9$kl9g$,$"$j$^$9!#(B

$B!!$H$D$<$s=P$9$+$b$7$l$J$$$+$i6C$/$J$h!"$H$$$&$3$H$+$J!#(B

$B"#(B About Security Update 2005-009
(Apple, 2005.11.29)

$B!!(BMac OS X 10.3.9 / 10.4.3 $BMQ$N?7$?$J%;%-%e%j%F%#99?7!#(B

$B"#(B Sun Java JRE Sandbox Security Bypass Vulnerabilities
(Secunia, Tue, 29 Nov 2005 20:21:46 +0900)

$B!!(BSun Java 2 Platform, Standard Edition (J2SE) 1.3.x / 1.4.x / 5.x $B$K7g4Y!#(B

$B!!4XO"(B: Sun$B$N(BJava$B (slashdot.jp, 2005.11.30)

2005.12.02 $BDI5-(B:

$B!!(BAbout the security content of J2SE 5.0 Release 3 (Apple)

2006.01.16 $BDI5-(B:

$B!!96N,%5%$%H;vNc$,8=$l$?LOMM(B: Java$B$N%;%-%e%j%F%#!&%[!<%k$rFM$/(BWeb$B%5%$%H$,=P8=!$0- ($BF|7P(B IT Pro, 2006.01.13)$B!#(B

$B"#(B Cisco Security Advisory: Cisco Security Agent Vulnerable to Privilege Escalation
(Cisco, 2005.11.30)

$B!!(BCisco Security Agent 4.5.0 / 4.5.1 $B$K7g4Y!#(Blocal user $B$K$h$k8"8B>e>:(B ($B4IM}

$B"#(B 2005.11.29

$B"#(B $BDI5-(B

JCE 1.2.1 $B$N>ZL@=q4|8B@Z$l$K4X$9$kCm0U4-5/(B

$B!!(BIBM JCE 1.2.1 $B>ZL@=qM-8z4|8B@Z$l$KH<$&(BTivoli$B@=IJ$X$N1F6A$K$D$$$F(B (Tivoli-05-064) (IBM, 2005.11.25)$B!#(B $B!V(B2006$BG/(B3$B7n:"!W$H$+!V(B2006$BG/(B6$B7n:"!W$H$+$$$&J8;zNs$,$"$C$F!"$J$+$J$+$"$l$G$9!#(B

Internet Explorer $B$N(B JavaScript $B$N@H

$B!!$3$NLdBj$KBP$9$k(B Norton Internet Security (NIS) $B$NBP1~$K$h$C$F!"(B2ch.net $BJ}LL$G$5$o$.$K$J$C$F$$$?LOMM(B:

$B!!(Bmailto:<$B#b#o#d#y!!#o#n#l#o#a#d(B=window()> ($BK\Ev$O(B $B#b#o#d#y!!#o#n#l#o#a#d(B $B$8$c$J$/$F(B body onload) $B$K(B NIS $B$,H?1~$7$F$7$^$&$?$a!"$=$&$$$&=q$-$3$_$,$"$k$H0lDj;~4V1\Mw$G$-$J$/$J$C$F$7$^$C$F$$$?!"$H$$$&$3$H$G$$$$$N$+$J!#(B (Hideck $B$5$s46

$B"#(B 2005.11.28

$B"#(B 2005.11.26

$B"#(B $BDI5-(B

$B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<$O%9%Q%$%&%'%"$+!)(B

$B!!%H%l%s%I%^%$%/%m$O!"?7$7$$(B EULA $B$rMQ0U$7$F!"MxMQ

$B!!$A$J$_$K5=BP:v%D!<%k%P!<$OL58z$K$7$F$7$^$C$?!#(B $B%j%/%(%9%HKh$K$$$A$$$A(B WAN $B7PM3$GLd$$$"$o$;$9$k$H$$$&;EMM$O$J$"!D!D!#(B $B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<(B ($B@1_7M5Fs%a%b(B, 2005.11.02) $B$K$O(B tis14-JP.url.trendmicro.com $B$H$$$&L>A0$,=P$F$/$k$N$GD4$Y$F$_$k$H!"(B 

% host tis14-JP.url.trendmicro.com
tis14-JP.url.trendmicro.com is a nickname for trendmicro.georedirector.akadns.net
trendmicro.georedirector.akadns.net is a nickname for trendmicro.com.edgesuite.net
trendmicro.com.edgesuite.net is a nickname for a151.g.akamai.net
a151.g.akamai.net has address 60.254.129.103
a151.g.akamai.net has address 60.254.129.102

$B!!(Bakamai $B2=$5$l$F$O$$$k$h$&$G$9$,!D!D!#(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B"#(B 2005.11.25

$B"#(B $BDI5-(B

$B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<$O%9%Q%$%&%'%"$+!)(B

$B!!$D$E$-$N5-;v(B:

$B!!$=$7$F$5$-$[$I!"0J2<$N%5%]!<%H>pJs$,8x3+$5$l$^$7$?!#(B

$B!!%"%/%;%9@h(B URL $B$H%"%/%;%9@h(BIP$B%"%I%l%9$,%H%l%s%I%^%$%/%m$KAw$i$l$k;EMM$@$=$&$G$9!#(B

Internet Explorer $B$N(B JavaScript $B$N@H

$B!!%7%^%s%F%C%/$bBP1~$7$?$h$&$G$9(B (info from [memo:8871])$B!#(B

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + Norton AntiVirus 2005 $B$G;n$7$?$H$3$m!"8!=P$O$9$k$b$N!"%9%/%j%W%H<+BN$OF0$$$F$7$^$&$h$&$G!"8+;v$KEEBn$,I=<($5$l$F$7$^$C$?!#(B

$B"#(B 2005.11.24

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B $BDI5-(B

Internet Explorer $B$N(B JavaScript $B$N@H

$B!!%^%+%U%#!<$H%H%l%s%I%^%$%/%m$,BP1~$7$?$h$&$G$9!#(B

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + VirusScan Enterprise 8.0i (DAT4635) $B$G;n$7$?$H$3$m!"(BJS/Exploit-BO.gen $B$O8!=P$5$l$?$b$N$N!"%9%/%j%W%H<+BN$OF0$$$F$7$^$&$h$&$G!"8+;v$KEEBn$,I=<($5$l$F$7$^$C$?!#(B

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + $B%&%$%k%9%P%9%?!<(B 2006 (DAT 2.965.00) $B$N>l9g$O!"(BJS_ONLOADXPLT.A $B$r8!=P$7$?>e$G!"%9%/%j%W%H$b;_$^$k$_$?$$!#(B

$B"#(B 2005.11.22

$B"#(B The Twenty Most Critical Internet Security Vulnerabilities (Updated) ~ The Experts Consensus (SANS TOP 20)
(SANS, 2005.11.22)

$B!!2~D{$5$l$F(B Version 6.0 $B$K$J$C$F$$$^$9!#(B$B%W%l%9%j%j!<%9(B$B!#(B

$B"#(B Internet Explorer $B$N(B JavaScript $B$N@H
(JPCERT/CC, 2005.11.22)

$B!!(BWindows $BMQ$N(B Internet Explorer 5.x / 6.x $B$K7g4Y!#(B $B$3$NOC(B:

$B!!(B$B8x3+Ev=i(B$B$O(B DoS $BOC$G$"$k$HG'<1$5$l$F$$$?$,!"PoC $B%3!<%I(B$B$,8x3+$5$l$F$$$k!#(B $B

$B!!%"%/%F%#%V%9%/%j%W%H$rL58z$K$9$l$P2sHr$G$-$k!#(B $B$^$?(B snort $B$G8!=P$9$k$?$a$N%k!<%k$,8x3+$5$l$F$$$k(B: Snort Rule released on BleedingSnort for the Windows Javascript vulnerability (SANS ISC)$B!#(B

$B!!4XO"(B:

$B!!4XO"JsF;(B:

2005.11.24 $BDI5-(B:

$B!!%^%+%U%#!<$H%H%l%s%I%^%$%/%m$,BP1~$7$?$h$&$G$9!#(B

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + VirusScan Enterprise 8.0i (DAT4635) $B$G;n$7$?$H$3$m!"(BJS/Exploit-BO.gen $B$O8!=P$5$l$?$b$N$N!"%9%/%j%W%H<+BN$OF0$$$F$7$^$&$h$&$G!"8+;v$KEEBn$,I=<($5$l$F$7$^$C$?!#(B

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + $B%&%$%k%9%P%9%?!<(B 2006 (DAT 2.965.00) $B$N>l9g$O!"(BJS_ONLOADXPLT.A $B$r8!=P$7$?>e$G!"%9%/%j%W%H$b;_$^$k$_$?$$!#(B

2005.11.25 $BDI5-(B:

$B!!%7%^%s%F%C%/$bBP1~$7$?$h$&$G$9(B (info from [memo:8871])$B!#(B

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + Norton AntiVirus 2005 $B$G;n$7$?$H$3$m!"8!=P$O$9$k$b$N!"%9%/%j%W%H<+BN$OF0$$$F$7$^$&$h$&$G!"8+;v$KEEBn$,I=<($5$l$F$7$^$C$?!#(B

2005.11.29 $BDI5-(B:

$B!!$3$NLdBj$KBP$9$k(B Norton Internet Security (NIS) $B$NBP1~$K$h$C$F!"(B2ch.net $BJ}LL$G$5$o$.$K$J$C$F$$$?LOMM(B:

$B!!(Bmailto:<$B#b#o#d#y!!#o#n#l#o#a#d(B=window()> ($BK\Ev$O(B $B#b#o#d#y!!#o#n#l#o#a#d(B $B$8$c$J$/$F(B body onload) $B$K(B NIS $B$,H?1~$7$F$7$^$&$?$a!"$=$&$$$&=q$-$3$_$,$"$k$H0lDj;~4V1\Mw$G$-$J$/$J$C$F$7$^$C$F$$$?!"$H$$$&$3$H$G$$$$$N$+$J!#(B (Hideck $B$5$s46

2005.11.30 $BDI5-(B:

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (911302): Internet Explorer $B$N(B onLoad $B%$%Y%s%H$r=hM}$9$kJ}K!$N@H (Microsoft) $B$,99?7$5$l$F$$$^$9!#$^$@(B patch $B$O$"$j$^$;$s!D!D$,!"(B

$B$3$ND4::$N40N;;~$K!"%^%$%/%m%=%U%H$O%^%$%/%m%=%U%H$N$*5RMM$rJ]8n$9$kl9g$,$"$j$^$9!#(B

$B!!$H$D$<$s=P$9$+$b$7$l$J$$$+$i6C$/$J$h!"$H$$$&$3$H$+$J!#(B

2005.12.02 $BDI5-(B:

$B!!(BNIS $B$G$N8m8!=P$G$9$,!"$B$3$A$i(B$B$O8!=P$7$^$9$,!"(B$B$3$A$i(B$B$O8!=P$7$^$;$s$G$7$?!#(B NIS $B$N%k!<%k!V(BHTTP MSIE JavaScript OnLoad Rte CodeExec$B!W$rL58z$K$7$F2sHr$7$F$$$?>l9g$O!":F$SM-8z$K$7$F$_$k$H$$$$$+$b$7$l$^$;$s!#(B

$B!!$5$F!"$3$N7g4Y$rMxMQ$9$k%^%k%&%'%"(B TrojanDownloader:Win32/Delf.DH $B$,EP>l$7$?$H$$$&$3$H$G!"3F%"%s%A%&%$%k%9%Y%s%@!<$+$i$N>pJs$b99?7$5$l$F$$$k$h$&$G$9!#(B

  • JS/Exploit-BO.gen ($B%^%+%U%#!<(B)$B!#(B

    VirusScan Enterprise 8.0i / Managed VirusScan
    Generic Buffer Overflow Protection protects against code execution that may result from exploiting this vulnerability.

    McAfee Entercept
    Entercept's Generic Buffer Overflow Protection protects against code execution that may result from exploiting this vulnerability.

    McAfee IntruShield
    Updated signatures are available for Trimble release with http response support.

    McAfee Foundstone
    Updated signatures have been released.

  • Bloodhound.Exploit.54 ($B%7%^%s%F%C%/(B)

  • JS_WINDEXP.A$B!"(B JS_ONLOADXPLT.A ($B%H%l%s%I%^%$%/%m(B)

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + VirusScan Enterprise 8.0i $B$K$*$$$F!"(B JS/Exploit-BO.gen $B$,8!=P$5$l$k$b$N$NEEBn$,I=<($5$l$F$7$^$&7o$G$9$,!"(B VSE 8.0i Patch 11 $B$K$9$l$P%9%/%j%W%H$N

2005.12.06 $BDI5-(B:

$B!!(BIE$B$N%Q%C%AL$8x3+%;%-%e%j%F%#!&%[!<%k$rA@$&(BWeb$B%5%$%H$,A}2CCf(B ($BF|7P(B IT Pro, 2005.12.05) $B$@$=$&$G$9!#4XO"(B: Hackers exploit unpatched Internet Explorer bug to install malware (Sophos)$B!#(B

2005.12.10 $BDI5-(B:

$B!!(BTTFOXZ$B$NF|5-(B $B$G(B NIS $B$N8m8!=P$N7o$O$^$@D>$C$F$J$$$H;XE&$5$l$F$$$?$N$G!"(B $B$B$3$A$i(B $B$G$bH?1~$7$F$7$^$$$^$9$M!#$&!<$s!#(B2005.12.02 $B$N%F%9%H7k2L$O2?$@$C$?$s$@!D!D(B orz$B!#(B $B$H$j$"$($:Bg13$D$$$F$$$?$_$?$$$G$9$$$^$;$s!#(B

$B%IAG?M$G$bJ,$+$k;v$@$m$&$K!#(B

$B!!%IAG?ML$K~$G$9$$$^$;$s$M$(!#(B

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B%;%-%e%j%F%#!&%W%m%H%3%k$N

$B"#(B 2005.11.21

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

IE$B$d(BOpera$B$K%9%F!<%?%9!&%P!<$r56Au$G$-$kLdBj(B

$B!!(BSafari 1.3.1 (v312.3.1) $B$d(B iCab2.9.8 $B$b$@$a$@$=$&$G$9!#(BRay $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B Windows Update : Norton Removal Tool "SymUninst.exe" $B$r
(microsoft.public.jp.windowsupdate $B%K%e!<%9%0%k!<%W(B, 2005.11.14)

$B!!(BNorton $B%7%j!<%:$N:o=|%D!<%k(B SymUninst.exe $B$r(B Windows 2000 $B$G;HMQ$9$k$H!"(BSymUninst.exe $B$,(B

$B#1!%(B[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Svchost]$B%-!<$NCM(B"netsvcs"$B$N%G!<%?$+$i!"!V(BBITS$B!W$r:o=|$9$k!#(B
$B#2!%(B[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS]$B%-!<$r:o=|$9$k!#(B

$B$?$a$K!"(BWindows Update $B$G$N%@%&%s%m!<%I$,$G$-$J$/$J$C$F$7$^$&$=$&$G$9!#(B $B2sI|$9$k$K$O!"0J2<$r

$B#1!%(B$BJ8=qHV9f!'(B875562 $B$K=>$$(B SvcHost $B%W%m%;%9$K(B BITS $B%5!<%S%9$rDI2C$9$k!#(B
$B#2!%@5>o$J(B Windows2000 $B%7%9%F%`$+$i(B $B!!!!(B[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS]$B%-!<$r%$%s%]!<%H$9$k!#(B

$B!!$^$?(B Windows XP $B$G(B SymUninst.exe $B$r;HMQ$7$?>l9g$K$O!"(B [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS] $B%-!<$@$1$,:o=|$5$l$k$=$&$G$9!#(B

$B!!:#$G$O(B SymUninst.exe $B$OB8:_$7$J$/$J$C$F$*$j!"?7$7$$(B Norton $B:o=|%D!<%k(B SymNRT.exe $B$K$O$3$N7g4Y$O$J$$$=$&$G$9!#(B

$B"#(B 2005.11.20

$B"#(B 2005.11.18

$B"#(B IE$B$d(BOpera$B$K%9%F!<%?%9!&%P!<$r56Au$G$-$kLdBj(B
($BF|7P(B IT Pro, 2005.11.17)

$B!!$R$5$S$5$N%9%F!<%?%9%P!<56Au$M$?!#(B IE 5.01 / 6.x, Opera 8.x, Safari 2.x $B$G$R$C$+$+$kLOMM!#(BMozilla / Firefox $B$O$@$$$8$g$&$V$_$?$$!#(B$B%F%9%H%Z!<%8(B$B!#(B

$B!!4XO"(B: $B%9%F!<%?%9%P!<56Au7O(B ($B4{=P(B) ($B?eL57n$P$1$i$N$($SF|5-(B, 2005.11.18)$B!#

2005.11.21 $BDI5-(B:

$B!!(BSafari 1.3.1 (v312.3.1) $B$d(B iCab2.9.8 $B$b$@$a$@$=$&$G$9!#(BRay $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B $BDI5-(B

[Full-disclosure] iDEFENSE Security Advisory 11.15.05: Multiple Vendor Insecure Call to CreateProcess() Vulnerability

$B!!(BRealPlayer CreateProcess() Security Vulnerability. (RealNetworks, 2005.11.17)

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B"#(B $B%;%-%e%j%F%#!&%W%m%H%3%k$N
($BF|7P(B IT Pro, 2005.11.17)

$B!!3Fo$J%Q%1%C%H$r4^$^$;$k$H!"(BDoS $B$K$J$C$?$jG$0U$N%3!<%I$Nl9g$,$"$kLOMM!#1F6A$NEY9g$O%Y%s%@!<$K$h$j0[$J$k(B (DoS $B$N;vNc$,B?$$$h$&$@(B)$B!#(B $B$^$?(B IKEv2 $B$K$D$$$F$O%F%9%H$7$F$$$J$$$=$&$@!#(B

$B!!2?$,$I$3$GLdBj$K$J$k$N$+!"(BNISCC Vulnerability Advisory 273756/NISCC/ISAKMP $B$d(B Multiple Vulnerability Issues in Implementations of ISAKMP Protocol (NISCC) $B$rD/$a$F$b$$$^$$$A$h$/$o$+$i$J$$$N$@$,!"(B In response to ISAKMP 'vulnerabilities' (bugtraq) $B$K$O$3$s$J5-=R$,(B:

The scope was further narrowed to IKE phase 1 with pre-shared secret authentication. Rationale behind this selection was:
IKE phase 1 does not require any special preconditions as phase 2 does. Additionally, phase 1 aggressive mode allows sending several payloads in the first packet.
IKE phase 1 authentication with pre-shared secret is required from all ISAKMP/IKE implementations.
Potential IKE vulnerabilites in above scope can be roughly categorised based on the on the IKE identity and shared secret:
A. Vulnerability does not require a valid identity nor a shared secret (greatest impact).
B. Vulnerability requires a valid identity but not the shared secret.
C. Vulnerability requires both a valid identity and the corresponding shared secret (smallest impact).

$B!!$=$&$$$&$o$1$J$N$+$I$&$+$h$/$o$+$i$J$$$,!"(BNISCC Vulnerability Advisory 273756/NISCC/ISAKMP $B$G$O4KOB:v$H$7$F$3$&=q$+$l$F$$$k!#(B

- If possible, use packet filters and accept ISAKMP negotiations only from trusted IP-addresses
- Avoid using "aggressive mode*" in phase 1

$B!!4XO"%"%I%P%$%6%j(B:

$B!!=q$/5$$,<:$;$k$[$I1F6A$,B?4t$K$o$?$C$F$$$k$N$G!"1F6A$9$k@=IJ$K$D$$$F$O>e5-$N4XO"%"%I%P%$%6%j$r;2>H!#(B Openswan $B$K$D$$$F$O(B JVN $B$K(B Advisory $B$,%j%s%/$5$l$F$$$k$1$I!"(B IPsec Tools (racoon) $B$K$D$$$F$O$3$A$i$r(B:

$B!!4XO">pJs(B:

2005.11.22 $BDI5-(B:

$B"#(B 2005.11.17

$B"#(B $B%^%$%/%m%=%U%H%;%-%e%j%F%#%"%I%P%$%6%j(B (911052) RPC $B$K$h$k%a%b%j$N3d$jEv$F$N%5!<%S%95qH](B
(Microsoft, 2005.11.17)

$B!!$3$l$N$3$H$G$7$g$&$+(B: memory leak and eventual DOS when calling UPNP getdevicelist on windows 2000 server $B$H!"(B$BD{@55-;v(B$B!#(B

$B"#(B iDEFENSE Security Advisory 11.15.05: Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability
(Wed, 16 Nov 2005 07:49:01 +0900)

$B!!(BGTK+ 2.4.0 ($B0JA0(B?) $B$K7g4Y!#(B GTK+ $B$K$*$1$k(B XPM $B2hA|$N=hM}$K7g4Y$,$"$j!"96N,(B XPM $B%U%!%$%k$K$h$C$FG$0U$N%3!<%I$rCAN-2005-3186

fix / patch:

$B"#(B [Full-disclosure] iDEFENSE Security Advisory 11.15.05: Multiple Vendor Insecure Call to CreateProcess() Vulnerability
(Wed, 16 Nov 2005 07:49:41 +0900)

$B!!$$$/$D$+$NCxL>$J%"%W%j$K$*$$$F!"(BCreateProcess() $B$d(B CreateProcessAsUser() $B$rIT0BA4$J$d$jJ}$G;H$C$F$$$k!"$H$$$&OC!#5s$2$i$l$F$$$k$N$O(B:

$B!!$3$N$&$A(B

$B$@$=$&$G$9!#(B

2005.11.18 $BDI5-(B:

$B!!(BRealPlayer CreateProcess() Security Vulnerability. (RealNetworks, 2005.11.17)

$B"#(B $B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<$O%9%Q%$%&%'%"$+!)(B
($B@1_7M5Fs%a%b(B, 2005.11.16)

$B%"%/%;%9$7$?(BWeb$B%5%$%H$N(BURL$B$r%H%l%s%I%^%$%/%m$KAw?.$7$F$$$k$3$H$O4V0c$$$J$$!#$3$N;EMM$K%1%A$r$D$1$k$D$b$j$O$J$$!#LdBj$O!"B?$/$N%f!<%6$,$3$N;EMM$K$D$$$FCN$i$J$$$H$$$&$3$H$@!#A02s$b=q$$$?$,!"$3$N$3$H$K$D$$$F%^%K%e%"%k$KL@3N$J5-=R$O$J$$$7!"%$%s%9%H!<%k;~$K@bL@$b$J$$!#$3$l$G$O%9%Q%$%&%'%"$d%"%I%&%'%"$HF1$8$G$O$J$$$+!#(B

$B!!IaCJ$O?7$7$$%&%$%k%9%P%9%?!<$O(B 3 $B$+7n$O?2$+$;$k$N$G$9$,!">e5-$r3NG'$7$?$+$C$?$N$G%$%s%9%H!<%k$7$F$_$^$7$?!#!D!D3N$+$K!"@bL@$5$l$^$;$s$M!#(B

2005.11.25 $BDI5-(B:

$B!!$D$E$-$N5-;v(B:

$B!!$=$7$F$5$-$[$I!"0J2<$N%5%]!<%H>pJs$,8x3+$5$l$^$7$?!#(B

$B!!%"%/%;%9@h(B URL $B$H%"%/%;%9@h(BIP$B%"%I%l%9$,%H%l%s%I%^%$%/%m$KAw$i$l$k;EMM$@$=$&$G$9!#(B

2005.11.26 $BDI5-(B:

$B!!%H%l%s%I%^%$%/%m$O!"?7$7$$(B EULA $B$rMQ0U$7$F!"MxMQ

$B!!$A$J$_$K5=BP:v%D!<%k%P!<$OL58z$K$7$F$7$^$C$?!#(B $B%j%/%(%9%HKh$K$$$A$$$A(B WAN $B7PM3$GLd$$$"$o$;$9$k$H$$$&;EMM$O$J$"!D!D!#(B $B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<(B ($B@1_7M5Fs%a%b(B, 2005.11.02) $B$K$O(B tis14-JP.url.trendmicro.com $B$H$$$&L>A0$,=P$F$/$k$N$GD4$Y$F$_$k$H!"(B 

% host tis14-JP.url.trendmicro.com
tis14-JP.url.trendmicro.com is a nickname for trendmicro.georedirector.akadns.net
trendmicro.georedirector.akadns.net is a nickname for trendmicro.com.edgesuite.net
trendmicro.com.edgesuite.net is a nickname for a151.g.akamai.net
a151.g.akamai.net has address 60.254.129.103
a151.g.akamai.net has address 60.254.129.102

$B!!(Bakamai $B2=$5$l$F$O$$$k$h$&$G$9$,!D!D!#(B

2005.12.04 $BDI5-(B:

$B!!(BTTFOXZ$B$NF|5-(B $B$H$$$&%Z!<%8$,!"@1_7;a$d9bLZ;a$N;XE&$KBP$7$F8@5Z$7$F$$$k$,!"@5D>$K8@$C$F!"$h$1$$$J;v$r=q$-$9$.$F$$$k$h$&$K;W$&!#(B

$B!!:#2s$NLdBj$N:,K\$r$b$&$$$A$I8+$F$_$h$&!#(B $B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<$O%9%Q%$%&%'%"$+!)(B ($B@1_7M5Fs%a%b(B, 2005.11.16) $B$h$j(B:

$B%"%/%;%9$7$?(BWeb$B%5%$%H$N(BURL$B$r%H%l%s%I%^%$%/%m$KAw?.$7$F$$$k$3$H$O4V0c$$$J$$!#$3$N;EMM$K%1%A$r$D$1$k$D$b$j$O$J$$!#LdBj$O!"B?$/$N%f!<%6$,$3$N;EMM$K$D$$$FCN$i$J$$$H$$$&$3$H$@!#A02s$b=q$$$?$,!"$3$N$3$H$K$D$$$F%^%K%e%"%k$KL@3N$J5-=R$O$J$$$7!"%$%s%9%H!<%k;~$K@bL@$b$J$$!#$3$l$G$O%9%Q%$%&%'%"$d%"%I%&%'%"$HF1$8$G$O$J$$$+!#(B

$B!!%f!<%6$N%"%/%;%9@h(B URL $B>pJs$r(B$BBh;0 ($B%H%l%s%I%^%$%/%m(B) $B$K(B$BL5CG$G(B$BAw?.$7$F$$$k$N$O!V%9%Q%$%&%'%"$d%"%I%&%'%"$HF1$8$G$O$J$$$+!W$H$$$&;XE&$@!#$3$&$$$&$3$H$r9T$&$N$G$"$l$P!"DL>o$O!"@=IJ$N%$%s%9%H!<%k;~$d$B0-0U$N$"$k%=%U%H%&%'%"$N:o=|%D!<%k(B$B$N(B EULA $B$K$O$3$&$"$k(B ($B2hA|(B$B!#l9g$O!"(BIE $B$G%"%/%;%9$7!":o=|%D!<%k$r(B web $B>e$G

$B%W%i%$%P%7!<$K4X$9$kDLCN(B $BK\%=%U%H%&%'%"$,$*5RMM$N%G%P%$%9$G0-0U$N$"$k%W%m%0%i%`$NB8:_$r3NG'$9$k$H$-!"$*5RMM$N%G%P%$%9$G0-0U$N$"$k%W%m%0%i%`$,H/8+$*$h$S=|5n$5$l$?$+$I$&$+$r$*5RMM$KJs9p$9$k$?$a$K$N$_!"$*5RMM$N%G%P%$%9$+$i>pJs$,<}=8$5$l$^$9!#$7$+$7!"%^%$%/%m%=%U%H$O!"K\%=%U%H%&%'%"$N;HMQ$K4X$9$kE}7W%G!<%?$r<}=8!"8x3+$9$k>l9g$,$"$j$^$9!#$*5RMM$N$44uK>$K$h$j!"K\%=%U%H%&%'%"$NJs9p5!G=$r(B http://go.microsoft.com/fwlink/?LinkID=39987 $B$N;X<($K=>$C$FL58z$K$9$k$3$H$,$G$-$^$9!#(B

$BF10U$r5a$a!"$^$?(B Microsoft $B$X$N>pJsDs6!$rL58z$K$9$kJ}K!$bDs6!$7$F$$$k(B ($Be$KCf?H$r$h$/FI$^$J$1$l$P$J$i$J$$$N$,%"%l$G$O$"$k$,!D!D!#(BKB891716 $B$N(B FAQ $B$N(B Q3 $B$,$=$l(B)$B!#(B

$B!!7+$jJV$7$K$J$k$,!"%H%l%s%I%^%$%/%m$O!"?7$7$$(B EULA $B$rMQ0U$7$F!"MxMQ$B%5%]!<%H>pJs(B$B$,=P$F$$$k$b$N$N!"$[$H$s$I$N%f!<%6$O5$$,$D$$$F$$$J$$$N$,8=>u$@$m$&!#(B $B:GDc$G$b!"$3$N%5%]!<%H>pJs$NB8:_$rA4EPO?%f!<%6$K%a!<%k$GCN$i$;$k!"$/$i$$$N$3$H$O$7$?J}$,$$$$$H;W$&!#(B

$B!!(BTTFOXZ$B$NF|5-(B $B$G$O!"(B2005-11-28 $B$K(B

$B$M$'@1_7$5$s!#(BPhishWall$B$G$O$I$s$J>pJs$rAw?.$7$F$$$k$s$G$9$+!)(B
$B;d$,:rF|$N%V%m%0$r=q$$$?;~E@$G$O!"%;%-%e%"%V%l%$%s$N%5%$%H$+$iF@$i$l$k>pJs$O40A4$KITB-$7$F$$$?!J:#8e!"2~NI99?7$5$l$k$+$b$7$l$J$$$,!&!&!K!#(B

$B$H=q$$$F$$$k$,!"(B$B%;%-%e%"%V%l%$%s%[!<%`%Z!<%8(B $B$N(BPhishWall $B$r$?$I$k$H8=$l$k%Z!<%8$N:8%a%K%e!<$K$"$k(B PhishWall $B%5!<%P(B $B$K$"$k@bL@$r8+$k8B$j$G$O!"2?$r$I$3$KAw$C$F$$$k$+$OL@3N$@$7!"Bh;0pJs$,Aw$i$l$k$h$&$K$b$J$C$F$$$J$$!#(B $B$3$N%Z!<%8$O:rF|:#F|$G$-$?$b$N$G$O$J$$$O$:$@$,!"(B $B$I$N$"$?$j$r8+$k$H!V;d$,:rF|$N%V%m%0$r=q$$$?;~E@$G$O!"%;%-%e%"%V%l%$%s$N%5%$%H$+$iF@$i$l$k>pJs$O40A4$KITB-$7$F$$$?!W$H$$$&5-=R$,@8$^$l$k$N$+!";d$K$O$h$/$o$+$i$J$$!#(B

$B!!$A$J$_$K!"(BPhishWall $B$N%@%&%s%m!<%I%Z!<%8$O(B $B$3$3(B (kddi.ne.jp)$B!"(B EULA $B$O(B$B$3$3(B (kddi.ne.jp) $B$K$"$k!#%@%&%s%m!<%I%Z!<%8$b(B EULA $B$b(B securebrain.co.jp $B$K$O$J$$!D!D$H$$$&$"$?$j$O%D%C%3%_$I$3$m$N$h$&$K;W$&$N$@$,!"(BTTFOXZ $B;a$O$=$&$$$&$H$3$m$K$O6=L#$O$J$$$h$&$@!#(B

2005.12.04 $BDI5-(B 2:

$B!!4XO">pJs(B:

2005.12.27 $BDI5-(B:

$B!!4XO"5-;v(B:

$B!!$5$F!"%&%$%k%9%P%9%?!<%/%i%V2q0w08$K!"(B2005.12.21 $BIU$G!V%&%$%k%9%P%9%?!<%/%i%V%K%e!<%9(B2005$BG/(B 12$B7n!W$,FO$$$?!#EPO?%f!<%608$N%K%e!<%9%l%?!<$J$N$@$+$i!":#2s$N$h$&$J;v0F$K4X$9$k0FFb$K$O$b$C$F$3$$$N$O$:$@!#$@$+$i2?$,=q$+$l$F$$$k$+(B ($B=q$+$l$F$$$J$$$+(B) $B$K$O6=L#$,M/$$$?!#$=$NCf?H$O!D!D(B 

$B(.(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(/(B
 $B!Z#1![%&%$%k%9%P%9%?!<(B2006$B$N?75!G=!'%U%#%C%7%s%0:>5=BP:v(B/$B%9%Q%$%&%'%"BP:v(B
$B(1(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(0(B
$B"#5=!#(B
$B!!%&%$%k%9%P%9%?!<(B2006$B$G$O!"?7$?$K!V%U%#%C%7%s%0:>5=BP:v!W5!G=$rEk:\(B
$B!!$7$^$7$?!#(B
$B!!(Bhttp://www.trendmicro.co.jp/consumer/products/vb/goodnews/security/phishing/

$B!!!z%U%#%C%7%s%0:>5=$H$O!)(B
$B!!6bM;5!4X$d%7%g%C%T%s%0%5%$%H$J$I$rAu$C$?%a!<%k$rAw$j!"$=$3$K%j%s%/$r(B
$B!!E=$jIU$1$F%K%;$N%5%$%H$KM6$$=P$7!"%/%l%8%C%H%+!<%IHV9f$d%Q%9%o!<%I(B
$B!!$J$I$r$@$^$75=9T0Y$G$9!#(B
$B!!(Bhttp://www.trendmicro.com/jp/support/vbc/monthly/sclass/backnumber/sclass0502.htm

$B!!$^$:Bh0l$K5!G=$N@kEA(B ($B$@$1(B) $B$G$9$+!D!D!#(B $B$3$3$G(B solutionId=12478 $B$K?($l$k$H$$$& 

$B(.(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(/(B
 $B!Z#7![%&%$%k%9%P%9%?!pJs$d!"%H%i%V%kH/@8;~$K;29M$H$J$k(B
$B!!>pJs!"%&%$%k%9%P%9%?!<%/%i%V%;%s%?!<$KB?$/4s$;$i$l$k$*Ld$$9g$o$;$r(B
 $B!V@=IJ(BQ&A$B!W$H$7$F8x3+$7$F$$$^$9!#>pJs$O>o$K99?7$5$l$F$$$^$9!#(B
$B!!:G6aDI2C$5$l$?@=IJ(BQ&A$B$NCf$+$i!"FC$K$*Ld$$9g$o$;$NB?$$$b$N$r$4>R2p(B
$B!!$7$^$9!#(B

$B"!l9g$K!"85$N@_Dj$KLa$9$K$O(B
$B!!(Bhttp://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId=12470

$B"!(B[URL$B%U%#%k%?(B]$B$J$i$S$K(B[$B%U%#%C%7%s%0BP:v%D!<%k%P!<(B]$B$K$h$C$F%H%l%s%I(B
$B!!%^%$%/%m$XAw?.$5$l$k>pJs$H07$$$K$D$$$F(B
$B!!(Bhttp://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId=12478

$B!!$3$l$G$O!"$U$D$&$N%f!<%6$O8+F($7$F$7$^$&$@$m$&!#(B $B$;$C$+$/$-$A$s$H9pCN$9$k%A%c%s%9$@$C$?$N$K!#(B solutionId=12478 $B$rFHN)$5$;$FBg9`L\$K$9$l$P!"B?$/$N?M$K5$$E$$$F$b$i$($k$O$:$J$N$K$J$"!#(B

2006.02.07 $BDI5-(B:

$B!!(B$B1\Mw$7$F$$$k%Z!<%8$N(BURL$B$rAw?.$9$k%D!<%k%P! ($B9bLZ9@8w!w<+Bp$NF|5-(B, 2006.02.05) $B$N$&$7$m$NJ}$K!"4XO">pJs$,$"$k!#(B $B%&%$%k%9%P%9%?!<(B 2006 $B$K!"$$$D$N$^$K$+!"5-=R$,>/$7DI2C$5$l$?$h$&$@!#(B $B$7$+$7$3$l$G$O!"HNGdEv=i$+$i;H$C$F$$$k?M$K$OEA$o$i$J$$$7!D!D!#(B

2006.09.04 $BDI5-(B:

$B!!(B$B%&%$%k%9%P%9%?!<(B2007 $B%U%!!<%9%H!&%$%s%W%l%C%7%g%s(B (MYCOM $B%8%c!<%J%k(B, 2006.09.02)$B!#%&%$%k%9%P%9%?!<(B2007 $B$G$O!"$-$A$s$H@bL@$5$l$k$h$&$K$J$C$F$$$k$h$&$G$9!#(B

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2005.11.11)

$B!!(BJVN#25106961: Kent Web PostMail $B$K$*$1$k%a!<%kBh;0 (JVN) $B$N7o$@$,!"F?L>4uK>$5$s(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B) $B$K$h$k$H!"(B 2.x $B$J$I$b4^$`(B 3.1 $B0JA0$K$O!"3+H/85$,(B 3.3 $B$GBP1~$7$?$b$N$H$OJL$N7g4Y$,$"$k$=$&$@!#(B PostMail $B$N%Z!<%8$G$O(B Ver: 2.41 $B!Z5lHG![$,G[I[$5$l$F$$$k$,!"$3$l$O;H$o$:!":G?7$N(B 3.3 $B$r;H$&$N$,$h$$LOMM!#(B JVN $B$G$O3N$+$K!V1F6A$r

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B"#(B 2005.11.16

$B"#(B UNICODE $B%P%0(B
(Sanaki's Private Home Page, 2005.11.15)

$B!!:G6a:F$S5S8w$rMa$S$D$D$"$k(B (?) UNICODE $B%P%0$K4X$9$k!":4L>LZ$5$s$N$^$H$a!#(B $B$3$&$$$&$N$O8+F($5$l$d$9$$$H;W$&$N$GCm0U$,I,MW!#0lFI$7$F$*$-$^$7$g$&!#(B

$B!!4XO"(B: [connect24h:10021]

$B"#(B 2005.11.14

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B"#(B 2005.11.12

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

Macromedia Flash Player$BIT@5%a%b%j%"%/%;%9@H

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (910550): Macromedia Security Bulletin: MPSB05-07 Flash Player 7 $B$NITE,@Z$J%a%b%j(B $B%"%/%;%9$N@H (Microsoft, 2005.11.10)$B!#(B

$B"#(B 2005.11.11

$B"#(B $B$$$m$$$m(B (2005.11.11)
(various)

2005.11.17 $BDI5-(B:

$B!!(BJVN#25106961: Kent Web PostMail $B$K$*$1$k%a!<%kBh;0 (JVN) $B$N7o$@$,!"F?L>4uK>$5$s(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B) $B$K$h$k$H!"(B 2.x $B$J$I$b4^$`(B 3.1 $B0JA0$K$OJL$N7g4Y$,$"$k$=$&$@!#(B PostMail $B$N%Z!<%8$G$O(B Ver: 2.41 $B!Z5lHG![$,G[I[$5$l$F$$$k$,!"$3$l$O;H$o$:!":G?7$N(B 3.3 $B$r;H$&$N$,$h$$LOMM!#(B JVN $B$G$O3N$+$K!V1F6A$r

$B"#(B RealNetworks, Inc.$B!"%;%-%e%j%F%#@H
(RealNetworks, 2005.11.10)

$B!!(BRealPlayer 8 / 10 / 10.5, RealOne Player v1 / v2, RealPlayer Enterprise, Helix Player $B$K7g4Y!#(B

$B!!(BRealPlayer 10.5 / Mac OS X $BMQ(B RealPlayer 10 / Linux $BMQ(B RealPlayer 10 / Linux $BMQ(B Helix Player / RealPlayer Enterprise $B$K$D$$$F$O=$@5HG$,MQ0U$5$l$F$$$k$h$&$@!#$=$NB>$N%P!<%8%g%s$K$D$$$F$O!":G?7HG$N(B RealPlayer $B$K0\9T$9$kI,MW$,$"$k$h$&$@!#(B

$B"#(B $BDI5-(B

SYM05-024: Exploitation of a buffer overflow vulnerability in VERITAS NetBackup (tm) Enterprise Server/Server 5.0 and 5.1 could potentially lead to a remote Denial Of Service or remote code

$B!!4XO"(B: [Full-disclosure] iDEFENSE Security Advisory 11.10.05: Stack Overflow in Veritas Netbackup Enterprise Server

[memo:8855] KB896424 (MS05-053) patch $B$,(B SUS $B$KN.$l$F$3$J$$(B

$B!!4XO"5-;v(B:

The "Sony rootkit" case

$B!!%^%k%&%'%"$^$H$a(B:

$B!!4XO"5-;v(B:

$B"#(B 2005.11.10

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

  • SONY BMG$B!"(BDRM$B%=%U%H$N(Brootkit$BLdBj$G?7%Q%C%A!"HcH=$O<}$^$i$:(B (ITmedia, 2005.11.09)

    $B!!!V$[$H$s$I$N?M$O(Brootkit$B$H$O2?$+$rCN$i$J$$$N$@$+$i!"5$$K3]$1$?$j$7$J$$$N$G$O$J$$$+!W$H(BSONY BMG$B$N%0%m!<%P%k%G%8%?%k%S%8%M%9C4Ev

    $B!!2P$KL}$rCm$$$G$$$k$h$&$K$7$+J9$3$($J$$$N$@$,!"2?$,LdBj$H$5$l$F$$$k$N$+!"$3$N?M$OM}2r$7$F$$$k$N$@$m$&$+!D!D!#(B

    $B!!(BSONY BMG$B$O!"$^$:(BCD$B$K(Brootkit$B5!G=$rEk:\$7$F$7$/$8$j!"$3$N%W%m%0%i%`$KBP$9$kHcH=$X$NBP1~$G=}8}$r9-$2$?$H!"(BCA$B$N(BeTrust Security Management$BC4EvI{ $B!!!V$$$$2C8:$KL\$r3P$^$7$F$b$i$$$?$$!#(BSONY BMG$B$O8D?M%f!<%6!<$H4k6H%f!<%6!<$N8"Mx$KBP$9$kM}2r$,0l4S$7$F7g$1$F$$$k!W!JF1;a!K(B

    $B!!(BSONY $B$NCf$N?M$K$OJ9$3$($F$$$k$N$@$m$&$+!#(B

  • SONY BMG$B!"(Brootkit$BE*(BDRM$B$a$0$jAJ$($i$l$k(B (ITmedia, 2005.11.10)

  • $B$D$$$K!"(BSONY rootkit $B$rMxMQ$9$k%^%k%&%'%"$,EP>l$7$?$h$&$G$9!#(B

[memo:8855] KB896424 (MS05-053) patch $B$,(B SUS $B$KN.$l$F$3$J$$(B

$B!!(B2005.11.10 10:45 AM $B8=:_!"$^$@D>$C$F$J$$$G$9$M!D!D(B orz$B!#(B $B4XO"(B:

$B!!(B2005.11.10 21:00 $B8=:_!"$^$@D>$C$F$J$$$G$9$M!D!D(B orz$B!#(B

  • $B$J$$B$=$b$=$b$J$<$3$N$h$&$J>u67$K$J$C$?$N$+(B? ($B$J$

    $B$K4X$9$k@bL@$,I,MW$@$h$J$"!#$$$d!"D>$C$F$+$i$G$$$$$1$I!#(B

    $B!!(B2005.11.10 21:55$B!"$D$$$KD>$C$?$h$&$G$9!#(BSUS $B$G(B patch $B$,N.$l$F$-$F$$$^$9!#(B(^^)

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B Graphics Rendering Engine $B$N@H
(Microsoft, 2005.11.09)

$B!!(BWindows 2000 / XP / Server 2003 $B$K(B 3 $B$D$N7g4Y!#(B

$B!!=$@5%W%m%0%i%`$,$"$k$N$GE,MQ$9$l$P$h$$!#$?$@$7(B SUS $B$G$O:#$@$KG[I[$5$l$F$$$J$$$h$&$J$N$GCm0U!#4XO"(B:

$B"#(B 2005.11.09

$B"#(B [memo:8855] KB896424 (MS05-053) patch $B$,(B SUS $B$KN.$l$F$3$J$$(B
(memo ML, Wed, 09 Nov 2005 18:17:26 +0900)

$B!!(BSUS $B$K$O$J$<$+(B KB896424 (MS05-053) patch $B$,N.$l$F$-$F$$$J$$$h$&$G$9!#(B $B2?EYF14|$r$+$1$F$b!V(BSoftware Update Services $B$O:G?7$N>uBV$G$9!#F14|Cf$KJQ99$9$kI,MW$O$"$j$^$;$s!#!W$H8@$o$l$F$7$^$$$^$9(B ($BF?L>4uK>$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)$B!#"v$J$s$G$@$m!A(B

$B!!(BWSUS $B$K$OLdBj$J$/N.$l$F$-$F$$$k$3$H$r3NG'$7$F$$$^$9!#$&!<$`$`$`!D!D!#(B

$B!!!D!D$3$N7o$G$9$,!"?.Mj$G$-$k6Z$+$i$N>pJs$K$h$k$H!"(BMicrosoft $B$G$b>u67$rGD0.$7$F$*$j!"8=:_BP1~:n6HCf$N$h$&$G$9!#(B ($B?.Mj$G$-$k6Z$NJ}!">pJs$"$j$,$H$&$4$6$$$^$9(B)

2005.11.10 $BDI5-(B:

$B!!(B2005.11.10 10:45 AM $B8=:_!"$^$@D>$C$F$J$$$G$9$M!D!D(B orz$B!#(B $B4XO"(B:

$B!!(B2005.11.10 21:00 $B8=:_!"$^$@D>$C$F$J$$$G$9$M!D!D(B orz$B!#(B

  • $B$J$$B$=$b$=$b$J$<$3$N$h$&$J>u67$K$J$C$?$N$+(B? ($B$J$

    $B$K4X$9$k@bL@$,I,MW$@$h$J$"!#$$$d!"D>$C$F$+$i$G$$$$$1$I!#(B

    $B!!(B2005.11.10 21:55$B!"$D$$$KD>$C$?$h$&$G$9!#(BSUS $B$G(B patch $B$,N.$l$F$-$F$$$^$9!#(B(^^)

    2005.11.11 $BDI5-(B:

    $B!!4XO"5-;v(B:

$B"#(B 2005 $BG/(B 11 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2005.11.09)

$B!!%;%-%e%j%F%#4X78(B:

$B!!!V%;%-%e%j%F%#0J30$NM%@hEY$N9b$$(B 2 $B$D$N99?7%W%m%0%i%`!W$O$3$l$+(B?

$B!!(BOffice 2003 $B$N(B $B%"%C%W%G!<%H(B (Microsoft) $B$r8+$k$H!"(B $B!V(BMicrosoft IME 2003 $B:G?78l<-=q99?7(B 2005 $BG/(B 11 $B7nHG!W(B $B$H$+(B $B!V(BContent Management Server 2002 Service Pack 2$B!W(B $B$H$+$b=P$F$^$9$M!#(B

$B!!$"$H!"(B.NET Framework 2.0 $B$H$+(B WMDRM $BBP1~(B Media Player $BMQ$N99?7%W%m%0%i%`(B (KB891122) $B$b=P$F$$$k$h$&$G$9$M!#(B

$B!!4XO"5-;v(B:

$B"#(B SYM05-024: Exploitation of a buffer overflow vulnerability in VERITAS NetBackup (tm) Enterprise Server/Server 5.0 and 5.1 could potentially lead to a remote Denial Of Service or remote code
(Symantec, 2005.11.08)

$B!!(BVERITAS NetBackup 5.0 / 5.1 $B$K7g4Y!#(B NetBackup 5.0 / 5.1 $B$N(B volume manager daemon (vmd) $B$K(B buffer overflow $B$9$k7g4Y$,$"$j!"(B $BG$0U$N%3!<%I$r

$B!!(BNetBackup 5.0 / 5.1 $BMQ$N

$B!!!D!DF|K\8lHG=P$^$7$?(B: SYM05-024: VERITAS NetBackup 5.x $B!'(B Volume Manager Daemon $B$,;HMQ$9$k6&M-%i%$%V%i%j$K%P%C%U%!!&%*!<%P!<%U%m!<$N@H ($B%7%^%s%F%C%/(B)$B!#(B

2005.11.11 $BDI5-(B:

$B!!4XO"(B: [Full-disclosure] iDEFENSE Security Advisory 11.10.05: Stack Overflow in Veritas Netbackup Enterprise Server

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!(B $B%=%K!<$,2;3Z(BCD$B$KAH$_9~$s$@!H(BRootkit$B!I$H$O2? (@IT, 2005.11.09)$B!#(BMark Russinovich $B;a$K$h$k(B Sony, Rootkits and Digital Rights Management Gone Too Far (Mark's Sysinternals Blog, 2005.10.31) $B$NK]LuHG!#(B

$B"#(B Oracle October 2005 CPU Problems
(NGSSoftware, 2005.11.09)

$B!!(BOracle 8.1.7.4 $B$KBP$7$F(B Critical Patch Update - October 2005 $B$rE,MQ$7$F$b!"%$%s%9%H!<%k%9%/%j%W%H$NITHw$N$?$a$K!"(BOracle Text (CTXSYS) $B%3%s%]!<%M%s%H$KBP$7$F$&$^$/(B patch $B$,$"$?$i$J$$!"$H$$$&OC$,$"$kLOMM!#(B

$B"#(B [sylpheed-jp:03221] [SECURITY] Sylpheed 2.0.4 / 1.0.6 released
(sylpheed-jp ML, Tue, 8 Nov 2005 16:27:23 +0900)

$B!!(BSylpheed 0.6.4 $B0J9_$K7g4Y!#(B LDIF$B%U%!%$%k$r%$%s%]!<%H$9$k:]$K(B buffer overflow $B$,H/@8$9$k!#(B $B;3:j$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!(BSylpheed 2.0.4, 2.1.6, 1.0.6 $B$K$*$$$F=$@5$5$l$F$$$k!#(B $B4XO"(B:

$B"#(B 2005.11.08

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

Macromedia Flash Player$BIT@5%a%b%j%"%/%;%9@H

$B!!(BMacromedia Player Licensing (macromedia.com) $B$G%i%$%;%s%9$rHandler's Diary November 8th 2005)

Black Hat Japan 2005 - Unicode$B@)8fJ8;z$K$h$k(BDirectory Traversal$B967b(B

$B!!0K86$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B):

Mycom $B$,(B Unicode $B@)8fJ8;z$H4*0c$$$7$F!"%?%$%H%k$NIU$1J}$r4V0c$($F$$$k$N$O$5$F$*$-!"(B"$B9M0F
http://d.hatena.ne.jp/hasegawayosuke/20051108#1131410804
ClamAV $B$KJ#?t$N7g4Y(B

$B!!(BOLE2 unpacker $B$G(B DoS $B$K$J$k7g4Y(B CAN-2005-3239 $B$b=$@5$5$l$F$$$k$=$&$G$9!#$?$@$7!"(BClamAV $B$N%G%U%)%k%H@_Dj$G$O$3$N7g4Y$OH/8=$7$J$$$=$&$G$9!#(B

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B 2005.11.07

$B"#(B Black Hat Japan 2005 - Unicode$B@)8fJ8;z$K$h$k(BDirectory Traversal$B967b(B
(MYCOM PC WEB, 2005.11.07)

$B!!@hF|$N(B JVN#18282718: Hyper Estraier $B$K$*$1$k%G%#%l%/%H%j%H%i%P!<%5%k(B/$B%5!<%S%9ITG=$N@H $B$N$h$&$J;vNc$O$4$m$4$mE>$,$C$F$$$k$C$F$3$H$J$N$+$J!D!D!#(B

2005.11.08 $BDI5-(B:

$B!!0K86$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B):

Mycom $B$,(B Unicode $B@)8fJ8;z$H4*0c$$$7$F!"%?%$%H%k$NIU$1J}$r4V0c$($F$$$k$N$O$5$F$*$-!"(B"$B9M0F
http://d.hatena.ne.jp/hasegawayosuke/20051108#1131410804

$B"#(B ClamAV $B$KJ#?t$N7g4Y(B
(various)

$B!!(BClamAV $B$KJ#?t$N7g4Y!#(B

$B!!$$$:$l$b(B ClamAV 0.87.1 $B$G=$@5$5$l$F$$$k!#(B

2005.11.08 $BDI5-(B:

$B!!(BOLE2 unpacker $B$G(B DoS $B$K$J$k7g4Y(B CAN-2005-3239 $B$b=$@5$5$l$F$$$k$=$&$G$9!#$?$@$7!"(BClamAV $B$N%G%U%)%k%H@_Dj$G$O$3$N7g4Y$OH/8=$7$J$$$=$&$G$9!#(B

$B"#(B QuickTime$B$KJ#?t$N%;%-%e%j%F%#!&%[!<%k!$(BMac$BHG$H(BWindows$BHG$NN>J}$,1F6A$r
($BF|7P(B IT Pro, 2005.11.04)

$B!!(BQuickTime 7.0.2 $B0JA0$K(B 4 $B$D$N7g4Y!#(B

$B!!:G?7$N(B QuickTime 7.0.3 $B$G=$@5$5$l$F$$$k!#(B$B%@%&%s%m!<%I%Z!<%8(B$B$+$iF~

$B"#(B Macromedia Flash Player$BIT@5%a%b%j%"%/%;%9@H
(eEye, 2005.11.05)

$B!!(BMacromedia Flash Player 6, Flash Player 7 $B$K7g4Y!#(B $B96N,(B swf $B%U%!%$%k$K$h$C$FG$0U$N%3!<%I$rCAN-2005-2628$B!#9b66$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B eEye $B$G$O$"$/$^$G!V(BWindows $BHG(B Flash Player$B!W$N7g4Y$H$7$F$$$k$,!"(B $BBP1~$9$k(B MPSB05-07 Flash Player 7 Improper Memory Access Vulnerability (Macromedia) $B$G$O!"$=$N$h$&$J@)8B;v9`$O5-$5$l$F$$$J$$$?$a!"B>$N(B OS $BMQ$K$D$$$F$bF1MM$N7g4Y$,B8:_$9$k$H9M$($i$l$k!#(B

$B!!(BMPSB05-07 Flash Player 7 Improper Memory Access Vulnerability (Macromedia) $B$K$h$k$H!"(B

  • Flash Player 8 (8.0.22.0)
  • Flash Player 7 update (7.0.61.0 $B$^$?$O(B 7.0.60.0)

$B$K$*$$$F$O!"$3$N7g4Y$O=$@5$5$l$F$$$k$=$&$@!#(B Flash Player 8 $B$O(B $B%@%&%s%m!<%I%Z!<%8(B$B$+$i!"(B Flash Player 7 update $B$O(B Flash Player upgrade for operating systems that do not support Flash Player 8 $B$+$iF~http://www.macromedia.com/jp/software/flash/about/ $B$G3NG'$G$-$k!#(B

2005.11.08 $BDI5-(B:

$B!!(BMacromedia Player Licensing (macromedia.com) $B$G%i%$%;%s%9$rHandler's Diary November 8th 2005)

2005.11.12 $BDI5-(B:

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (910550): Macromedia Security Bulletin: MPSB05-07 Flash Player 7 $B$NITE,@Z$J%a%b%j(B $B%"%/%;%9$N@H (Microsoft, 2005.11.10)$B!#(B

$B"#(B 2005.11.06

$B"#(B XML-RPC for PHP Vulnerability Attack
(SANS ISC, 2005.11.05)

$B!!(BXML-RPC for PHP $B$N7g4Y(B ([SA15852] XML-RPC for PHP Unspecified PHP Code Execution Vulnerability, CVE: CAN-2005-1921) $B$r;H$C$FHK?#$9$k%o!<%`$,EP>l$7$?LOMM!#(B $B96N,$5$l$?;vNc(B: [memo:8842] $B%o!<%`$i$7$-$b$N$K=1$o$l$^$7$?(B$B!#(B XML-RPC for PHP $B$O$5$^$6$^$J(B PHP $B%"%W%j$GMxMQ$5$l$F$$$k$N$GCm0U$,I,MW!#(B

$B!!$3$N7g4Y$O(B

$B$N$@$,!"@$$NCfE*$K$O!"(B XML-RPC for PHP $B$d(B PEAR XML_RPC $B$N=$@5$H$7$F$G$O$J$/!"3F(B PHP $B%"%W%j<+?H$N=$@5$H$7$FBP1~$5$l$F$$$k>l9g$,>/$J$/$J$$$h$&$J$N$G$d$d$3$7$$!#$?$H$($P>e5-$N96N,$5$l$?;vNc(B (Debian / eGroupWare) $B$N>l9g$O!"(B [SECURITY] [DSA 747-1] New egroupware packages fix remote command execution $B$,3:Ev$9$k=$@5$H;W$o$l!#(B $B7g4Y$"$j(B PHP $B%"%W%j$N%j%9%H$O!"(B OSVDB ID: 17793 $B$d(B Bugtraq ID: 14088 $B$,;29M$K$J$kLOMM!#(B Bugtraq ID: 14088 $B$G$O(B CAN-2005-2116 $B$b;2>H$5$l$F$$$k$1$l$I!"$3$l$O(B CVE-2005-1921 $B$H=EJ#$7$F$$$k$+$i;H$&$J!"$H$5$l$F$$$k!#(B

$B!!

[Sat Nov 5 12:44:23 2005] [error] [client 61.229.xxx.xxx] File does not exist: /($BCfN,(B)/xmlrpc.php

$B"#(B 2005.11.04

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B
(Microsoft, 2005.11.04)

$B!!(B2005.11.09 $B$O(B Windows $B$,(B 1 $B7o!":GBg?<9oEY$O!V6[5^!W!":F5/F0$,I,MW!"$NM=Dj$@$=$&$G$9!#(B

$B!!$^$?!"Hs%;%-%e%j%F%#$J99?7%W%m%0%i%`$bJ#?tB8:_$9$k$h$&$G$9!#(B

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B"#(B 2005.11.02

$B"#(B $B$$$m$$$m(B
(varous)

$B"#(B $BDI5-(B

$BB??t$N%&%$%k%9BP:v%=%U%H$K%U%!%$%k$NCf?H$r%A%'%C%/$7$J$$@H

$B!!(BKaspersky $B$NBP1~(B: patch $B=`HwCf!#(B

$B!!4XO"5-;v(B: $B%;%-%e%j%F%#BP:v%=%U%H6H3&$G$b0U8+$,J,$+$l$k!V%^%8%C%/%P%$%H!WLdBj$H$O(B (CNET, 2005.11.01)

The "Sony rootkit" case

$B!!4XO"5-;v(B ($B$&$($`$i$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B):

$B!Z=EMW![HkJ8%7%j!<%:(B: Norton AntiVirus 2006$B$r$O$8$a$H$9$k%7%^%s%F%C%/

$B!!%7%^%s%F%C%/$+$i2sHr:v$,8x3+$5$l$?$h$&$G$9!#(B

$B"#(B PHP 4.x / 5.x $B$K!"CWL?E*$J$b$N$r4^$`J#?t$N7g4Y(B
(Hardened-PHP Project, 2005.10.31)

$B!!(BPHP 4.4.0 $B0J2<(B / PHP 5.0.5 $B0J2<$KJ#?t$N7g4Y$,H/8+$5$l$F$$$^$9!#(B

$B!!$$$:$l$b(B PHP 4.4.1 $B$G=$@5$5$l$F$$$^$9!#(B $B$^$?(B PHP$B$N8=9T%j%j!<%9$K=EBg$J@H (yohgaki's blog) $B$K!"(B Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability $B$N(B PHP 4.3.11 / 5.0.4 / 5.0.5 $BMQ$N(B patch $B$,7G:\$5$l$F$$$^$9(B ($BBg3@$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)$B!#(BPHP 5.x $BMQ(B patch $B$O(B CVS $B$+$i$N$b$N!"(BPHP 4.3.11 $BMQ(B patch $B$O(B 4.4.1 $B$+$i$N(B backport $B$@$=$&$G$9!#(B

$B!!$J$*!"(BPHP$B$N8=9T%j%j!<%9$K=EBg$J@H (yohgaki's blog) $B$K$h$k$H!"(B

PHP4$B$O(BPHP4.4.1$B$K%"%C%W%0%l!<%I$9$l$PBg>fIW$G$9!#(BPHP4.4.x$B$O%=!<%9$NKd$a9~$_Dj?t;2>H$N;EMM$,JQ99$5$l$F$$$k$?$a%W%m%0%i%`$,F0:n$7$J$/$J$k$3$H$,$"$j$^$9!#!JG0$N$?$a!K(B
($BCfN,(B)
PHP5.0.5$B$K$O(BPHP4.4.0$B$HF1MM$KKd$a9~$_Dj?t;2>H$N;EMM$,JQ99$5$l$F$$$^$9!#(BPHP 4.3 -> PHP 4.4$B$HF1$88_49@-LdBj$,(BPHP 5.0.4 -> PHP 5.0.5$B$GH/@8$7$^$9!#$3$N0Y(BPHP 5.0.4$B$H(BPHP 5.0.5$B$NN>J}$rMQ0U$7$^$7$?!#(B

$B$@$=$&$G$9!#(B

$B!!4XO"(B:

$B"#(B Advisory 17/2005: phpBB Multiple Vulnerabilities
(Hardened-PHP Project, Mon, 31 Oct 2005 09:16:37 +0900)

$B!!(BphpBB 2.0.17 $B0JA0$KJ#?t$N7g4Y$,$"$j!"(BPHP $B$G(B register_globals=on $B$J>l9g$K!"(B XSS $B$d(B SQL $B%$%s%8%'%/%7%g%s!"G$0U$N%3!<%I$N

$B!!(BphpBB 2.0.18 $B$G=$@5$5$l$F$$$k$h$&$@!#(BphpBB $B$N(B ChangeLog $B$r8+$F$b$$$^$$$A$h$/$o$+$i$J$$$1$I!#(B

$B"#(B 2005.11.01

$B"#(B The "Sony rootkit" case
(F-Secure blog, 2005.11.01)

Sony BMG is currently using a rootkit-based DRM system on some CD records sold in USA. As far as we know, this system has been in use since March 2005. We've made some test purchases for Sony BMG records from Amazon.com and can confirm that they contained this technology.

$B!!$&$R$c$"!D!D!#(BXCP DRM Software $B$@$=$&$G$9!#(B

2005.11.02 $BDI5-(B:

$B!!4XO"5-;v(B ($B$&$($`$i$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B):

2005.11.04 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.08 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.09 $BDI5-(B:

$B!!(B $B%=%K!<$,2;3Z(BCD$B$KAH$_9~$s$@!H(BRootkit$B!I$H$O2? (@IT, 2005.11.09)$B!#(BMark Russinovich $B;a$K$h$k(B Sony, Rootkits and Digital Rights Management Gone Too Far (Mark's Sysinternals Blog, 2005.10.31) $B$NK]LuHG!#(B

2005.11.10 $BDI5-(B:

$B!!4XO"5-;v(B:

  • SONY BMG$B!"(BDRM$B%=%U%H$N(Brootkit$BLdBj$G?7%Q%C%A!"HcH=$O<}$^$i$:(B (ITmedia, 2005.11.09)

    $B!!!V$[$H$s$I$N?M$O(Brootkit$B$H$O2?$+$rCN$i$J$$$N$@$+$i!"5$$K3]$1$?$j$7$J$$$N$G$O$J$$$+!W$H(BSONY BMG$B$N%0%m!<%P%k%G%8%?%k%S%8%M%9C4Ev

    $B!!2P$KL}$rCm$$$G$$$k$h$&$K$7$+J9$3$($J$$$N$@$,!"2?$,LdBj$H$5$l$F$$$k$N$+!"$3$N?M$OM}2r$7$F$$$k$N$@$m$&$+!D!D!#(B

    $B!!(BSONY BMG$B$O!"$^$:(BCD$B$K(Brootkit$B5!G=$rEk:\$7$F$7$/$8$j!"$3$N%W%m%0%i%`$KBP$9$kHcH=$X$NBP1~$G=}8}$r9-$2$?$H!"(BCA$B$N(BeTrust Security Management$BC4EvI{ $B!!!V$$$$2C8:$KL\$r3P$^$7$F$b$i$$$?$$!#(BSONY BMG$B$O8D?M%f!<%6!<$H4k6H%f!<%6!<$N8"Mx$KBP$9$kM}2r$,0l4S$7$F7g$1$F$$$k!W!JF1;a!K(B

    $B!!(BSONY $B$NCf$N?M$K$OJ9$3$($F$$$k$N$@$m$&$+!#(B

  • SONY BMG$B!"(Brootkit$BE*(BDRM$B$a$0$jAJ$($i$l$k(B (ITmedia, 2005.11.10)

  • $B$D$$$K!"(BSONY rootkit $B$rMxMQ$9$k%^%k%&%'%"$,EP>l$7$?$h$&$G$9!#(B

2005.11.11 $BDI5-(B:

$B!!%^%k%&%'%"$^$H$a(B:

$B!!4XO"5-;v(B:

2005.11.12 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.14 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.17 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.18 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.21 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.22 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.11.26 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.12.01 $BDI5-(B:

$B!!4XO"5-;v(B:

2005.12.06 $BDI5-(B:

$B!!(B$B%=%K!<(BBMG$B!$!H%k!<%H%-%C%H!I$r:o=|$9$k%D!<%k$N?7HG$r%j%j!<%9(B ($BF|7P(B IT Pro, 2005.12.05)$B!#:#EY$3$=$^$H$b$J$N$+$J!#(B

2005.12.22 $BDI5-(B:

$B!!4XO"5-;v(B:

2006.01.10 $BDI5-(B:

$B!!4XO"5-;v(B:

2006.05.23 $BDI5-(B:

$B!!(BSONY BMG$B$N(Brootkit CD$BAJ>Y!"OB2r$r:G=*>5G'(B (ITmedia, 2006.05.23)

2006.12.20 $BDI5-(B:

$B!!(B$B!V%9%Q%$E*(BDRM$B!WAJ>Y$G(BSONY BMG$B$,OB2r(B (ITmedia, 2006.12.20)$B!#%+%j%U%)%k%K%"=#$*$h$S%F%-%5%9=#$H9g0U!"$@$=$&$G$9!#(B

2007.01.31 $BDI5-(B:

$B!!(BSONY BMG$B!"(Brootkit$BLdBj$G(BFTC$B$HOB2r$X(B (ITmedia, 2007.01.31)$B!#(BFTC $B$HOB2r$@$=$&$G$9!#(B

2010.11.04 $BDI5-(B:

$B!!(B$B!V$[$H$s$I$N?M$O!"%k!<%H%-%C%H$,2?$J$N$+$5$(CN$i$J$$!W(B ($B%(%U%;%-%e%"%V%m%0(B, 2010.11.01)

$B"#(B $BDI5-(B

DSA-870-1 sudo -- missing input sanitising

$B!!(Bsudo 1.6.8p10 $B$GBP1~$5$l$F$$$^$9!#:G?7$O(B sudo 1.6.8p11 $B$G$9!#(B

$B"#(B $B@HpJs$N
(MYCOM PC WEB, 2005.10.31)

$BFC$K(BDebian$B$N4X78pJs$,8x3+$5$l$F$$$F$b(BCERT/CC$B$+$i(BAdvisory$B$,=P$F$$$J$$>l9g$K!"%;%-%e%j%F%#%A!<%`$+$i!X2f!9$O(BCERT/CC$B$KO"F0$7$FF0$$$F$$$k$N$G!"$=$l0J30$K$OBP1~$G$-$J$$!Y$H8@$o$l$F%j%j!<%9$r5qH]$5$l$k>l9g$,$"$k$N$G!"$;$a$F(BJVN$B$H(BCERT/CC$B$G@H

$B!!$H$$$&$+!"$=$N$?$a$N(B CVE $B$J$o$1$G!D!D!#(BJPCERT/CC $B$O(B CERT/CC $BF|K\;YIt$G$O$J$$$N$G!"!V(BJVN$B$H(BCERT/CC$B$G@Hl$G$O$J$+$C$?$N$@$m$&$+!#(B

$B!V4{$K<+J,$?$A$N$H$3$m$G$O(BCERT/CC$B$HD>@\>pJs$r$d$jpJs%k!<%H$,J#?t$K$J$j$+$($C$F:.Mp$9$k!W(B

$B!!F1$8OC$,0c$&%k!<%H$+$i;~:9$D$-$GF~$C$F$-$F!"$=$l$>$l$K8DJL$KBP1~$9$kI,MW$,@8$8$k2DG=@-$,$"$j$^$9$h$M!D!D!#(BCC $BF1;N$NO"7H$,IT==J,$H$$$&$3$H$J$N$+$J!#(B

$B"#(B Mac OS X Update 10.4.3
(Apple, 2005.11.01)

$B!!(BMac OS X 10.4.3 $B$,=P$F$$$^$9!#(B

$B!!%;%-%e%j%F%#=$@5$,4^$^$l$F$$$^$9(B: APPLE-SA-2005-10-31 Mac OS X v10.4.3 (apple)$B!#(Bkernel $B$N=$@5$r=|$$$F$O!"(BMac OS X 10.4 $BFCM-$N7g4Y$N=$@5$@$=$&$G$9!#(B

$B"#(B $BB??t$N%&%$%k%9BP:v%=%U%H$K%U%!%$%k$NCf?H$r%A%'%C%/$7$J$$@H
($BF|7P(B IT Pro, 2005.10.29)

$B!!(BMultiple Vendor Anti-Virus Software Detection Evasion Vulnerability through forged magic byte (securityelf.org) $B$NOC!#(B.bat / .htm / .eml $B%U%!%$%kKAF,$K$A$g$C$H$7$?56>pJs$r$D$1$k$@$1$G!"4{B8$N%&%$%k%9$,8!=P$5$l$J$/$J$j!"$7$+$b%&%$%k%9<+BN$O$=$N$^$^F0$/$_$?$$!#$=$N$^$^F0$/$H$$$&$=$N;EMM$O$I$&$h(B > Microsoft$B!"$H$$$&5$$b$7$J$$$G$O$J$$$,!D!D!#(B

$B!!BP1~(B:

2005.11.02 $BDI5-(B:

$B!!(BKaspersky $B$NBP1~(B: patch $B=`HwCf!#(B

$B!!4XO"5-;v(B: $B%;%-%e%j%F%#BP:v%=%U%H6H3&$G$b0U8+$,J,$+$l$k!V%^%8%C%/%P%$%H!WLdBj$H$O(B (CNET, 2005.11.01)

[$B%;%-%e%j%F%#%[!<%k(B memo]
$B;d$K$D$$$F(B