$B%;%-%e%j%F%#%[!<%k(B memo - 2006.04

Last modified: Wed Jun 21 20:22:14 2006 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2006.04.30

$B"#(B CSSXSS$B@H
(hoshikuzu | star_dust $B$N=q:X(B, 2006.04.28)

$B!!(B[SA19738] Internet Explorer "mhtml:" Redirection Disclosure of Sensitive Information $B$NOC!#>\:Y$O(B hoshikuzu $B$5$s$N2r@b$r;2>H!#(B

$B!!%W%m%H%3%k%O%s%I%i$NL58z2=$K$D$$$F$O!"$?$H$($P(B VU#323070 ($B$3$l<+BN$O(B MS04-013 $B$G=$@5$5$l$?OC(B) $B$N(B III. Solution $B$N(B Disable ITS and MHTML protocol handlers $B$r;2>H!#(B $B:#2s$N7o$G$O(B mhtml $B$NL58z2=$@$1$G(B ok $B$J$h$&$G$9!#(B

$B"#(B $BDI5-(B

IE$B!"(BSafari$B!"(BFirefox$B$K%Q%C%AL$8x3+$N?7$?$J@H

$B!!(B[Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable$B!#(BSecunia $B$NCf$N?M$K$h$k(B post$B!#(BSecunia $B$NFbIt$G$O96N,%3!<%I$N:n@.$K@.8y$7$F$*$j!"(BMicrosoft $B$K$b(B 2006.04.26 $B$KAwIU:Q$@$=$&$@!#(B

The advisory rating of "Highly critical" and "System access" impact is therefore fully justified.

$B!!$H$$$&$o$1$G!"(BMSIE (mshtml.dll) OBJECT tag vulnerability $B$NOC(B ([SA19762] Internet Explorer "object" Tag Memory Corruption Code Execution, CVE: CVE-2006-1992) $B$O$9$3$V$k4m81$JLOMM!#(B

$B"#(B 2006.04.29

$B"#(B $BDI5-(B

Juniper Networks SSL-VPN$B%/%i%$%"%s%H(B $B%P%C%U%!%*!<%P!<%U%m!<@H

$B!!(Bsnort signature $B=P$F$^$9(B: and little flaws in IVE (SANS ISC)

$B"#(B 2006.04.28

$B"#(B $B$$$m$$$m(B (2006.04.28)
(various)

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2006.04.26)

$B!!(BSYM06-008: Symantec Scan Engine Multiple Vulnerabilities $B$NF|K\8lHG(B advisory $B=P$^$7$?(B: SYM06-008: Symantec Scan Engine $B$KJ#?t$N@H ($B%7%^%s%F%C%/(B)$B!#(B

Symantec Scan Engine 5.0 $B$K4X$7$F$O!"F|K\$G$OHNGd$r$7$F$*$j$^$;$s!#(B
Symantec Scan Engine $B%"%C%W%0%l!<%I$O!"%W%i%A%J%`%5%]!<%H7@Ls$N$*5RMM$O(B Platinum Support Web Site $B$+$i!"$^$?%i%$%;%s%97@Ls$N$9$Y$F$N$*5RMM$O(B FileConnect $B$N%=%U%H%&%'%"$N%@%&%s%m!<%I!&%5%$%H$+$iF~

$B"#(B 2006.04.27

$B"#(B $B%&%$%k%9%Q%?!<%s%U%!%$%k$N?75!G=$N$*CN$i$;(B
($B%H%l%s%I%^%$%/%m(B, 2006.04.27)

$B!!%H%l%s%I%^%$%/%m$N(B VSAPI 8.000 $B0J>e(B + 2006.05.09 $B0J9_$N%Q%?!<%s$K$*$$$F!"(B

  • Generic$B%Q%?!<%s(B
  • Unpacker$B%Q%?!<%s(B

$B$H$$$&?7$7$$%Q%?!<%s$,DI2C$5$l$k$N$@$=$&$@!#Cf;3$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!$3$N$&$A(B Generic $B%Q%?!<%s$K$D$$$F$O!"!V%H%l%s%I%^%$%/%m$N?d>)=hM}!W$K$*$1$k0l;~=hCV$,!VJ|CV(B(DoNothing)$B!W$H$J$k$N$GCm0U!#(B

$B!!(BGeneric $B%Q%?!<%s$N>l9g$O8m8!=P$b$"$jF@$k$N$G$3$&$J$C$F$$$k$N$@$=$&$@!#(B Generic $B%Q%?!<%s$G$R$C$+$+$C$?$b$N$O!"8!BN$H$7$FDs=P$7$F$/$@$5$$!#$H!#(B $B;n$7$K(B virustotal $B$d(B Jotti's malware scan $B$K%"%C%W%m!<%I$7$F$_$k$N$b5H$G$7$g$&!#(B

$B"#(B $BDI5-(B

2006 $BG/(B 4 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS06-016 $B$rE,MQ$9$k$H(B unable to open address book. Address book may not be installed correctly $B$H8@$o$l$?$j$9$kOC$,$"$k$=$&$G!"(BKB $B$,=P$^$7$?(B:

$B!!860x$N$[$H$s$I$O!"%"%I%l%9D"$,!"(Bpatch $BE,MQA0$N(B OE $B$G$O8!=P$7$J$$$h$&$J7A$G2u$l$F$$$k$?$a$@$=$&$@!#2r7hJ}K!$H$7$F$O!"(BMS06-016 patch (911567) $B$N%"%s%$%s%9%H!<%k$,<($5$l$F$$$k!#(B($B%"%I%l%9D"$O=$I|$G$-$J$$$H$$$&$3$H(B?)

$B"#(B Microsoft $B%;%-%e%j%F%#(B $B%K%e!<%9%l%?!<(B 2006.04
(Microsoft, 2006.04.26)

$B!!(BDDoS $B$N$B$G!"(BIIJ $B$Nc7F#$5$s$,!"$B$3$N$"$?$j(B$B$K%U%)%m!<$5$l$F$$$k$h$&$G$9!#(B

$B!!(B$BF0E*$J%;%-%e%j%F%#J]8n(B: IE7 $B$N%;%-%e%j%F%#6/2=$N8!>Z(B$B$G$9$+!#$d$C$Q$j(B IE 7 $BF~$l$F$_$k$+$J$"!#(B

$B!!(BMVP $BJ}LL$G$O!"(B$B$O$J$:$-$s$5$s(B$B$,>R2p$5$l$F$$$k!#(B

$B"#(B Juniper Networks SSL-VPN$B%/%i%$%"%s%H(B $B%P%C%U%!%*!<%P!<%U%m!<@H
($B=;>&>pJs%7%9%F%`(B / eEye, 2006.04.27)

$B!!(BJuniper Networks $B$N(B SSL-VPN $B%/%i%$%"%s%H$K7g4Y!#(B JuniperSetup.ocx ActiveX $B%3%s%H%m!<%k$+$iFI$_9~$^$l$k(B JuniperSetupDLL.dll $B$K(B buffer overflow $B$9$k7g4Y$,$"$k$?$a!"96N,(B web $B%Z!<%8$+$iG$0U$N%3!<%I$rpJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!(BJuniper $B$+$i$b(B Advisory $B$,=P$F$$$k(B:

$B!!=$@5HG$,$"$k$N$G%"%C%W%0%l!<%I$9$l$P$h$$LOMM!#(B 

Recommended Actions:
Upgrade the IVE software to any of the following fixed versions:

    * 5.3r2.1
    * 5.2r4.1
    * 5.1r8
    * 5.0r6.1
    * 4.2r8.1

2006.04.29 $BDI5-(B:

$B!!(Bsnort signature $B=P$F$^$9(B: and little flaws in IVE (SANS ISC)

$B"#(B 2006.04.26

$B"#(B IE$B!"(BSafari$B!"(BFirefox$B$K%Q%C%AL$8x3+$N?7$?$J@H
(CNET, 2006.04.26)

$B!!B?J,$3$NOC(B:

2006.04.30 $BDI5-(B:

$B!!(B[Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable$B!#(BSecunia $B$NCf$N?M$K$h$k(B post$B!#(BSecunia $B$NFbIt$G$O96N,%3!<%I$N:n@.$K@.8y$7$F$*$j!"(BMicrosoft $B$K$b(B 2006.04.26 $B$KAwIU:Q$@$=$&$@!#(B

The advisory rating of "Highly critical" and "System access" impact is therefore fully justified.

$B!!$H$$$&$o$1$G!"(BMSIE (mshtml.dll) OBJECT tag vulnerability $B$NOC(B ([SA19762] Internet Explorer "object" Tag Memory Corruption Code Execution, CVE: CVE-2006-1992 ) $B$O$9$3$V$k4m81$JLOMM!#(B

2006.05.03 $BDI5-(B:

$B!!(BFirefox 1.5.0.3 $B$,EP>l$7$^$7$?!#(B Firefox Remote Code Execution and DoS 1.5.0.2 (CVE: CVE-2006-1993) $B$,=$@5$5$l$F$$$^$9!#(B

$B!!(BFirefox $BMxMQ

2006.06.09 $BDI5-(B:

$B!!(BCVE-2006-2218 $B$b!"$@$=$&$G$9!#(B

$B"#(B $B$$$m$$$m(B (2006.04.26)
various()

2006.04.28 $BDI5-(B:

$B!!(BSYM06-008: Symantec Scan Engine Multiple Vulnerabilities $B$NF|K\8lHG(B advisory $B=P$^$7$?(B: SYM06-008: Symantec Scan Engine $B$KJ#?t$N@H ($B%7%^%s%F%C%/(B)$B!#(B

Symantec Scan Engine 5.0 $B$K4X$7$F$O!"F|K\$G$OHNGd$r$7$F$*$j$^$;$s!#(B
Symantec Scan Engine $B%"%C%W%0%l!<%I$O!"%W%i%A%J%`%5%]!<%H7@Ls$N$*5RMM$O(B Platinum Support Web Site $B$+$i!"$^$?%i%$%;%s%97@Ls$N$9$Y$F$N$*5RMM$O(B FileConnect $B$N%=%U%H%&%'%"$N%@%&%s%m!<%I!&%5%$%H$+$iF~

$B"#(B Ethereal 0.99.0 released
(Ethereal.com, 2006.04.26)

$B!!(BEthereal 0.99.0 $BEP>l!#(B $B%j%j!<%9%N!<%H(B$B$K$OBgNL$N(B fix $B$,!#(BCVE: CVE-2006-1932 CVE-2006-1933 CVE-2006-1934 CVE-2006-1935 CVE-2006-1936 CVE-2006-1937 CVE-2006-1938 CVE-2006-1939 CVE-2006-1940

$B"#(B NISCC-144154: DNS $B%W%m%H%3%k$N
(JVN, 2006.04.26)

$B!!J#?t$N(B DNS $B

$B!!0J2

  • DeleGate - 9.0.5 / 8.11.5 $B0JA0$K7g4Y$,$"$j!"(BDoS $B967b$rl9g$K$O!"G$0U$N%3!<%I$N

  • ISC - BIND $B$K7g4Y$,$"$j!"(BDoS $B967b$rTSIG $B$r;H$C$?%>!<%sE>Aw$K$*$$$F!"(B

    1. $B:G=i$N%a%C%;!<%8$G$O@5$7$$(B TSIG
    2. 2 $BHVL\0J9_$N%a%C%;!<%8$G$O2u$l$?(B TSIG

    $B$,6!5k$5$l$k$H!"(Bnamed $B$,0[>o=*N;$7$F$7$^$&!#(BBIND $B$N>-Mh$N%P!<%8%g%s$G=$@5$5$l$kM=Dj!#(B

  • Juniper Networks - JUNOSe $B$K7g4Y$,$"$j!"(B 5-3-5p0-2, 6-0-3p0-6, 6-0-4, 6-1-3p0-1, 7-0-1p0-7, 7-0-2, 7-1-0p0-1, 7-1-1 $B$G=$@5$5$l$F$$$k!#(BJUNOS, ScreenOS $B$K$O7g4Y$O$J$$!#(B

  • $B8E2OEE5$9)6H(B - DNS$B$K4X$9$k@H

  • pdnsd - 1.2.4 $B$G=$@5$5$l$F$$$k!#(B

  • MyDNS - 1.1.0 $B$G=$@5$5$l$F$$$k!#(BFixed a critical denial-of-service vulnerability $B$@$=$&$@(B (from ChangeLog)

2006.05.03 $BDI5-(B:

$B!!(BDNS$B$K4X$9$k@H ($BIY;NDL(B)$B!#(BNetShelter/FW $B%7%j!<%:$K7g4Y$,$"$k$=$&$G$9!#(B

$B"#(B $BDI5-(B

2006 $BG/(B 4 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS06-015 $B$N?7(B patch $B=P$F$^$9!#(B

$B!!(Bpatch $BK\BN$K$OJQ2=$O$J$/!"(BHP $B@=IJ$d(B nVidia $B@=IJ$G$NIT6q9g$r2sHr$9$k$?$a$K!V(Bexception list$B!W$N%l%8%9%H%j$r<+F0E*$K@_Dj$9$k$h$&$K$J$C$?$@$1!#(BKB918165 $B$K$O(B nVidia $B$K4X$9$k%l%8%9%H%j@_Dj$b5-:\$5$l$F$$$k!#(B

$B"#(B 2006.04.25

$B"#(B 2006.04.24

$B"#(B $BDI5-(B

JVN#74294680: Winny $B$K$*$1$k%P%C%U%!%*!<%P!<%U%m!<$N@H

$B!!(BeEye Advisory $BF|K\8lHG=P$^$7$?(B ($B9b66$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B):

$B!!(Bexploit $B$,=P$F$$$k$h$&$G$9!#$^$?!"(BWinnyp v2.0b7.27 $B$G$O=$@5$5$l$F$$$k$h$&$G$9!#(B

$B!!!D!D1-;t$5$s<+?H$K$h$k7hDjHGE*5-;v$,=P$F$$$^$9(B:

$B!!$?$H$($P$3$N$"$?$j(B:

$B!!(BWinny$B$N%j%5!<%A$r3+;O$7$F(B2$BF|8e$K$3$N@Ho$K4JC1$KH/8+$G$-$k$b$N$G$"$j!"$$$DLdBj$,I=LL2=$7$F$b$*$+$7$/$J$$>u67$G$"$k$H;W$$$^$7$?!#(B
$B!!$7$+$b!"6b5o$,(B1$BF|$G(BWinny$B%N!<%I$N<}=8MQ%W%m%0%i%`$r$[$\40@.$5$;!"?t;~4V$G$[$\$9$Y$F$N%N!<%I>pJs$ro$KC;4|4V$G $B!!3+H/p$G=$@5HG$rG[I[$G$-$J$$2DG=@-$,$"$k$K$b$+$+$o$i$:!"8=:_$b?t==K|$N@Hu67$O!"$^$5$K4m5!E*$G$"$k$H46$8$^$7$?!#(B

$B!!$D$^$j!"$=$N5$$K$5$($J$l$P!"$?$H$($P?t==K|Bf5,LO$N(B botnet $B$r$+$s$?$s$K$D$/$l$k!"$H!#(B

eEye$B$G$O!"Fb5,$K$h$jpJsDs6!$rB3$1$?$$$H;W$$$^$9!#(B

$B!!$=$&$$$&$3$H$G$7$?$+!D!D!#(BIPA $B$K:F8=G=NO$,$J$$$H$$$&0UL#$G$OF1$8$J$s$@$m$&$1$I!#(B

$B!!K\@HpJsN.=P;v7o$,H/@8$9$k2DG=@-$,$"$k$H9M$(!"K\@H $B!!$7$+$7!"%Q%C%A$N0lHLDs6!$O!"

$B!!$J$K$7$m!"%=%U%H%&%'%"3+H/

$B%a!<%k!&%=%U%H!V(BThunderbird$B!W$N?7HG$,%j%j!<%9!$%;%-%e%j%F%#!&%[!<%k$r=$@5(B

$B!!(BThunderbird 1.0.8 $B1Q8lHG$,=P$^$7$?!#F|K\8lHG$O$^$@$G$9!#(B

Known Vulnerabilities in Mozilla Products: Fixed in Firefox 1.5.0.2

$B!!(BFirefox 1.0.8$B!"(BThunderbird 1.5.0.2 / 1.0.8$B!"(BMozilla 1.7.13 $B=P$F$^$9!#(B

$B!!(BFirefox 1.0.8 $B$H(B Thunderbird 1.5.0.2 $B$OF|K\8lHG$b=P$F$^$9!#(B Thunderbird 1.0.8 $B$O$^$@$G$9$,!"F|K\8lHG$bEP>l$9$kM=Dj$N$h$&$G$9!#(B Mozilla 1.7.13 $B$K$D$$$F$b(B$BF|K\8lHG$N:n6H$,?J$a$i$l$F$$$k$=$&$G$9(B ($B%"%$%t%!!<%s$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)

$B!!(BThunderbird $B$K$D$$$F$O(B $B$3$A$i$N5-;v$b;2>H(B$B!#(B

$B"#(B 2006.04.23

$B"#(B $BDI5-(B

JVN#74294680: Winny $B$K$*$1$k%P%C%U%!%*!<%P!<%U%m!<$N@H

$B!!(BeEye $B$+$i(B Advisory $B=P$^$7$?(B:

$B!!$I$l$I$l!D!D(B

We can pass a long string argument with some commands into a heap buffer. There is no checking of the length of this input. Depending on the input, this strcpy() will cause one of the following exploitable conditions:

(1) 0052290A mov dword ptr [edx],eax ; We can control both of EDX and EAX
(2) 00406011 call dword ptr [ebx+0ch] ; We can control EBX

In both cases, we confirmed the ability to execute our own code. This is a common heap overflow vulnerability and can be exploited easily.

$B!!$J!"$J$s$@$C$F!can be exploited easily $B$@$=$&$G$9$h1|$5$s(B! $B0lHLO@$I$3$m$NOC$8$c$J$$!#(B

4/11/2006: IPA responds to our notice. The author of Winny insists that code execution is impossible. We choose to continue to work with the IPA and send additional detailed information about this heap overflow and how heap overflows are exploited.

$B!!(BIPA $B$d(B JVN $B$O>\:Y$rCN$C$F$$$k$K$b$+$+$o$i$:8mJs$rN.$7$F$k$C$F$3$H$J$N$+(B? IPA $B$K$O!"(B$B@HpJsN.DLBN@)(B$B$K$*$$$F

$B"#(B 2006.04.21

$B"#(B JVN#74294680: Winny $B$K$*$1$k%P%C%U%!%*!<%P!<%U%m!<$N@H
(JVN, 2006.04.21)

$B!!(BWinny 2.0 b7.1 $B0JA0$K7g4Y!#96N,%Q%1%C%H$K$h$C$F(B buffer overflow $B$,H/@8$9$k$?$a!"(Bremote $B$+$i(B Winny $B$r0[>o=*N;$5$;$k$3$H$,2DG=!#Js9p

$B#W#i#n#n#y$N@):n $B;d<+?H$O!"=tHL$NET9g$K$h$j!"#W#i#n#n#y$N%"%C%W%G!<%H$*$h$S(B $B@HZ$,:$Fq$J>u67$K$"$j$^$9!#(B

$B!!$H$$$&$o$1$G(B patch $B$O:#$N$H$3$mB8:_$7$J$$!#(B $B8x8"NO$K$h$C$F%;%-%e%j%F%#@H

$B!!$H$3$m$G!"(BJVN $BE*$K$O$"$/$^$G!V0[>o=*N;!W$K;_$^$C$F$$$k$N$G$9$,!"(BIPA ISEC $B$O!"(B $B!V(BWinny$B!J%&%#%K!e$NLdBj2U=j!J@H$B!W$K$*$$$F(B

$B0lHLE*$K!"%P%C%U%!%*!<%P!<%U%m!<$N@Ho$JF0:nDd;_$d!"%&%$%k%9$N46@w9TF0!"%9%Q%$%&%'%"$d%\%C%H$H$$$C$?IT@5%W%m%0%i%`$N%$%s%9%H!<%k$J$I$,9T$o$l$k2DG=@-$,$"$j$^$9!#(B

$B$HHt$P$7$^$/$j$G$9!#$*$^$1$K!"(B

$B3+H/

$B!!0lJ}$G3+H/$rCf;_$5$;$F$*$-$J$,$i!"$b$&0lJ}$G!V3+H/

2006.04.23 $BDI5-(B:

$B!!(BeEye $B$+$i(B Advisory $B=P$^$7$?(B:

$B!!$I$l$I$l!D!D(B

We can pass a long string argument with some commands into a heap buffer. There is no checking of the length of this input. Depending on the input, this strcpy() will cause one of the following exploitable conditions:

(1) 0052290A mov dword ptr [edx],eax ; We can control both of EDX and EAX
(2) 00406011 call dword ptr [ebx+0ch] ; We can control EBX

In both cases, we confirmed the ability to execute our own code. This is a common heap overflow vulnerability and can be exploited easily.

$B!!$J!"$J$s$@$C$F!can be exploited easily $B$@$=$&$G$9$h1|$5$s(B! $B0lHLO@$I$3$m$NOC$8$c$J$$!#(B

4/11/2006: IPA responds to our notice. The author of Winny insists that code execution is impossible. We choose to continue to work with the IPA and send additional detailed information about this heap overflow and how heap overflows are exploited.

$B!!(BIPA $B$d(B JVN $B$OCN$C$F$$$k$K$b$+$+$o$i$:8mJs$rN.$7$F$k$C$F$3$H$J$N$+(B? IPA $B$K$O!"(B$B@HpJsN.DLBN@)(B$B$K$*$$$F

2006.04.24 $BDI5-(B:

$B!!(BeEye Advisory $BF|K\8lHG=P$^$7$?(B ($B9b66$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B):

$B!!(Bexploit $B$,=P$F$$$k$h$&$G$9!#$^$?!"(BWinnyp v2.0b7.27 $B$G$O=$@5$5$l$F$$$k$h$&$G$9!#(B

$B!!1-;t$5$s<+?H$K$h$k7hDjHGE*5-;v$,=P$F$$$^$9(B:

$B!!$?$H$($P$3$N$"$?$j(B:

$B!!(BWinny$B$N%j%5!<%A$r3+;O$7$F(B2$BF|8e$K$3$N@Ho$K4JC1$KH/8+$G$-$k$b$N$G$"$j!"$$$DLdBj$,I=LL2=$7$F$b$*$+$7$/$J$$>u67$G$"$k$H;W$$$^$7$?!#(B
$B!!$7$+$b!"6b5o$,(B1$BF|$G(BWinny$B%N!<%I$N<}=8MQ%W%m%0%i%`$r$[$\40@.$5$;!"?t;~4V$G$[$\$9$Y$F$N%N!<%I>pJs$ro$KC;4|4V$G $B!!3+H/p$G=$@5HG$rG[I[$G$-$J$$2DG=@-$,$"$k$K$b$+$+$o$i$:!"8=:_$b?t==K|$N@Hu67$O!"$^$5$K4m5!E*$G$"$k$H46$8$^$7$?!#(B

$B!!$D$^$j!"$=$N5$$K$5$($J$l$P!"$?$H$($P?t==K|Bf5,LO$N(B botnet $B$r$+$s$?$s$K$D$/$l$k!"$H!#(B

eEye$B$G$O!"Fb5,$K$h$jpJsDs6!$rB3$1$?$$$H;W$$$^$9!#(B

$B!!$=$&$$$&$3$H$G$7$?$+!D!D!#(BIPA $B$K:F8=G=NO$,$J$$$H$$$&0UL#$G$OF1$8$J$s$@$m$&$1$I!#(B

$B!!K\@HpJsN.=P;v7o$,H/@8$9$k2DG=@-$,$"$k$H9M$(!"K\@H $B!!$7$+$7!"%Q%C%A$N0lHLDs6!$O!"

$B!!$J$K$7$m!"%=%U%H%&%'%"3+H/

$B"#(B $BDI5-(B

Oracle Critical Patch Update - April 2006

$B!!F|K\8lHG=P$^$7$?!#(Bhttp://otn.oracle.co.jp/security/ $B$r;2>H!#(B

$B$$$m$$$m(B (2006.02.25)

$B!!(BSquirrelMail $BOC4XO"(B: JVN#83263796: SquirrelMail $B$K$*$1$k%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H (JVN)

2006 $BG/(B 4 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS06-015 $B$N7o!"(BMSRC blog $B$KB3Js$,=P$F$$$^$9(B:

  • More information on the MS06-015 issue (MSRC blog, 2006.04.21)

    Up until now there have been several solutions: Upgrade to the newest version of the affected software, a manual registry key fix, uninstall the third party software (NVIDIA Drivers versions 61.94 and prior or the Hewlett Packard Share-to-web software) or uninstall the update.

    $BIT6q9g$N=P$k(B nVidia $B%I%i%$%P!<$O(B 61.94 $B0JA0$@$=$&$G$9!#(B

    So what we have done is re-engineered the MS06-015 update to avoid the conflict altogether with the older Hewlett Packard and NVIDIA software. We're going to run a test pass on it and we will release this new update on Tuesday, April 25th. What the new update essentially does is simply add the affected third party software to an "exception list" so that the problem does not occur. The revised update automates the manual registry key fix.

    4/25 $B$K(B patch $B$N?7HG$,=P$k$=$&$G$9!#LdBj$NH/@8$9$k(B 3rd party $B%=%U%H$K$D$$$F$O!V(Bexception list$B!W$KEPO?$9$k!"$G$9$+!#(B exception list $B$H$$$&8@MU$O(B KB918165 $B$K$O$J$$$N$G$9$,!D!D!#(B

    $B!D!D(B MS06-015 $B$,2~D{$5$l$F$^$7$?!#(B

    $B99?7$5$l$?%;%-%e%j%F%#99?7%W%m%0%i%`$K$O:G=i$N%;%-%e%j%F%#99?7%W%m%0%i%`$K4^$^$l$F$$$?%P%$%J%j$KBP$9$kJQ99$O$"$j$^$;$s!#99?7$5$l$?%;%-%e%j%F%#99?7%W%m%0%i%`$O%^%$%/%m%=%U%H(B $B%5%]!<%H5;=Q>pJs(B 918165 $BF1MM$K!"0J2<$N0lMw$N%(%s%H%j$rDI2C$7$^$9!#(B

    HP Share-to-Web
    {A4DF5659-0801-4A60-96071C48695EFDA9}
    NVIDIA $B%0%i%U%#%C%/(B $B%I%i%$%P(B
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
    {1CDB2949-8F65-4355-8456-263E7C208A5D}

    KB918165 $B$N%l%8%9%H%j@_Dj$,!V(Bexception list$B!W$@$H$$$&$3$H$+!#(B

$B"#(B 2006.04.20

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B $BDI5-(B

$B%a!<%k!&%=%U%H!V(BThunderbird$B!W$N?7HG$,%j%j!<%9!$%;%-%e%j%F%#!&%[!<%k$r=$@5(B

$B!!(B1.5.0.2 $BEP>l$7$F$$$^$9(B: ftp.osuosl.org$B!#(B 1.5 $BF|K\8lHG$G!V%=%U%H%&%'%"$N99?7!W$r;n$7$F$_$?$i!"!V@\B3$,%?%$%`%"%&%H$7$^$7$?!W$H8@$o$l$F$7$^$C$?!#(B

$B$$$m$$$m(B (2006.04.19)

$B!!(BFreeBSD $B$N(B AMD $BOC(B (FreeBSD-SA-06:14.fpu) $B$N$D$E$-!#(B

$B"#(B 2006.04.19

$B"#(B $B$$$m$$$m(B (2006.04.19)
(various)

2006.04.20 $BDI5-(B:

$B!!(BFreeBSD $B$N(B AMD $BOC(B (FreeBSD-SA-06:14.fpu) $B$N$D$E$-!#(B

2006.05.15 $BDI5-(B:

$B!!(B[SA19599] PHP "phpinfo()" Cross-Site Scripting and Security Bypass $B$O(B PHP 5.1.3 $B0J9_$GD>$C$F$$$^$9!#(B

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2006.04.18)

$B!!(BLiveUpdate $BOC!"F|K\8lHG=P$^$7$?(B: SYM06-007: Symantec LiveUpdate for Macintosh $B$K%m!<%+%k$G$N8"8B>:3J$N@H ($B%7%^%s%F%C%/(B)

$B"#(B $B%a!<%k!&%=%U%H!V(BThunderbird$B!W$N?7HG$,%j%j!<%9!$%;%-%e%j%F%#!&%[!<%k$r=$@5(B
($BF|7P(B IT Pro, 2006.04.19)

$B!!(BRelease notes $B$@$1FI$s$G=q$$$F$7$^$$$^$7$?7O$N5-;v!#(B

$B!Z(B4$B7n(B19$BF|DI5-![(BMozilla Japan$B$K$h$k$H!$!V(BThunderbird release notes$B!W$K$O!V(BRelease Date: April 18, 2006$B!W$H5-:\$5$l$F$$$k$b$N$N!$%j%j!<%9F|;~$OJF9q;~4V(B4$B7n(B19$BF|Ck!JF|K\;~4V(B4$B7n(B20$BF|D+!K$K1d4|$5$l$?$H$$$&!#$3$N$?$a!$%P!<%8%g%s(B 1.5.0.2$B$O8=;~E@!JF|K\;~4V(B4$B7n(B19$BF|!K$G$OL$8x3+!#JF9q;~4V(B4$B7n(B19$BF|Ck!JF|K\;~4V(B4$B7n(B20$BF|D+!K$K$O!$1Q8lHG$HF1;~$KF|K\8lHG$J$I$b8x3+$5$l$kM=Dj$G$"$k!#!Z0J>e!$(B4$B7n(B19$BF|DI5-![(B

$B!!$H$$$&$o$1$G!"L@F|=P$k$h$&$G$9!#(B

2006.04.20 $BDI5-(B:

$B!!(B1.5.0.2 $BEP>l$7$F$$$^$9(B: ftp.osuosl.org$B!#(B 1.5 $BF|K\8lHG$G!V%=%U%H%&%'%"$N99?7!W$r;n$7$F$_$?$i!"!V@\B3$,%?%$%`%"%&%H$7$^$7$?!W$H8@$o$l$F$7$^$C$?!#(B

2006.04.24 $BDI5-(B:

$B!!(BThunderbird 1.0.8 $B1Q8lHG$,=P$^$7$?!#F|K\8lHG$O$^$@$G$9!#(B

$B"#(B JP1/$BHkJ8!!%7%^%s%F%C%/
($BF|N)(B, 2006.04.18)

$B!!(BSymEvent $B%U%!%$%k$N%P!<%8%g%s(B$B$,(B 12.0.0.21 $B$N$H$-$K!"LdBj$,H/@8$9$k$=$&$@!#(B

(b) LiveUpdate$B$r
  • Norton AntiVirus 2006
  • Norton Internet Security 2006
  • Norton SystemWorks 2006
  • Norton Personal Firewall 2006

    • $B!!$3$&$$$&$N$O$d$C$+$$$@$J$"!D!D!#(B

    2006.05.23 $BDI5-(B:

    $B!!Bh(B 2 $BJs=P$^$7$?(B:

    $B!!(BSymEvent $B%U%!%$%k$r(B 12.0.3.1 $B$K99?7$9$l$P$h$$$=$&$G$9!#(B

    $B"#(B Oracle Critical Patch Update - April 2006
    (Oracle, 2006.04.18)

    $B!!(B2006 $BG/(B 4 $B7nHG(B Oracle patch $B=P$^$7$?!#(B

    $B!!(BSANS ISC $B$N5-;v(B $B$K(B Of interest is the updated version of password checking utility (Oracle Default Password Scanner) that was originally released in January $B$H=q$+$l$F$$$k$N$G(B Oracle Critical Patch Update - April 2006 $B$r$h$/8+$F$_$k$H!"$3$l$G$9$+!#(B

    Default Account and Password Checking Utility

    The password checking utility announced in the January 2006 Critical Patch Update has been significantly updated and renamed. The Oracle Default Password Scanner assists customers with securing Oracle-provided default database schema accounts that use default passwords. The MetaLink article titled Frequently Asked Questions about Oracle Default Password Scanner (MetaLink Note 361482.1) provides detailed information for this utility, including instructions for downloading the utility and its accompanying documentation, the Oracle Default Password Scanner User's Guide.

    2006.04.21 $BDI5-(B:

    $B!!F|K\8lHG=P$^$7$?!#(Bhttp://otn.oracle.co.jp/security/ $B$r;2>H!#(B

    $B"#(B 2006.04.18

    $B"#(B $B$$$m$$$m(B (2006.04.18)
    (various)

    2006.04.19 $BDI5-(B:

    $B!!(BLiveUpdate $BOC!"F|K\8lHG=P$^$7$?(B: SYM06-007: Symantec LiveUpdate for Macintosh $B$K%m!<%+%k$G$N8"8B>:3J$N@H ($B%7%^%s%F%C%/(B)

    $B"#(B $BDI5-(B

    DHTML $BJT=8%3%s%]!<%M%s%H$N(B Active X $B%3%s%H%m!<%k$N@H

    $B!!$3$N(B patch $B$rE,MQ$9$k$H!"(BWindows XP / Server 2003 $B$GI{:nMQ$,H/@8$9$k$3$H$,$"$kLOMM(B:

    $B!!(BKB896180 $B1Q8lHG(B $B$K$h$k$H!"M-=~%5%]!<%H$+$i$5$i$J$k=$@5%W%m%0%i%`$rF~

    2006 $BG/(B 4 $B7n$N%;%-%e%j%F%#>pJs(B

    $B!!(BMS06-015 patch $B$H(B nVidia $B%I%i%$%P!<$N7o!"(BMSRC blog $B$K5-:\$5$l$F$$$^$9!#(B

    • Update to the MS06-015 issue. (MSRC blog, 2006.04.18)

      Turns out that under certain circumstances, changes introduced in MS06-015 could cause an application to stop responding during specific interactions with older versions of Hewlett Packard's $B!H(BShare-to-web$B!I(B software utility, or older NVIDIA video card drivers. In the case of the Hewlett Packard software, their new version known as $B!H(BHP Image Zone Version 5$B!I(B is not affected. Neither are the most recent NVIDIA graphics card drivers.

      $B8E$$(B nVidia $B%I%i%$%P!<$O$@$a$J$3$H$,$"$k$h$&$G$9$M!#(B nVidia $B$b(B HP $B$N$b!":G?7$O$@$$$8$g$&$V!#(B nVidia$B!"$I$N$/$i$$8E$$$H$@$a$J$N$+$,$$$^$$$AITL@$G$9$,!D!D!#(B

    SAVCE 10.0.2 MR2 MP1$B!"(BSCS 3.0.2 MR2 MP1 $B8x3+Cf;_$N$*CN$i$;(B

    $B!!(B4/14 $BIU$G?7HG$,8x3+$5$l$?$h$&$G$9(B: SAVCE 10.0.2 MR2 MP1$B!"(BSCS 3.0.2 MR2 MP1 $B8x3+Cf;_$N$*CN$i$;!J(B2006$BG/(B4$B7n(B14$BF|99?7!K(B $B$h$j(B:

    $B%7%^%s%F%C%/$O!"$3$NLdBj$r=$@5$7$?(B MR2 MP1/MR2 MP2 $B$r%j%j!<%9$7$^$7$?!#:G?7HG$N%7%^%s%F%C%/%(%s%?!<%W%i%$%:@=IJ$NF~H$/$@$5$$!#(B
    $B%7%^%s%F%C%/(B $B%(%s%?!<%W%i%$%:@=IJ$N:G?7%P!<%8%g%s$NF~

    $B"#(B 2006.04.17

    $B"#(B JVN#35274905$B!'(B $B!V(BFreeStyleWiki$B!W$K$*$1$k%/%m%9%5%$%H!&%9%/%j%W%F%#%s%0$N@H
    (IPA ISEC, 2006.04.17)

    $B!!(BFreeStyleWiki 3.5.10 $B0JA0$K(B XSS $B7g4Y$,$"$j!"(BWiki $B$KG$0U$N%9%/%j%W%H$rKd$a9~$a$k!#(B FreeStyle Wiki 3.5.11 $B$G=$@5$5$l$F$$$k!#(B

    $B"#(B $BDI5-(B

    KB912945: Internet Explorer ActiveX update

    $B!!(BMS06-013 $B=P$^$7$?!#(B

    $B!!$"$H!"(BWeb $B%5%$%HB&$NBP1~$K4X$9$k%j%=!<%9(B:

    Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (912812) (MS06-013)

    $B!!I{:nMQJ}LL(B:

    2006 $BG/(B 4 $B7n$N%;%-%e%j%F%#>pJs(B

    $B!!(BMS06-015 $BI{:nMQ$N7o!"(BKB $B=P$^$7$?(B:

    $B!!(BHP $B$b$N$NB>!"(BKerio Personal Firewall $B$G$bLdBj$,H/@8$9$k$=$&$G!#(B

    $B"#(B 2006.04.15

    $B"#(B $BDI5-(B

    2006 $BG/(B 4 $B7n$N%;%-%e%j%F%#>pJs(B

    $B!!(BMicrosoft Update$B$7$?$H$-$K(Bage$B$k%9%l(B 24$B$+$i$?$I$C$?%Z!<%8$K!"(BMS06-015 patch $B$H(B HP $B$N(B hpgs2wnd.exe $B$d(B hpgs2wnf.exe $B$GIT6q9g$K$J$kOC$,(B:

    $B!!>e5-(B 2ch.net $B%9%l$K$O(B nVidia $B%I%i%$%P!<$H$$$&OC$b=P$F$/$k$,!"$$$^$$$AN"$,

    $B!!$"$H!"(BMDAC $B$N%;%-%e%j%F%#=$@5$K$D$$$F$h$/$^$H$^$C$?>pJs$,=P$F$^$9(B:

    $B"#(B 2006.04.14

    $B"#(B $BDI5-(B

    Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (912812) (MS06-013)

    $B!!!V$$$o$f$k(B CSSXSS $B@H

    $B!!$"$H!"I{:nMQJ}LL(B:

    $B"#(B Known Vulnerabilities in Mozilla Products: Fixed in Firefox 1.5.0.2
    (mozilla.org, 2006.04.14)

    $B!!(BFirefox 1.5.0.2 $BEP>l(B ($B%@%&%s%m!<%I(B)$B!#(BFirefox 1.5 $B0J9_$J$i!"(B[$B%X%k%W(B] $B%a%K%e!<$N(B [$B%=%U%H%&%'%"$N99?7$r3NG'(B...] $B$+$i99?7$G$-$k!#(B 8 $B

    $B!!(BFirefox 1.0.8 $B$H(B Seamonkey 1.0.1 $B$bEP>l$7$F$$$k$h$&$@(B (ana-log $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)$B!#(BThunderbird 1.5.0.2 / 1.0.8 $B$O$^$@=P$F$$$J$$$HM}2r$7$F$$$$$N$+$J!#(B

    $B!!$J$*!"(BFirefox 1.0.x, Thunderbird 1.0.x, Mozilla 1.7.x $B$OBG$A$I$a$@$=$&$G$9!#(B ana-log $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

    2006.04.24 $BDI5-(B:

    $B!!(BFirefox 1.0.8$B!"(BThunderbird 1.5.0.2 / 1.0.8$B!"(BMozilla 1.7.13 $B=P$F$^$9!#(B

    $B!!(BFirefox 1.0.8 $B$H(B Thunderbird 1.5.0.2 $B$OF|K\8lHG$b=P$F$^$9!#(B Thunderbird 1.0.8 $B$O$^$@$G$9$,!"F|K\8lHG$bEP>l$9$kM=Dj$N$h$&$G$9!#(B Mozilla 1.7.13 $B$K$D$$$F$b(B$BF|K\8lHG$N:n6H$,?J$a$i$l$F$$$k$=$&$G$9(B ($B%"%$%t%!!<%s$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)

    $B!!(BThunderbird $B$K$D$$$F$O(B $B$3$A$i$N5-;v$b;2>H(B$B!#(B

    $B"#(B $B$$$m$$$m(B
    (various)

    $B"#(B 2006.04.13

    $B"#(B $B$$$m$$$m(B
    (various)

    $B"#(B 2006 $BG/(B 4 $B7n$N%;%-%e%j%F%#>pJs(B
    (Microsoft, 2006.04.12)

    Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (912812) (MS06-013)

    $B!!:GBg?<9oEY(B : $B6[5^(B

    $B!!(BCVE: CVE-2006-1359 CVE-2006-1245 CVE-2006-1388 CVE-2006-1185 CAN-2006-1186 CVE-2006-1188 CVE-2006-1189 CVE-2006-1190 CVE-2006-1191 CVE-2006-1192

    Microsoft Data Access Components (MDAC) $B$N5!G=$N@H

    $B!!:GBg?<9oEY(B : $B6[5^(B

    $B!!(BCVE: CVE-2006-0003

    Windows $B%(%/%9%W%m!<%i$N@H

    $B!!:GBg?<9oEY(B : $B6[5^(B

    $B!!(BCVE: CVE-2006-0012

    Outlook Express $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (911567) (MS06-016)

    $B!!:GBg?<9oEY(B : $B=EMW(B

    $B!!(BCVE: CVE-2006-0014

    Microsoft FrontPage Server Extensions $B$N@H

    $B!!:GBg?<9oEY(B : $B7Y9p(B

    $B!!(BCVE: CVE-2006-0015

    $B!!(B2ch.net $B$r8+$k$H!"(BMS06-015 $B$K4X$9$kIT6q9g$,;68+$5$l$k$h$&$@!#(B $BAj@-$N0-$$(B 3rd party $B%W%m%0%i%`$,$"$k$N$+$J!#(B

    2006.04.15 $BDI5-(B:

    $B!!(BMicrosoft Update$B$7$?$H$-$K(Bage$B$k%9%l(B 24$B$+$i$?$I$C$?%Z!<%8$K!"(BMS06-015 patch $B$H(B HP $B$N(B hpgs2wnd.exe $B$d(B hpgs2wnf.exe $B$GIT6q9g$K$J$kOC$,(B:

    $B!!>e5-(B 2ch.net $B%9%l$K$O(B nVidia $B%I%i%$%P!<$H$$$&OC$b=P$F$/$k$,!"$$$^$$$AN"$,

    $B!!$"$H!"(BMDAC $B$N%;%-%e%j%F%#=$@5$K$D$$$F$h$/$^$H$^$C$?>pJs$,=P$F$^$9(B:

    2006.04.17 $BDI5-(B:

    $B!!(BMS06-015 $BI{:nMQ$N7o!"(BKB $B=P$^$7$?(B:

    $B!!(BHP $B$b$N$NB>!"(BKerio Personal Firewall $B$G$bLdBj$,H/@8$9$k$=$&$G!#(B

    2006.04.18 $BDI5-(B:

    $B!!(BMS06-015 patch $B$H(B nVidia $B%I%i%$%P!<$N7o!"(BMSRC blog $B$K5-:\$5$l$F$$$^$9!#(B

    • Update to the MS06-015 issue. (MSRC blog, 2006.04.18)

      Turns out that under certain circumstances, changes introduced in MS06-015 could cause an application to stop responding during specific interactions with older versions of Hewlett Packard's $B!H(BShare-to-web$B!I(B software utility, or older NVIDIA video card drivers. In the case of the Hewlett Packard software, their new version known as $B!H(BHP Image Zone Version 5$B!I(B is not affected. Neither are the most recent NVIDIA graphics card drivers.

      $B8E$$(B nVidia $B%I%i%$%P!<$O$@$a$J$3$H$,$"$k$h$&$G$9$M!#(B nVidia $B$b(B HP $B$N$b!":G?7$O$@$$$8$g$&$V!#(B nVidia$B!"$I$N$/$i$$8E$$$H$@$a$J$N$+$,$$$^$$$AITL@$G$9$,!D!D!#(B

    2006.04.21 $BDI5-(B:

    $B!!(BMS06-015 $B$N7o!"(BMSRC blog $B$KB3Js$,=P$F$$$^$9(B:

    • More information on the MS06-015 issue (MSRC blog, 2006.04.21)

      Up until now there have been several solutions: Upgrade to the newest version of the affected software, a manual registry key fix, uninstall the third party software (NVIDIA Drivers versions 61.94 and prior or the Hewlett Packard Share-to-web software) or uninstall the update.

      $BIT6q9g$N=P$k(B nVidia $B%I%i%$%P!<$O(B 61.94 $B0JA0$@$=$&$G$9!#(B

      So what we have done is re-engineered the MS06-015 update to avoid the conflict altogether with the older Hewlett Packard and NVIDIA software. We're going to run a test pass on it and we will release this new update on Tuesday, April 25th. What the new update essentially does is simply add the affected third party software to an "exception list" so that the problem does not occur. The revised update automates the manual registry key fix.

      4/25 $B$K(B patch $B$N?7HG$,=P$k$=$&$G$9!#LdBj$NH/@8$9$k(B 3rd party $B%=%U%H$K$D$$$F$O!V(Bexception list$B!W$KEPO?$9$k!"$G$9$+!#(Bexception list $B$H$$$&8@MU$O(B KB918165 $B$K$O$J$$$N$G$9$,!D!D!#(B

      $B!D!D(B MS06-015 $B$,2~D{$5$l$F$^$7$?!#(B

      $B99?7$5$l$?%;%-%e%j%F%#99?7%W%m%0%i%`$K$O:G=i$N%;%-%e%j%F%#99?7%W%m%0%i%`$K4^$^$l$F$$$?%P%$%J%j$KBP$9$kJQ99$O$"$j$^$;$s!#99?7$5$l$?%;%-%e%j%F%#99?7%W%m%0%i%`$O%^%$%/%m%=%U%H(B $B%5%]!<%H5;=Q>pJs(B 918165 $BF1MM$K!"0J2<$N0lMw$N%(%s%H%j$rDI2C$7$^$9!#(B

      HP Share-to-Web
      {A4DF5659-0801-4A60-96071C48695EFDA9}
      NVIDIA $B%0%i%U%#%C%/(B $B%I%i%$%P(B
      {1E9B04FB-F9E5-4718-997B-B8DA88302A47}
      {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
      {1CDB2949-8F65-4355-8456-263E7C208A5D}

      KB918165 $B$N%l%8%9%H%j@_Dj$,!V(Bexception list$B!W$@$H$$$&$3$H$+!#(B

    2006.04.26 $BDI5-(B:

    $B!!(BMS06-015 $B$N?7(B patch $B=P$F$^$9!#(B

    $B!!(Bpatch $BK\BN$K$OJQ2=$O$J$/!"(BHP $B@=IJ$d(B nVidia $B@=IJ$G$NIT6q9g$r2sHr$9$k$?$a$K!V(Bexception list$B!W$N%l%8%9%H%j$r<+F0E*$K@_Dj$9$k$h$&$K$J$C$?$@$1!#(BKB918165 $B$K$O(B nVidia $B$K4X$9$k%l%8%9%H%j@_Dj$b5-:\$5$l$F$$$k!#(B

    2006.04.27 $BDI5-(B:

    $B!!(BMS06-016 $B$rE,MQ$9$k$H(B unable to open address book. Address book may not be installed correctly $B$H8@$o$l$?$j$9$kOC$,$"$k$=$&$G!"(BKB $B$,=P$^$7$?(B:

    $B!!860x$N$[$H$s$I$O!"%"%I%l%9D"$,!"(Bpatch $BE,MQA0$N(B OE $B$G$O8!=P$7$J$$$h$&$J7A$G2u$l$F$$$k$?$a$@$=$&$@!#2r7hJ}K!$H$7$F$O!"(BMS06-016 patch (911567) $B$N%"%s%$%s%9%H!<%k$,<($5$l$F$$$k!#(B($B%"%I%l%9D"$O=$I|$G$-$J$$$H$$$&$3$H(B?)

    2006.06.09 $BDI5-(B:

    $B!!(BWindows MDAC$B$N@H (ITmedia, 2006.06.09)$B!#(B MS06-014 $B$N96N,%3!<%I$@$=$&$G!#(B

    2006.06.09 $BDI5-(B:

    $B!!7k6I!"(BWindows $B%(%/%9%W%m!<%i$N@H $B$N(B Windows 9x / Me $BMQ(B patch $B$ODs6!$5$l$J$$!D!D$H$$$&$+!"Ds6!$G$-$J$$$N$@$=$&$G!#(B

    Microsoft Windows 98$B!"(BMicrosoft Windows 98 Second Edition (SE) $B$*$h$S(B Microsoft Windows Millennium Edition (ME) $B$,1F6A$r
    Windows 2000 $B$N3+H/$N:]$K!"(BWindows $B%(%/%9%W%m!<%i$N4pK\$N%"!<%-%F%/%A%c$KBP$7$FCx$7$$6/2=$,9T$J$o$l$^$7$?!#(BMicrosoft Windows 98$B!"(BMicrosoft Windows 98 Second Edition (SE) $B$*$h$S(B Microsoft Windows Millennium Edition (ME) $B$N(B Windows $B%(%/%9%W%m!<%i$N%"!<%-%F%/%A%c$O:G?7$N(B Windows $B$N%"!<%-%F%/%A%c$KHf$Y$F6/8G$J$b$N$G$O$"$j$^$;$s!#$3$N4pK\E*$JAj0c$N$?$a$K!"%^%$%/%m%=%U%H$,I}9-$$D4::$r9T$C$?$H$3$m!"(BMicrosoft Windows 98$B!"(BMicrosoft Windows 98 Second Edition (SE) $B$*$h$S(B Microsoft Windows Millennium Edition (ME) $B>e$N(B Windows $B%(%/%9%W%m!<%i$KI,MW$JJQ99$r$5$i$K9T$J$&$3$H$,$7$NEXNO$r9T$J$C$?8e!"$3$l$i$N%W%i%C%H%U%)!<%`$GZ$,$"$j$^$;$s!#(B

    $B!!(B2 $B$+7n$b7P$C$F$+$i!"$=$s$J$3$H8@$o$l$F$b$J$"!#:G=i$+$i$o$+$C$?>e$GL[$C$F$?$s$8$c$J$$$N(B?

    2006.06.12 $BDI5-(B:

    $B!!(BMS06-015 Fiasco, Chapter Three (securiteam blog, 2006.06.11)

    2006.06.21 $BDI5-(B:

    $B!!(B917783 - FIX: Internet Explorer does not enable ActiveX controls that are dynamically inserted into an HTML page by a binary behavior after you install security update MS06-013 (Microsoft)$B!#(BMS06-013 patch $B$K(B binary behavior $B$,$i$_$NIT6q9g$,$"$C$?$h$&$G!"(Bhotfix $B$,$"$k$=$&$G$9!#$G$b!"(B Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (916281) (MS06-021) $B$N(B patch $B$NJ}$,%P!<%8%g%s$,>e$J$N$G!"$=$A$i$rF~$l$l$P$$$$$s$8$c$J$$$N$+$J$"!#(B

    $B"#(B 2006.04.12

    $B"#(B Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (912812) (MS06-013)
    (Microsoft, 2006.04.12)

    $B!!(BCVE $B0lMw(B:

    $B"#(B Hacking Network Printers (Mostly HP JetDirects, but a little info on the Ricoh Savins)
    (IRONgeek, last update: 2006.04.10 (info from tessy$B$NF|5-(B))

    $B!!%M%C%H%o!<%/%W%j%s%?$G$G$-$k!"$"$s$J$3$H$d$3$s$J$3$H$N2r@b!#(B Media $B%;%/%7%g%s(B$B$K$O!"(BNotacon 2006 $B$G$N%W%l%<%s%S%G%*$d%9%i%$%I$J$I$b$"$k!#(B

    $B!!FI$_$b$NIw$N$b$N$,$[$7$$8~$-$K$O!"(B$B%9%F%#!<%j%s%0!&%6!&%M%C%H%o!<%/(B $B$NBh(B 4 $B>O!VIT;W5D$J%M%C%H%o!<%/$N9q$N(Bh3X$B!W$,$$$$$+$b!#$J$K$7$m(B FX $B;a$,=q$$$F$$$^$9$7!#(B

    $B"#(B 2006.04.11

    $B"#(B $B$$$m$$$m(B
    (various)

    $B"#(B 2006.04.10

    $B"#(B HP$B$N%W%j%s%?$K>pJsN.=P$N@H
    (ITmedia, 2006.04.07)

    $B!!$3$NOC(B:

    $B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#(B

    $B"#(B 2006.04.08

    $B"#(B 2006.04.07

    $B"#(B 4 $B7n$N%j%j!<%9M=Dj(B
    ($BF|K\$N%;%-%e%j%F%#%A!<%`$N(B Blog, 2006.04.07)

    $B!!(BWindows x 4 ($B:GBg(B: $B6[5^(B) + Windows / Office x 1 ($B:GBg(B: $B7Y9p(B)$B!#(B

    $B:#7n$O!"4{Js$NDL$j!"%;%-%e%j%F%#%"%I%P%$%6%j(B 917077 $B$G8@5Z$7$F$$$k(B "CreateTextRange" $B$N@H
    $B$^$?!"$3$N(B Internet Explorer $B$N99?7$K$O!"(BKB 912945 $B$G@bL@$7$F$$$k(B ActiveX $B$K4X$9$k@Hl9g$O!"(BCompatibility Patch $B$r%@%&%s%m!<%I%;%s%?!<$+$iF~l9g$O!"I,$:%;%-%e%j%F%#>pJs$N7Y9pMs$KL\$rDL$7$F$+$iE83+$9$k$3$H$r$*4+$a$7$^$9!#(B

    $B!!$H$$$&$3$H$G!"(B

    • security only $B$J>l9g$G$b(B IE ActiveX $B$,$i$_OC$OE,MQ$5$l$k(B
    • $B$b$&$A$g$C$HM1M=$,$[$7$$?M$O(B Compatibility Patch $B$rE,MQ$9$k(B

    $B$H$$$&$3$H$_$?$$$G$9$M!#(B

    $B"#(B 2006.04.06

    $B"#(B $BDI5-(B

    Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (905915) (MS05-054)

    $B!!(B917460 - MS5-054 Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`$rE,MQ$9$k$H(B _serach $B$r%?!<%2%C%H$K$7$?%Z!<%8$NI=<($,$G$-$J$$(B (Microsoft)$B!#$3$N(B KB $B$C$FF|K\8lHG$7$+$J$$$G$9$+(B?

    $B"#(B Verisign Site Seal Update
    (SANS ISC, 2006.04.05)

    $B!!(BVeriSign $B$J?M$,$3$&8@$C$F$$$k$=$&$G$9(B:

    VeriSign reports that many public-facing Web sites continue to implement an older and less secure version of VeriSign's popular security mark. Because the old VeriSign site seals were created and distributed prior to the rise of phishing, they did not contain the full set of anti-spoofing measures available in the newest version of the VeriSign Secured Seal.

    $B!!$3$NOC$+(B: $B%Y%j%5%$%s(B $B%;%-%e%"%7!<%k$K$D$$$F(B (estore.co.jp $BAG:`%@%&%s%m!<%I(B)

    2004$BG/(B11$B7n(B9$BF|$h$j!"%Y%j%5%$%s>N$b?7$?$K!V%Y%j%5%$%s(B $B%;%-%e%"%7!<%k!W$H$7$F%G%6%$%s$H5!G=$,JQ99$5$l$^$7$?!#(B ($BCfN,(B) $B8m$C$?;HMQ$rKI;_$9$k$?$a!"%7!<%k$r7G:\$7$F$$$k%5%$%H$N%I%a%$%sL>$r%A%'%C%/$9$k5!G=$,F3F~$5$l$^$7$?!#$3$N5!G=$K$h$j!"!V%Y%j%5%$%s(B $B%;%-%e%"%7!<%k!W$N7G:\$,2DG=$J%Z!<%8$O!"%Y%j%5%$%s$N(BID$B$r
    $B$3$NJQ99$K$H$b$J$$!"0JA0$N%Y%j%5%$%sr7o$H7G:\J}K!$r$*FI$_$$$?$@$-!"Aa$a$K?7$7$$!V%Y%j%5%$%s(B $B%;%-%e%"%7!<%k!W$XD%$jBX$($k$3$H$r$*4+$a$$$?$7$^$9!#(B

    $B!!%7!<%kMQ%9%/%j%W%H$O!"(B VeriSign Secured Seal Program (VeriSign) $B$d(B $B%Y%j%5%$%s(B $B%;%-%e%"%7!<%k(B ($BF|K\%Y%j%5%$%s(B) $B$G$D$/$l$^$9!#(B

    $B"#(B $B$$$m$$$m(B (2006.04.06)
    (various)

    $B"#(B 2006.04.05

    $B"#(B SAVCE 10.0.2 MR2 MP1$B!"(BSCS 3.0.2 MR2 MP1 $B8x3+Cf;_$N$*CN$i$;(B
    ($B%7%^%s%F%C%/(B, 2006.04.03)

    $B!!%$%s%9%H!<%k$9$k$HIT9,$K$J$k$3$H$,$"$k$h$&$G$9!#(B

    SAVCE 10.0.2 MR2 MP1$B!"(BSCS 3.0.2 MR2 MP1 $B$r%$%s%9%H!<%k$9$k$H!"0J2<$N%(%i!<$,H/@8$7$F0lIt$N4D6-$G%5!<%P!<%0%k!<%W$K%"%/%;%9$9$k$3$H$,$G$-$^$;$s!#(B
    ($BCfN,(B)
    $B$9$G$K(B SAVCE 10.0.2 MR2 MP1$B!"(BSCS 3.0.2 MR2 MP1 $B$r%$%s%9%H!<%k$7$FK\>c32$,H/@8$7$F$$$k$*5RMM$O!"$3$NLdBj$r2r7h$9$k$?$a$K$47@Ls$N%5%]!<%H%;%s%?!<$^$G$4O"Mm$/$@$5$$!#(B
    ($BCfN,(B)
    $B%7%^%s%F%C%/$O!"(BSAVCE 10.0.2 MR2 MP1$B!"(BSCS 3.0.2 MR2 MP1 $B$N=$@59`L\$r4^$s$@(B SAVCE 10.0.2 MR2 MP2$B!"(BSCS 3.0.2 MR2 MP2 $B$r!!(B2006$BG/(B4$B7n>e=\:"$K%j%j!<%9$9$kM=Dj$G$9!#(B

    2006.04.18 $BDI5-(B:

    $B!!(B4/14 $BIU$G?7HG$,8x3+$5$l$?$h$&$G$9(B: SAVCE 10.0.2 MR2 MP1$B!"(BSCS 3.0.2 MR2 MP1 $B8x3+Cf;_$N$*CN$i$;!J(B2006$BG/(B4$B7n(B14$BF|99?7!K(B $B$h$j(B:

    $B%7%^%s%F%C%/$O!"$3$NLdBj$r=$@5$7$?(B MR2 MP1/MR2 MP2 $B$r%j%j!<%9$7$^$7$?!#:G?7HG$N%7%^%s%F%C%/%(%s%?!<%W%i%$%:@=IJ$NF~H$/$@$5$$!#(B
    $B%7%^%s%F%C%/(B $B%(%s%?!<%W%i%$%:@=IJ$N:G?7%P!<%8%g%s$NF~

    $B"#(B 2006.04.04

    $B"#(B Mac OS X 10.4.6 Update $B$N%;%-%e%j%F%#%3%s%F%s%D$K$D$$$F(B
    (Apple, 2006.04.03)

    $B!!(BMac OS X 10.4.6 $B$,EP>l!#(BIntel Mac $B$K$*$$$F!"%U%!!<%`%&%'%"%Q%9%o!<%I$,2sHr$5$l$k7g4Y$,=$@5$5$l$F$$$k$=$&$G$9!#(B CVE: CVE-2006-0401

    $B"#(B SquirrelMail Version 1.4.7 - CVS
    (squirrelmail.org)

    $B!!$3$s$JJ8;zNs$,!D!D(B 

    Version 1.4.7 - CVS
-------------------
  - Security: Possible cookie theft in src/redirect.php if
    register_globals is enabled, and malicous site is running
    in same domain.

    $B"#(B $B%^%+%U%#!
    (various)

    $B"#(B Barracuda $BJ}LL(B
    (Full-disclosure ML, 2006.04.03)

    $B!!(BBarracuda Spam Firewall $B$K$*$1$k!"(Bzoo / lha $B%"!<%+%$%V$N07$$$K7g4Y!#(B

    $B!!(Bzoo $B$O$H$b$+$/!"(Blha $B$O(B 2 $BG/A0$NOC$@$+$i$J$!!D!D(B

    $B"#(B $BF|N)J}LL(B
    ($BF|N)(B, 2006.03.31)

    $B!!$I$A$i$bBP:vHG$,=P$F$$$^$9$N$G!"E,MQ$9$l$P$h$$$G$9!#(B

    $B"#(B 2006.04.03

    $B"#(B [Full-disclosure] Secunia Research: AN HTTPD Script Source Disclosure Vulnerability
    (Secunia Research, 2006.04.03)

    $B!!(BAN HTTPD 1.42n $B0JA0$K7g4Y!#30It$+$i%9%/%j%W%H%U%!%$%k$N%=!<%9$r

    $B"#(B $BDI5-(B

    $B!V(BRFID$B%?%0$b%&%$%k%9$K46@w$9$k2DG=@-$"$j!W!$%*%i%s%@$N8&5f

    $B!!:j;3$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B: $B>R2p$,CY$/$F$9$$$^$;$s(B)

    Cambridge$BBg(BCSG$B%V%m%0$K(BFrank Stajano $B$5$s$,=q$$$F$$$k$H$3$m$K$h$k$H(B
    http://www.lightbluetouchpaper.org/2006/03/16/cat-with-computer-virus/

    $B^$7$?$N$O(B "best paper for high impact$B!I(B (RFID Virus $B$N%Z!<%8$@$H(B "the Best Paper Award for Most Impact" )$B$H$$$&!"$3$NO@J8$NH?6A$r4U$_$FB(@J$G:n$i$l$?>^$G!"(BPerCom $B$N;vA0$KM=Dj$5$l$F$$$?(B Best Paper $B>^(B $B$KAjEv$9$k(B "Mark Weiser award" $B$O!"JL$NO@J8$KBP$7$FB#$i$l$?!"$H$$$&$3$H$N$h$&$G$9!#(B

    $B!!>e5-$K$"$o$;$F5-=R$r=$@5$7$^$7$?!#(B_o_

    $B"#(B 2006.04.02

    $B"#(B 2006.04.01

    [$B%;%-%e%j%F%#%[!<%k(B memo]
    $B;d$K$D$$$F(B