==============================================================

マカフィー サポート通信 - リスク管理ソリューション 2011.05.27
==============================================================

本メールはMcAfee Vulnerability Manager製品のサポートをご購入のお客様
に配信しております。

○-======  今週のマカフィー Vulnerability Manager (目次)  =======-○
1) FSL UPDATE
2) OSパッチアップデート
3) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について
4) McAfee Vulnerability Manager Software 旧バージョンソフトウェアv6.7のサポート終了について
5) 「サポート通信」登録方法変更のお知らせ


※) マカフィーからのサービス
○-===================================================-○

-------------------------------------------------------
1) FSL UPDATE
-------------------------------------------------------
マカフィーは以下のVulnerability Manager製品のアップデートを提供しています。
最新更新日: 2011-MAY-26

(SUMMARY)

新しいチェック項目 : 165
改善されたチェック項目 : 79
削除されたチェック項目 : 1

 追加・改善されたシグネチャ項目等の詳細は以下の製品ダウンロード
 ページから「McAfee Foundstone Update」の最新版を入手してください。

 http://www.mcafee.com/japan/licensed2/

新しいチェック項目:

  * FID #10405 Dokuwiki ImageMagick Remote Code Execution Vulnerability
    Risk: High
  * FID #11422 Trend Micro OfficeScan CGI Module CgiRemoteInstall.exe Buffer Overflow Vulnerability
    Risk: High
  * FID #11425 Sun Secure Global Desktop Multiple Cross Site Scripting Vulnerabilities
    Risk: High
  * FID #11641 CA Message Queuing Server Buffer Overflow Vulnerability
    Risk: High
  * FID #11673 Apache SpamAssassin Milter Plugin mlfi_encrypt() Remote Code Execution Vulnerability
    Risk: High
  * FID #11681 ViewCVS content-type Parameter CRLF Injection Vulnerability
    Risk: High
  * FID #11985 Wireshark X.509if Use-after-free Heap-Based Buffer Overflow Denial of Service
    Risk: High
  * FID #12018 Management Homepage Remote Code Execution CVE-2010-2950
    Risk: High
  * FID #12021 HP System Management Homepage Stack Consumption Denial of Service
    Risk: High
  * FID #12063 HP 3COM/H3C Intelligent Management Center Imcsyslogdm Remote Code Execution
    Risk: High
  * FID #12064 HP 3COM/H3C Intelligent Management Center Tftpserver Opcode_table Remote Code Execution
    Risk: High
  * FID #12081 HP 3COM/H3C Intelligent Management Center Tftpserver DATA/ERROR Remote Code Execution
    Risk: High
  * FID #12082 HP 3COM/H3C Intelligent Management Center Tftpserver Mode Remote Code Execution
    Risk: High
  * FID #12083 HP 3COM/H3C Intelligent Management Center Dbman Sprintf Remote Code Execution
    Risk: High
  * FID #12084 HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution
    Risk: High
  * FID #12085 HP 3COM/H3C Intelligent Management Center Img Remote Code Execution
    Risk: High
  * FID #41656 Red Hat Enterprise Linux RHSA-2011-0542 Update Is Not Installed
    Risk: High
  * FID #41658 Red Hat Enterprise Linux RHSA-2011-0534 Update Is Not Installed
    Risk: High
  * FID #50251 Ubuntu Linux 8.04 LTS USN-1133-1 Update Is Not Installed
    Risk: High
  * FID #90760 Oracle Enterprise Linux ELSA-2011-2016 Update Is Not Installed
    Risk: High
  * FID #94542 SuSE SLES 10 SP3 firefox3-pango-7460 Update Is Not Installed
    Risk: High
  * FID #94543 SuSE SLES 10 SP4, SLED 10 SP4 firefox3-pango-7459 Update Is Not Installed
    Risk: High
  * FID #10403 IBM DB2 Default User db2inst1 Unauthorized Access Vulnerability
    Risk: Medium
  * FID #10404 IBM DB2 Default User db2as Unauthorized Access Vulnerability
    Risk: Medium
  * FID #10406 IBM DB2 Default User db2fenc1 Unauthorized Access Vulnerability
    Risk: Medium
  * FID #10440 Bugzilla Directory Access Information Disclosure Vulnerability I
    Risk: Medium
  * FID #10443 fingerd Remote Buffer Overflow Vulnerability
    Risk: Medium
  * FID #10456 WordPress Multiple Vulnerabilities
    Risk: Medium
  * FID #10465 Apache Tomcat Transfer-Encoding Header Multiple Vulnerabilities
    Risk: Medium
  * FID #10467 Novell eDirectory eMBox edirutil Command Unauthorized Access Vulnerability
    Risk: Medium
  * FID #10484 Git Gitweb Arbitrary Command Execution Vulnerability
    Risk: Medium
  * FID #10486 PostgreSQL SQL_ASCII Database Encoding SQL Injection Vulnerability
    Risk: Medium
  * FID #10591 Oracle Fusion Middleware WebLogic Server Remote Encoded URL Vulnerability
    Risk: Medium
  * FID #11277 Oracle WebLogic Server Thread Looping Buffer Overflow Vulnerability
    Risk: Medium
  * FID #11278 Oracle WebLogic Server Password Information Disclosure Vulnerability
    Risk: Medium
  * FID #11279 Oracle WebLogic Server Unregistered Servelet Information Disclosure Vulnerability
    Risk: Medium
  * FID #11291 Oracle WebLogic Server Invalid Login Password Disclosure Vulnerability
    Risk: Medium
  * FID #11293 Oracle WebLogic Server JAR Update Privilege Escalation Vulnerability
    Risk: Medium
  * FID #11294 Oracle WebLogic Server Derived Principal Privilege Escalation Vulnerability
    Risk: Medium
  * FID #11295 Oracle WebLogic Server Internal Servlet Unauthorized Access Vulnerability
    Risk: Medium
  * FID #11296 Oracle Weblogic Server config.xml Weak Security Information Disclosure Vulnerability
    Risk: Medium
  * FID #11334 Oracle WebLogic Server fullyDelegatedAuthorization Unauthorized Access Vulnerability
    Risk: Medium
  * FID #11336 Oracle WebLogic Server weblogic.Deployer Information Disclosure Vulnerability
    Risk: Medium
  * FID #11337 Oracle WebLogic Server Servlet Relative Forwarding Denial Of Service Vulnerability
    Risk: Medium
  * FID #11350 Oracle WebLogic Server URL Parsing Source Code Disclosure Vulnerability
    Risk: Medium
  * FID #11364 IBM Lotus Domino Web Service UNICODE Denial Of Service Vulnerability
    Risk: Medium
  * FID #11366 Oracle WebLogic Server JRockit Denial Of Service Vulnerability
    Risk: Medium
  * FID #11398 Oracle Collaboration Suite Collaborative Workspaces Information Disclosure Vulnerability
    Risk: Medium
  * FID #11400 Oracle WebLogic Server Business Objects Crystal Reports Directory Traversal Vulnerability
    Risk: Medium
  * FID #11402 Oracle WebLogic Server Migration Security Policy Weakness Vulnerability
    Risk: Medium
  * FID #11464 WordPress TagNinja Plugin 'id' Parameter Cross Site Scripting Vulnerability
    Risk: Medium
  * FID #11575 Adobe Flex History Management Cross-Site Scripting
    Risk: Medium
  * FID #11590 lighttpd Status Module Information Disclosure Vulnerability
    Risk: Medium
  * FID #11602 Computer Associates Multiple Products DM Primer Denial Of Service Vulnerability
    Risk: Medium
  * FID #11613 Kismet Server Information Disclosure Vulnerability
    Risk: Medium
  * FID #11657 SAP BusinessObjects HappyAxis2.jsp Information Disclosure Vulnerability
    Risk: Medium
  * FID #11672 RSA ClearTrust Login Page Cross Site Scripting Vulnerability
    Risk: Medium
  * FID #11722 Citrix MetaFrame Client Specified Published Applications Enumeration Information Disclosure Vulnerability
    Risk: Medium
  * FID #12016 HP System Management Homepage Remote Code Execution CVE-2010-2531
    Risk: Medium
  * FID #12017 HP System Management Homepage Denial Of Service CVE-2010-2939
    Risk: Medium
  * FID #12019 Management Homepage Remote Code Execution CVE-2010-4008
    Risk: Medium
  * FID #12020 Management Homepage Remote Code Execution CVE-2010-4156
    Risk: Medium
  * FID #12022 Management Homepage Denial Of Service CVE-2010-3709
    Risk: Medium
  * FID #12023 HP System Management Homepage Remote Unauthorized Access
    Risk: Medium
  * FID #12024 HP System Management Homepage Remote Code Execution
    Risk: Medium
  * FID #12060 WordPress SimpleDark Theme Cross Site Scripting Vulnerability
    Risk: Medium
  * FID #12068 WordPress WP-StarsRateBox Plugin Cross Site Scripting And SQL Injection Vulnerabilities
    Risk: Medium
  * FID #12075 WordPress WP Ajax Recent Posts Plugin Cross Site Scripting Vulnerability
    Risk: Medium
  * FID #12076 WordPress WP DBManager Plugin Two Vulnerabilities
    Risk: Medium
  * FID #12104 Apache Tomcat Security Constraint Bypass
    Risk: Medium
  * FID #12105 (APSB11-09) Adobe RoboHelp Cross-Site Scripting Vulnerability
    Risk: Medium
  * FID #37139 IBM AIX IZ84521 Update Is Not Installed
    Risk: Medium
  * FID #37140 IBM AIX IZ86124 Update Is Not Installed
    Risk: Medium
  * FID #37141 IBM AIX IZ87179 Update Is Not Installed
    Risk: Medium
  * FID #37142 IBM AIX IZ87202 Update Is Not Installed
    Risk: Medium
  * FID #37143 IBM AIX IZ87206 Update Is Not Installed
    Risk: Medium
  * FID #37144 IBM AIX IZ96378 Update Is Not Installed
    Risk: Medium
  * FID #37145 IBM AIX IZ96381 Update Is Not Installed
    Risk: Medium
  * FID #37146 IBM AIX IZ81996 Update Is Not Installed
    Risk: Medium
  * FID #37147 IBM AIX IZ84598 Update Is Not Installed
    Risk: Medium
  * FID #37148 IBM AIX IZ84610 Update Is Not Installed
    Risk: Medium
  * FID #37149 IBM AIX IZ85872 Update Is Not Installed
    Risk: Medium
  * FID #37150 IBM AIX IZ86936 Update Is Not Installed
    Risk: Medium
  * FID #37151 IBM AIX IZ95140 Update Is Not Installed
    Risk: Medium
  * FID #37152 IBM AIX IZ95189 Update Is Not Installed
    Risk: Medium
  * FID #37153 IBM AIX IZ96260 Update Is Not Installed
    Risk: Medium
  * FID #37154 IBM AIX IZ97757 Update Is Not Installed
    Risk: Medium
  * FID #41654 Red Hat Enterprise Linux RHSA-2011-0554 Update Is Not Installed
    Risk: Medium
  * FID #41655 Red Hat Enterprise Linux RHSA-2011-0600 Update Is Not Installed
    Risk: Medium
  * FID #41657 Red Hat Enterprise Linux RHSA-2011-0791 Update Is Not Installed
    Risk: Medium
  * FID #41659 Red Hat Enterprise Linux RHSA-2011-0779 Update Is Not Installed
    Risk: Medium
  * FID #41662 Red Hat Enterprise Linux RHSA-2011-0558 Update Is Not Installed
    Risk: Medium
  * FID #41665 Red Hat Enterprise Linux RHSA-2011-0677 Update Is Not Installed
    Risk: Medium
  * FID #81645 Fedora Linux 13 FEDORA-2011-6775 Update Is Not Installed
    Risk: Medium
  * FID #92763 Mandriva Linux 2010.1 MDVSA-2011-092 Update Is Not Installed
    Risk: Medium
  * FID #92764 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-097 Update Is Not Installed
    Risk: Medium
  * FID #94531 SuSE Linux  11.3,  11.4 suse-sa:2011:025 Update Is Not Installed
    Risk: Medium
  * FID #12013 IBM WebSphere Application Server Weak WS-Security XML Encryption Algorithm Information Disclosure
    Risk: Low
  * FID #41653 Red Hat Enterprise Linux RHSA-2011-0599 Update Is Not Installed
    Risk: Low
  * FID #41660 Red Hat Enterprise Linux RHSA-2011-0616 Update Is Not Installed
    Risk: Low
  * FID #41661 Red Hat Enterprise Linux RHSA-2011-0545 Update Is Not Installed
    Risk: Low
  * FID #41663 Red Hat Enterprise Linux RHSA-2011-0560 Update Is Not Installed
    Risk: Low
  * FID #41664 Red Hat Enterprise Linux RHSA-2011-0568 Update Is Not Installed
    Risk: Low
  * FID #41666 Red Hat Enterprise Linux RHSA-2011-0586 Update Is Not Installed
    Risk: Low
  * FID #50250 Ubuntu Linux 10.04, 10.10, 11.04, 6.06 LTS, 8.04 LTS USN-1134-1 Update Is Not Installed
    Risk: Low
  * FID #55106 Top Weekly Malware Env - FakeAlert-SecCenter (InstallSecurityCenter_720.exe)
    Risk: Low
  * FID #55107 Top Weekly Malware Env - FakeAlert-OsPack (os_pack107_290.exe)
    Risk: Low
  * FID #58131 Debian Linux 6.0 DSA-2239-1 Update Is Not Installed
    Risk: Low
  * FID #58132 Debian Linux 5.0, 6.0 DSA-2237-2 Update Is Not Installed
    Risk: Low
  * FID #58133 Debian Linux 6.0 DSA-2238-1 Update Is Not Installed
    Risk: Low
  * FID #58134 Debian Linux 6.0 DSA-2241-1 Update Is Not Installed
    Risk: Low
  * FID #81644 Fedora Linux 15 FEDORA-2011-7111 Update Is Not Installed
    Risk: Low
  * FID #81646 Fedora Linux 15 FEDORA-2011-6859 Update Is Not Installed
    Risk: Low
  * FID #81647 Fedora Linux 15 FEDORA-2011-6784 Update Is Not Installed
    Risk: Low
  * FID #81648 Fedora Linux 14 FEDORA-2011-6774 Update Is Not Installed
    Risk: Low
  * FID #81649 Fedora Linux 15 FEDORA-2011-6995 Update Is Not Installed
    Risk: Low
  * FID #81650 Fedora Linux 15 FEDORA-2011-6781 Update Is Not Installed
    Risk: Low
  * FID #83564 FreeBSD ViewVC User-reachable Override Of Cvsdb Row Limit (7af2fb85-8584-11e0-96b7-00300582f9fc)
    Risk: Low
  * FID #83565 FreeBSD linux-flashplugin Multiple Vulnerabilities (d226626c-857f-11e0-95cc-001b2134ef46)
    Risk: Low
  * FID #83566 FreeBSD mod_pubcookie Empty Authentication Security Advisory (1ca8228f-858d-11e0-a76c-000743057ca2)
    Risk: Low
  * FID #83567 FreeBSD pureftpd Multiple Vulnerabilities (1495f931-8522-11e0-a1c1-00215c6a37bb)
    Risk: Low
  * FID #83568 FreeBSD opera Code Injection Vulnerability Through Broken Frameset Handling (e666498a-852a-11e0-8f78-080027ef73ec)
    Risk: Low
  * FID #83569 FreeBSD Pubcookie Login Server XSS Vulnerability (115a1389-858e-11e0-a76c-000743057ca2)
    Risk: Low
  * FID #83570 FreeBSD Apache APR DoS Vulnerabilities (99a5590c-857e-11e0-96b7-00300582f9fc)
    Risk: Low
  * FID #92758 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-099 Update Is Not Installed
    Risk: Low
  * FID #92759 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-091 Update Is Not Installed
    Risk: Low
  * FID #92760 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-096 Update Is Not Installed
    Risk: Low
  * FID #92761 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-100 Update Is Not Installed
    Risk: Low
  * FID #92762 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-095 Update Is Not Installed
    Risk: Low
  * FID #92765 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-094 Update Is Not Installed
    Risk: Low
  * FID #94530 SuSE SLES 11 SP1, SLED 11 SP1 kvm-4574 Update Is Not Installed
    Risk: Low
  * FID #94532 SuSE SLED 10 SP3 release-notes-sled-7524 Update Is Not Installed
    Risk: Low
  * FID #94533 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 parted-4510 Update Is Not Installed
    Risk: Low
  * FID #94534 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 libpython2_6-1_0-4512 Update Is Not Installed
    Risk: Low
  * FID #94535 SuSE SLES 11 SP1 spacewalk-check-4342 Update Is Not Installed
    Risk: Low
  * FID #94536 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 file-4511 Update Is Not Installed
    Risk: Low
  * FID #94537 SuSE SLES 10 SP3 python-7509 Update Is Not Installed
    Risk: Low
  * FID #94538 SuSE SLES 10 SP4 release-notes-sles-7496 Update Is Not Installed
    Risk: Low
  * FID #94539 SuSE SLES 10 postfix-7527 Update Is Not Installed
    Risk: Low
  * FID #94540 SuSE SLED 11 SP1 rdesktop-4547 Update Is Not Installed
    Risk: Low
  * FID #94541 SuSE SLED 10 SP4 release-notes-sled-7521 Update Is Not Installed
    Risk: Low
  * FID #94544 SuSE SLES 10 SP4, SLED 10 SP4 python-7506 Update Is Not Installed
    Risk: Low
  * FID #94545 SuSE SLED 10 SP4 rdesktop-7525 Update Is Not Installed
    Risk: Low
  * FID #94546 SuSE SLED 11 SP1 release-notes-sled-4560 Update Is Not Installed
    Risk: Low
  * FID #94547 SuSE SLES 10 SP3 file-7529 Update Is Not Installed
    Risk: Low
  * FID #94548 SuSE SLES 10 SP3 release-notes-sles-7497 Update Is Not Installed
    Risk: Low
  * FID #10468 Web Server Directory Traversal Detected
    Risk: Informational
  * FID #11322 VNC Server Security Type Detected
    Risk: Informational
  * FID #11504 GForge Detected
    Risk: Informational
  * FID #11521 GNU GDBserver Detection
    Risk: Informational
  * FID #11522 Bonjour mDNS Detection
    Risk: Informational
  * FID #11567 Ipswitch Instant Messaging Server Detection
    Risk: Informational
  * FID #11569 HP Web Jetadmin Detected
    Risk: Informational
  * FID #11573 IBM Tivoli Monitoring Service Console Detection
    Risk: Informational
  * FID #11620 ClamAV Outdated Signatures Detected
    Risk: Informational
  * FID #11683 Sun Java System ASP Server Detected
    Risk: Informational
  * FID #11690 Symantec pcAnywhere Access Server Detection
    Risk: Informational
  * FID #11696 Samba Web Administration Tool Unauthorized Access Detection
    Risk: Informational
  * FID #11712 Trend Micro OfficeScan Client Detected
    Risk: Informational
  * FID #11714 Trend Micro InterScan Web Security Suite Detected
    Risk: Informational
  * FID #11715 Trend Micro Conrol Manager Console Management Detection
    Risk: Informational
  * FID #11729 HP OpenView Topology Manager Daemon Detected
    Risk: Informational
  * FID #11738 HP OpenView BBC Service Detected
    Risk: Informational
  * FID #12108 TLS-SSL Server Untrusted X.509 Certificate Detection
    Risk: Informational
  * FID #12121 TLS/SSL Server X.509 Certificate MD5 Signature Detected
    Risk: Informational

改善されたチェック項目:

  * FID #2261 BlackICE Server Message Block (SMB) Processing Heap Memory Overwrite
    Recommendation is updated
  * FID #2262 BlackICE PAM ICQ Server Response Processing Buffer Overflow
    Recommendation is updated
  * FID #2279 (MS04-011) Microsoft Windows ASN.1 Double Free Heap Corruption via SMB
    FASLScript is updated
  * FID #3202 AWStats configdir Remote Command Execution
    Recommendation is updated
  * FID #3227 BFTPd Fake User Denial of Service
    Recommendation is updated
  * FID #3228 BFTPd Remote NLIST Vulnerability
    Recommendation is updated
  * FID #3245 ARCServe Discovery Service Overflows
    Recommendation is updated
  * FID #3392 CactuSoft CactuShop Data Manipulation Vulnerability
    FASLScript is updated
  * FID #3397 ASPseek Remote Arbitrary Code Execution Vulnerability
    Recommendation is updated
  * FID #4631 BIND Inverse-Query Buffer Overflow
    Recommendation is updated
  * FID #5028 Microsoft Windows Ndistapi.sys IRQL Local Privilege Escalation
    FASLScript is updated
  * FID #5113 Adobe Photoshop Buffer Overflow Vulnerabilities
    FASLScript is updated
  * FID #5117 Adobe Photoshop PNG Buffer Overflow Vulnerability
    FASLScript is updated
  * FID #5687 Aurigma ImageUploader ActiveX Vulnerability
    Recommendation is updated
  * FID #6333 Apple WebKit WebCore Style Sheet Element Memory Corruption Vulnerability
    Recommendation is updated
  * FID #7699 Roarur.dll Trojan
    FASLScript is updated
  * FID #9390 IBM DB2 Shared Libraries Privilege Escalation Vulnerability
    Recommendation is updated
  * FID #9865 Network Associates WebShield SMTP Buffer Overflow Vulnerability
    Recommendation is updated
  * FID #10649 Oracle Application Server iSQLPlus Cross Site Sripting Vulnerability
    Recommendation is updated
  * FID #10672 GIGABYTE Dldrv2 ActiveX Control Multiple Vulnerabilities
    Recommendation is updated
  * FID #10972 VMware Server libpng Multiple Vulnerabilities
    Recommendation is updated
  * FID #11389 WordPress Simple:Press Plugin sf-header-forum.php SQL Injection Vulnerability
    Recommendation is updated
  * FID #11616 RealNetworks RealPlayer Heap Overflow Remote Code Execution
    Recommendation is updated
    CVE is updated
  * FID #11652 7-Technologies IGSS Multiple Vulnerabilities
    Recommendation is updated
  * FID #11830 (APSA11-02) Adobe Flash Player/Acrobat/Reader Doc Remote Code Execution
    Name is updated
    Description is updated
    Observation is updated
  * FID #38166 Apple WebKit WebCore Style Sheet Element Memory Corruption Vulnerability
    Recommendation is updated
  * FID #3195 (MS05-006) Microsoft SharePoint Cross-Site Scripting and Spoofing Patch
    FASLScript is updated
  * FID #3224 BFTPd  Long USER remote Denial of Service
    Recommendation is updated
  * FID #3226 BFTPd Remote Empty Directory List Denial of Service
    Recommendation is updated
  * FID #3311 Boss Everyware 2 Detected
    Recommendation is updated
  * FID #3388 AtomicBoard Unauthorized User Access Vulnerability
    Recommendation is updated
  * FID #3396 Args.bat File Replacement Vulnerability
    Recommendation is updated
  * FID #3401 Brian Stanback Listing Web Script Unauthorized Access Vulnerability
    Recommendation is updated
  * FID #4498 Barracuda Spam Firewall Information Disclosure and Shell Command Injection
    Recommendation is updated
  * FID #5825 Opera Resized Canvas Patterns Code Execution
    FASLScript is updated
  * FID #5948 Apple WebKit JavaScript Array Handling Code Execution
    Recommendation is updated
  * FID #6340 Apple WebKit URL Colon Character Handling XSS
    Recommendation is updated
  * FID #6342 Apple WebKit JavaScript Regular Expressions Code Execution
    Recommendation is updated
  * FID #6627 Opera XML Parser Denial of Service Vulnerability
    FASLScript is updated
  * FID #9300 Microsoft SQL Server Enterprise Manager Weak Password Encryption Vulnerability
    Recommendation is updated
  * FID #9375 Microsoft SQL Server Microsoft Distributed Transaction Service Coordinator Denial Of  Service Vulnerability
    Recommendation is updated
  * FID #9858 SquirrelMail Multiple Remote Vulnerabilities
    Recommendation is updated
  * FID #10125 WampServer lang Parameter Cross Site Scripting Vulnerability
    Recommendation is updated
  * FID #10311 IBM Lotus Domino HTTP cgi-bin Relative URL Request Denial Of Service Vulnerability
    Recommendation is updated
  * FID #10471 Wordpress links.all.php abspath PHP File Inclusion Vulnerability
    Recommendation is updated
  * FID #10510 Apple Safari Webkit Invalid SGV Text Style Denial of Service Vulnerability
    Recommendation is updated
  * FID #10533 HP Web Jetadmin Remote Information Disclosure Vulnerability
    Recommendation is updated
  * FID #10557 Opera Web Browser Address Bar Spoofing Vulnerability
    Recommendation is updated
  * FID #10765 WordPress Sniplets Plugin Multiple Cross Site Scripting Vulnerabilities
    Recommendation is updated
  * FID #10771 WordPress Sniplets Plugin syntax_highlight.php Remote File Inclusion Vulnerability
    Recommendation is updated
  * FID #10772 WordPress Sniplets Plugin execute.php Remote Code Execution Vulnerability
    Recommendation is updated
  * FID #11229 Microsoft FrontPage Server Extensions .pwd File Information Disclosure Vulnerability
    Recommendation is updated
  * FID #11371 OraMon oramon.ini Information Disclosure Vulnerability
    Recommendation is updated
  * FID #11538 Novell Netware SSH Remote Buffer Overflow
    Recommendation is updated
  * FID #11610 WordPress Rating-Widget Plugin Multiple Cross-Site Scripting Vulnerabilities
    Recommendation is updated
  * FID #11671 WordPress GRAND Flash Album Gallery Plugin Local File Disclosure Vulnerabilities
    Recommendation is updated
  * FID #11835 Novell GroupWise WebAcces WebAccessUninstall.ini Information Disclosure Vulnerability
    Recommendation is updated
  * FID #32018 Sun Solaris 119166-42 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #32019 Sun Solaris 119167-42 Update Is Not Installed
    Name is updated
    Description is updated
    Observation is updated
    Recommendation is updated
    FASLScript is updated
  * FID #38167 Apple WebKit JavaScript Array Handling Code Execution
    Recommendation is updated
  * FID #38168 Apple WebKit URL Colon Character Handling XSS
    Recommendation is updated
  * FID #38169 Apple WebKit JavaScript Regular Expressions Code Execution
    Recommendation is updated
  * FID #2707 BEA WebLogic File Existence Vulnerability
    Recommendation is updated
  * FID #3329 BFTPd Remote String Substitution
    Recommendation is updated
  * FID #3330 BFTPd Syslog Implementation vulnerability
    Recommendation is updated
  * FID #9927 University Of Washington IMAP Arbitrary File Access Vulnerability
    Recommendation is updated
  * FID #37114 IBM AIX IZ97416 Update Is Not Installed
    Observation is updated
    CVE is updated
    FASLScript is updated
  * FID #10830 IBM AIX inittab NFS Status
    FASLScript is updated
  * FID #52002 Red Hat Enterprise Linux Password File Syntax Error
    FASLScript is updated
  * FID #53043 IBM AIX inittab LPD Daemon Status
    FASLScript is updated
  * FID #53048 IBM AIX inittab uprintfd Daemon Status
    FASLScript is updated
  * FID #53049 IBM AIX inittab writesrv Daemon Status
    FASLScript is updated
  * FID #53055 IBM AIX inittab dt_nogb Daemon Status
    FASLScript is updated
  * FID #53108 IBM AIX Printer Queue Daemon Status
    FASLScript is updated
  * FID #53156 IBM AIX inittab XDM Daemon Status
    FASLScript is updated
  * FID #70014 netbios-helpers.fasl3.inc
    FASLScript is updated
  * FID #70025 epo.fasl3.inc
    FASLScript is updated
  * FID #70042 aix.fasl3.inc
    FASLScript is updated
  * FID #70108 ipv6-helpers.fasl3.inc
    FASLScript is updated

削除されたチェック項目:

  * FID #10158 TLS/SSL Server X.509 Certificate MD5 Signature Detected

-------------------------------------------------------
2) アプライアンス OSパッチアップデート
-------------------------------------------------------
 期間: 2011/05/26 ~ 2011/05/27 (日本時間)

今回のアップデートはございません。

-------------------------------------------------------
3) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について
-------------------------------------------------------
○ お知らせ

企業向けサポートコミュニティサイト「Japan Corporate Support」を開設いたしました。
また、「企業向けお客様サポート公式 Twitter」を開設し、サポート情報のリアルタイム
配信を開始しました。

マカフィー、ユーザー参加型の企業向け製品コミュニティサイトをオープン
~サポート部門が主体となり企業セキュリティに関するディスカッションの場を提供~
(4月18日発プレスリリース)
http://www.mcafee.com/japan/about/prelease/pr_11a.asp?pr=11/04/18-1

● 開始日

2011/04/18 (月) 9:00

○ 備考

- 企業向けサポートコミュニティサイト「Japan Corporate Support」
   https://community.mcafee.com/community/japan
   サポート通信や FAQ 掲載情報、製品及びパッチのリリース情報やドキュメントが掲載
   されます。また、製品に関する技術的な情報に関して、コミュニティご登録者が参加
   可能なフリーディスカッションのスペースがございます。

- 企業向けお客様サポート公式 Twitter
   http://twitter.com/McAfee_BTS_JP
   Twitter サービスを利用し、サポート通信や FAQ 掲載情報、製品及びパッチのリリー
   ス情報がリアルタイムで配信されます。

  コミュニティサイトの登録方法、 Twitter のフォロー方法などの詳細につきましては、
  以下のページをご覧ください。
  http://www.mcafee.com/Japan/support/japancorporate.asp

-------------------------------------------------------
4) McAfee Vulnerability Manager Software 旧バージョンソフトウェアv6.7サポート終了について
-------------------------------------------------------

McAfee Vulnerability Manager Softwareにつきまして、以下の旧バージョンは
サポート終了を予定しておりますのでご案内いたします。

McAfee Vulnerability Manager Software v6.7
サポート終了日:2011年6月30日

■備考
・現在の最新バージョンは、McAfee Vulnerability Manager Software v7.0となり、
「フルサービス・ハードウェア・サポート」(製品として弊社が提供する全てのサポート内容)をご利用いただけます。
本バージョンへの移行やサポート内容の詳細は、弊社サポート窓口までお問い合わせください。
・本製品のサポート終了日は、以下URLに掲載されます。
http://www.mcafee.com/Japan/support/customer_support/productsupport.asp
・本製品に標準搭載されているWebサイトの脆弱性スキャン機能は、現在製品内容の見直しが図られており、
 McAfee Vulnerability Manager Software v6.7.x および v6.8.x が本機能を搭載した最後のバージョンとなる予定です。
 v6.7.x およびv6.8.x のサポート終了日まではサポートが継続されます。後継については、確定次第、別途ご案内させていただきます。
・アップグレードのツールおよび手順書は、ダウンロードページよりご入手いただけます。
 http://www.mcafee.com/japan/licensed2/

-------------------------------------------------------
5) 「サポート通信」登録方法変更のお知らせ
-------------------------------------------------------
サポート通信の登録方法が下記の通り変更となりましたのでお知らせいたします。

6月1日以降に新規契約をしたお客様には、4種類のサポート通信を配信いたします。各種サ
ポート通信が不要な方は、各サポート通信の文末に記載されているURLにアクセスして、解除
手続きを行っていただきます。

障害などでサポート窓口にお問い合わせいただいた新規のご担当者様には、今までどおり、
「サポート通信 - 登録のご案内」メールを1回のみ配信いたします。
http://www.mcafee.com/japan/support/customer_support/techsupport_regform.asp

---------------------------------------------------------
※ マカフィーからのサービス
---------------------------------------------------------
○マカフィーサポート通信について
- 配信停止
  「マカフィー サポート通信 - リスク管理ソリューション 」の配信停止をご希望される方は、
  以下のページより手続きをお願い致します。
 https://md.pbz.jp/s/r-ctrl.php?act=PCDelAuth&funcinfo_allreset=1&uid=mcafee&mid= foundstone_supp
- 各種法人ユーザ登録情報の変更はこちら
   ⇔ http://www.mcafee.com/japan/support/customer_support/tourokuhenkou.asp

○マカフィーでは、製品の技術的FAQ等多くのサービスや情報提供を行っています。是非ご活用ください。
 http://www.mcafee.com/japan/support/

●===McAfee=============================================○
発信元:
マカフィー株式会社
テクニカルサポートセンター インフォメーション係
(c) 2011 McAfee, Inc. All Rights Reserved.
お客様は,マカフィー株式会社の事前の書面による承諾を得ることなく、
掲載内容の無断転載を禁じます。
○=============================================McAfee===●