==============================================================

 

マカフィー サポート通信 - リスク管理ソリューション 2011.05.02

==============================================================

 

本メールはMcAfee Vulnerability Manager製品のサポートをご購入のお客様

に配信しております。

 

○-======  今週のマカフィー Vulnerability Manager (目次)  =======-○

1) FSL UPDATE

2) OSパッチアップデート

3) McAfee Vulnerability Manager Software 旧バージョンソフトウェアv6.7のサポート終了について

4) 「サポート通信」登録方法変更のお知らせ

5) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について

 

※) マカフィーからのサービス

○-===================================================-○

 

-------------------------------------------------------

1) FSL UPDATE

-------------------------------------------------------

マカフィーは以下のVulnerability Manager製品のアップデートを提供しています。

最新更新日: 2011-APR-29

 

(SUMMARY)

 

新しいチェック項目     :  237

改善されたチェック項目 :  71

削除されたチェック項目 :  3

 

 追加・改善されたシグネチャ項目等の詳細は以下の製品ダウンロード

 ページから「McAfee Foundstone Update」の最新版を入手してください。

 

 http://www.mcafee.com/japan/licensed2/

 

新しいチェック項目:

 

  * FID #9775 TCP/IP Ping of Death Remote Denial of Service Vulnerability

    Risk: High

  * FID #10454 Twiki Rev Parameter Remote Command Execution Vulnerability

    Risk: High

  * FID #10477 WordPress Multiple Cross Site Scripting Vulnerabilities II

    Risk: High

  * FID #10504 HP OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities

    Risk: High

  * FID #10642 TikiWiki Multiple Cross Site Scripting And Local File Inclusion Vulnerabilities

    Risk: High

  * FID #10738 Wordpress Multiple Cross Site Scripting and SQL Injection Vulnerabilities

    Risk: High

  * FID #10739 WordPress cat Parameter Directory Traversal Vulnerability

    Risk: High

  * FID #11460 WordPress cdnvote Plugin cdnvote-post.php Multiple SQL Injection Vulnerabilities

    Risk: High

  * FID #11879 Apple Safari WebKit Remote Code Execution

    Risk: High

  * FID #11884 Apple iTunes WebKit Integer Overflow Vulnerability

(CVE-2011-1290)

    Risk: High

  * FID #11887 Apple iTunes WebKit Use After Free Vulnerability

(CVE-2011-1344)

    Risk: High

  * FID #41608 Red Hat Enterprise Linux RHSA-2011-0391 Update Is Not Installed

    Risk: High

  * FID #41612 Red Hat Enterprise Linux RHSA-2011-0373 Update Is Not Installed

    Risk: High

  * FID #41614 Red Hat Enterprise Linux RHSA-2011-0375 Update Is Not Installed

    Risk: High

  * FID #41615 Red Hat Enterprise Linux RHSA-2011-0356 Update Is Not Installed

    Risk: High

  * FID #41616 Red Hat Enterprise Linux RHSA-2011-0392 Update Is Not Installed

    Risk: High

  * FID #41617 Red Hat Enterprise Linux RHSA-2011-0374 Update Is Not Installed

    Risk: High

  * FID #41634 Red Hat Enterprise Linux RHSA-2011-0452 Update Is Not Installed

    Risk: High

  * FID #42991 HP-UX 11.X PHKL_41852 Update Is Not Installed

    Risk: High

  * FID #42992 HP-UX 11.X PHCO_40571 Update Is Not Installed

    Risk: High

  * FID #50223 Ubuntu Linux 10.04, 10.10, 8.04 LTS, 9.10 USN-1109-1 Update Is Not Installed

    Risk: High

  * FID #81564 Fedora Linux 13 FEDORA-2011-5033 Update Is Not Installed

    Risk: High

  * FID #81565 Fedora Linux 14 FEDORA-2011-5040 Update Is Not Installed

    Risk: High

  * FID #81568 Fedora Linux 13 FEDORA-2011-2699 Update Is Not Installed

    Risk: High

  * FID #81570 Fedora Linux 13 FEDORA-2011-0848 Update Is Not Installed

    Risk: High

  * FID #85088 CentOS 4 CESA-2011-0373 Update Is Not Installed

    Risk: High

  * FID #85089 CentOS 4 CESA-2011-0375 Update Is Not Installed

    Risk: High

  * FID #85090 CentOS 4 CESA-2011-0374 Update Is Not Installed

    Risk: High

  * FID #85097 CentOS 5 CESA-2011-0324 Update Is Not Installed

    Risk: High

  * FID #85098 CentOS 5 CESA-2011-0336 Update Is Not Installed

    Risk: High

  * FID #85100 CentOS 5 CESA-2011-0429 Update Is Not Installed

    Risk: High

  * FID #85101 CentOS 5 CESA-2011-0332 Update Is Not Installed

    Risk: High

  * FID #85105 CentOS 5 CESA-2011-0281 Update Is Not Installed

    Risk: High

  * FID #85106 CentOS 5 CESA-2011-0199 Update Is Not Installed

    Risk: High

  * FID #85107 CentOS 5 CESA-2011-0163 Update Is Not Installed

    Risk: High

  * FID #85110 CentOS 5 CESA-2011-0412 Update Is Not Installed

    Risk: High

  * FID #85115 CentOS 5 CESA-2011-0306 Update Is Not Installed

    Risk: High

  * FID #90715 Oracle Enterprise Linux ELSA-2011-0392 Update Is Not Installed

    Risk: High

  * FID #90716 Oracle Enterprise Linux ELSA-2011-0373 Update Is Not Installed

    Risk: High

  * FID #90717 Oracle Enterprise Linux ELSA-2011-0375 Update Is Not Installed

    Risk: High

  * FID #90720 Oracle Enterprise Linux ELSA-2011-0391 Update Is Not Installed

    Risk: High

  * FID #90722 Oracle Enterprise Linux ELSA-2011-0374 Update Is Not Installed

    Risk: High

  * FID #90723 Oracle Enterprise Linux ELSA-2011-0394 Update Is Not Installed

    Risk: High

  * FID #90735 Oracle Enterprise Linux ELSA-2011-0429 Update Is Not Installed

    Risk: High

  * FID #90736 Oracle Enterprise Linux ELSA-2011-0452 Update Is Not Installed

    Risk: High

  * FID #90739 Oracle Enterprise Linux ELSA-2011-2014 Update Is Not Installed

    Risk: High

  * FID #92721 Mandriva Linux 2009.0, 2010.0, 2010.1 MDVSA-2011-054 Update Is Not Installed

    Risk: High

  * FID #94346 SuSE SLES 10 SP3 kernel-7385 Update Is Not Installed

    Risk: High

  * FID #94347 SuSE SLES 10 SP3, SLED 10 SP3 kernel-7381 Update Is Not Installed

    Risk: High

  * FID #94349 SuSE SLES 10 SP3, SLED 10 SP3 libtiff-7376 Update Is Not Installed

    Risk: High

  * FID #94350 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 pango-4065 Update Is Not Installed

    Risk: High

  * FID #94357 SuSE SLES 10 SP3 kernel-7382 Update Is Not Installed

    Risk: High

  * FID #94360 SuSE SLES 10 SP3, SLED 10 SP3 kernel-7384 Update Is Not Installed

    Risk: High

  * FID #94363 SuSE SLED 10 SP3 gimp-7374 Update Is Not Installed

    Risk: High

  * FID #94365 SuSE SLES 10 SP3 kernel-7383 Update Is Not Installed

    Risk: High

  * FID #94428 SuSE SLES 10 SP3 nbd-7455 Update Is Not Installed

    Risk: High

  * FID #94432 SuSE Linux  11.2,  11.3,  11.4 suse-sa:2011:016 Update Is Not Installed

    Risk: High

  * FID #94435 SuSE Linux  11.2 suse-sa:2011:017 Update Is Not Installed

    Risk: High

  * FID #94436 SuSE Linux  11.2,  11.3,  11.4 suse-sa:2011:018 Update Is Not Installed

    Risk: High

  * FID #9749 TCP/IP SYN-FIN Packet Filtering Vulnerability

    Risk: Medium

  * FID #9789 Apache Tomcat Default Account With Blank Password Security Bypass Vulnerability

    Risk: Medium

  * FID #9953 SquirrelMail map_yp_alias Arbitrary Code Execution Vulnerability

    Risk: Medium

  * FID #10135 SQLiteManager main.php Cross Site Scripting Vulnerability

    Risk: Medium

  * FID #10189 Parallels System Automation locale Parameter Local File Inclusion Vulnerability

    Risk: Medium

  * FID #10193 WordPress wp-login.php Password Reset Security Bypass Vulnerability

    Risk: Medium

  * FID #10204 Webcom Guestbook.cgi Arbitrary Command Execution Vulnerability

    Risk: Medium

  * FID #10210 Sun Java System Application Server HTTP TRACE Information Disclosure Vulnerability

    Risk: Medium

  * FID #10291 TCP/IP Firewall Rule Bypass Vulnerability

    Risk: Medium

  * FID #10457 WordPress Blog Header PHP Multiple SQL Injection Vulnerabilties

    Risk: Medium

  * FID #10459 WordPress cache_lastpostdate PHP Code Injection Vulnerability

    Risk: Medium

  * FID #10470 WordPress Multiple Cross Site Scripting Vulnerabilities

    Risk: Medium

  * FID #10479 TikiWiki tiki-listmovies.php Directory Traversal Vulnerability

    Risk: Medium

  * FID #10502 TikiWiki Multiple Pages Directory Traversal Vulnerability

    Risk: Medium

  * FID #10506 TWiki ImageGalleryPlugin Remote Command Execution Vulnerability

    Risk: Medium

  * FID #10582 WordPress admin-ajax.php SQL Injection Vulnerability

    Risk: Medium

  * FID #10594 Trac quickjump Function URI Redirection Vulnerability

    Risk: Medium

  * FID #10619 VMware vCenter Update Manager Jetty Web Server Cross Site Scripting Vulnerability

    Risk: Medium

  * FID #10639 VMware vCenter Update Manager Jetty Web Server Directory Traversal Vulnerability

    Risk: Medium

  * FID #10645 TikiWiki tiki-featured_link.php Cross Site Scripting Vulnerability

    Risk: Medium

  * FID #10647 TikiWiki Multiple Pages Information Disclosure Vulnerability

    Risk: Medium

  * FID #10648 Sun Java System Web Server .jsp File Information Disclosure Vulnerability

    Risk: Medium

  * FID #10686 TWiki Configure Script Image Variable Remote Code Execution Vulnerability

    Risk: Medium

  * FID #10726 WordPress Paged Parameter SQL Injection Vulnerability

    Risk: Medium

  * FID #10733 WordPress Installation Path Disclosure Vulnerability

    Risk: Medium

  * FID #11413 ViewCVS viewcvs.cgi Cross Site Scripting Vulnerability

    Risk: Medium

  * FID #11429 (MS02-053) Microsoft Windows SmartHTML Interpreter Buffer Overflow

    Risk: Medium

  * FID #11431 Microsoft IIS bdir.htr Directory Listing Vulnerability

    Risk: Medium

  * FID #11437 TWiki Viewfile filename Directory Traversal Vulnerability

    Risk: Medium

  * FID #11859 (HPSBUX02655 )HP-UX BIND Service Remote Denial Of Service

    Risk: Medium

  * FID #11909 IBM Lotus Notes/Domino SSL Administration Database Anonymous Access Vulnerability

    Risk: Medium

  * FID #11913 Microsoft Word 2003 MSO.dll Null Pointer Dereference Vulnerability

    Risk: Medium

  * FID #11914 Microsoft Windows Live Safety Scanner One Care Local Download And Execute Vulnerability

    Risk: Medium

  * FID #32794 Sun Solaris 146859-01 Update Is Not Installed

    Risk: Medium

  * FID #41609 Red Hat Enterprise Linux RHSA-2011-0376 Update Is Not Installed

    Risk: Medium

  * FID #41610 Red Hat Enterprise Linux RHSA-2011-0395 Update Is Not Installed

    Risk: Medium

  * FID #41611 Red Hat Enterprise Linux RHSA-2011-0369 Update Is Not Installed

    Risk: Medium

  * FID #41613 Red Hat Enterprise Linux RHSA-2011-0370 Update Is Not Installed

    Risk: Medium

  * FID #41618 Red Hat Enterprise Linux RHSA-2011-0390 Update Is Not Installed

    Risk: Medium

  * FID #41635 Red Hat Enterprise Linux RHSA-2011-0447 Update Is Not Installed

    Risk: Medium

  * FID #50206 Ubuntu Linux 10.04, 10.10, 9.10 USN-1097-1 Update Is Not Installed

    Risk: Medium

  * FID #50207 Ubuntu Linux 10.04, 10.10, 6.06 LTS, 8.04 LTS, 9.10

USN-1098-1 Update Is Not Installed

    Risk: Medium

  * FID #50210 Ubuntu Linux 6.06 LTS USN-1092-1 Update Is Not Installed

    Risk: Medium

  * FID #58095 Debian Linux 5.0, 6.0 DSA-2201-1 Update Is Not Installed

    Risk: Medium

  * FID #58096 Debian Linux 5.0 DSA-2207-1 Update Is Not Installed

    Risk: Medium

  * FID #81500 Fedora Linux 13 FEDORA-2011-3733 Update Is Not Installed

    Risk: Medium

  * FID #81501 Fedora Linux 13 FEDORA-2011-3464 Update Is Not Installed

    Risk: Medium

  * FID #81504 Fedora Linux 14 FEDORA-2011-3462 Update Is Not Installed

    Risk: Medium

  * FID #81513 Fedora Linux 13 FEDORA-2011-3662 Update Is Not Installed

    Risk: Medium

  * FID #81516 Fedora Linux 13 FEDORA-2011-3357 Update Is Not Installed

    Risk: Medium

  * FID #81518 Fedora Linux 14 FEDORA-2011-3658 Update Is Not Installed

    Risk: Medium

  * FID #81519 Fedora Linux 14 FEDORA-2011-3737 Update Is Not Installed

    Risk: Medium

  * FID #81520 Fedora Linux 14 FEDORA-2011-3390 Update Is Not Installed

    Risk: Medium

  * FID #81522 Fedora Linux 15 FEDORA-2011-3761 Update Is Not Installed

    Risk: Medium

  * FID #81552 Fedora Linux 15 FEDORA-2011-5098 Update Is Not Installed

    Risk: Medium

  * FID #83555 FreeBSD krb5 MITKRB5-SA-2011-002, KDC Vulnerable To Hang When Using LDAP Back End (4ab413ea-66ce-11e0-bf05-d445f3aa24f0)

    Risk: Medium

  * FID #83556 FreeBSD krb5 MITKRB5-SA-2011-001, Kpropd Denial Of Service

(64f24a1e-66cf-11e0-9deb-f345f3aa24f0)

    Risk: Medium

  * FID #85094 CentOS 5 CESA-2011-0196 Update Is Not Installed

    Risk: Medium

  * FID #85095 CentOS 5 CESA-2011-0346 Update Is Not Installed

    Risk: Medium

  * FID #85096 CentOS 5 CESA-2011-0376 Update Is Not Installed

    Risk: Medium

  * FID #85099 CentOS 5 CESA-2011-0327 Update Is Not Installed

    Risk: Medium

  * FID #85102 CentOS 5 CESA-2011-0257 Update Is Not Installed

    Risk: Medium

  * FID #85103 CentOS 5 CESA-2011-0427 Update Is Not Installed

    Risk: Medium

  * FID #85104 CentOS 5 CESA-2011-0433 Update Is Not Installed

    Risk: Medium

  * FID #85108 CentOS 5 CESA-2011-0214 Update Is Not Installed

    Risk: Medium

  * FID #85109 CentOS 5 CESA-2011-0436 Update Is Not Installed

    Risk: Medium

  * FID #85111 CentOS 5 CESA-2011-0154 Update Is Not Installed

    Risk: Medium

  * FID #85112 CentOS 5 CESA-2011-0176 Update Is Not Installed

    Risk: Medium

  * FID #85113 CentOS 5 CESA-2011-0198 Update Is Not Installed

    Risk: Medium

  * FID #85114 CentOS 5 CESA-2011-0303 Update Is Not Installed

    Risk: Medium

  * FID #88413 Slackware Linux 13.1 SSA:2011-086-03 Update Is Not Installed

    Risk: Medium

  * FID #90718 Oracle Enterprise Linux ELSA-2011-0395 Update Is Not Installed

    Risk: Medium

  * FID #90719 Oracle Enterprise Linux ELSA-2011-0390 Update Is Not Installed

    Risk: Medium

  * FID #90721 Oracle Enterprise Linux ELSA-2011-0376 Update Is Not Installed

    Risk: Medium

  * FID #90737 Oracle Enterprise Linux ELSA-2011-0447 Update Is Not Installed

    Risk: Medium

  * FID #90738 Oracle Enterprise Linux ELSA-2011-0436 Update Is Not Installed

    Risk: Medium

  * FID #90740 Oracle Enterprise Linux ELSA-2011-0433 Update Is Not Installed

    Risk: Medium

  * FID #92722 Mandriva Linux 2010.0, 2010.1 MDVSA-2011-053 Update Is Not Installed

    Risk: Medium

  * FID #92723 Mandriva Linux 2009.0 MDVSA-2011-052 Update Is Not Installed

    Risk: Medium

  * FID #94345 SuSE SLES 10 SP4, SLED 10 SP4 clamav-7397 Update Is Not Installed

    Risk: Medium

  * FID #94366 SuSE SLES 10 SP3, SLED 10 SP3 clamav-7380 Update Is Not Installed

    Risk: Medium

  * FID #94367 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 libopenssl-devel-3938 Update Is Not Installed

    Risk: Medium

  * FID #11864 Apple Mac OS X Security Update 2011-002

    Risk: Low

  * FID #50208 Ubuntu Linux 10.04, 10.10, 9.10 USN-1094-1 Update Is Not Installed

    Risk: Low

  * FID #50209 Ubuntu Linux 10.04, 10.10, 6.06 LTS, 8.04 LTS, 9.10

USN-1095-1 Update Is Not Installed

    Risk: Low

  * FID #50211 Ubuntu Linux 10.04, 10.10, 6.06 LTS, 8.04 LTS, 9.10

USN-1096-1 Update Is Not Installed

    Risk: Low

  * FID #50212 Ubuntu Linux 10.04, 10.10, 8.04 LTS, 9.10 USN-1091-1 Update Is Not Installed

    Risk: Low

  * FID #55103 Top Weekly Malware Env - FakeAlert-PcUpdate

(pc_update9_290.exe)

    Risk: Low

  * FID #55104 Top Weekly Malware Env - FakeAlert-PcUpdate

(win_upgrade107_2292.exe)

    Risk: Low

  * FID #58091 Debian Linux 6.0 DSA-2199-1 Update Is Not Installed

    Risk: Low

  * FID #58092 Debian Linux 5.0, 6.0 DSA-2200-1 Update Is Not Installed

    Risk: Low

  * FID #58093 Debian Linux 6.0 DSA-2202-1 Update Is Not Installed

    Risk: Low

  * FID #58094 Debian Linux 5.0, 6.0 DSA-2204-1 Update Is Not Installed

    Risk: Low

  * FID #58097 Debian Linux 5.0, 6.0 DSA-2203-1 Update Is Not Installed

    Risk: Low

  * FID #58098 Debian Linux 5.0, 6.0 DSA-2206-1 Update Is Not Installed

    Risk: Low

  * FID #58099 Debian Linux 6.0 DSA-2205-1 Update Is Not Installed

    Risk: Low

  * FID #58112 Debian Linux 5.0, 6.0 DSA-2219-1 Update Is Not Installed

    Risk: Low

  * FID #81499 Fedora Linux 15 FEDORA-2011-4038 Update Is Not Installed

    Risk: Low

  * FID #81502 Fedora Linux 13 FEDORA-2011-3738 Update Is Not Installed

    Risk: Low

  * FID #81503 Fedora Linux 15 FEDORA-2011-4117 Update Is Not Installed

    Risk: Low

  * FID #81505 Fedora Linux 13 FEDORA-2011-3917 Update Is Not Installed

    Risk: Low

  * FID #81506 Fedora Linux 15 FEDORA-2011-2367 Update Is Not Installed

    Risk: Low

  * FID #81507 Fedora Linux 15 FEDORA-2011-3614 Update Is Not Installed

    Risk: Low

  * FID #81508 Fedora Linux 15 FEDORA-2011-4056 Update Is Not Installed

    Risk: Low

  * FID #81509 Fedora Linux 15 FEDORA-2011-2638 Update Is Not Installed

    Risk: Low

  * FID #81510 Fedora Linux 14 FEDORA-2011-3746 Update Is Not Installed

    Risk: Low

  * FID #81511 Fedora Linux 14 FEDORA-2011-3394 Update Is Not Installed

    Risk: Low

  * FID #81512 Fedora Linux 13 FEDORA-2011-3355 Update Is Not Installed

    Risk: Low

  * FID #81514 Fedora Linux 15 FEDORA-2011-3758 Update Is Not Installed

    Risk: Low

  * FID #81515 Fedora Linux 15 FEDORA-2011-3775 Update Is Not Installed

    Risk: Low

  * FID #81517 Fedora Linux 14 FEDORA-2011-2631 Update Is Not Installed

    Risk: Low

  * FID #81521 Fedora Linux 14 FEDORA-2011-3946 Update Is Not Installed

    Risk: Low

  * FID #81523 Fedora Linux 15 FEDORA-2011-3958 Update Is Not Installed

    Risk: Low

  * FID #81550 Fedora Linux 14 FEDORA-2011-5152 Update Is Not Installed

    Risk: Low

  * FID #81551 Fedora Linux 15 FEDORA-2011-4964 Update Is Not Installed

    Risk: Low

  * FID #81553 Fedora Linux 13 FEDORA-2011-4250 Update Is Not Installed

    Risk: Low

  * FID #81554 Fedora Linux 15 FEDORA-2011-5333 Update Is Not Installed

    Risk: Low

  * FID #81555 Fedora Linux 13 FEDORA-2011-4870 Update Is Not Installed

    Risk: Low

  * FID #81556 Fedora Linux 13 FEDORA-2011-4351 Update Is Not Installed

    Risk: Low

  * FID #81557 Fedora Linux 14 FEDORA-2011-5204 Update Is Not Installed

    Risk: Low

  * FID #81558 Fedora Linux 15 FEDORA-2011-4988 Update Is Not Installed

    Risk: Low

  * FID #81559 Fedora Linux 15 FEDORA-2011-4934 Update Is Not Installed

    Risk: Low

  * FID #81560 Fedora Linux 15 FEDORA-2011-5244 Update Is Not Installed

    Risk: Low

  * FID #81561 Fedora Linux 15 FEDORA-2011-5135 Update Is Not Installed

    Risk: Low

  * FID #81562 Fedora Linux 15 FEDORA-2011-4984 Update Is Not Installed

    Risk: Low

  * FID #81563 Fedora Linux 14 FEDORA-2011-5167 Update Is Not Installed

    Risk: Low

  * FID #81566 Fedora Linux 15 FEDORA-2011-5249 Update Is Not Installed

    Risk: Low

  * FID #81567 Fedora Linux 15 FEDORA-2011-3990 Update Is Not Installed

    Risk: Low

  * FID #81569 Fedora Linux 13 FEDORA-2011-5161 Update Is Not Installed

    Risk: Low

  * FID #81571 Fedora Linux 15 FEDORA-2011-4631 Update Is Not Installed

    Risk: Low

  * FID #81572 Fedora Linux 14 FEDORA-2011-4871 Update Is Not Installed

    Risk: Low

  * FID #81573 Fedora Linux 14 FEDORA-2011-4610 Update Is Not Installed

    Risk: Low

  * FID #81574 Fedora Linux 13 FEDORA-2011-5156 Update Is Not Installed

    Risk: Low

  * FID #83539 FreeBSD php Crash On Crafted Tag In Exif

(cc3bfec6-56cd-11e0-9668-001fd0d616cf)

    Risk: Low

  * FID #83540 FreeBSD gdm Privilege Escalation Vulnerability

(c6fbd447-59ed-11e0-8d04-0015f2db7bde)

    Risk: Low

  * FID #83541 FreeBSD php ZipArchive Segfault With FL_UNCHANGED On Empty Archive (fe853666-56ce-11e0-9668-001fd0d616cf)

    Risk: Low

  * FID #83542 FreeBSD mozilla Update To HTTPS Certificate Blacklist

(b2f09169-55af-11e0-9d6f-000f20797ede)

    Risk: Low

  * FID #83543 FreeBSD linux-flashplugin Remote Code Execution Vulnerability (501ee07a-5640-11e0-985a-001b2134ef46)

    Risk: Low

  * FID #83548 FreeBSD rt Multiple Vulnerabilities

(bf171509-68dd-11e0-afe6-0003ba02bf30)

    Risk: Low

  * FID #83549 FreeBSD linux-flashplugin Remote Code Execution Vulnerability (32b05547-6913-11e0-bdc4-001b2134ef46)

    Risk: Low

  * FID #83550 FreeBSD krb5 MITKRB5-SA-2011-004, Kadmind Invalid Pointer Free () [CVE-2011-0285] (6a3c3e5c-66cb-11e0-a116-c535f3aa24f0)

    Risk: Low

  * FID #83551 FreeBSD mupdf Remote System Access

(53bde960-356b-11e0-8e81-0022190034c0)

    Risk: Low

  * FID #83552 FreeBSD krb5 MITKRB5-SA-2011-003, KDC Vulnerable To Double-free When PKINIT Enabled (7edac52a-66cd-11e0-9398-5d45f3aa24f0)

    Risk: Low

  * FID #83553 FreeBSD vlc Heap Corruption In MP4 Demultiplexer

(6a4bfe75-692a-11e0-bce7-001eecdd401a)

    Risk: Low

  * FID #83554 FreeBSD xrdb Root Hole Via Rogue Hostname

(2eccb24f-61c0-11e0-b199-0015f2db7bde)

    Risk: Low

  * FID #88411 Slackware Linux 13.0, 13.1 SSA:2011-086-02 Update Is Not Installed

    Risk: Low

  * FID #88412 Slackware Linux 12.2, 13.0, 13.1 SSA:2011-086-01 Update Is Not Installed

    Risk: Low

  * FID #88420 Slackware Linux 11.0, 12.0, 12.1, 12.2, 13.0, 13.1

SSA:2011-108-01 Update Is Not Installed

    Risk: Low

  * FID #94344 SuSE SLED 11 SP1 novell-ui-client-4033 Update Is Not Installed

    Risk: Low

  * FID #94348 SuSE SLES 11 release-notes-SLES-for-VMware-3873 Update Is Not Installed

    Risk: Low

  * FID #94351 SuSE SLED 10 SP4 flash-player-7398 Update Is Not Installed

    Risk: Low

  * FID #94352 SuSE SLED 10 SP3 flash-player-7391 Update Is Not Installed

    Risk: Low

  * FID #94353 SuSE SLES 10 SP3, SLED 10 SP3 timezone-2011c-7368 Update Is Not Installed

    Risk: Low

  * FID #94354 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 timezone-2011d-4223 Update Is Not Installed

    Risk: Low

  * FID #94355 SuSE SLES 10 SP4, SLED 10 SP4 timezone-2011d-7414 Update Is Not Installed

    Risk: Low

  * FID #94356 SuSE SLED 10 SP3 java-1_6_0-sun-7411 Update Is Not Installed

    Risk: Low

  * FID #94358 SuSE SLED 11 SP1 flash-player-4190 Update Is Not Installed

    Risk: Low

  * FID #94359 SuSE SLED 10 SP4 java-1_6_0-sun-7389 Update Is Not Installed

    Risk: Low

  * FID #94361 SuSE SLES 10 SP3, SLED 10 SP3 nss_ldap-7322 Update Is Not Installed

    Risk: Low

  * FID #94362 SuSE SLES 11 SP1, SLED 11 SP1 xen-201103-4129 Update Is Not Installed

    Risk: Low

  * FID #94364 SuSE SLES 10 SP3, SLED 10 SP3 timezone-2011d-7415 Update Is Not Installed

    Risk: Low

  * FID #94429 SuSE SLES 10 SP4, SLED 10 SP4 libreoffice-7469 Update Is Not Installed

    Risk: Low

  * FID #94430 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 sysconfig-3954 Update Is Not Installed

    Risk: Low

  * FID #94431 SuSE SLES 10 SP4, SLED 10 SP4 SPident-7441 Update Is Not Installed

    Risk: Low

  * FID #94433 SuSE SLES 10 SP4 dhcp6-7465 Update Is Not Installed

    Risk: Low

  * FID #94434 SuSE SLES 11, 11 SP1 lldpad-4341 Update Is Not Installed

    Risk: Low

  * FID #9745 TCP/IP Timestamps Support Detected

    Risk: Informational

  * FID #9761 TCP Port 0 Open Possible Backdoor Detected

    Risk: Informational

  * FID #9765 ICMP Domain Name Response Detected

    Risk: Informational

  * FID #9814 TTL Anomaly Detected

    Risk: Informational

  * FID #9861 TCP/IP Open Port With Small Window Size Detected

    Risk: Informational

  * FID #10094 Apache Default Installation/welcome Page Detected

    Risk: Informational

  * FID #10144 Web Server webadmin.php Access Detected

    Risk: Informational

  * FID #10244 Tomcat JK jkstatus Unprotected Management And Diagnostics Page Detected

    Risk: Informational

  * FID #10271 vsftpd Version Below 0.9.3 Detected

    Risk: Informational

  * FID #10428 Web Server cgi-bin Path Detected

    Risk: Informational

  * FID #10466 Remote Help Default Account Detected

    Risk: Informational

  * FID #10701 Oracle Database Server Listener Unrestricted Access Detected

    Risk: Informational

 

改善されたチェック項目:

 

  * FID #3091 (MS00-005) Microsoft RichEdit RTF Buffer Overflow

    Risk is updated

  * FID #3105 (MS00-033) Internet Explorer Frame Domain Vulnerability

    Risk is updated

  * FID #3114 (MS00-037) Internet Explorer .CHM Code Execution Vulnerability

    Risk is updated

  * FID #3205 (MS00-043) Microsoft Outlook Malformed E-Mail Header Vulnerability

    Risk is updated

  * FID #3239 (MS00-056) Office 2000 Malformed HTML Buffer Overflow

    Risk is updated

  * FID #3347 (MS00-075) Internet Explorer Java VM ActiveX Vulnerability

    Risk is updated

  * FID #8553 EMC HomeBase Server Directory Traversal Remote Code Execution Vulnerability

    Recommendation is updated

  * FID #31006 Sun Solaris 116966-36 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #85082 CentOS 4 CESA-2011-0318 Update Is Not Installed

    FASLScript is updated

  * FID #85083 CentOS 4 CESA-2011-0305 Update Is Not Installed

    FASLScript is updated

  * FID #85086 CentOS 4 CESA-2011-0337 Update Is Not Installed

    FASLScript is updated

  * FID #85091 CentOS 4 CESA-2011-0392 Update Is Not Installed

    FASLScript is updated

  * FID #85092 CentOS 4 CESA-2011-0428 Update Is Not Installed

    FASLScript is updated

  * FID #94368 SuSE SLES 10 SP4, SLED 10 SP4 MozillaFirefox-7421 Update Is Not Installed

    FASLScript is updated

  * FID #94373 SuSE SLES 10 SP4 apache2-mod_php5-7393 Update Is Not Installed

    FASLScript is updated

  * FID #846 Acme Labs thttpd SSI Arbitrary World-Readable File Disclosure

    Recommendation is updated

  * FID #913 CSSearch Remote Command Execution

    Recommendation is updated

  * FID #3093 (MS00-009) Microsoft Internet Explorer Image Redirect Vulnerability

    Risk is updated

  * FID #3094 (MS00-011) Microsoft Java VM File Reading Vulnerability

    Risk is updated

  * FID #3098 (MS01-045) ISA Server 2000 H.323 Gatekeeper Memory Leak

    Risk is updated

    CVE is updated

  * FID #3109 (MS00-036) Microsoft Windows CIFS ResetBrowser Frame and HostAnnouncement Frame Vulnerability

    Risk is updated

  * FID #3115 (MS00-038) Malformed Windows Media Encoder Request Denial of Service

    Risk is updated

  * FID #3206 (MS00-045) Microsoft Outlook Persistent Mail-Browser Link

    Risk is updated

  * FID #3348 (MS00-077) NetMeeting Desktop Sharing Vulnerability

    Risk is updated

  * FID #30981 Sun Solaris 112238-19 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    CVE is updated

    FASLScript is updated

  * FID #32733 Sun Solaris 143559-07 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    CVE is updated

    FASLScript is updated

  * FID #85074 CentOS 4 CESA-2011-0153 Update Is Not Installed

    FASLScript is updated

  * FID #85076 CentOS 4 CESA-2011-0197 Update Is Not Installed

    FASLScript is updated

  * FID #85085 CentOS 4 CESA-2011-0307 Update Is Not Installed

    FASLScript is updated

  * FID #85087 CentOS 4 CESA-2011-0370 Update Is Not Installed

    FASLScript is updated

  * FID #85093 CentOS 4 CESA-2011-0422 Update Is Not Installed

    FASLScript is updated

  * FID #94384 SuSE SLES 10 SP4 quagga-7406 Update Is Not Installed

    FASLScript is updated

  * FID #911 (MS99-013) Microsoft IIS 4.0 ViewCode.asp File Disclosure

    Recommendation is updated

  * FID #2707 BEA WebLogic File Existence Vulnerability

    Risk is updated

    CVE is updated

  * FID #3103 (MS00-027) Cmd.exe Buffer Overflow via Malformed Environment Variable

    Risk is updated

  * FID #3104 (MS00-029) Microsoft Windows IP Fragment Reassembly Vulnerability

    Risk is updated

  * FID #3246 (MS00-063) IIS 4.0 Invalid URL Vulnerability

    Risk is updated

  * FID #3983 Movable Type Blog Entry Posting HTML Injection Vulnerability

    Risk is updated

  * FID #4345 OmniHTTPD visadmin.exe Denial of Service

    Risk is updated

  * FID #4496 ISS RealSecure/BlackICE SMB Mailslot Parsing Vulnerability

    Risk is updated

  * FID #11275 PHP expose_php Information Disclosure Vulnerability

    Risk is updated

  * FID #30949 Sun Solaris 110672-06 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32038 Sun Solaris 120094-34 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32039 Sun Solaris 120095-34 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32044 Sun Solaris 120228-44 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32045 Sun Solaris 120229-44 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32110 Sun Solaris 126479-25 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32111 Sun Solaris 126480-25 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32291 Sun Solaris 138361-02 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32303 Sun Solaris 138362-02 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32551 Sun Solaris 125216-04 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32558 Sun Solaris 125215-04 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32649 Sun Solaris 125327-03 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32687 Sun Solaris 119534-26 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32702 Sun Solaris 124630-53 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32703 Sun Solaris 124631-53 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32752 Sun Solaris 143562-08 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

  * FID #32753 Sun Solaris 143561-08 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

  * FID #32760 Sun Solaris 145201-04 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32767 Sun Solaris 144488-11 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32768 Sun Solaris 145200-04 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32780 Sun Solaris 138624-05 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32781 Sun Solaris 138623-05 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #83482 FreeBSD chromium Multiple Vulnerabilities

(6887828f-0229-11e0-b84d-00262d5ed8ee)

    FASLScript is updated

  * FID #94376 SuSE SLES 10 SP4, SLED 10 SP4 mozilla-xulrunner191-7427 Update Is Not Installed

    FASLScript is updated

  * FID #94404 SuSE SLES 10 SP4, SLED 10 SP4 dhcp-7430 Update Is Not Installed

    FASLScript is updated

  * FID #94420 SuSE SLES 10 SP3, SLED 10 SP3 dhcp-7456 Update Is Not Installed

    FASLScript is updated

  * FID #94421 SuSE SLES 10 SP4, SLED 10 SP4 dhcp-7451 Update Is Not Installed

    FASLScript is updated

  * FID #94422 SuSE SLES 10 SP4, SLED 10 SP4 xorg-x11-7416 Update Is Not Installed

    FASLScript is updated

  * FID #2827 Default Administrator Account Has Not Been Renamed

    Name is updated

  * FID #4024 Microsoft Windows Audit Directory Service Access Policy

    Observation is updated

    Recommendation is updated

 

削除されたチェック項目:

 

  * FID #11213 Telnet Service Detected

  * FID #42837 HP-UX 11.X PHCO_38637 Update Is Not Installed

  * FID #42953 HP-UX 11.X PHKL_41239 Update Is Not Installed

 

-------------------------------------------------------

2) アプライアンス OSパッチアップデート

-------------------------------------------------------

 期間: 2011/04/27 ~ 2011/05/02 (日本時間)

 

今回のアップデートはございません。

 

-------------------------------------------------------

3) McAfee Vulnerability Manager Software 旧バージョンソフトウェアv6.7サポート終了について

-------------------------------------------------------

 

McAfee Vulnerability Manager Softwareにつきまして、以下の旧バージョンは

サポート終了を予定しておりますのでご案内いたします。

 

McAfee Vulnerability Manager Software v6.7

サポート終了日:2011年6月30日

 

■備考

・現在の最新バージョンは、McAfee Vulnerability Manager Software v7.0となり、

「フルサービス・ハードウェア・サポート」(製品として弊社が提供する全てのサポート内容)をご利用いただけます。

本バージョンへの移行やサポート内容の詳細は、弊社サポート窓口までお問い合わせください。

・本製品のサポート終了日は、以下URLに掲載されます。

http://www.mcafee.com/Japan/support/customer_support/productsupport.asp

・本製品に標準搭載されているWebサイトの脆弱性スキャン機能は、現在製品内容の見直しが図られており、

 McAfee Vulnerability Manager Software v6.7.x および v6.8.x が本機能を搭載した最後のバージョンとなる予定です。

 v6.7.x およびv6.8.x のサポート終了日まではサポートが継続されます。後継については、確定次第、別途ご案内させていただきます。

・アップグレードのツールおよび手順書は、ダウンロードページよりご入手いただけます。

 http://www.mcafee.com/japan/licensed2/

 

-------------------------------------------------------

4) 「サポート通信」登録方法変更のお知らせ

-------------------------------------------------------

サポート通信の登録方法が下記の通り変更となりましたのでお知らせいたします。

 

6月1日以降に新規契約をしたお客様には、4種類のサポート通信を配信いたします。各種サ

ポート通信が不要な方は、各サポート通信の文末に記載されているURLにアクセスして、解除

手続きを行っていただきます。

 

障害などでサポート窓口にお問い合わせいただいた新規のご担当者様には、今までどおり、

「サポート通信 - 登録のご案内」メールを1回のみ配信いたします。

http://www.mcafee.com/japan/support/customer_support/techsupport_regform.asp

 

-------------------------------------------------------

5) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について

-------------------------------------------------------

○ お知らせ

 

企業向けサポートコミュニティサイト「Japan Corporate Support」を開設いたしました。

また、「企業向けお客様サポート公式 Twitter」を開設し、サポート情報のリアルタイム

配信を開始しました。

 

マカフィー、ユーザー参加型の企業向け製品コミュニティサイトをオープン

~サポート部門が主体となり企業セキュリティに関するディスカッションの場を提供~

(4月18日発プレスリリース)

http://www.mcafee.com/japan/about/prelease/pr_11a.asp?pr=11/04/18-1

 

● 開始日

 

2011/04/18 (月) 9:00

 

○ 備考

 

- 企業向けサポートコミュニティサイト「Japan Corporate Support」

   https://community.mcafee.com/community/japan

   サポート通信や FAQ 掲載情報、製品及びパッチのリリース情報やドキュメントが掲載

   されます。また、製品に関する技術的な情報に関して、コミュニティご登録者が参加

   可能なフリーディスカッションのスペースがございます。

 

- 企業向けお客様サポート公式 Twitter

   http://twitter.com/McAfee_BTS_JP

   Twitter サービスを利用し、サポート通信や FAQ 掲載情報、製品及びパッチのリリー

   ス情報がリアルタイムで配信されます。

 

  コミュニティサイトの登録方法、 Twitter のフォロー方法などの詳細につきましては、

  以下のページをご覧ください。

  http://www.mcafee.com/Japan/support/japancorporate.asp

 

---------------------------------------------------------

※ マカフィーからのサービス

---------------------------------------------------------

○マカフィーサポート通信について

- 配信停止

  「マカフィー サポート通信 - リスク管理ソリューション 」の配信停止をご希望される方は、

  以下のページより手続きをお願い致します。

 https://md.pbz.jp/s/r-ctrl.php?act=PCDelAuth&funcinfo_allreset=1&uid=mcafee&mid= foundstone_supp

- 各種法人ユーザ登録情報の変更はこちら

   ⇔ http://www.mcafee.com/japan/support/customer_support/tourokuhenkou.asp

 

○マカフィーでは、製品の技術的FAQ等多くのサービスや情報提供を行っています。是非ご活用ください。

 http://www.mcafee.com/japan/support/

 

●===McAfee=============================================○

発信元:

マカフィー株式会社

テクニカルサポートセンター インフォメーション係

(c) 2011 McAfee, Inc. All Rights Reserved.

お客様は,マカフィー株式会社の事前の書面による承諾を得ることなく、

掲載内容の無断転載を禁じます。

○=============================================McAfee===●