==============================================================

マカフィー サポート通信 - リスク管理ソリューション 2011.05.23
==============================================================

本メールはMcAfee Vulnerability Manager製品のサポートをご購入のお客様
に配信しております。

○-======  今週のマカフィー Vulnerability Manager (目次)  =======-○
1) FSL UPDATE
2) OSパッチアップデート
3) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について
4) McAfee Vulnerability Manager Software 旧バージョンソフトウェアv6.7のサポート終了について
5) 「サポート通信」登録方法変更のお知らせ


※) マカフィーからのサービス
○-===================================================-○

-------------------------------------------------------
1) FSL UPDATE
-------------------------------------------------------
マカフィーは以下のVulnerability Manager製品のアップデートを提供しています。
最新更新日: 2011-MAY-23

(SUMMARY)

新しいチェック項目 : 184
改善されたチェック項目 : 434
削除されたチェック項目 : 3

 追加・改善されたシグネチャ項目等の詳細は以下の製品ダウンロード
 ページから「McAfee Foundstone Update」の最新版を入手してください。

 http://www.mcafee.com/japan/licensed2/

新しいチェック項目:

  * FID #9376 Microsoft Windows Vista SMBv2 Code Signing Algorithm Remote
Code Execution Vulnerability
    Risk: High
  * FID #9932 lighttpd mod_userdir Case Sensitive Comparison Information
Disclosure Vulnerability
    Risk: High
  * FID #10555 Opera Browser Content-Length Header Buffer Overflow
Vulnerability
    Risk: High
  * FID #10565 HP Systems Insight Manager Multiple Vulnerabilities
    Risk: High
  * FID #10567 IBM Rational ClearQuest Unspecified Security Vulnerabilities
    Risk: High
  * FID #10641 IBM Informix Products Setnet32 Utility '.nfx' Multiple
Integer Overflow Vulnerabilities
    Risk: High
  * FID #10646 DokuWiki spellchecker Remote PHP Script Code Injection
Vulnerability
    Risk: High
  * FID #10787 HP OpenView Network Node Manager Multiple Buffer Overflow
Vulnerabilities
    Risk: High
  * FID #10792 HP OpenView Network Node Manager Multiple Vulnerabilities
    Risk: High
  * FID #10959 Cisco WebEx Player ARF Parsing Buffer Overflow Vulnerability
    Risk: High
  * FID #10965 Novell GroupWise Multiple Vulnerabilities III
    Risk: High
  * FID #11215 Oracle Weblogic Server JRockit Privilege Escalation
Vulnerability I
    Risk: High
  * FID #11417 Lumension PatchLink Update Server checkprofile.asp SQL
Injection Vulnerability
    Risk: High
  * FID #11440 WordPress User-Agent SQL Injection Vulnerability
    Risk: High
  * FID #11749 Xerox WorkCentre OpenSSL Multiple Vulnerabilities
    Risk: High
  * FID #11832 Xerox WorkCentre SMB Or CIFS Multiple Vulnerabilities
    Risk: High
  * FID #11841 Xerox WorkCentre MicroServer Web Server And Network
Controller Multiple Vulnerabilities
    Risk: High
  * FID #11855 Xerox WorkCentre Webserver Unspecified Command Execution
Vulnerability
    Risk: High
  * FID #11857 Xerox WorkCentre Network Controller And MicroServer Web
Server WebUI Command Execution Vulnerability
    Risk: High
  * FID #11858 Squirrelmail redirect.php  Local File Inclusion
Vulnerability
    Risk: High
  * FID #11867 Trend Micro ServerProtect For Linux splx_2376_info Cookie
Authentication Bypass Vulnerability
    Risk: High
  * FID #11885 HP Ignite-UX Password File Disclosure Vulnerability
    Risk: High
  * FID #11937 VMware ESX/ESXi Socket Exhaustion Denial Of Service
    Risk: High
  * FID #11956 Mozilla Firefox Multiple Vulnerabilities
    Risk: High
  * FID #11958 VMware ESX/ESXi Likewise Denial of Service
    Risk: High
  * FID #11960 Mozilla Thunderbird Multiple Vulnerabilities
    Risk: High
  * FID #11961 Mozilla SeaMonkey Multiple Vulnerabilities
    Risk: High
  * FID #11972 Skype Messages Remote Code Execution
    Risk: High
  * FID #11979 CA Total Defense Suite Heartbeat Web Service Remote Code
Execution
    Risk: High
  * FID #11988 Adobe Photoshop Multiple Unspecified Vulnerabilities II
    Risk: High
  * FID #12007 Google Chrome Unspecified Remote Code Execution
    Risk: High
  * FID #12037 (APSB11-11) Adobe Flash Media Server Remote Code Execution
    Risk: High
  * FID #12038 (APSB11-11) Adobe Flash Media Server Denial Of Service
    Risk: High
  * FID #12053 Google Chrome Multiple Vulnerabilities Prior To 11.0.696.68
    Risk: High
  * FID #12058 Google Chrome WebKit Cast Denial of Service
    Risk: High
  * FID #12059 Google Chrome Integer Overflow Denial of Service
    Risk: High
  * FID #41646 Red Hat Enterprise Linux RHSA-2011-0498 Update Is Not
Installed
    Risk: High
  * FID #41649 Red Hat Enterprise Linux RHSA-2011-0496 Update Is Not
Installed
    Risk: High
  * FID #43003 HP-UX 11.X PHSS_30986 Update Is Not Installed
    Risk: High
  * FID #43005 HP-UX 11.X PHKL_40888 Update Is Not Installed
    Risk: High
  * FID #43006 HP-UX 11.X PHSS_41422 Update Is Not Installed
    Risk: High
  * FID #43007 HP-UX 11.X PHSS_41423 Update Is Not Installed
    Risk: High
  * FID #50243 Ubuntu Linux 6.06 LTS USN-1111-1 Update Is Not Installed
    Risk: High
  * FID #58127 Debian Linux 5.0 DSA-2234-1 Update Is Not Installed
    Risk: High
  * FID #81630 Fedora Linux 14 FEDORA-2011-6541 Update Is Not Installed
    Risk: High
  * FID #85123 CentOS 4 CESA-2011-0477 Update Is Not Installed
    Risk: High
  * FID #85124 CentOS 5 CESA-2011-0182 Update Is Not Installed
    Risk: High
  * FID #90754 Oracle Enterprise Linux ELSA-2011-0496 Update Is Not
Installed
    Risk: High
  * FID #94490 SuSE SLES 10 SP4, SLED 10 SP4 libtiff-7474 Update Is Not
Installed
    Risk: High
  * FID #94494 SuSE Linux  11.2,  11.3,  11.4 suse-sa:2011:022 Update Is
Not Installed
    Risk: High
  * FID #9442 ISC BIND TSIG Zone Transfer Denial Of Service Vulnerability
    Risk: Medium
  * FID #10464 Apache Struts XWork Remote Command Execution Vulnerability
    Risk: Medium
  * FID #10489 Microsoft ASP.NET Application Tracing trace.axd Information
Disclosure Vulnerability
    Risk: Medium
  * FID #10508 HP OpenView Network Node Manager OpenView5.exe Directory
Traversal Vulnerability
    Risk: Medium
  * FID #10538 Web Server Cross Site Scripting Vulnerability
    Risk: Medium
  * FID #10607 Bugzilla Time Tracking Information Disclosure Vulnerability
    Risk: Medium
  * FID #10643 Oracle Database DBMS_JAVA.SET_OUTPUT_TO_JAVA Privilege
Escalation Vulnerability
    Risk: Medium
  * FID #10677 PmWiki pmwiki.php Multiple Vulnerabilities
    Risk: Medium
  * FID #10782 HP OpenView Network Node Manager Denial Of Service
Vulnerability
    Risk: Medium
  * FID #10793 HP OpenView Network Node Manager Denial Of Service
Vulnerability I
    Risk: Medium
  * FID #11082 Oracle WebLogic Server config.xml Administrator Password
Disclosure Vulnerability
    Risk: Medium
  * FID #11185 Oracle WebLogic Server LDAP Denial Of Service Vulnerability
    Risk: Medium
  * FID #11190 Oracle WebLogic Server Multiple Cross Site Scripting
Vulnerabilities
    Risk: Medium
  * FID #11191 Oracle WebLogic Server DOS Device Null Character Denial Of
Service Vulnerability
    Risk: Medium
  * FID #11207 Oracle WebLogic Server Proxy Plug-in For Netscape Enterprise
Server Denial Of Service Vulnerability
    Risk: Medium
  * FID #11210 Oracle WebLogic Server Apache Proxy Plug-in Denial Of
Service Vulnerability
    Risk: Medium
  * FID #11219 Microsoft Windows 2000 SMTP Service Authentication Bypass
Vulnerability
    Risk: Medium
  * FID #11222 Oracle WebLogic Server HTTP TRACE Information Disclosure
Vulnerability
    Risk: Medium
  * FID #11231 Oracle WebLogic Portal User-Entitlement Security Bypass
Vulnerability
    Risk: Medium
  * FID #11233 Oracle WebLogic Server X.509 Certification Security Bypass
Vulnerability
    Risk: Medium
  * FID #11259 Oracle WebLogic Server SSL Client Privilege Escalation
Vulnerability
    Risk: Medium
  * FID #11264 Oracle WebLogic Server Malformed Cookie Denial Of Service
Vulnerability
    Risk: Medium
  * FID #11273 Oracle WebLogic Server Operator Or Admin Password
Information Disclosure Vulnerability
    Risk: Medium
  * FID #11274 Oracle WebLogic Server LDAP Server Anonymous Bind Denial Of
Service Vulnerability
    Risk: Medium
  * FID #11441 Oracle Database exp.exe Parameter Remote Buffer Overflow
Vulnerability
    Risk: Medium
  * FID #11458 WordPress Posts Variable SQL Injection Vulnerability
    Risk: Medium
  * FID #11743 Xerox WorkCentre Network Controller Directory Structure
Unauthorized Access Vulnerability
    Risk: Medium
  * FID #11746 Xerox WorkCentre MicroServer Web Server Multiple
Authentication Bypass Vulnerabilities
    Risk: Medium
  * FID #11747 Xerox WorkCentre Multiple Page Fax Information Disclosure
Vulnerability
    Risk: Medium
  * FID #11834 Xerox WorkCentre Multiple Unspecified Vulnerabilities
    Risk: Medium
  * FID #11835 Novell GroupWise WebAcces WebAccessUninstall.ini Information
Disclosure Vulnerability
    Risk: Medium
  * FID #11838 Xerox WorkCentre MicroServer Web Server Multiple
Vulnerabilities
    Risk: Medium
  * FID #11843 HP LaserJet JetDirect Card Security Bypass Vulnerability
    Risk: Medium
  * FID #11845 Xerox WorkCentre Pro Multiple Denial Of Service
Vulnerabilities
    Risk: Medium
  * FID #11846 HP Web Jetadmin Remote Arbitrary Command Execution
Vulnerability
    Risk: Medium
  * FID #11847 Xerox WorkCentre And WorkCentre Pro Multiple Vulnerabilities
    Risk: Medium
  * FID #11848 Novell GroupWise WebAccess error Module Authentication
Bypass Vulnerability
    Risk: Medium
  * FID #11849 Xerox WorkCentre Network Controller Samba Buffer Overflow
Vulnerability
    Risk: Medium
  * FID #11853 Xerox WorkCentre Webserver Unspecified Remote Command
Execution Vulnerability
    Risk: Medium
  * FID #11854 lighttpd Trailing Slash Information Disclosure Vulnerability
    Risk: Medium
  * FID #11856 Xerox WorkCentre Web Services Extensible Interface Platform
Security Bypass Vulnerability I
    Risk: Medium
  * FID #11863 LiteSpeed Web Server Mime Type Injection Source Code
Disclosure Vulnerability
    Risk: Medium
  * FID #11892 SquirrelMail HTTPS Session Cookie Secure Flag Information
Disclosure Vulnerability
    Risk: Medium
  * FID #11904 HP OpenView Performance Insight Server Backdoor Account
Remote Code Execution
    Risk: Medium
  * FID #11932 Oracle Sun Java System Access Manager Policy Agent Denial Of
Service
    Risk: Medium
  * FID #11938 VMware ESX/ESXi MIT-krb5 Spoofing II
    Risk: Medium
  * FID #11939 VMware ESX/ESXi MIT-krb5 Spoofing III
    Risk: Medium
  * FID #11940 VMware ESX/ESXi MIT-krb5 Spoofing I
    Risk: Medium
  * FID #11957 VMware ESX Service Console Kernel Privilege Escalation
    Risk: Medium
  * FID #11962 VMware ESX/ESXi MIT-krb5 Spoofing IV
    Risk: Medium
  * FID #11980 CA Total Defense Suite UNCWS Web Service Information
Disclosure
    Risk: Medium
  * FID #11981 CA Total Defense Suite UNC Management Console Operations SQL
Injection Remote Code Execution
    Risk: Medium
  * FID #12012 WordPress SocialGrid Plugin "default_services" Cross-Site
Scripting Vulnerability
    Risk: Medium
  * FID #12066 Oracle Sun GlassFish Enterprise Server Authentication Bypass
Vulnerability
    Risk: Medium
  * FID #41647 Red Hat Enterprise Linux RHSA-2011-0492 Update Is Not
Installed
    Risk: Medium
  * FID #41648 Red Hat Enterprise Linux RHSA-2011-0491 Update Is Not
Installed
    Risk: Medium
  * FID #41650 Red Hat Enterprise Linux RHSA-2011-0486 Update Is Not
Installed
    Risk: Medium
  * FID #50247 Ubuntu Linux 10.04, 10.10, 11.04, 6.06 LTS, 8.04 LTS, 9.10
USN-1126-2 Update Is Not Installed
    Risk: Medium
  * FID #58128 Debian Linux 5.0, 6.0 DSA-2233-1 Update Is Not Installed
    Risk: Medium
  * FID #85125 CentOS 4 CESA-2011-0491 Update Is Not Installed
    Risk: Medium
  * FID #85126 CentOS 5 CESA-2011-0478 Update Is Not Installed
    Risk: Medium
  * FID #85127 CentOS 4, 5 CESA-2011-0486 Update Is Not Installed
    Risk: Medium
  * FID #85128 CentOS 5 CESA-2011-0492 Update Is Not Installed
    Risk: Medium
  * FID #90752 Oracle Enterprise Linux ELSA-2011-0491 Update Is Not
Installed
    Risk: Medium
  * FID #90753 Oracle Enterprise Linux ELSA-2011-0486 Update Is Not
Installed
    Risk: Medium
  * FID #90755 Oracle Enterprise Linux ELSA-2011-0492 Update Is Not
Installed
    Risk: Medium
  * FID #94487 SuSE SLES 10 SP4 vsftpd-7408 Update Is Not Installed
    Risk: Medium
  * FID #94492 SuSE SLES 10 SP3 vsftpd-7373 Update Is Not Installed
    Risk: Medium
  * FID #94504 SuSE SLES 11, 11 SP1 vsftpd-4114 Update Is Not Installed
    Risk: Medium
  * FID #11080 Oracle WebLogic Server MBean Administrator Password
Disclosure Vulnerability
    Risk: Low
  * FID #11748 Novell GroupWise WebAccess Multiple Cross-Site Scripting
Vulnerabilities
    Risk: Low
  * FID #11865 HP Web Jetadmin setinfo.hts Script Directory Traversal
Vulnerability
    Risk: Low
  * FID #11986 HP Network Automation Unspecified Information Disclosure
Vulnerability
    Risk: Low
  * FID #32810 Sun Solaris 145802-05 Update Is Not Installed
    Risk: Low
  * FID #43004 HP-UX 11.X PHSS_34735 Update Is Not Installed
    Risk: Low
  * FID #50244 Ubuntu Linux 11.04 USN-1122-2 Update Is Not Installed
    Risk: Low
  * FID #50245 Ubuntu Linux 10.04, 10.10, 11.04 USN-1130-1 Update Is Not
Installed
    Risk: Low
  * FID #50246 Ubuntu Linux 10.04, 10.10 USN-1122-1 Update Is Not Installed
    Risk: Low
  * FID #58124 Debian Linux 6.0 DSA-2231-1 Update Is Not Installed
    Risk: Low
  * FID #58125 Debian Linux 6.0 DSA-2232-1 Update Is Not Installed
    Risk: Low
  * FID #58126 Debian Linux 6.0 DSA-2235-1 Update Is Not Installed
    Risk: Low
  * FID #81618 Fedora Linux 13 FEDORA-2011-6258 Update Is Not Installed
    Risk: Low
  * FID #81619 Fedora Linux 15 FEDORA-2011-6680 Update Is Not Installed
    Risk: Low
  * FID #81620 Fedora Linux 14 FEDORA-2011-6380 Update Is Not Installed
    Risk: Low
  * FID #81621 Fedora Linux 14 FEDORA-2011-5676 Update Is Not Installed
    Risk: Low
  * FID #81622 Fedora Linux 13 FEDORA-2011-6205 Update Is Not Installed
    Risk: Low
  * FID #81623 Fedora Linux 15 FEDORA-2011-6681 Update Is Not Installed
    Risk: Low
  * FID #81624 Fedora Linux 15 FEDORA-2011-6279 Update Is Not Installed
    Risk: Low
  * FID #81625 Fedora Linux 13 FEDORA-2011-6363 Update Is Not Installed
    Risk: Low
  * FID #81626 Fedora Linux 13 FEDORA-2011-6110 Update Is Not Installed
    Risk: Low
  * FID #81627 Fedora Linux 14 FEDORA-2011-6124 Update Is Not Installed
    Risk: Low
  * FID #81628 Fedora Linux 14 FEDORA-2011-6245 Update Is Not Installed
    Risk: Low
  * FID #81629 Fedora Linux 14 FEDORA-2011-5815 Update Is Not Installed
    Risk: Low
  * FID #81631 Fedora Linux 13 FEDORA-2011-6208 Update Is Not Installed
    Risk: Low
  * FID #81632 Fedora Linux 15 FEDORA-2011-6267 Update Is Not Installed
    Risk: Low
  * FID #83559 FreeBSD postfix Memory Corruption Vulnerability
(3eb2c100-738b-11e0-89f4-001e90d46635)
    Risk: Low
  * FID #94484 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1
yast2-registration-4344 Update Is Not Installed
    Risk: Low
  * FID #94485 SuSE SLES 10 SP3 MozillaFirefox-7491 Update Is Not Installed
    Risk: Low
  * FID #94486 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1
mozilla-xulrunner191-4461 Update Is Not Installed
    Risk: Low
  * FID #94488 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 libzip1-4191 Update Is
Not Installed
    Risk: Low
  * FID #94489 SuSE SLES 10 SP3 mcelog-7412 Update Is Not Installed
    Risk: Low
  * FID #94491 SuSE SLES 10 dhcp-7495 Update Is Not Installed
    Risk: Low
  * FID #94493 SuSE SLES 10 SP3 timezone-2011g-7499 Update Is Not Installed
    Risk: Low
  * FID #94495 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1
NM-UMTS-Modem-Support-4275 Update Is Not Installed
    Risk: Low
  * FID #94496 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 star-4178 Update Is
Not Installed
    Risk: Low
  * FID #94497 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 ImageMagick-4402
Update Is Not Installed
    Risk: Low
  * FID #94498 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 MozillaFirefox-4463
Update Is Not Installed
    Risk: Low
  * FID #94499 SuSE SLES 11, 11 SP1 openCryptoki-libica-4485 Update Is Not
Installed
    Risk: Low
  * FID #94500 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 postfix-4478 Update Is
Not Installed
    Risk: Low
  * FID #94501 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 findutils-4367 Update
Is Not Installed
    Risk: Low
  * FID #94502 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 rsync-4300 Update Is
Not Installed
    Risk: Low
  * FID #94503 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 nfs-client-4349 Update
Is Not Installed
    Risk: Low
  * FID #94505 SuSE SLES 10 SP4, SLED 10 SP4 MozillaFirefox-7490 Update Is
Not Installed
    Risk: Low
  * FID #94506 SuSE SLES 10 SP4, SLED 10 SP4 timezone-2011g-7498 Update Is
Not Installed
    Risk: Low
  * FID #94507 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 timezone-2011g-4475
Update Is Not Installed
    Risk: Low
  * FID #94508 SuSE SLES 10 SP4, SLED 10 SP4 postfix-7502 Update Is Not
Installed
    Risk: Low
  * FID #94509 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 suseRegister-4343
Update Is Not Installed
    Risk: Low
  * FID #94510 SuSE SLED 11 SP1 java-1_6_0-sun-4494 Update Is Not Installed
    Risk: Low
  * FID #94511 SuSE SLES 10 SP3 postfix-7503 Update Is Not Installed
    Risk: Low
  * FID #94512 SuSE SLES 10 SP3 mozilla-xulrunner191-7493 Update Is Not
Installed
    Risk: Low
  * FID #94513 SuSE SLES 10 SP4, SLED 10 SP4 mozilla-xulrunner191-7492
Update Is Not Installed
    Risk: Low
  * FID #10158 TLS/SSL Server X.509 Certificate MD5 Signature Detected
    Risk: Informational
  * FID #11168 Non Compliant Strict Transport Security Detected
    Risk: Informational
  * FID #11172 IBM WebSphere MQ Listener Detected
    Risk: Informational
  * FID #11196 RTMP Server Detected
    Risk: Informational
  * FID #11211 writesrv Service Detection
    Risk: Informational
  * FID #11217 xtelw Service Detected
    Risk: Informational
  * FID #11236 HTTP Reverse Proxy Server Detection
    Risk: Informational
  * FID #11263 Microsoft IIS URLScan Detected
    Risk: Informational
  * FID #11410 HTTP Server mod_gzip Detection
    Risk: Informational
  * FID #11844 Kerio WinRoute Firewall Admin Service Detected
    Risk: Informational
  * FID #11851 Symantec Web Security Detection
    Risk: Informational
  * FID #11860 HP Linux Imaging And Printing hpssd Daemon Detection
    Risk: Informational
  * FID #11888 Compaq Web Management Server Detection
    Risk: Informational

改善されたチェック項目:

  * FID #602 ISC BIND TSIG Buffer Overflow
    Recommendation is updated
  * FID #875 Microsoft IIS Anonymous Write Permissions Enabled
    Recommendation is updated
  * FID #914 Cisco HTTP Command Execution
    Recommendation is updated
  * FID #934 csMailto.cgi Command Execution
    Recommendation is updated
  * FID #1034 Sendmail Daemon Mode Local Privilege Escalation
    Recommendation is updated
  * FID #1056 Multiple Vendor Access Point Information Leakage
    Name is updated
  * FID #1253 ISC BIND SIG Cached RR Overflow
    Recommendation is updated
  * FID #1673 ISC BIND Resolver Library Buffer Overflow
    Recommendation is updated
  * FID #1938 Cisco VPN 3000 Concentrator Password Disclosure
    Recommendation is updated
  * FID #2000 ISC BIND Stub Resolvers Buffer Overflow
    Recommendation is updated
  * FID #2074 Apache mod_alias/mod_rewrite Buffer Overflow
    Recommendation is updated
  * FID #2113 Lotus Domino Web Server Non-ASCII Character Authentication
Buffer Overflow
    Recommendation is updated
  * FID #2316 WU-FTPD setproctitle() Format String
    Name is updated
  * FID #2319 WU-FTPD S/Key Remote Buffer Overrun
    Recommendation is updated
    CVE is updated
  * FID #2761 SSH Multiple Buffer Overflows Vulnerability
    Recommendation is updated
  * FID #2778 SSH Agent Mechanism Race Condition Vulnerability
    Recommendation is updated
  * FID #2895 Subversion apr_time_t Stack Overflow
    Recommendation is updated
  * FID #3029 Exim auth_spa_server() Buffer Overflow Vulnerability
    Recommendation is updated
  * FID #3111 Cisco IOS MPLS Packet Handling Denial of Service
Vulnerability
    Recommendation is updated
  * FID #3112 Cisco IOS IPv6 Packet Handling Denial of Service
Vulnerability
    Recommendation is updated
  * FID #3113 Cisco IOS BGP Packet Handling Denial of Service Vulnerability
    Recommendation is updated
  * FID #3202 AWStats configdir Remote Command Execution
    Name is updated
  * FID #3290 Linksys WAP55AG Wireless Access Point User Access
Vulnerability
    Recommendation is updated
  * FID #3374 CNC Technology BizDB Remote Shell Command Attack
Vulnerability
    Recommendation is updated
  * FID #3385 Aborior Encore Web Forum Remote Code Execution Vulnerability
    Recommendation is updated
  * FID #3387 Antiboard Server Data Manipulation Vulnerability
    Recommendation is updated
  * FID #3398 eXtropia BBS Remote Arbitrary Command Execution Vulnerability
    Recommendation is updated
  * FID #3436 Mozilla Firefox DOM Privilege Escalation
    Recommendation is updated
  * FID #3762 Singapore Administrator Password Leakage Vulnerability
    Recommendation is updated
  * FID #3813 Symantec Veritas Backup Exec for Windows Default Root
Credentials
    Recommendation is updated
  * FID #3814 (KB906267) Microsoft Internet Explorer Msdds.dll
Vulnerability
    Recommendation is updated
  * FID #3934 Ethereal Multiple Dissector Vulnerabilities
    Recommendation is updated
  * FID #4037 FTGate4 Groupware Mail Server Multiple Vulnerabilities
    Recommendation is updated
  * FID #4075 Cisco H.323 Message Processing Vulnerabilities
    Recommendation is updated
  * FID #4076 Cisco Internet Key Exchange Xauth Implementation
Vulnerabilities
    Recommendation is updated
  * FID #4078 Cisco IOS Crafted Packet Causes Reload Vulnerability
    Recommendation is updated
  * FID #4079 Cisco IOS Embedded Call Processing Solutions Vulnerability
    Recommendation is updated
  * FID #4098 Microsoft HTML Help Workshop Buffer Overflow vulnerability
    Observation is updated
    Recommendation is updated
  * FID #4141 IBM Lotus Notes Multiple Vulnerabilities
    Recommendation is updated
  * FID #4218 Achievo Configuration Parameter Vulnerability
    Recommendation is updated
  * FID #4373 DameWare Mini Remote Control Buffer Overflow
    Recommendation is updated
  * FID #4374 DameWare Mini Remote Control Long Username Buffer Overflow
    Recommendation is updated
  * FID #4439 Firefox iframe.contentWindow.focus Deleted Object Reference
Vulnerability
    Recommendation is updated
  * FID #4631 BIND Inverse-Query Buffer Overflow
    Name is updated
  * FID #4814 GnuPG OpenPGP Vulnerability
    Recommendation is updated
  * FID #4874 Acer Notebook LunchApp.APlunch ActiveX Control Vulnerability
    Recommendation is updated
  * FID #4876 Yahoo! Messenger YMailAttach ActiveX Vulnerability
    Recommendation is updated
  * FID #4934 Trend Micro Scan Engine UPX Buffer Overflow
    Recommendation is updated
  * FID #4955 Microsoft Word Remote Code Execution Vulnerability
    Recommendation is updated
  * FID #4971 SupportSoft SmartIssue ActiveX Control Stack Overflow
    Recommendation is updated
  * FID #5048 IBM Tivoli Provisioning Manager for OS Deployment HTTP POST
Vulnerabilities
    Recommendation is updated
  * FID #5065 Microsoft Windows HLP File Handling Heap Buffer Overflow
    Recommendation is updated
  * FID #5083 Akamai Download Manager ActiveX Stack Overflow
Vulnerabilities
    Recommendation is updated
  * FID #5118 AOL Nullsoft WinAmp MP4 File Handling vulnerability
    Recommendation is updated
  * FID #5162 Apple QuickTime STSD Parsing Vulnerability
    Recommendation is updated
  * FID #5213 PHP str_replace() Memory Allocation Vulnerability
    Recommendation is updated
  * FID #5262 Cerulean Studios Trillian UTF-8 Word Wrap Vulnerability
    Recommendation is updated
  * FID #5268 Cisco IOS DOCSIS Read-Write Community String Enabled in
Non-DOCSIS Platforms Vulnerablility
    Recommendation is updated
  * FID #5282 Cisco IOS GRE Decapsulation Vulnerability
    Recommendation is updated
  * FID #5284 Cisco IOS Multiple SSH Vulnerabilities
    Recommendation is updated
  * FID #5290 RealPlayer/HelixPlayer SMIL Wallclock Stack Overflow
Vulnerability
    Recommendation is updated
  * FID #5311 Cisco IOS Locally Defined Users Enumerating Vulnerability
    Recommendation is updated
  * FID #5313 Cisco IOS Access Point Web-browser Interface Vulnerability
    Recommendation is updated
  * FID #5348 Cisco IOS HTTP Server Command Injection Vulnerability
    Recommendation is updated
  * FID #5349 Cisco IOS TCP Loopback DoS Vulnerability
    Recommendation is updated
  * FID #5350 Cisco IOS AAA Failure Vulnerability
    Recommendation is updated
  * FID #5351 Cisco IOS Remote Router Crash Vulnerability
    Recommendation is updated
  * FID #5352 Cisco IOS CBAC Fragmentation Attack Vulnerability
    Recommendation is updated
  * FID #5353 Cisco IOS Command History Release at Login Prompt
Vulnerability
    Recommendation is updated
  * FID #5361 Netscape "navigatorurl" URI Handler Registration
Vulnerability
    Recommendation is updated
  * FID #5364 Cisco IOS Syslog Crash Vulnerability
    Recommendation is updated
  * FID #5367 Cisco IOS Software TELNET Option Handling Vulnerability
    Recommendation is updated
  * FID #5368 Cisco IOS Software SNMP Read-Write ILMI Community String
Vulnerability
    Recommendation is updated
  * FID #5371 Citrix Access Gateway Multiple Vulnerabilities
    Recommendation is updated
  * FID #5373 CA Alert Notification Server RPC Request Buffer Overflow
    Recommendation is updated
  * FID #5385 Cisco IOS Software Multiple SNMP Community String
Vulnerabilities
    Recommendation is updated
  * FID #5387 Cisco IOS 12000 Series Internet Router ICMP Unreachable
Vulnerability
    Recommendation is updated
  * FID #5388 Cisco IOS Reload after Scanning Vulnerability
    Recommendation is updated
  * FID #5398 IBM WebSphere Application Server HTTP Response Splitting
    Recommendation is updated
  * FID #5435 Yahoo! Messenger Webcam Heap Overflow
    Recommendation is updated
  * FID #5529 CA BrightStor ARCserve Backup Authentication Integer Overflow
    Recommendation is updated
  * FID #5532 CA BrightStor ARCServe Backup Multiple Vulnerabilities
    Recommendation is updated
  * FID #5537 HP Web-enabled Management Software Remote Buffer Overflow
    Recommendation is updated
  * FID #5562 Symantec Mail Security Domino File Parsing Vulnerabilities
    Recommendation is updated
  * FID #5583 CA eTrust SiteMinder Agent Remote Script Injection
    Recommendation is updated
  * FID #5661 SAP MaxDB Remote Code Execution
    Recommendation is updated
  * FID #5662 SAP MaxDB Remote Code Execution
    Recommendation is updated
  * FID #5666 AOL Radio Buffer Overflow
    Recommendation is updated
  * FID #5714 JustSystems Ichitaro BackDoor-DLI Zero Day
    Recommendation is updated
  * FID #5716 JustSystems Ichitaro Document Unspecified Buffer Overflow
    Recommendation is updated
  * FID #5818 Adobe Flash Player Cross-Domain Policy Privilege Escalation
    Recommendation is updated
  * FID #5819 Adobe Flash Player SWF Malicious HTTP Header Bypass
    Recommendation is updated
  * FID #5836 Microsoft Works WkImgSrv.dll ActiveX Vulnerability
    Recommendation is updated
  * FID #8204 Microsoft Producer Project File Parsing Buffer Overflow
Vulnerability
    Recommendation is updated
  * FID #8511 Mozilla SeaMonkey Multiple Vulnerabilities I
    Name is updated
  * FID #8528 (MS10-028) Microsoft Visio Index Calculation Memory
Corruption Vulnerability (980094)
    Name is updated
  * FID #8550 (MS10-029) Vulnerabilities in Windows ISATAP Component Could
Allow Spoofing (978338)
    FASLScript is updated
  * FID #9840 Microsoft Windows DLL Load Hijacking (2269637)
    FASLScript is updated
  * FID #9912 Opera DLL Hijacking Vulnerability
    Recommendation is updated
  * FID #32180 Sun Solaris 125136-27 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32182 Sun Solaris 125138-27 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32183 Sun Solaris 125139-27 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #34000 Cisco IOS RADIUS Authentication Bypass
    Recommendation is updated
  * FID #34001 Cisco IOS Firewall Authentication Proxy for FTP and Telnet
Sessions Buffer Overflow
    Recommendation is updated
  * FID #34024 Cisco IOS System Timers Heap-based Overflow Vulnerability
    Recommendation is updated
  * FID #34033 Cisco IOS Reload after Scanning Vulnerability
    Recommendation is updated
  * FID #34034 Cisco IOS 12000 Series Internet Router ICMP Unreachable
Vulnerability
    Recommendation is updated
  * FID #34036 Cisco IOS Software Multiple SNMP Community String
Vulnerabilities
    Recommendation is updated
  * FID #34037 Cisco IOS Software SNMP Read-Write ILMI Community String
Vulnerability
    Recommendation is updated
  * FID #34038 Cisco IOS Software TELNET Option Handling Vulnerability
    Recommendation is updated
  * FID #34041 Cisco IOS Syslog Crash Vulnerability
    Recommendation is updated
  * FID #34043 Cisco IOS Command History Release at Login Prompt
Vulnerability
    Recommendation is updated
  * FID #34044 Cisco IOS CBAC Fragmentation Attack Vulnerability
    Recommendation is updated
  * FID #34045 Cisco IOS Remote Router Crash Vulnerability
    Recommendation is updated
  * FID #34047 Cisco IOS AAA Failure Vulnerability
    Recommendation is updated
  * FID #34048 Cisco IOS TCP Loopback DoS Vulnerability
    Recommendation is updated
  * FID #34049 Cisco IOS HTTP Server Command Injection Vulnerability
    Recommendation is updated
  * FID #34050 Cisco IOS Access Point Web-browser Interface Vulnerability
    Recommendation is updated
  * FID #34052 Cisco IOS Locally Defined Users Enumerating Vulnerability
    Recommendation is updated
  * FID #34058 Cisco IOS Multiple SSH Vulnerabilities
    Recommendation is updated
  * FID #34061 Cisco IOS GRE Decapsulation Vulnerability
    Recommendation is updated
  * FID #34065 Cisco IOS DOCSIS Read-Write Community String Enabled in
Non-DOCSIS Platforms Vulnerablility
    Recommendation is updated
  * FID #38081 Apple Airport Wireless Driver Heap Buffer Overflow
    Recommendation is updated
  * FID #45170 SUSE Linux 9.X suse-sa:2007:030 Update Is Not Installed
    CVE is updated
  * FID #683 ISC BIND zxfr Denial-of-Service
    Recommendation is updated
  * FID #705 ISC BIND srv Denial-of-Service
    Recommendation is updated
  * FID #706 ISC BIND solinger Denial-of-Service
    Recommendation is updated
  * FID #859 Compaq Survey Utility Anonymous Login
    Recommendation is updated
  * FID #872 Lotus Domino Web Server statrep.nsf Anonymous Access
    Recommendation is updated
  * FID #935 FormMail.pl Detected
    Recommendation is updated
  * FID #957 Washington University IMAP Partial Mailbox Attribute Remote
Buffer Overflow
    Recommendation is updated
  * FID #989 3Com Airconnect Accept Broadcast SSID
    Name is updated
  * FID #990 3Com Airconnect Access Control Disabled
    Name is updated
  * FID #993 3Com Airconnect default SSID
    Name is updated
  * FID #994 3Com Airconnect Telnet Enabled
    Name is updated
  * FID #998 Generic 802.11 WEP Disabled via SNMP
    Name is updated
  * FID #1001 Cisco Aironet Default SSID check via SNMP
    Name is updated
  * FID #1002 Cisco Aironet Default User check via SNMP
    Name is updated
  * FID #1003 Cisco Aironet Telnet Enabled via SNMP
    Name is updated
  * FID #1004 Enterasys RoamAbout Default SSID
    Name is updated
  * FID #1005 Enterasys Roamabout Console Password Disabled
    Name is updated
  * FID #1006 Enterasys Roamabout Current Secure Access Disabled
    Name is updated
  * FID #1007 Lucent Orinoco Closed System Disabled
    Name is updated
  * FID #1008 Lucent Orinoco Default SSID Check
    Name is updated
  * FID #1086 Apache Win32 Directory Traversal
    Recommendation is updated
  * FID #1170 Count.cgi Buffer Overflow
    Observation is updated
    Recommendation is updated
  * FID #1426 Netscape Enterprise Server REVLOG Denial-of-Service
    Recommendation is updated
  * FID #1429 Microsoft FrontPage Server Extensions /_vti_pvt/ Accessible
    Recommendation is updated
  * FID #1433 Compaq Insight Manager HTTP Server Cross-Site Scripting
    Recommendation is updated
  * FID #1461 Microsoft ASP.NET Web Application Framework Cross-Site
Scripting
    Recommendation is updated
  * FID #1784 ISC BIND SIG RR Denial-of-Service
    Recommendation is updated
  * FID #1943 Cisco VPN 3000 Concentrator Client Authentication
Denial-of-Service
    Recommendation is updated
  * FID #1964 Cisco VPN 3000 Concentrator ISAKMP Package Processing
    Recommendation is updated
  * FID #2300 WU-FTPD LS Width Argument Integer Overflow
    Name is updated
    CVE is updated
  * FID #2325 HP Web JetAdmin Source Disclosure of HTS and INC Files
    Recommendation is updated
  * FID #2752 SSH Bruteforce Authentication Weakness Vulnerability
    Recommendation is updated
  * FID #2759 SSH Input Field Length Denial of Service Vulnerability
    Recommendation is updated
  * FID #2760 SSH Inadequate Bounds Checking Vulnerability
    Recommendation is updated
  * FID #2786 SSH Kerberos Authentication Support Vulnerability
    Recommendation is updated
  * FID #2788 SSH x11 Disable Agent Vulnerability
    Recommendation is updated
  * FID #2796 SSH OpenSSH FROM Option Vulnerability
    Recommendation is updated
  * FID #3048 Morpheus FastTrack Service Identity Spoofing Vulnerability
    CVE is updated
  * FID #3049 Grokster FastTrack Service Identity Spoofing Vulnerability
    CVE is updated
  * FID #3055 Kazaa FastTrack P2P Supernode Packet Handler Buffer Overrun
    Recommendation is updated
  * FID #3141 ProFTPd Setproctitle Format String Buffer Overflow
    Recommendation is updated
  * FID #3319 Apple QuickTime PictureViewer JPEG Denial of Service
    Recommendation is updated
  * FID #3369 Apache mod_ssl SSL CipherSuite Bypass
    Recommendation is updated
  * FID #3381 AnyForm Code Execution Vulnerability
    Recommendation is updated
  * FID #3418 Yahoo! Messenger Denial of Service
    Recommendation is updated
  * FID #3452 Adobe Acrobat Reader File Extension Buffer Overflow
    Recommendation is updated
  * FID #3609 GoodTech SMTP Server Denial of Service
    Recommendation is updated
  * FID #3768 PHP Uploader CGI Application Arbitrary File Upload
Vulnerability
    Recommendation is updated
  * FID #3790 ProFTPD ftpshut Format String Vulnerability
    Recommendation is updated
  * FID #3799 Alt-N MDaemon IMAP Denial of Service
    Recommendation is updated
  * FID #3800 Alt-N MDaemon Directory Traversal
    Description is updated
    Observation is updated
    Recommendation is updated
  * FID #3803 Alt-N MDaemon IMAP UIDL and DELE Command Negative Value DoS
    Recommendation is updated
  * FID #3804 Alt-N MDaemon POP UIDL and DELE Command Negative Value DoS
    Recommendation is updated
  * FID #3805 Alt-N MDaemon SMTP UIDL and DELE Command Negative Value DoS
    Recommendation is updated
  * FID #3816 Netscape Browser  XHTML Node Spoofing
    Recommendation is updated
  * FID #3822 Adobe Reader Plug In Buffer Overflow
    Recommendation is updated
  * FID #3823 Alt-N MDaemon Local Privilege Escalation
    Recommendation is updated
  * FID #3849 SlimFTP Directory Traversal
    Recommendation is updated
    CVE is updated
  * FID #3862 Home FTP Directory Traversal
    Recommendation is updated
  * FID #3879 Adobe Acrobat Plug In Buffer Overflow
    Recommendation is updated
  * FID #3904 Mozilla  Suite XHTML Node Spoofing
    Recommendation is updated
  * FID #4027 Apple QuickTime Multiple Vulnerabilities I
    Recommendation is updated
  * FID #4060 Ethereal IRC, GTP and OSPF Dissector Vulnerabilities
    Recommendation is updated
  * FID #4173 Visual Studio 6.0 Project Name Buffer Overflow Vulnerability
    Recommendation is updated
  * FID #4351 TFTP Not Running in Restricted Directory
    CVE is updated
  * FID #4538 eIQnetworks Enterprise Security Analyzer Syslog Server
Multiple Buffer Overflow Vulnerabilities
    Recommendation is updated
  * FID #4552 Alt-N MDaemon POP3 Server Remote Buffer Overflow
Vulnerability
    Recommendation is updated
  * FID #4609 Panda Platinum Internet Security Privilege Escalation
Vulnerabilities
    Recommendation is updated
  * FID #4611 Apple QuickTime Multiple Vulnerabilities II
    Recommendation is updated
  * FID #4648 Microsoft SQL MS Jet Engine Unicode Buffer Overflow
Vulnerability
    Name is updated
  * FID #4803 Yahoo! Messenger ActiveX Vulnerability
    Recommendation is updated
  * FID #4897 CA BrightStor ARCserve Backup Tape Engine RPC Vulnerability
    Recommendation is updated
  * FID #4900 WinZip Cmd Line Vulnerability
    Recommendation is updated
  * FID #4904 CA BrightStor ARCServe Backup for Laptops & Desktops
Unspecified Remote Code Execution
    Recommendation is updated
  * FID #4979 Mozilla Applications JavaScript Engine Memory Corruption
    CVE is updated
  * FID #5054 CA BrightStor ARCServ Backup Tape Engine/Portmapper
Vulnerabilities
    Recommendation is updated
  * FID #5081 CA BrightStor ARCServ Mediasvr.exe Overflow
    Recommendation is updated
  * FID #5102 Apple QuickTime Java Vulnerability
    Recommendation is updated
  * FID #5105 CA BrightStor ARCServ Media Server SUN RPC Overflow
    Recommendation is updated
  * FID #5167 Symantec NAVOpts.dll ActiveX Control Security Bypass
    Recommendation is updated
  * FID #5188 Apple QuickTime Java Applet Vulnerability
    Recommendation is updated
  * FID #5219 Yahoo! Webcam ActiveX Vulnerabilities
    Recommendation is updated
  * FID #5258 Cisco IOS IPv6 Routing Header Vulnerability
    Recommendation is updated
  * FID #5259 Cisco IOS Crafted IP Option Denial of Service
    Recommendation is updated
  * FID #5266 Cisco IOS DLSw Vulnerability
    Recommendation is updated
  * FID #5267 Cisco IOS Internet Key Exchange Resource Exhaustion Attack
    Recommendation is updated
  * FID #5269 Cisco IOS ARP Table Overwrite Vulnerability (CVE-2001-0895)
    Recommendation is updated
  * FID #5279 Cisco IOS Cisco Expres Forwarding Data Leak Vulnerability
    Recommendation is updated
  * FID #5280 Cisco IOS Cable Modem Termination System Authentication
Bypass Vulnerability
    Recommendation is updated
  * FID #5281 Cisco IOS "Established" Keyword Filter Bypass Vulnerability
    Recommendation is updated
  * FID #5306 Cisco IOS SIP Protocol DoS Vulnerability
    Recommendation is updated
  * FID #5307 Cisco IOS SSH Scanning DoS Vulnerability
    Recommendation is updated
  * FID #5309 Cisco IOS 2GB Data in GET Request DoS Vulnerability
    Recommendation is updated
  * FID #5312 Cisco IOS OSPF Neighbor Buffer Overflow Vulnerability
    Recommendation is updated
  * FID #5337 Apple QuickTime Java Applet Screen Content Disclosure
    Recommendation is updated
  * FID #5340 Apple QuickTime H.264 File Remote Code Execution
    Recommendation is updated
  * FID #5342 Apple QuickTime SMIL File Remote Code Execution
    Recommendation is updated
  * FID #5344 Apple QuickTime Movie File Remote Code Execution
    Recommendation is updated
  * FID #5356 Clam AntiVirus RAR Processing Denial of Service
    Recommendation is updated
  * FID #5363 Cisco IOS DFS Access List Leakage Vulnerability
    Recommendation is updated
  * FID #5365 Cisco IOS Software Input Access List Leakage with NAT
Vulnerability
    Recommendation is updated
  * FID #5366 Cisco IOS Software established Access List Keyword Error
Vulnerability
    Recommendation is updated
  * FID #5369 Yahoo Messenger 8.1 Address Book Vulnerability
    Recommendation is updated
  * FID #5386 Cisco IOS BGP Attribute Corruption Vulnerability
    Recommendation is updated
  * FID #5389 Cisco IOS Multiple Crafted IPv6 Packets Cause Reload
Vulnerability
    Recommendation is updated
  * FID #5390 Cisco IOS Crafted ICMP Messages Denial of Service
    Recommendation is updated
  * FID #5399 Microsoft ASP.NET Request Filter Bypass
    Recommendation is updated
  * FID #5404 CA Products Arclib Vulnerabilities
    Recommendation is updated
  * FID #5431 Microsoft Internet Explorer FTP Access Information Disclosure
    Recommendation is updated
  * FID #5433 Microsoft DXMedia SDK ActiveX Remote Code Execution
    Recommendation is updated
  * FID #5456 Clam AntiVirus RTF/HTML Denial of Service Vulnerabilities
    Recommendation is updated
  * FID #5457 Microsoft Internet Saved Web Page Cross-Site Scripting
    Recommendation is updated
  * FID #5464 Yahoo! Messenger YVerInfo.dll ActiveX Buffer Overflow
    Recommendation is updated
  * FID #5465 IBM Lotus Notes Cleanup Service Privilege Escalation
    Recommendation is updated
  * FID #5485 Adobe Flash Player ActionScript Security Sandbox Bypass
    Recommendation is updated
  * FID #5488 Microsoft Visual Studio PDWizard Remote Code Execution
    Recommendation is updated
  * FID #5496 Yahoo! Messenger ft60.dll ActiveX Arbitrary File Download
    Recommendation is updated
  * FID #5501 VMware GDB Console Remote Code Execution
    Recommendation is updated
  * FID #5511 Microsoft Internet Explorer OnKeyDown Focus Information
Disclosure
    Recommendation is updated
  * FID #5524 Apache Tomcat cal2.jsp CSRF
    Recommendation is updated
  * FID #5525 Mozilla Firefox TLS Certificate Tracking Information
Disclosure
    Recommendation is updated
  * FID #5540 Xunlei Web Thunder DPClient.Vod.1 ActiveX Vulnerability
    Recommendation is updated
  * FID #5553 Trend Micro Tmxpflt.sys IOCTL Buffer Overflow
    Recommendation is updated
  * FID #5563 Mozilla Firefox Data URL Scheme Design Flaw
    Recommendation is updated
  * FID #5566 Apple QuickTime Image Description Atoms Vulnerability
    Recommendation is updated
  * FID #5568 Apple QuickTime Untrusted Java Applets Vulnerabilities
    Recommendation is updated
  * FID #5584 Mozilla Firefox JAR Protocol Security Bypass
    Recommendation is updated
  * FID #5601 Microsoft Windows Pseudo-Random Number Generator Design Flaw
    Recommendation is updated
  * FID #5643 Hewlett Packard EngineRules.dll Remote Code Execution
    Recommendation is updated
  * FID #5663 Yahoo! Messenger Authentication Bypass
    Recommendation is updated
  * FID #5664 Yahoo! Messenger Contact Details Local Privilege Escalation
    Recommendation is updated
  * FID #5665 Yahoo! Messenger Chat Room Vulnerability
    Recommendation is updated
  * FID #5671 Microsoft Visual InterDev .sln Vulnerability
    Recommendation is updated
  * FID #5766 VideoLAN VLC Subtitle Handling Buffer Overflow
    Recommendation is updated
  * FID #5794 Apple QuickTime PICT Clip opcode Heap Overflow
    Recommendation is updated
  * FID #5796 Apple QuickTime VR obji Atoms Stack Overflow
    Recommendation is updated
  * FID #5799 Apple QuickTime Media Tracks Vulnerability
    Recommendation is updated
  * FID #5801 Apple QuickTime PICT Image Error Message Heap Overflow
    Recommendation is updated
  * FID #5802 Apple QuickTime PICT Image Processing Heap Overflow
    Recommendation is updated
  * FID #5815 Apple QuickTime URL Open Vulnerability
    Recommendation is updated
  * FID #5816 Apple QuickTime QTJava Deserialize Vulnerability
    Recommendation is updated
  * FID #5817 Adobe Flash Player DeclareFunction2 Vulnerability
    Recommendation is updated
  * FID #5848 IBM Lotus Expeditor rcplauncher Command Injection
    Recommendation is updated
  * FID #5849 Novell GroupWise mailto: Vulnerability
    Recommendation is updated
  * FID #5850 Cisco MVPN Information Disclosure Vulnerability
    Recommendation is updated
  * FID #5851 Cisco IOS Dual Stack Router UDP Protocol Delivery DoS
    Recommendation is updated
  * FID #5852 Cisco IOS DLSw Multiple Denial of Service
    Recommendation is updated
  * FID #5853 Cisco IOS VPDN PPTP Vulnerabilities
    Recommendation is updated
  * FID #5856 MySQL MyISAM Create Table Local Security Bypass
    Recommendation is updated
  * FID #5867 Microsoft Internet Explorer Cross-Zone Scripting
Vulnerability
    Recommendation is updated
  * FID #5876 ClamAV ARJ Archive  Vulnerability
    Recommendation is updated
  * FID #5877 ClamAV libclamav PE WWPack Heap Overflow
    Recommendation is updated
  * FID #5878 ClamAV Invalid RAR Version Vulnerability
    Recommendation is updated
  * FID #5879 ClamAV libclamav PeSpin Heap Overflow
    Recommendation is updated
  * FID #5881 Cerulean Studios Trillian MIME Header Vulnerability
    Recommendation is updated
  * FID #5882 Cerulean Studios Trillian talk.dll XML Parse Vulnerability
    Recommendation is updated
  * FID #5883 Cerulean Studios Trillian AIM.DLL Font Vulnerability
    Recommendation is updated
  * FID #5886 Apple Safari Address Bar Vulnerability
    Recommendation is updated
  * FID #5887 Apple Safari File Download Vulnerability
    Recommendation is updated
  * FID #5888 Mozilla Firefox JSFrame Vulnerability
    Recommendation is updated
  * FID #5891 Apple Safari Desktop Write Remote Code Execution
    Recommendation is updated
  * FID #5895 Apple Safari document.write Infinite Loop DoS
    Recommendation is updated
  * FID #5896 Apple Safari Crafted File Link Access DoS
    Recommendation is updated
  * FID #5897 CA BrightStor ARCserve Backup casdscvc Vulnerability
    Recommendation is updated
  * FID #5898 Apple Safari Special Character URL Spoofing
    Recommendation is updated
  * FID #5917 Kaspersky Internet Security kl1.sysVulnerability
    Recommendation is updated
  * FID #5930 Apple QuickTime PICT File Heap Overflow Vulnerability
    Recommendation is updated
  * FID #5931 Apple QuickTime PixData Structure Vulnerability
    Recommendation is updated
  * FID #5932 Apple QuickTime Indeo Video Media Stack Overflow
Vulnerability
    Recommendation is updated
  * FID #5933 Apple QuickTime AAC-encoded Vulnerability
    Recommendation is updated
  * FID #5936 Adobe Flash Player Scene Count Invalid Pointer Vulnerability
    Recommendation is updated
  * FID #5950 Apple Safari Trusted Zone Site Remote Code Execution
    Recommendation is updated
  * FID #5955 Mozilla Firefox Unspecified Vulnerability
    Recommendation is updated
  * FID #5956 Microsoft Word Unordered Lists Handling Denial of Service
    Recommendation is updated
  * FID #6232 Adobe Reader Crafted PDF Remote Denial of Service
    Recommendation is updated
  * FID #6345 Apple Safari Certificate Validation Vulnerability
    Recommendation is updated
  * FID #6346 Apple Safari Secure Web Site Spoofing Vulnerability
    Recommendation is updated
  * FID #6347 Apple Safari Error Page Cross Site Scripting Vulnerability
    Recommendation is updated
  * FID #6348 Apple Safari Javascript: URL Cross Site Scripting
Vulnerability
    Recommendation is updated
  * FID #6349 Apple Safari document.domain Cross Site Scripting
Vulnerability (CVE-2008-1003)
    Recommendation is updated
  * FID #6350 Apple Safari Web Inspector Cross Site Scripting Vulnerability
    Recommendation is updated
  * FID #6501 Tomcat Example Web Application Calendar time Parameter
Cross-Site Scripting Vulnerability
    Risk is updated
  * FID #6646 Apache mod_perl Status.pm Cross Site Scripting Vulnerability
    Risk is updated
  * FID #6830 Sun Java Web Console Help JSP File Cross-Site Scripting
Vulnerability
    Risk is updated
  * FID #6980 Apache HTTPD suexec Multiple Local Privilege Escalation
Vulnerabilities
    Recommendation is updated
  * FID #7955 Cisco IOS Secure Shell Denial Of Service Vulnerability
    Recommendation is updated
  * FID #8380 Microsoft IIS Sample Application Cross Site Scripting
Vulnerability
    Recommendation is updated
  * FID #8517 (MS10-029) Microsoft Windows ISATAP IPv6 Source Address
Spoofing Vulnerability (978338)
    Name is updated
    FASLScript is updated
  * FID #8804 Mozilla Firefox Multiple Vulnerabilities I
    Name is updated
  * FID #9897 lighttpd Script Source Code Disclosure Vulnerability
    FASLScript is updated
  * FID #10225 Apple Safari Address Bar Spoofing Vulnerability
    Recommendation is updated
  * FID #10673 Adobe Flash Media Server Memory Leak Denial Of Service
(CVE-2010-3633)
    Recommendation is updated
  * FID #10675 Adobe Flash Media Server Edge Process Issue Denial Of
Service (CVE-2010-3634)
    Recommendation is updated
  * FID #10676 Adobe Flash Media Server Segmentation Fault Remote Code
Execution (CVE-2010-3635)
    Recommendation is updated
  * FID #31492 Sun Solaris 122912-25 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    CVE is updated
    FASLScript is updated
  * FID #31569 Sun Solaris 125720-49 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32002 Sun Solaris 118666-31 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32004 Sun Solaris 118668-31 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32005 Sun Solaris 118669-31 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32168 Sun Solaris 122911-25 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    CVE is updated
    FASLScript is updated
  * FID #32733 Sun Solaris 143559-09 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #34010 Cisco IOS Crafted ICMP Messages Denial of Service
    Recommendation is updated
  * FID #34011 Cisco IOS Multiple Crafted IPv6 Packets Cause Reload
Vulnerability
    Recommendation is updated
  * FID #34013 Cisco IOS Routers Crafted Packet Causes Reload Vulnerability
    Recommendation is updated
  * FID #34021 Cisco IOS TCP Vulnerability
    Recommendation is updated
  * FID #34035 Cisco IOS BGP Attribute Corruption Vulnerability
    Recommendation is updated
  * FID #34039 Cisco IOS Software established Access List Keyword Error
Vulnerability
    Recommendation is updated
  * FID #34040 Cisco IOS Software Input Access List Leakage with NAT
Vulnerability
    Recommendation is updated
  * FID #34042 Cisco IOS DFS Access List Leakage Vulnerability
    Recommendation is updated
  * FID #34051 Cisco IOS OSPF Neighbor Buffer Overflow Vulnerability
    Recommendation is updated
  * FID #34054 Cisco IOS 2GB Data in GET Request DoS Vulnerability
    Recommendation is updated
  * FID #34056 Cisco IOS SIP Protocol DoS Vulnerability
    Recommendation is updated
  * FID #34057 Cisco IOS SSH Scanning DoS Vulnerability
    Recommendation is updated
  * FID #34060 Cisco IOS "Established" Keyword Filter Bypass Vulnerability
    Recommendation is updated
  * FID #34062 Cisco IOS Cable Modem Termination System Authentication
Bypass Vulnerability
    Recommendation is updated
  * FID #34063 Cisco IOS Cisco Expres Forwarding Data Leak Vulnerability
    Recommendation is updated
  * FID #34064 Cisco IOS ARP Table Overwrite Vulnerability (CVE-2001-0895)
    Recommendation is updated
  * FID #34067 Cisco IOS Internet Key Exchange Resource Exhaustion Attack
    Recommendation is updated
  * FID #34069 Cisco IOS DLSw Vulnerability
    Recommendation is updated
  * FID #34071 Cisco IOS Crafted IP Option Denial of Service
    Recommendation is updated
  * FID #34072 Cisco IOS IPv6 Routing Header Vulnerability
    Recommendation is updated
  * FID #34083 Cisco MVPN Information Disclosure Vulnerability
    Recommendation is updated
  * FID #34084 Cisco IOS Dual Stack Router UDP Protocol Delivery DoS
    Recommendation is updated
  * FID #34085 Cisco IOS DLSw Multiple Denial of Service
    Recommendation is updated
  * FID #34086 Cisco IOS VPDN PPTP Vulnerabilities
    Recommendation is updated
  * FID #38036 Apple QuickTime Java Vulnerability
    Recommendation is updated
  * FID #38052 Apple QuickTime Java Applet Vulnerability
    Recommendation is updated
  * FID #38057 Apple Mac OS X IPv6 Type 0 Route Header Vulnerability
    Recommendation is updated
  * FID #38067 Apple QuickTime Java Applet Screen Content Disclosure
    Recommendation is updated
  * FID #38070 Apple QuickTime H.264 File Remote Code Execution
    Recommendation is updated
  * FID #38072 Apple QuickTime SMIL File Remote Code Execution
    Recommendation is updated
  * FID #38074 Apple QuickTime Movie File Remote Code Execution
    Recommendation is updated
  * FID #38087 Apple QuickTime Image Description Atoms Vulnerability
    Recommendation is updated
  * FID #38089 Apple QuickTime Untrusted Java Applets Vulnerabilities
    Recommendation is updated
  * FID #38122 Apple QuickTime VR obji Atoms Stack Overflow
    Recommendation is updated
  * FID #38124 Apple QuickTime Media Tracks Vulnerability
    Recommendation is updated
  * FID #38126 Apple QuickTime PICT Image Processing Heap Overflow
    Recommendation is updated
  * FID #38130 Apple QuickTime URL Open Vulnerability
    Recommendation is updated
  * FID #38131 Apple QuickTime QTJava Deserialize Vulnerability
    Recommendation is updated
  * FID #38134 Apple Safari Desktop Write Remote Code Execution
    Recommendation is updated
  * FID #38135 Apple Safari document.write Infinite Loop DoS
    Recommendation is updated
  * FID #38136 Apple Safari Crafted File Link Access DoS
    Recommendation is updated
  * FID #38137 Apple Safari Special Character URL Spoofing
    Recommendation is updated
  * FID #38142 Apple QuickTime AAC-encoded Vulnerability
    Recommendation is updated
  * FID #38143 Apple QuickTime Indeo Video Media Stack Overflow
Vulnerability
    Recommendation is updated
  * FID #38144 Apple QuickTime PixData Structure Vulnerability
    Recommendation is updated
  * FID #38145 Apple QuickTime PICT File Heap Overflow Vulnerability
    Recommendation is updated
  * FID #38170 Apple Safari Javascript: URL Cross Site Scripting
Vulnerability
    Recommendation is updated
  * FID #38171 Apple Safari document.domain Cross Site Scripting
Vulnerability (CVE-2008-1003)
    Recommendation is updated
  * FID #38172 Apple Safari Web Inspector Cross Site Scripting
Vulnerability
    Recommendation is updated
  * FID #45119 SUSE Linux 9.2, 9.3, 10.0, 10.1 suse-sa:2006:056 Update Is
Not Installed
    CVE is updated
  * FID #568 (MS00-044) Microsoft IIS +.htr Source Disclosure
    FASLScript is updated
  * FID #590 (MS01-033) Microsoft IIS .ida Path Disclosure
    FASLScript is updated
  * FID #730 Solaris in.ftpd User Enumeration
    Recommendation is updated
  * FID #840 Microsoft IIS / RPC Guest Username Disclosure
    Recommendation is updated
  * FID #844 Oracle9i HTTP Server /pls/admin Information Disclosure
    Recommendation is updated
  * FID #849 Lotus Domino NUL.pl Path Disclosure
    Recommendation is updated
  * FID #851 Oracle9iAS Web Server globals.jsa disclosure
    Recommendation is updated
  * FID #852 Oracle9iAS XSQLServlet XSQLConfig.xml disclosure
    Recommendation is updated
  * FID #853 Oracle9iAS Web Server Dynamic Monitoring Services Access
    Recommendation is updated
  * FID #855 Oracle9iAS Unauthorized Java Process Manager Access
    Recommendation is updated
  * FID #856 Lotus Domino $defaultNav Information Disclosure
    Recommendation is updated
  * FID #860 Netscape Enterprise Server Internal IP Address Disclosure
    Recommendation is updated
  * FID #865 Oracle9iAS soapConfig.xml SOAP Configuration Disclosure
    Recommendation is updated
  * FID #881 John Roy Pi3Web Webroot Path Disclosure
    Recommendation is updated
  * FID #883 Microsoft IIS Blank Host Auth Internal IP Disclosure
    Recommendation is updated
  * FID #886 SilverStream Application Server Database Structure Disclosure
    Recommendation is updated
  * FID #895 PHP info.php Information Disclosure
    Recommendation is updated
  * FID #896 SilverStream Application Server Directory Listing Disclosure
    Recommendation is updated
  * FID #897 SilverStream Application Server Configuration Disclosure
    Recommendation is updated
  * FID #904 AnalogX Simple Server Cross-Site Scripting
    Recommendation is updated
  * FID #906 Squid Proxy Server Cross-Site Scripting
    Recommendation is updated
  * FID #912 WebStar ssi_demo.ssi Information Disclosure
    Recommendation is updated
  * FID #942 SGI IRIX 6.2 /cgi-bin/MachineInfo Information Disclosure
    Recommendation is updated
  * FID #1432 SunONE Starter Kit v2.0 SearchDisk File Disclosure
    Recommendation is updated
  * FID #1460 Microsoft ASP.NET Web Application Framework Path Information
Disclosure
    Recommendation is updated
  * FID #1965 Lucent Router UDP Information Disclosure
    Recommendation is updated
  * FID #2158 Apache Log Files Escape Sequences
    Recommendation is updated
  * FID #2329 HP Web JetAdmin INI File Disclosure
    Recommendation is updated
  * FID #2349 Kazaa Detected
    CVE is updated
  * FID #2795 SSH xForwarding Cookie File Overwrite Vulnerability
    Observation is updated
    Recommendation is updated
  * FID #2976 OpenSSL Klima-Pokorny-Rosa Attack
    Observation is updated
  * FID #3351 Mozilla Suite Information Disclosure
    Recommendation is updated
  * FID #3761 ShopCart Web Application Directory Traversal Vulnerability
    Recommendation is updated
  * FID #3983 Movable Type Blog Entry Posting HTML Injection Vulnerability
    Recommendation is updated
  * FID #3987 Apple QuickTime Quartz Composer Disclosure of System
Information
    Recommendation is updated
  * FID #4020 eMule Denial of Service and zlib Vulnerabilities
    Recommendation is updated
  * FID #4194 Opera Shortcut Icon Domain Spoof
    Recommendation is updated
  * FID #4242 MSN Messenger Service Message Spoof
    Recommendation is updated
  * FID #4469 Crafted Timed Attack Evades Cisco Security Agent Protections
    Recommendation is updated
  * FID #5206 Google Desktop Application Start Vulnerability
    Recommendation is updated
  * FID #5310 Cisco IOS Data Leak in UDP Echo Service Velnerability
    Recommendation is updated
  * FID #5475 Apache Tomcat functions.jsp XSS
    Recommendation is updated
  * FID #5484 Apple QuickTime Remote Security Bypass Vulnerability
    Recommendation is updated
  * FID #5651 Mozilla Firefox Dialog Box Authentication Spoofing
    Recommendation is updated
  * FID #5684 Mozilla Firefox chrome: URL Information Disclosure
    Recommendation is updated
  * FID #5789 Internet Key Exchange (IKE) Phase-1 Denial of Service
    Recommendation is updated
  * FID #7017 Proxim Access Point Controller Detection
    Name is updated
  * FID #10227 Apple Safari Webkit Mouse Click Event Security Bypass
Vulnerability
    Recommendation is updated
  * FID #31623 Sun Solaris 125719-39 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32628 Sun Solaris 124673-17 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32630 Sun Solaris 124672-17 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32652 Sun Solaris 115695-05 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32653 Sun Solaris 115696-05 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32766 Sun Solaris 144489-14 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32767 Sun Solaris 144488-14 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #34053 Cisco IOS Data Leak in UDP Echo Service Velnerability
    Recommendation is updated
  * FID #45000 ShellLogon.fasl3
    FASLScript is updated
  * FID #70046 macosx.fasl3.inc
    FASLScript is updated
  * FID #70064 ssh-misc-lib.fasl3.inc
    FASLScript is updated

削除されたチェック項目:

  * FID #11365 Oracle Java SE doubleValue() Denial of Service Vulnerability
  * FID #42934 HP-UX 11.X PHSS_41098 Update Is Not Installed
  * FID #42935 HP-UX 11.X PHSS_41099 Update Is Not Installed


-------------------------------------------------------
2) アプライアンス OSパッチアップデート
-------------------------------------------------------
 期間: 2011/05/17 ~ 2011/05/23 (日本時間)

今回のアップデートはございません。

-------------------------------------------------------
3) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について
-------------------------------------------------------
○ お知らせ

企業向けサポートコミュニティサイト「Japan Corporate Support」を開設いたしました。
また、「企業向けお客様サポート公式 Twitter」を開設し、サポート情報のリアルタイム
配信を開始しました。

マカフィー、ユーザー参加型の企業向け製品コミュニティサイトをオープン
~サポート部門が主体となり企業セキュリティに関するディスカッションの場を提供~
(4月18日発プレスリリース)
http://www.mcafee.com/japan/about/prelease/pr_11a.asp?pr=11/04/18-1

● 開始日

2011/04/18 (月) 9:00

○ 備考

- 企業向けサポートコミュニティサイト「Japan Corporate Support」
   https://community.mcafee.com/community/japan
   サポート通信や FAQ 掲載情報、製品及びパッチのリリース情報やドキュメントが掲載
   されます。また、製品に関する技術的な情報に関して、コミュニティご登録者が参加
   可能なフリーディスカッションのスペースがございます。

- 企業向けお客様サポート公式 Twitter
   http://twitter.com/McAfee_BTS_JP
   Twitter サービスを利用し、サポート通信や FAQ 掲載情報、製品及びパッチのリリー
   ス情報がリアルタイムで配信されます。

  コミュニティサイトの登録方法、 Twitter のフォロー方法などの詳細につきましては、
  以下のページをご覧ください。
  http://www.mcafee.com/Japan/support/japancorporate.asp

-------------------------------------------------------
4) McAfee Vulnerability Manager Software 旧バージョンソフトウェアv6.7サポート終了について
-------------------------------------------------------

McAfee Vulnerability Manager Softwareにつきまして、以下の旧バージョンは
サポート終了を予定しておりますのでご案内いたします。

McAfee Vulnerability Manager Software v6.7
サポート終了日:2011年6月30日

■備考
・現在の最新バージョンは、McAfee Vulnerability Manager Software v7.0となり、
「フルサービス・ハードウェア・サポート」(製品として弊社が提供する全てのサポート内容)をご利用いただけます。
本バージョンへの移行やサポート内容の詳細は、弊社サポート窓口までお問い合わせください。
・本製品のサポート終了日は、以下URLに掲載されます。
http://www.mcafee.com/Japan/support/customer_support/productsupport.asp
・本製品に標準搭載されているWebサイトの脆弱性スキャン機能は、現在製品内容の見直しが図られており、
 McAfee Vulnerability Manager Software v6.7.x および v6.8.x が本機能を搭載した最後のバージョンとなる予定です。
 v6.7.x およびv6.8.x のサポート終了日まではサポートが継続されます。後継については、確定次第、別途ご案内させていただきます。
・アップグレードのツールおよび手順書は、ダウンロードページよりご入手いただけます。
 http://www.mcafee.com/japan/licensed2/

-------------------------------------------------------
5) 「サポート通信」登録方法変更のお知らせ
-------------------------------------------------------
サポート通信の登録方法が下記の通り変更となりましたのでお知らせいたします。

6月1日以降に新規契約をしたお客様には、4種類のサポート通信を配信いたします。各種サ
ポート通信が不要な方は、各サポート通信の文末に記載されているURLにアクセスして、解除
手続きを行っていただきます。

障害などでサポート窓口にお問い合わせいただいた新規のご担当者様には、今までどおり、
「サポート通信 - 登録のご案内」メールを1回のみ配信いたします。
http://www.mcafee.com/japan/support/customer_support/techsupport_regform.asp

---------------------------------------------------------
※ マカフィーからのサービス
---------------------------------------------------------
○マカフィーサポート通信について
- 配信停止
  「マカフィー サポート通信 - リスク管理ソリューション 」の配信停止をご希望される方は、
  以下のページより手続きをお願い致します。
 https://md.pbz.jp/s/r-ctrl.php?act=PCDelAuth&funcinfo_allreset=1&uid=mcafee&mid= foundstone_supp
- 各種法人ユーザ登録情報の変更はこちら
   ⇔ http://www.mcafee.com/japan/support/customer_support/tourokuhenkou.asp

○マカフィーでは、製品の技術的FAQ等多くのサービスや情報提供を行っています。是非ご活用ください。
 http://www.mcafee.com/japan/support/

●===McAfee=============================================○
発信元:
マカフィー株式会社
テクニカルサポートセンター インフォメーション係
(c) 2011 McAfee, Inc. All Rights Reserved.
お客様は,マカフィー株式会社の事前の書面による承諾を得ることなく、
掲載内容の無断転載を禁じます。
○=============================================McAfee===●