$B%;%-%e%j%F%#%[!<%k(B memo - 2005.12

Last modified: Mon Jul 3 13:36:32 2006 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2005.12.30

$B"#(B $BDI5-(B

Windows WMF 0-day exploit in the wild

$B!!4XO">pJs(B:

$B!!?eLn$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B)

NOD32 $B$N>l9g!"(BAMON $B!J$3$l$O!"$$$o$f$k%j%"%k%?%$%`$N%A%'%C%/$r9T$J$&%b%8%e!<%k$G$9!K$N%A%'%C%/BP>]$K4{Dj$G$O(B WMF $B%U%!%$%k$O4^$^$l$J$$$h$&$G$9!#(B

$B$D$^$j!"(BNOD32 $B$N>l9g!"%&%#%k%9Dj5A%U%!%$%k(B1.1342 (20051228) $B$G%H%m%$$H$7$F8!CN$5$l$k$h$&$K$O$J$C$?$b$N$N!"$3$l$@$1$G$OIT==J,$+$b$7$l$J$$$+$b$7$l$J$$$H;W$C$F$$$^$9!#(B

$B:#2s$N@H $B!!!V(Bexploit $B%3!<%I$N4^$^$l$k(B WMF $B%U%!%$%k$r%m!<%+%k$KJ]B8$7$?>uBV$G!"(B
$B!!!!$=$N%U%)%k%@$NFbMF$r(B explorer $B$G8+$?$@$1$G(B exploit $B$,H/F0$7$&$k(B
$B!!!!LOMM$@!W(B
$B$H$$$&E@$G$9!#!J$H$$$&8D?ME*$J0u>]$r;}$A$^$7$?!K!#$3$NE@$K$D$$$F$O!"8x3+$5$l$F$$$k(B 2 $B$D$NZ%U%!%$%k(B wmf_exp.wmf $B$H(B runcalc.wmf $B$G8=>]$r3NG'$7$^$7$?!#H/8=>r7oE*$K$O!"(Bexplorer $B$N@_Dj!]!]FC$K%U%)%k%@I=<(@_Dj!]!]$K$b0MB8$7$=$&$G$9!#.HG!W$H!VJB$Y$FI=<(!W$N>uBV$G$O%U%)%k%@$NFbMF$rI=<($7$?$@$1$GH/8=$9$k$h$&$@$H$$$&46?($r;}$A$^$7$?!#!J@_Dj$,!V%"%$%3%s!W!"!V0lMw!W!"!V>\:Y!W$N>l9g$K$O!"$H$j$"$($:%U%)%k%@$r3+$$$?$@$1$G$O(B exploit $B$NH/F0$O5/$-$J$$$h$&$J46$8$G$7$?!K!#(B

$BD9!9$H=q$$$F$7$^$$$^$7$?$,!"(BNOD32 $B$NMxMQl9g$K$O!V(BNOD32 2.5$B%3%s%H%m!<%k%;%s%?!oCsJ]8n(B)$B!W"*!V@_Dj!W$N!V8!=P!W%?%V$+$i!V8!::BP>]$N3HD%;R%j%9%H(B > $B3HD%;R!W"*!VDI2C!W$H?J$s$G(BWMF $B$rDI2C$7!"(BAMON $B$K$h$k%j%"%k%?%$%`8!::!J>oCsJ]8n!K$NBP>]$K4^$a$k$h$&$K$7$F$*$/$3$H$,I,MW$G$O$J$$$+$H$$$&46$8$r;}$A$^$7$?!#(B

$B!!B>$N%"%s%A%&%$%k%9%W%m%0%i%`$G$bF1MM$N;vNc$O$"$k$@$m$&!#Cm0U$5$l$?$$!#(B Explorer $B$N@_Dj$b8+D>$7$^$7$g$&!#(B

2005.12.30 $BDI5-(B (part 2):

$B!!4XO">pJs(B:

  • WMF, day 3 (F-Secure blog, 2005.12.30)$B!#(B shimgvw.dll $B$NEPO?Ku>C$K$h$k2sHr:v$O(B IE $B$d(B Explorer $B$+$i$N96N,$r2sHr$9$k$,!"(Bmspaint ($B%Z%$%s%H(B) $B$+$i$N96N,$O2sHr$G$-$J$$!"$H$7$F$$$k!#(B

  • Lotus Notes Vulnerable to WMF 0-Day Exploit (SANS ISC, 2005.12.30)$B!#(B shimgvw.dll $B$NEPO?Ku>C$K$h$k2sHr:v$r

  • More WMF Signatures (SANS ISC, 2005.12.30)

$B"#(B 2005.12.28

$B"#(B Windows WMF 0-day exploit in the wild
(SANS ISC, 2005.12.28)

$B!!(BWindows XP SP2 $B$KL$CN$N=EBg$J7g4Y$,$"$kLOMM!#96N,(B WMF $B%U%!%$%k$rFI$_9~$`$3$H$G!"G$0U$N%3!<%I$,

$B!!

$B!!%"%s%A%&%$%k%9J}LL$NBP1~(B:

2005.12.30 $BDI5-(B:

$B!!4XO">pJs(B:

$B!!?eLn$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B)

NOD32 $B$N>l9g!"(BAMON $B!J$3$l$O!"$$$o$f$k%j%"%k%?%$%`$N%A%'%C%/$r9T$J$&%b%8%e!<%k$G$9!K$N%A%'%C%/BP>]$K4{Dj$G$O(B WMF $B%U%!%$%k$O4^$^$l$J$$$h$&$G$9!#(B

$B$D$^$j!"(BNOD32 $B$N>l9g!"%&%#%k%9Dj5A%U%!%$%k(B1.1342 (20051228) $B$G%H%m%$$H$7$F8!CN$5$l$k$h$&$K$O$J$C$?$b$N$N!"$3$l$@$1$G$OIT==J,$+$b$7$l$J$$$+$b$7$l$J$$$H;W$C$F$$$^$9!#(B

$B:#2s$N@H $B!!!V(Bexploit $B%3!<%I$N4^$^$l$k(B WMF $B%U%!%$%k$r%m!<%+%k$KJ]B8$7$?>uBV$G!"(B
$B!!!!$=$N%U%)%k%@$NFbMF$r(B explorer $B$G8+$?$@$1$G(B exploit $B$,H/F0$7$&$k(B
$B!!!!LOMM$@!W(B
$B$H$$$&E@$G$9!#!J$H$$$&8D?ME*$J0u>]$r;}$A$^$7$?!K!#$3$NE@$K$D$$$F$O!"8x3+$5$l$F$$$k(B 2 $B$D$NZ%U%!%$%k(B wmf_exp.wmf $B$H(B runcalc.wmf $B$G8=>]$r3NG'$7$^$7$?!#H/8=>r7oE*$K$O!"(Bexplorer $B$N@_Dj!]!]FC$K%U%)%k%@I=<(@_Dj!]!]$K$b0MB8$7$=$&$G$9!#.HG!W$H!VJB$Y$FI=<(!W$N>uBV$G$O%U%)%k%@$NFbMF$rI=<($7$?$@$1$GH/8=$9$k$h$&$@$H$$$&46?($r;}$A$^$7$?!#!J@_Dj$,!V%"%$%3%s!W!"!V0lMw!W!"!V>\:Y!W$N>l9g$K$O!"$H$j$"$($:%U%)%k%@$r3+$$$?$@$1$G$O(B exploit $B$NH/F0$O5/$-$J$$$h$&$J46$8$G$7$?!K!#(B

$BD9!9$H=q$$$F$7$^$$$^$7$?$,!"(BNOD32 $B$NMxMQl9g$K$O!V(BNOD32 2.5$B%3%s%H%m!<%k%;%s%?!oCsJ]8n(B)$B!W"*!V@_Dj!W$N!V8!=P!W%?%V$+$i!V8!::BP>]$N3HD%;R%j%9%H(B > $B3HD%;R!W"*!VDI2C!W$H?J$s$G(BWMF $B$rDI2C$7!"(BAMON $B$K$h$k%j%"%k%?%$%`8!::!J>oCsJ]8n!K$NBP>]$K4^$a$k$h$&$K$7$F$*$/$3$H$,I,MW$G$O$J$$$+$H$$$&46$8$r;}$A$^$7$?!#(B

$B!!B>$N%"%s%A%&%$%k%9%W%m%0%i%`$G$bF1MM$N;vNc$O$"$k$@$m$&!#Cm0U$5$l$?$$!#(B Explorer $B$N@_Dj$b8+D>$7$^$7$g$&!#(B

2005.12.30 $BDI5-(B (part 2):

$B!!4XO">pJs(B:

  • WMF, day 3 (F-Secure blog, 2005.12.30)$B!#(B shimgvw.dll $B$NEPO?Ku>C$K$h$k2sHr:v$O(B IE $B$d(B Explorer $B$+$i$N96N,$r2sHr$9$k$,!"(Bmspaint ($B%Z%$%s%H(B) $B$+$i$N96N,$O2sHr$G$-$J$$!"$H$7$F$$$k!#(B

  • Lotus Notes Vulnerable to WMF 0-Day Exploit (SANS ISC, 2005.12.30)$B!#(B shimgvw.dll $B$NEPO?Ku>C$K$h$k2sHr:v$r

  • More WMF Signatures (SANS ISC, 2005.12.30)

2006.01.01 $BDI5-(B:

$B!!(BIDA Pro $B$N(B Ilfak Guilfanov $B;a$K$h$k(B hotfix $B$,EP>l!#(B

$B!!4XO">pJs(B:

$B!!(Be-mail $B$J967b$b9T$o$l$F$$$k$=$&$G(B:

2006.01.02 $BDI5-(B:

$B!!(BTargeted WMF email attacks (F-Secure blog, 2006.01.02)$B!#%9%T%"7?967b$b$5$C$=$/=P$F$$$k$h$&$G!#(B

2006.01.06 $BDI5-(B:

$B!!(BMS06-001 $B$H$7$F=$@5%W%m%0%i%`$,EP>l!#$?$@$7!"(BWindows 2000 / XP / Server 2003 $BMQ$N$_!#(B

2006.01.10 $BDI5-(B:

$B!!4XO"5-;v(B:

  • WMF FAQ $BF|K\8lHG(B (tarokawa.net)$B!#(BWMF FAQ version 4 $B$NF|K\8lHG!#$?$m$+$o$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B $B$A$J$_$K(B WMF FAQ $B$O(B version 5 $B$K$J$C$F$$$k!#(B
  • Interview: Ilfak Guilfanov (SecuriTeam Blogs, 2006.01.04)
    In fact, a WMF file is not an ordinary graphic file. It looks more like a program rather than a data file, because it consists of a sequence of commands for Windows. ($BCfN,(B)
    There is one very powerful command code in WMF files. This command code means $B!F(Bif something wrong happens, do the following: $B!D!G(B. So the creator of the WMF file can make your computer do anything he/she wants by using this command code and deliberately creating an error condition afterward. ($BCfN,(B)
    The patch just removes this powerful command. It does not do anything else. The fix modifies the memory image of the system on the fly. It does not alter any files on the disk.
  • MS$B!"<+ (ZDNet, 2006.01.10)

2006.01.17 $BDI5-(B:

$B!!$"$$$+$o$i$:B3$$$F$$$k$h$&$G!#(B

$B"#(B 2005.12.27

$B"#(B $BDI5-(B

$B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<$O%9%Q%$%&%'%"$+!)(B

$B!!4XO"5-;v(B:

$B!!$5$F!"%&%$%k%9%P%9%?!<%/%i%V2q0w08$K!"(B2005.12.21 $BIU$G!V%&%$%k%9%P%9%?!<%/%i%V%K%e!<%9(B2005$BG/(B 12$B7n!W$,FO$$$?!#EPO?%f!<%608$N%K%e!<%9%l%?!<$J$N$@$+$i!":#2s$N$h$&$J;v0F$K4X$9$k0FFb$K$O$b$C$F$3$$$N$O$:$@!#$@$+$i2?$,=q$+$l$F$$$k$+(B ($B=q$+$l$F$$$J$$$+(B) $B$K$O6=L#$,M/$$$?!#$=$NCf?H$O!D!D(B 

$B(.(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(/(B
 $B!Z#1![%&%$%k%9%P%9%?!<(B2006$B$N?75!G=!'%U%#%C%7%s%0:>5=BP:v(B/$B%9%Q%$%&%'%"BP:v(B
$B(1(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(0(B
$B"#5=!#(B
$B!!%&%$%k%9%P%9%?!<(B2006$B$G$O!"?7$?$K!V%U%#%C%7%s%0:>5=BP:v!W5!G=$rEk:\(B
$B!!$7$^$7$?!#(B
$B!!(Bhttp://www.trendmicro.co.jp/consumer/products/vb/goodnews/security/phishing/

$B!!!z%U%#%C%7%s%0:>5=$H$O!)(B
$B!!6bM;5!4X$d%7%g%C%T%s%0%5%$%H$J$I$rAu$C$?%a!<%k$rAw$j!"$=$3$K%j%s%/$r(B
$B!!E=$jIU$1$F%K%;$N%5%$%H$KM6$$=P$7!"%/%l%8%C%H%+!<%IHV9f$d%Q%9%o!<%I(B
$B!!$J$I$r$@$^$75=9T0Y$G$9!#(B
$B!!(Bhttp://www.trendmicro.com/jp/support/vbc/monthly/sclass/backnumber/sclass0502.htm

$B!!$^$:Bh0l$K5!G=$N@kEA(B ($B$@$1(B) $B$G$9$+!D!D!#(B $B$3$3$G(B solutionId=12478 $B$K?($l$k$H$$$& 

$B(.(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(/(B
 $B!Z#7![%&%$%k%9%P%9%?!pJs$d!"%H%i%V%kH/@8;~$K;29M$H$J$k(B
$B!!>pJs!"%&%$%k%9%P%9%?!<%/%i%V%;%s%?!<$KB?$/4s$;$i$l$k$*Ld$$9g$o$;$r(B
 $B!V@=IJ(BQ&A$B!W$H$7$F8x3+$7$F$$$^$9!#>pJs$O>o$K99?7$5$l$F$$$^$9!#(B
$B!!:G6aDI2C$5$l$?@=IJ(BQ&A$B$NCf$+$i!"FC$K$*Ld$$9g$o$;$NB?$$$b$N$r$4>R2p(B
$B!!$7$^$9!#(B

$B"!l9g$K!"85$N@_Dj$KLa$9$K$O(B
$B!!(Bhttp://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId=12470

$B"!(B[URL$B%U%#%k%?(B]$B$J$i$S$K(B[$B%U%#%C%7%s%0BP:v%D!<%k%P!<(B]$B$K$h$C$F%H%l%s%I(B
$B!!%^%$%/%m$XAw?.$5$l$k>pJs$H07$$$K$D$$$F(B
$B!!(Bhttp://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId=12478

$B!!$3$l$G$O!"$U$D$&$N%f!<%6$O8+F($7$F$7$^$&$@$m$&!#(B $B$;$C$+$/$-$A$s$H9pCN$9$k%A%c%s%9$@$C$?$N$K!#(B solutionId=12478 $B$rFHN)$5$;$FBg9`L\$K$9$l$P!"B?$/$N?M$K5$$E$$$F$b$i$($k$O$:$J$N$K$J$"!#(B

Symantec Antivirus Library Rem0te Heap Overflows Security Advisory

$B!!(BISS $B$,>u67$r3NG'$7$?$=$&$G$9!#(B

$B"#(B 2005.12.26

$B"#(B UTF-7$B%(%s%3!<%I$5$l$?%?%0J8;zNs$K$h$k(BXSS$B@H
(slashdot.jp, 2005.12.21)

$B!!J8;z%3!<%IJQ49$,$i$_$NOC!#85$M$?(B: XSS vulnerabilities in Google.com$B!#(B web $B%"%W%j(B (web $B%5!<%P(B) $BB&$G=PNO$NJ8;z%3!<%I$r(B (charset $B$J$j(B meta $B%?%0$J$j$G(B) $B$-$A$s$H;XDj$7$J$$$H!"(Bweb $B%/%i%$%"%s%HB&$NJ8;z%3!<%I<+F0H=Dj5!G=$K$h$C$F!";W$o$L7A$G=hM}$5$l$?7k2L!"(BXSS $B$,l9g$,$"$k$H$$$&OC!#(B google $B$N;vNc$G$O!"(Bmeta $B%?%0$rIU2C$9$k$3$H$K$h$C$F2r7h$5$l$?$=$&$@!#(B

$B!!$^$?!"F1MM$NLdBj$O!"(Bweb $B%/%i%$%"%s%HB&$G%f!<%6$,J8;z%3!<%I$rl9g$K$bH/@8$9$kLOMM!#(B $B$5$i$K!"(Bgoogle $B$N;vNc$G$O(B UTF-7 $B$,LdBj$H$J$C$F$$$k$,!"$3$NB>$K!"(B UTF-16$B!"(BUTF-32$B!"(BISO-2022-JP$B!"(BISO-2022-KR$B!"(BISO-2022-CN$B!"(BHZ $B$G$bLdBj$,H/@8$9$k;vNc$,$"$kLOMM!#;2>H(B:

$B!!1|$,?<$$$J$"!D!D!#(B

$B"#(B $BDI5-(B

$B0u:~%9%W!<%i$N@H

$B!!(B $B!Z=EMW![HkJ8%7%j!<%:(B Windows$B%;%-%e%j%F%#%Q%C%A(B(MS05-043)$BE,MQ4D6-$K$*$1$k@-G=LdBj$K$D$$$F$N$*CN$i$;(B ($BF|N)(B, 2005.12.26)$B!#F|K\8lHGHkJ8$K$D$$$F$O(B patch $B$,Ds6!$5$l$F$$$k!#(B

$B"#(B $B2>A[%^%7%s!V(BVMware$B!W$K%;%-%e%j%F%#!&%[!<%k!$
($BF|7P(B IT Pro, 2005.12.22)

$B!!$3$NOC(B:

$B!!(BVMware Workstation, VMware GSX Server, VMware ACE, VMware Player $B$N(B vmnat.exe / vmnet-natd $B$K7g4Y$,$"$j!"(B

  • VMware guest OS $B$G(B NAT $B$r;H$C$F$*$j!"$+$D(B
  • guest OS $B$G(B ftp $B%5!<%P$r2TF/$5$;$F$*$j!"$+$D(B
  • remote $B$+$i$=$N(B ftp $B%5!<%P$KBP$7$F:Y9)$7$?(B EPRT / PORT $B%3%^%s%I$rAw$k$H(B

host OS $B>e$G(B buffer overflow $B$,H/@8$7$FG$0U$N%3!<%I$r

$B!!3F(B VMware $B%W%m%@%/%H$N(B$B:G?7%@%&%s%m!<%IHG(B$B$G=$@5$5$l$F$$$k!#(B

$B"#(B Apple QuickTime 7.0.3 & iTunes 6.0.1 Heap Overflow
(security-protocols.com, 2005.12.20)

$B!!(BQuickTime 7.0.3 / iTunes 6.0.1 (Mac OS X / Windows) $B$K(B heap overflow $B$9$k7g4Y$,$"$j!"96N,(B .mov $B%U%!%$%k$K$h$C$F!"(BDoS $B$NB>!"G$0U$N%3!<%I$N

2006.01.11 $BDI5-(B:

$B!!(BQuickTime 7.0.4 $B$G=$@5$5$l$?!#(BAPPLE-SA-2006-01-10 QuickTime 7.0.4

$B"#(B 2005.12.22

$B"#(B $BDI5-(B

Symantec Antivirus Library Rem0te Heap Overflows Security Advisory

$B!!96N,(B .rar $B%U%!%$%k$r8!=P$9$k%Q%?!<%s!"(B Bloodhound.Exploit.55 (symantec) $B$,EPO?$5$l$?$=$&$@!#(B

$B!!$^$?!"(B Symantec AntiVirus RAR Archive Decompression Buffer Overflow (Secunia) $B$G$O!"1F6A$rpJs(B ($B$"$j$,$H$&$4$6$$$^$9(B) $B$K$h$k$H(B

$B

$B$=$&$G$9!#(B

$B!!!D!D%7%^%s%F%C%/$+$i@5<0>pJs$,=P$^$7$?(B:

$B!!e5-$7$?(B SAVCE 8 $B$NB>(B SAVCE 9 $B$b1F6A$J$7$H$J$C$F$$$^$9!#(B $BBP1~$H$7$F$O!"$3$l$b>e5-$7$?(B Bloodhound.Exploit.55 (symantec) $B$K$h$C$F8!=P$9$k$3$H$,5s$2$i$l$F$$$^$9!#(B

SUS 1.0 $B$N!V99?7$N5v2D!W(B

$B!!(BMicrosoft$B!"(BSUS$B$NLdBj$r=$@5(B (ITmedia, 2005.12.22)$B!"(B Script for SUS 1.0 problem released (MSRC blog, 2005.12.20)$B!#%9%/%j%W%H(B (Approval Analyzer Tool) $B$O(B $B$3$A$i$+$i(B$B!#(B $BF|K\8lHG(B KB912307 $B$+$i$O$^$@%@%&%s%m!<%I$G$-$J$$$h$&$@!#(B

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B"#(B 2005.12.21

$B"#(B $BDI5-(B

Oracle Critical Patch Update - October 2005

$B!!(BOracle Critical Patch Update - October 2005 (Oracle) $B$,2~D{$5$l$F(B Rev 2 $B$K$J$C$F$$$k$h$&$G$9!#(B

* Added Database version 10.2.0.1 to Affected Products section and the DB and EM risk matrices.
* Moved Oracle Workflow to Category I and clarified version numbers.
* Added Workflow issues to the Database and Application Server Risk Matrices.
* Removed references to PeopleSoft Enterprise Tools, version 8.1.

$B"#(B [Full-disclosure] iDefense Security Advisory 12.20.05: McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite
(Full-disclosure, Wed, 21 Dec 2005 03:11:49 +0900)

$B!!(BMcAfee Security Center $B$K4^$^$l$k(B ActiveX $B%3%s%H%m!<%k(B MCINSCTL.DLL (MCINSTALL.McLog) $B$K7g4Y!#(B $BG$0U$N%I%a%$%s$+$i$NMxMQ$r@)8B$7$F$$$k$O$:$,!"CVE-2005-3657

$B!!:G6a$N(B ($B<+F0(B) $B%"%C%W%G!<%H$G=$@5$5$l$F$$$k$=$&$@!#(B

$B"#(B 2005.12.20

$B"#(B Web$B%5!<%P!
($BF|7P(B IT Pro, 2005.12.20)

$B!!(BMicrosoft IIS Remote DoS .DLL Url exploit (ingehenriksen.blogspot.com) $B$NOC!#(BIIS 5.0 / 6.0 $B$K$O$3$NLdBj$O$J$$!#(B patch $B$O$^$@$J$$!#(B

$B"#(B Symantec Antivirus Library Rem0te Heap Overflows Security Advisory
(rem0te.com, 2005.12.20)

$B!!(BSymantec Antivirus Library $B$K$*$1$k(B .rar $B%"!<%+%$%V$N07$$$K(B heap overflow $B$9$k7g4Y$,$"$j!"96N,(B .rar $B%U%!%$%k$K$h$C$FG$0U$N%3!<%I$,

2005.12.22 $BDI5-(B:

$B!!96N,(B .rar $B%U%!%$%k$r8!=P$9$k%Q%?!<%s!"(BBloodhound.Exploit.55 (symantec) $B$,EPO?$5$l$?$=$&$@!#(B

$B!!$^$?!"(B Symantec AntiVirus RAR Archive Decompression Buffer Overflow (Secunia) $B$G$O!"1F6A$rpJs(B ($B$"$j$,$H$&$4$6$$$^$9(B) $B$K$h$k$H(B

$B

$B$=$&$G$9!#(B

$B!!!D!D%7%^%s%F%C%/$+$i@5<0>pJs$,=P$^$7$?(B:

$B!!e5-$7$?(B SAVCE 8 $B$NB>(B SAVCE 9 $B$b1F6A$J$7$H$J$C$F$$$^$9!#(B $BBP1~$H$7$F$O!"$3$l$b>e5-$7$?(B Bloodhound.Exploit.55 (symantec) $B$K$h$C$F8!=P$9$k$3$H$,5s$2$i$l$F$$$^$9!#(B

2005.12.27 $BDI5-(B:

$B!!(BISS $B$,>u67$r3NG'$7$?$=$&$G$9!#(B

2006.01.10 $BDI5-(B:

$B!!(BSYM05-027$B!'@H ($B%7%^%s%F%C%/(B) $B$N:G?7$N99?7$O(B 2006.01.05 $B$K$J$C$F$$$^$9!#$+$J$j$N@=IJ$,BP1~$5$l$^$7$?!#(B SAVCE 10 / SCS 3 $B$K$D$$$F$O!"(B SAVCE 10.0.1 MR1MP1$B!"(BSCS 3.0.1 MR1MP1 $B$N?75!G=(B ($B%7%^%s%F%C%/(B) $B$N:G8e$K$A$m$C$H:#2s$NOC$,5-:\$5$l$F$$$^$9!#(B $BBg7'$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B [Full-disclosure] Making unidirectional VLAN and PVLAN jumping bidirectional
(Full-disclosure, Tue, 20 Dec 2005 02:27:33 +0900)

$B!!(BVLAN $B$d%W%i%$%Y!<%H(B VLAN $B$r1[$($F%Q%1%C%H$rAw$kJ}K!$,$"$k!"$H$$$&OC$_$?$$!#(B Cisco Response$B!#(B $B4XO"%j%s%/(B:

$B"#(B 2005.12.19

$B"#(B $B%G%k
(WIRED NEWS, 2005.12.19)

$B!!3:Ev$9$k?M$O8r49$7$F$b$i$$$^$7$g$&!#(B

$B"#(B $BDI5-(B

DSA-870-1 sudo -- missing input sanitising

$B!!(Bsudo 1.6.8p11 $B$G$O!":o=|$9$k4D6-JQ?t$N%j%9%H$K(B JAVA_TOOL_OPTIONS $B$,DI2C$5$l$?$N$G$7$?!#(B

$B!!(Bsudo $B$N:G?7$O(B sudo 1.6.8p12 $B$G$9!#:o=|$9$k4D6-JQ?t$N%j%9%H$K!"$5$i$K(B PERLLIB, PERL5LIB, PERL5OPT $B$,DI2C$5$l$F$$$^$9!#(B

$B"#(B 2005.12.18

$B"#(B 2005.12.16

$B"#(B [Full-disclosure] iDefense Security Advisory 12.14.05: Trend Micro PC-Cillin Internet Security Insecure File Permission Vulnerability
(Full-disclosure ML, Thu, 15 Dec 2005 04:44:55 +0900)

$B!!%H%l%s%I%^%$%/%m(B $B%&%$%k%9%P%9%?!<(B 2005$B!"(B2006 $B$K7g4Y!#(B $B%$%s%9%H!<%k;~$KITE,@Z$J(B ACL $B$,@_Dj$5$l$k$?$a!"(Blocal user $B$J$i4IM}

$B!!(B$B%&%$%k%9%P%9%?!<(B 2005 $B%W%m%0%i%`%P!<%8%g%s(B 12.4 $B$G=$@5$5$l$F$$$k!#(B $B$^$?!"E,@Z$J(B ACL $B$r@_Dj$9$k$?$a$N%"%/%;%98"@_Dj%D!<%k$,8x3+$5$l$F$$$k!#(B

$B!!$3$l$rE,MQ$9$k$H!"(BEveryone: full control $B$G$O$J$/$J$k!#$G$b!"@)8B%f!<%6$K(B full control $B$C$FI,MW$J$N(B?

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B

$B!!%;%-%e%j%F%#0J30$NM%@hEY$N9b$$99?7%W%m%0%i%`$O!"$3$l$N$3$H$@$C$?$h$&$G$9!#(B

$B"#(B 2005.12.15

$B"#(B Apache $B$N%5!<%P!<%5%$%I%$%a!<%8%^%C%W=hM}%b%8%e!<%k$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H
(hoshikuzu | star_dust $B$N=q:X(B, 2005.12.15)

$B!!(BApache 1.3.0$B!A(B1.3.34, 2.0.35$B!A(B2.0.55, 2.2.0 $B$K7g4Y!#(Bmod_imap / mod_imagemap $B$K$*$1$k(B referer $B$N07$$$K(B XSS $B7g4Y$,$"$j!"(Bcookie $B$N:ql9g$O!"$3$N7g4Y$N1F6A$r

$B!!(BApache 1.3.35, 2.0.56, 2.2.1 $B$G=$@5$5$l$kM=Dj!#(B1.3.35, 2.0.56, 2.2.1 $B$N3+H/HG$G$O4{$K=$@5$5$l$F$$$k!#$^$?(B ASF Bugzilla Bug 37874: CVE-2005-3352 mod_imap cross-site scripting flaw (apache.org) $B$K(B 1.3 / 2.0 $BMQ$N(B patch $B$,7G:\$5$l$F$$$k!#(B

$B!!4XO"(B:

2006.05.10 $BDI5-(B:

$B!!(Bapache 1.3.35 / 2.0.58 $B$,EP>l$7$F$$$^$9!#$3$N7g4Y$,=$@5$5$l$F$$$^$9!#DEED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B Windows $B%+!<%M%k$N@H:3J$5$l$k(B (908523) (MS05-055)
(Microsoft, 2005.12.14)

$B!!(BWindows NT 4.0 / 2000 $B$K7g4Y!#%+!<%M%k$K$*$1$k(B Asynchronous Procedure Call $B$N=hM}$K7g4Y$,$"$j!"(Blocal user $B$,(B local SYSTEM $B8"8B$rC%

$B!!(BWindows 2000 SP4 $BMQ$N(B patch $B$,MQ0U$5$l$F$$$k!#(B

$B"#(B 2005.12.14

$B"#(B Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (905915) (MS05-054)
(Microsoft, 2005.12.14)

$B!!(BIE 5.01 / 5.5 / 6 $B$N:G?7$NN_@QE*=$@5%W%m%0%i%`!#(B $B?7$?$K=$@5$5$l$?$N$O(B 4 $B7o!#(B

  • $B%U%!%$%k$N%@%&%s%m!<%I(B $B%@%$%"%m%0(B $B%\%C%/%9$NA`:n$K4X$9$k@HCAN-2005-2829

    $B?7$7$$%V%i%&%6%&%$%s%I%&$K$*$1$k%-!<%\!<%I%7%g!<%H%+%C%H$N=hM}$d%^%&%9%/%j%C%/$N=hM}$K7g4Y$,$"$j!"%f!<%6$N%-!

  • HTTPS $B%W%m%-%7$N@HCAN-2005-2830

    $BMxMQ;~$K(B basic $BG'>Z$,I,MW$H$J$k(B https proxy $B$r;H$C$F$$$k>l9g$K!"(B IE $B$,%j%/%(%9%H(B URL $B$rJ?J8$G(B proxy $B$KAw$C$F$7$^$&LOMM!#(B

  • COM $B%*%V%8%'%/%H(B $B%$%s%9%?%s%92=$N%a%b%jGKB;$N@HCAN-2005-2831

    MS05-052 ($B$H$$$&$+(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (906267)) $BN`;w$NOC$N1F6A$r 

    $B%/%i%9<1JL;R(B                         COM $B%*%V%8%'%/%H(B
----------------------------------------------------------
0002000D-0000-0000-C000-000000000046 Avifil32.dll
ECABAFC0-7F19-11D2-978E-0000F8757E2A  Comsvcs.dll
ECABB0AB-7F19-11D2-978E-0000F8757E2A  Comsvcs.dll
3050F4F5-98B5-11CF-BB82-00AA00BDCE0B Mshtmled.dll
00020421-0000-0000-C000-000000000046 Ole2disp.dll
00020422-0000-0000-C000-000000000046 Ole2disp.dll
00020423-0000-0000-C000-000000000046 Ole2disp.dll
00020424-0000-0000-C000-000000000046 Ole2disp.dll
00020425-0000-0000-C000-000000000046 Ole2disp.dll
DF0B3D60-548F-101B-8E65-08002B2BD119 Ole2disp.dll / Oleaut32.dll
0006F071-0000-0000-C000-000000000046  Outllib.dll
2D2E24CB-0CD5-458F-86EA-3E6FA22C8E64   Quartz.dll
51B4ABF3-748F-4E3B-A276-C828330E926A   Quartz.dll
E4979309-7A32-495E-8A92-7B014AAD4961   Quartz.dll
62EC9F22-5E30-11D2-97A1-00C04FB6DD9A  Repodbc.dll
6E2270FB-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
6E227109-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
6E22710A-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
6E22710B-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
6E22710C-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
6E22710D-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
6E22710E-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
6E22710F-F799-11CF-9227-00AA00A1EB95  Repodbc.dll
B1D4ED44-EE64-11D0-97E6-00C04FC30B4A  Repodbc.dll
D675E22B-CAE9-11D2-AF7B-00C04F99179F  Repodbc.dll
00021401-0000-0000-C000-000000000046    Shell.dll

  • $BITE,@Z$J(B Document Object Model $B%*%V%8%'%/%H$N%a%b%jGKB;$N@HCAN-2005-1790

    Internet Explorer $B$N(B JavaScript $B$N@H $B$NOC!#(B

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#(Bpatch $B$K$O!">e5-$K2C$($F!"

  • First4Internet XCP $B%"%s%$%s%9%H!<%i(B ActiveX $B%3%s%H%m!<%k$K(B Kill Bit $B$r@_Dj$9$k!#6qBNE*$K$O!" 

    4EA7C4C5-C5C0-4F5C-A008-8293505F71CC
7965A6FD-B383-4658-A8E0-C78DCF2D0E63
9A60A782-282B-4D69-9B2A-0945D588A125
80E8743E-8AC5-46F1-96A0-59FA30740C51

2006.04.06 $BDI5-(B:

$B!!(B917460 - MS5-054 Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`$rE,MQ$9$k$H(B _serach $B$r%?!<%2%C%H$K$7$?%Z!<%8$NI=<($,$G$-$J$$(B (Microsoft)$B!#$3$N(B KB $B$C$FF|K\8lHG$7$+$J$$$G$9$+(B?

$B"#(B SUS 1.0 $B$N!V99?7$N5v2D!W(B
($BF|K\$N%;%-%e%j%F%#%A!<%`$N(B Blog, 2005.12.14)

$B!!$^$?$7$F$b(B SUS 1.0 SP1 $B$G%H%i%V%k!#!V0JA0$K5v2D$5$l$?99?7$N?7$7$$%P!<%8%g%s$r<+F0E*$K5v2D$9$k!W$rA*Br$7$F$$$k?M$K$O4X78$"$j$^$;$s!#(B $B$=$&$G$J$$?M$K$O4X78$,$"$j!"(BKB 912307 $B$KBP1~J}K!$,5-:\$5$l$F$$$^$9!#F?L>4uK>$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

2005.12.22 $BDI5-(B:

$B!!(BMicrosoft$B!"(BSUS$B$NLdBj$r=$@5(B (ITmedia, 2005.12.22)$B!"(B Script for SUS 1.0 problem released (MSRC blog, 2005.12.20)$B!#%9%/%j%W%H(B (Approval Analyzer Tool) $B$O(B $B$3$A$i$+$i(B$B!#(B $BF|K\8lHG(B KB912307 $B$+$i$O$^$@%@%&%s%m!<%I$G$-$J$$$h$&$@!#(B

$B"#(B 2005.12.13

$B"#(B [SA17963] Opera Bookmark Large Title Denial of Service Weakness
(secunia, 2005.12.13)

$B!!(BOpera 8.x $B$,(B

  • IME $B$,%$%s%9%H!<%k$5$l$F$$$k(B Windows $B4D6-(B ($BF|K\8lHG(B Windows $B$O$3$l(B)
  • Mac OS X

$B$GF0$$$F$$$k>l9g$K!"D9Bg$J(B <title> $B$N$D$$$?%Z!<%8$r(B bookmark $B$KJ]B8$9$k$H!"5/F0;~$K%/%i%C%7%e$9$k!#(B

$B!!(BOpera 8.51 $B$G=$@5$5$l$F$$$k!#(BJPCERT/CC $B7PM3$GJs9p$5$l$F$$$k$h$&$@$,!"(BJVN $B$H$+$K$O$^$@7G:\$5$l$F$$$J$$$h$&$@!#(B

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B 2005.12.12

$B"#(B 2005.12.11

$B"#(B $BDI5-(B

First Vulnerability for Firefox 1.5 (released version) Announced - PoC available

$B!!(BMozilla Foundation $B$+$i>pJs$,8x3+$5$l$^$7$?!#(B $B@>B<$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!D9$/$H$b?tJ,BT$C$F$$$l$P@5>o$K5/F0$7!"96N,2DG=$J7g4Y$G$b$J$$$H$7$F$$$k!#(B

$B"#(B 2005.12.10

  • $B!U(B BHODemon 2.0 $B$N%Z!<%8$K$3$s$J5-=R$,(B:

    I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.

    $B!!$&!<$`!"$=$&$@$C$?$N$+!D!D!#(B

$B"#(B $BDI5-(B

Internet Explorer $B$N(B JavaScript $B$N@H

$B!!(BTTFOXZ$B$NF|5-(B $B$G(B NIS $B$N8m8!=P$N7o$O$^$@D>$C$F$J$$$H;XE&$5$l$F$$$?$N$G!"(B $B$B$3$A$i(B $B$G$bH?1~$7$F$7$^$$$^$9$M!#$&!<$s!#(B2005.12.02 $B$N%F%9%H7k2L$O2?$@$C$?$s$@!D!D(B orz$B!#(B $B$H$j$"$($:Bg13$D$$$F$$$?$_$?$$$G$9$$$^$;$s!#(B

$B%IAG?M$G$bJ,$+$k;v$@$m$&$K!#(B

$B!!%IAG?ML$K~$G$9$$$^$;$s$M$(!#(B

$B"#(B 2005.12.09

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B
(Microsoft, 2005.12.09)

  • Microsoft Windows $B$K1F6A$r5Z$\$9%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs(B: 2 $B7o!#(B $B:GBg?<9oEY(B: $B!V6[5^!W(B

  • Microsoft Windows $B0-0U$N$"$k%=%U%H%&%'%"$N:o=|%D!<%k(B $B$N99?7HG(B

  • WU / SUS: $B%;%-%e%j%F%#0J30$NM%@hEY$N9b$$99?7%W%m%0%i%`(B: 2 $B7o(B

  • MU / WSUS: $B%;%-%e%j%F%#0J30$NM%@hEY$N9b$$99?7%W%m%0%i%`(B: 3 $B7o(B

$B$@$=$&$G$9!#(B

2005.12.16 $BDI5-(B:

$B!!%;%-%e%j%F%#0J30$NM%@hEY$N9b$$99?7%W%m%0%i%`$O!"$3$l$N$3$H$@$C$?$h$&$G$9!#(B

$B"#(B 2005.12.08

$B"#(B First Vulnerability for Firefox 1.5 (released version) Announced - PoC available
(SANS ISC, 2005.12.08)

$B!!(BFirefox 1.5 $B$K$*$1$k(B history.dat $B$N07$$$K(B buffer overflow $B$9$k7g4Y$,$"$kLOMM!#(BSANS ISC $B$G$O!"(BFirefox 1.5 $B$NMzNrJ]B84|4V$r(B 0 $B$K$9$k$3$H$K$h$C$F2sHr$G$-$k$H$7$F$$$k!#(B [$B%D!<%k(B] $B%a%K%e!<$N(B [$B%*%W%7%g%s(B] $B$r3+$-!"(B[$B%W%i%$%P%7!<(B] $B%?%V$N(B [$BI=<(MzNr(B] $B$r(B 0 $B$K$9$k!"$H!#(B

2005.12.11 $BDI5-(B:

$B!!(BMozilla Foundation $B$+$i>pJs$,8x3+$5$l$^$7$?!#(B $B@>B<$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!D9$/$H$b?tJ,BT$C$F$$$l$P@5>o$K5/F0$7!"96N,2DG=$J7g4Y$G$b$J$$$H$7$F$$$k!#(B

$B"#(B 2005.12.07

$B"#(B 2005.12.06

$B"#(B Practical and Theoretical Research Topics in Information Security
(CORE LABS)

$B!!(BMD5 $B$M$?$N%W%l%<%s;qNA(B ($B;d$K$O$5$C$Q$j$o$+$i$s(B orz) $B$H!"(B CRC16 / CRC32 / MD5 $B$,F10l$G$"$k$h$&$J(B 2 $B$D$N0[$J$k%P%$%J%j%U%!%$%k$N%5%s%W%k!"$J$I$,8x3+$5$l$F$$$^$9!#$3$NNc$N>l9g!"$?$H$($P(B SHA1 $B$J$i0c$$$,$o$+$j$^$9!#(B

$B"#(B [Full-disclosure] Perl format string integer wrap vulnerability
(Full-disclosure ML, Thu, 01 Dec 2005 17:58:36 +0900)

$B!!(Bperl 5.9.2 / 5.8.6 $B$K7g4Y!#(Bformat $BJ8;zNsA`:n$K$*$$$F(B integer overflow $B$9$k7g4Y$,$"$j!"(B ia32 $B%W%i%C%H%[!<%`>e$K$*$$$F!"(Bformat $B%P%0$r;}$D(B perl $B%W%m%0%i%`$HAH$_$"$o$5$k$3$H$G(B remote $B$+$iG$0U$N%3!<%I$N

fix / patch:

$B"#(B [Full-disclosure] Bug with .php extension?
(Full-disclosure ML, 2005.12.06)

$B!!(BApache + PHP $B$J4D6-$G(B test.php.rar $B$@$N(B test.php.bak $B$@$N$H$$$&%U%!%$%k$r%V%i%&%:$9$k$H(B PHP $B%9%/%j%W%H$H$7$F=hM}$5$l$F$7$^$&!"$H$$$&OC!#$3$l$OApache $B$N;EMM(B$B$NLOMM!#(B $B%U%!%$%kL>$,(B basename.ext1.ext2 $B$N>l9g$K!"(B

  • ext1 $B$H(B ext2 $B$NN>J}$N%a%?>pJs$,Dj5A$5$l$F$$$l$P!"$h$j1&B&$K$"$k(B ext2 $B$N%a%?>pJs$,:NMQ$5$l$k!#$?$H$($P(B foo.gif.html $B$ODL>o(B text/html $B$K%^%C%W$5$l$k!#(B (.gif $B$,(B image/gif $B$K%^%C%W$5$l!"(B.html $B$,(B text/html $B$K%^%C%W$5$l$F$$$k>l9g$J$I(B)

  • ext1 $B$N%a%?>pJs$@$1$,Dj5A$5$l$F$$$l$P!"(Bext1 $B$N%a%?>pJs$,:NMQ$5$l$k!#$?$H$($P(B foo.gif.bak $B$ODL>o(B image/gif $B$K%^%C%W$5$l$k!#(B (.gif $B$,(B image/gif $B$K%^%C%W$5$l!"(B.bak $B$K$O2?$b%^%C%W$5$l$F$$$J$$>l9g$J$I(B)

$B!!$3$l$r(B$B:$$C$?LdBj$@$H$9$k?M(B$B$b$$$k$h$&$@$,!"$?$H$($P!V(BPHP $B%9%/%j%W%H$rJT=8$7$F$G$-$?%P%C%/%"%C%W%U%!%$%k(B (foo.php.bak) $B$r%V%i%&%:$7$?$i%9%/%j%W%H%=!<%9$,FI$a$F$7$^$C$?$?$a!"%;%s%7%F%#%V>pJs$,O31H$7$?!W$H$$$C$?;vBV$r2sHr$G$-$k$H$$$&0UL#$G$O!"M-0U5A$J5!G=$@$m$&!#(B $B$b$C$H$b!"D>46E*$G$O$J$$$N$O3N$+$@!#(B

$B!!>o$K$$$A$P$s1&B&$N3HD%;R$K=>$o$;$k$h$&$J@_Dj$C$F!"$"$k$s$G$9$+$M!#(B

$B"#(B $BDI5-(B

The "Sony rootkit" case

$B!!(B$B%=%K!<(BBMG$B!$!H%k!<%H%-%C%H!I$r:o=|$9$k%D!<%k$N?7HG$r%j%j!<%9(B ($BF|7P(B IT Pro, 2005.12.05)$B!#:#EY$3$=$^$H$b$J$N$+$J!#(B

Internet Explorer $B$N(B JavaScript $B$N@H

$B!!(BIE$B$N%Q%C%AL$8x3+%;%-%e%j%F%#!&%[!<%k$rA@$&(BWeb$B%5%$%H$,A}2CCf(B ($BF|7P(B IT Pro, 2005.12.05) $B$@$=$&$G$9!#4XO"(B: Hackers exploit unpatched Internet Explorer bug to install malware (Sophos)$B!#(B

$B"#(B 2005.12.05

$B"#(B IE$B!'?7pJs$,Ep$^$l$k62$l!D$H$$$&$+(BGoogle$B$P$+$j$G$J$$$G$9!"%d%P%$$N$O!"$3$j$c;2$j$^$7$?$M!#(B
(hoshikuzu | star_dust $B$N=q:X(B, 2005.12.04)

$B!!(BIE 6 ($B0JA0(B?) $B$K7g4Y!#(BCSS $B$r(B @import $B$d(B addImport $B$GFI$_9~$`>l9g$K!"FbMF$N8!>Z$,IT==J,$J$?$a!"(BJavaScript $B$,=q$+$l$?%Z!<%8$J$I!"(Btako {kani: ika} $B$N$h$&$J7A<0$G=q$+$l$F$$$k$HFI$a$J$/$b$J$$%Z!<%8$G$"$l$P!"(BCSS $B$H$7$FFI$_9~$a$F$7$^$&LOMM!#(B

$B!!$3$l$rMxMQ$7$F!"(BGoogle Desktop v2 $B$HAH$_$"$o$;$F%Q%9%o!<%I$rEp$_=P$9(B PoC $B%3!<%I$,$3$l(B: Google Desktop Exposed: Exploiting an Internet Explorer Vulnerability to Phish User Information (hacker.co.il) ($B$H$$$&M}2r$G$$$$$N$+$J!D!D(B) $B!#(BGoogle $B<+BN$K$O4{$KBP93%3!<%I$,AH$_9~$^$l$F$$$k$,!"F1MM$NpJs$J$I$r

2006.07.03 $BDI5-(B:

$B!!(BCSS$B%/%m%9%I%a%$%s$N>pJsO3$($$$N@H (@IT, 2006.06.29)

$B"#(B JVN#76357668: MitakeSearch $B$K$*$1$k%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H
(JVN, 2005.12.05)

$B!!(BMitakeSearch 4.2 $B$K7g4Y!#(B ranking.pl $B$K(B XSS $B7g4Y$,$"$k!#(B MitakeSearch V4.2$B$N@H (HP) $B$G=$@5HG$,G[I[$5$l$F$$$k!#(B

$B"#(B JVN#67001206$B!'(B $B!V(BFreeStyleWiki$B!W$K%/%m%9%5%$%H!&%9%/%j%W%F%#%s%0$r4^$`J#?t$N@H
(JVN, 2005.12.05)

$B!!(BFreeStyleWiki 3.5.9 $B0JA0$K7g4Y!#!V%7%s%0%k%V%i%1%C%H$K$h$kG$0U$N(BURL$B$X$N%j%s%/=hM}$K@HFreeStyleWiki 3.5.10 $B$G=$@5$5$l$F$$$k!#(B

$B!!(BJVN: JVN#67001206

$B"#(B 2005.12.04

$B"#(B $BDI5-(B

$B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<$O%9%Q%$%&%'%"$+!)(B

$B!!(BTTFOXZ$B$NF|5-(B $B$H$$$&%Z!<%8$,!"@1_7;a$d9bLZ;a$N;XE&$KBP$7$F8@5Z$7$F$$$k$,!"@5D>$K8@$C$F!"$h$1$$$J;v$r=q$-$9$.$F$$$k$h$&$K;W$&!#(B

$B!!:#2s$NLdBj$N:,K\$r$b$&$$$A$I8+$F$_$h$&!#(B $B%&%$%k%9%P%9%?!<(B2006$B$N%U%#%C%7%s%0:>5=BP:v%D!<%k%P!<$O%9%Q%$%&%'%"$+!)(B ($B@1_7M5Fs%a%b(B, 2005.11.16) $B$h$j(B:

$B%"%/%;%9$7$?(BWeb$B%5%$%H$N(BURL$B$r%H%l%s%I%^%$%/%m$KAw?.$7$F$$$k$3$H$O4V0c$$$J$$!#$3$N;EMM$K%1%A$r$D$1$k$D$b$j$O$J$$!#LdBj$O!"B?$/$N%f!<%6$,$3$N;EMM$K$D$$$FCN$i$J$$$H$$$&$3$H$@!#A02s$b=q$$$?$,!"$3$N$3$H$K$D$$$F%^%K%e%"%k$KL@3N$J5-=R$O$J$$$7!"%$%s%9%H!<%k;~$K@bL@$b$J$$!#$3$l$G$O%9%Q%$%&%'%"$d%"%I%&%'%"$HF1$8$G$O$J$$$+!#(B

$B!!%f!<%6$N%"%/%;%9@h(B URL $B>pJs$r(B$BBh;0 ($B%H%l%s%I%^%$%/%m(B) $B$K(B$BL5CG$G(B$BAw?.$7$F$$$k$N$O!V%9%Q%$%&%'%"$d%"%I%&%'%"$HF1$8$G$O$J$$$+!W$H$$$&;XE&$@!#$3$&$$$&$3$H$r9T$&$N$G$"$l$P!"DL>o$O!"@=IJ$N%$%s%9%H!<%k;~$d$B0-0U$N$"$k%=%U%H%&%'%"$N:o=|%D!<%k(B$B$N(B EULA $B$K$O$3$&$"$k(B ($B2hA|(B$B!#l9g$O!"(BIE $B$G%"%/%;%9$7!":o=|%D!<%k$r(B web $B>e$G

$B%W%i%$%P%7!<$K4X$9$kDLCN(B $BK\%=%U%H%&%'%"$,$*5RMM$N%G%P%$%9$G0-0U$N$"$k%W%m%0%i%`$NB8:_$r3NG'$9$k$H$-!"$*5RMM$N%G%P%$%9$G0-0U$N$"$k%W%m%0%i%`$,H/8+$*$h$S=|5n$5$l$?$+$I$&$+$r$*5RMM$KJs9p$9$k$?$a$K$N$_!"$*5RMM$N%G%P%$%9$+$i>pJs$,<}=8$5$l$^$9!#$7$+$7!"%^%$%/%m%=%U%H$O!"K\%=%U%H%&%'%"$N;HMQ$K4X$9$kE}7W%G!<%?$r<}=8!"8x3+$9$k>l9g$,$"$j$^$9!#$*5RMM$N$44uK>$K$h$j!"K\%=%U%H%&%'%"$NJs9p5!G=$r(B http://go.microsoft.com/fwlink/?LinkID=39987 $B$N;X<($K=>$C$FL58z$K$9$k$3$H$,$G$-$^$9!#(B

$BF10U$r5a$a!"$^$?(B Microsoft $B$X$N>pJsDs6!$rL58z$K$9$kJ}K!$bDs6!$7$F$$$k(B ($Be$KCf?H$r$h$/FI$^$J$1$l$P$J$i$J$$$N$,%"%l$G$O$"$k$,!D!D!#(BKB891716 $B$N(B FAQ $B$N(B Q3 $B$,$=$l(B)$B!#(B

$B!!7+$jJV$7$K$J$k$,!"%H%l%s%I%^%$%/%m$O!"?7$7$$(B EULA $B$rMQ0U$7$F!"MxMQ$B%5%]!<%H>pJs(B$B$,=P$F$$$k$b$N$N!"$[$H$s$I$N%f!<%6$O5$$,$D$$$F$$$J$$$N$,8=>u$@$m$&!#(B $B:GDc$G$b!"$3$N%5%]!<%H>pJs$NB8:_$rA4EPO?%f!<%6$K%a!<%k$GCN$i$;$k!"$/$i$$$N$3$H$O$7$?J}$,$$$$$H;W$&!#(B

$B!!(BTTFOXZ$B$NF|5-(B $B$G$O!"(B2005-11-28 $B$K(B

$B$M$'@1_7$5$s!#(BPhishWall$B$G$O$I$s$J>pJs$rAw?.$7$F$$$k$s$G$9$+!)(B
$B;d$,:rF|$N%V%m%0$r=q$$$?;~E@$G$O!"%;%-%e%"%V%l%$%s$N%5%$%H$+$iF@$i$l$k>pJs$O40A4$KITB-$7$F$$$?!J:#8e!"2~NI99?7$5$l$k$+$b$7$l$J$$$,!&!&!K!#(B

$B$H=q$$$F$$$k$,!"(B$B%;%-%e%"%V%l%$%s%[!<%`%Z!<%8(B $B$N(BPhishWall $B$r$?$I$k$H8=$l$k%Z!<%8$N:8%a%K%e!<$K$"$k(B PhishWall $B%5!<%P(B $B$K$"$k@bL@$r8+$k8B$j$G$O!"2?$r$I$3$KAw$C$F$$$k$+$OL@3N$@$7!"Bh;0pJs$,Aw$i$l$k$h$&$K$b$J$C$F$$$J$$!#(B $B$3$N%Z!<%8$O:rF|:#F|$G$-$?$b$N$G$O$J$$$O$:$@$,!"(B $B$I$N$"$?$j$r8+$k$H!V;d$,:rF|$N%V%m%0$r=q$$$?;~E@$G$O!"%;%-%e%"%V%l%$%s$N%5%$%H$+$iF@$i$l$k>pJs$O40A4$KITB-$7$F$$$?!W$H$$$&5-=R$,@8$^$l$k$N$+!";d$K$O$h$/$o$+$i$J$$!#(B

$B!!$A$J$_$K!"(BPhishWall $B$N%@%&%s%m!<%I%Z!<%8$O(B $B$3$3(B (kddi.ne.jp)$B!"(B EULA $B$O(B$B$3$3(B (kddi.ne.jp) $B$K$"$k!#%@%&%s%m!<%I%Z!<%8$b(B EULA $B$b(B securebrain.co.jp $B$K$O$J$$!D!D$H$$$&$"$?$j$O%D%C%3%_$I$3$m$N$h$&$K;W$&$N$@$,!"(BTTFOXZ $B;a$O$=$&$$$&$H$3$m$K$O6=L#$O$J$$$h$&$@!#(B

2005.12.04 $BDI5-(B 2:

$B!!4XO">pJs(B:

$B"#(B 2005.12.02

$B"#(B $BDI5-(B

Sun Java JRE Sandbox Security Bypass Vulnerabilities

$B!!(BAbout the security content of J2SE 5.0 Release 3 (Apple)

Internet Explorer $B$N(B JavaScript $B$N@H

$B!!(BNIS $B$G$N8m8!=P$G$9$,!"l9g$O!":F$SM-8z$K$7$F$_$k$H$$$$$+$b$7$l$^$;$s!#(B

$B!!$5$F!"$3$N7g4Y$rMxMQ$9$k%^%k%&%'%"(B TrojanDownloader:Win32/Delf.DH $B$,EP>l$7$?$H$$$&$3$H$G!"3F%"%s%A%&%$%k%9%Y%s%@!<$+$i$N>pJs$b99?7$5$l$F$$$k$h$&$G$9!#(B

  • JS/Exploit-BO.gen ($B%^%+%U%#!<(B)$B!#(B

    VirusScan Enterprise 8.0i / Managed VirusScan
    Generic Buffer Overflow Protection protects against code execution that may result from exploiting this vulnerability.

    McAfee Entercept
    Entercept's Generic Buffer Overflow Protection protects against code execution that may result from exploiting this vulnerability.

    McAfee IntruShield
    Updated signatures are available for Trimble release with http response support.

    McAfee Foundstone
    Updated signatures have been released.

  • Bloodhound.Exploit.54 ($B%7%^%s%F%C%/(B)

  • JS_WINDEXP.A$B!"(B JS_ONLOADXPLT.A ($B%H%l%s%I%^%$%/%m(B)

$B!!(BWindows 2000 SP4 $BF|K\8lHG(B + VirusScan Enterprise 8.0i $B$K$*$$$F!"(B JS/Exploit-BO.gen $B$,8!=P$5$l$k$b$N$NEEBn$,I=<($5$l$F$7$^$&7o$G$9$,!"(B VSE 8.0i Patch 11 $B$K$9$l$P%9%/%j%W%H$N

$B"#(B 2005.12.01

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B $BDI5-(B

$BF|K\#E#R#I$,;XE&!VBg?CG'Dj%W%m%0%i%`$O2~cb2DG=!W(B

$B!!(B$B%W%m%0%i%`=PNO$N??@5@-$N3NG'$r$I$&9T$C$F$$$?$N$+!)(B ($BIpED7=;K(B, 2005.12.01)

The "Sony rootkit" case

$B!!4XO"5-;v(B:

$B"#(B Flaw in Syn Attack Protection on non-updated Microsoft OSes can lead to DoS
(bugtraq, 2005.11.29)

$B!!(B315669 - Windows 2000 $B$G%5!<%S%95qH]967b$KBP$9$k(B TCP/IP $B%9%?%C%/$r6/2=$9$kJ}K!(B (Microsoft) $B$J$I$G2r@b$5$l$F$$$k!"(BSYN flood $B967bBP:v$N$?$a$N%l%8%9%H%j@_Dj(B SynAttackProtect $B$r@_Dj$7$F$b!"F1$8%O%C%7%eCM$r;}$D(B SYN $B$,BgNL$K$d$C$F$/$k$h$&$J>l9g$K$OM-8z$G$O$J$$!"$H$$$&OC$+$J!#(B

$B!!$3$N7g4Y$O(B Windows 2000 $B$G$O(B Update Rollup 1 $B$G!"(BWindows Server 2003 $B$G$O(B SP1 $B$G=$@5$5$l$F$$$k$=$&$@!#(B

[$B%;%-%e%j%F%#%[!<%k(B memo]
$B;d$K$D$$$F(B