SecurityFocus

SecurityFocus Newsletter #309 2005-07-25->2005-07-29 Dec 02 2005 08:23AM
Tsuneo Ogasawara (t ogaswr lac co jp)

$B>.3^86(B@$B%i%C%/$G$9!#(B

SecurityFocus Newsletter $BBh(B 309 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

------------------------------------------------------------------------
---
BugTraq-JP $B$K4X$9$k(B FAQ ($BF|K\8l(B):
http://www.securityfocus.com/archive/79/description
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0l<!G[I[$5$l$F$$$^$9(B
$B!&(BBugTraq-JP $B$X$N;22CJ}K!!"C&B`J}K!$O$3$N(B FAQ $B$r$4;2>H$/$@$5$$(B
------------------------------------------------------------------------
---
SecurityFocus Newsletter $B%"!<%+%$%V(B ($B1Q8l(B):
http://www.securityfocus.com/archive/78
BugTraq $B$K4X$9$k(B FAQ ($B1Q8l(B):
http://www.securityfocus.com/archive/1/description
------------------------------------------------------------------------
---
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
$B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#
(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
$B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
$B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
------------------------------------------------------------------------
---
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^
(B
$B$9!#(B
------------------------------------------------------------------------
---
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
$BHG$r$4Ej9FD:$/$+!"4F=$<T(B (t.ogaswr (at) lac.co (dot) jp [email concealed]) $B$K$*CN$i$;$/$@$5$$!#(B
$B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
------------------------------------------------------------------------
---
This translation is encoded and posted in ISO-2022-JP.

$B86HG(B:
Date: Tue, 02 Aug 2005 16:44:01 -0600
Message-ID: <42EFF731.1000404 (at) securityfocus (dot) com [email concealed]>

SecurityFocus Newsletter #309
-----------------------------

This Issue is Sponsored By: SPI Dynamics

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
1. CardSystems made its choices clear
2. The CardSystems blame game
II. BUGTRAQ SUMMARY
1. GoodTech SMTP Server RCPT TO Multiple Remote Buffer Overflow Vulnerabilities
2. RealChat User Impersonation Vulnerability
3. ClamAV Multiple Integer Overflow Vulnerabilities
4. SCO UnixWare RPC Portmapper Denial of Service Vulnerability
5. Beehive Forum Webtag Multiple SQL Injection Vulnerabilities
6. Sophos Anti-Virus Library Unspecified Remote Heap Overflow Vulnerability
7. Beehive Forum Webtag Multiple Cross-Site Scripting Vulnerabilities
8. ECI Telecom B-FOCuS Router 312+ Unauthorized Access Vulnerability
9. Hobbit Monitor Remote Denial Of Service Vulnerability
10. FTPLocate Remote Command Execution Vulnerability
11. Atomic Photo Album Apa_PHPInclude.INC.PHP Remote File Include Vulnerability
12. SAP Internet Graphics Server Directory Traversal Vulnerability
13. 3Com OfficeConnect Wireless 11g Access Point Remote Information Disclosure Vulnerability
14. PHPFirstpost Block.PHP Remote File Include Vulnerability
15. Siemens Santis 50 Wireless Router Web Interface Denial Of Service Vulnerability
16. Netquery Multiple Remote Vulnerabilities
17. Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability
18. Gentoo Sandbox Multiple Insecure Temporary File Creation Vulnerabilities
19. Microsoft Windows Unspecified USB Driver Buffer Overflow Vulnerability
20. Ares Fileshare Remote Buffer Overflow Vulnerability
21. PSToText Arbitrary Code Execution Vulnerability
22. NetPBM PSToPNM Arbitrary Code Execution Vulnerability
23. ProFTPD SQLShowInfo SQL Output Format String Vulnerability
24. ProFTPD Shutdown Message Format String Vulnerability
25. FTPShell Server Denial of Service Vulnerability
26. VBZoom Forum Show.PHP SQL Injection Vulnerability
27. Fetchmail POP3 Client Remote Denial of Service Vulnerabilities
28. SPI Dynamics WebInspect Cross Application Script Injection Vulnerability
29. CartWIZ ViewCart.ASP Cross Site Scripting Vulnerability
30. IBM Access Connections Shared Section Insecure Permissions Vulnerability
31. IBM Lotus Domino WebMail Information Disclosure Vulnerability
32. IBM Lotus Domino Password Encryption Weakness
33. NETonE PHPBook Guestbook.PHP Cross Site Scripting Vulnerability
34. Advanced Guestbook User-Agent HTML Injection Vulnerability
35. PNG Counter Demo.PHP Cross-Site Scripting Vulnerability
36. Hosting Controller Unauthorized Access Vulnerability
37. FreeBSD IPsec Session AES-XCBC-MAC Authentication Constant Key Usage Vulnerability
38. Clever Copy Multiple Cross-Site Scripting Vulnerabilities
39. BMForum Multiple Cross Site Scripting Vulnerabilities
40. Clever Copy Private Message Unauthorized Access Vulnerability
41. Novell GroupWise Client Remote Buffer Overflow Vulnerability
42. Ethereal Multiple Protocol Dissector Vulnerabilities
43. MDaemon Content Filter Directory Traversal Vulnerability
44. Opera Web Browser Content-Disposition Header Download Dialog File Extension Spoofing Vulnerability
45. PHPList Admin Page SQL Injection Vulnerability
46. Website Baker Browse.PHP Cross-Site Scripting Vulnerability
47. Gforge Multiple Cross Site Scripting Vulnerabilities
48. Website Baker Arbitrary File Upload Vulnerability
49. Linksys WRT54G Wireless Router Default SSL Certificate and Private Key Vulnerability
50. @Mail Multiple Cross Site Scripting Vulnerabilities
51. Thomson Web Skill Vantage Manager SQL Injection Vulnerability
52. Opera Web Browser Image Dragging Cross-Domain Scripting and File Retrieval Vulnerability
53. Cisco IOS IPv6 Processing Arbitrary Code Execution Vulnerability
54. Easypx41 Multiple Cross Site Scripting Vulnerabilities
55. LibTiff Tiff Image Header Divide By Zero Denial of Service Vulnerability
56. HP NonStop Server DCE Core Services Remote Denial of Service Vulnerability
57. Novell eDirectory NMAS Authentication Bypass Vulnerability
58. Gopher Insecure Temporary File Creation Vulnerability
59. Easypx41 Multiple Variable Injection Vulnerabilities
60. Ung Arbitrary Email Header Injection Vulnerability
61. VBZooM Forum Multiple Cross-Site Scripting Vulnerabilities
62. Simplicity oF Upload Download.PHP Remote File Include Vulnerability
63. Kayako LiveResponse Multiple Input Validation Vulnerabilities
64. PluggedOut CMS Multiple Input Validation Vulnerabilities
65. PC-Experience/Toppe Unauthorized User Access Vulnerability
66. PC-Experience/Toppe PM.PHP MSG Parameter Cross-Site Scripting Vulnerability
67. Ragnarok Online Control Panel Authentication Bypass Vulnerability
68. Kismet Multiple Unspecified Remote Vulnerabilities
69. Metasploit Framework Unspecified Remote Vulnerability
III. SECURITYFOCUS NEWS
1. Exploit writers team up to target Cisco routers
2. Reading, rooting, 'rithmetic: Preschoolers learn programming
3. Settlement reached in Cisco flaw dispute
4. Cisco, ISS file suit against rogue researcher
5. Infrared exploits open the door to hotel hacking
6. Linux Bluetooth hackers hijack car audio
7. Cisco details Black Hat vuln fix
8. Sophos bug highlights wider anti-virus flaws

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
----------------------------------

II.BUGTRAQ SUMMARY
--------------------
1. GoodTech SMTP Server RCPT TO Multiple Remote Buffer Overflow Vulnerabilities
BugTraq ID: 14357
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14357
$BMWLs(B:
GoodTech SMTP Server $B$O!"D9$$(B RCPT TO $B%3%^%s%I$r=hM}$9$k$H$-$K%j%b!<%H$+(B
$B$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k(B 2 $B$D$NLdBj$N1F6A$r<u$1$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$r8GDjD9$N%a%b%j%P%C%U%!$K%3%T!
<$9(B
$B$kA0$K!"%G!<%?$N6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B%j%b!<%H$N967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$
N%;(B
$B%-%e%j%F%#%3%s%F%-%9%HFb$G!"(BSystem $B$HF1%l%Y%k$N8"8B$GG$0U$N%^%7%s%3!<%I(B
$B$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

2. RealChat User Impersonation Vulnerability
BugTraq ID: 14358
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14358
$BMWLs(B:
RealChat $B$O!"(BJava $B8@8l$G5-=R$5$l$?>&MQ$N%A%c%C%H%5!<%P$G!"J#?t$N%W%i%C%H(B
$B%U%)!<%`$r%5%]!<%H$7$F$$$^$9!#(B

RealChat $B$O!"%f!<%6%$%s%Q!<%=%M!<%7%g%s$NLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj(B
$B$O%"%W%j%1!<%7%g%s$N@_7W>e$NITHw$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O!"967b<T$K%A%c%C%H%a%C%;!<%8$NAw?.85$r56Au$9$k$3$H$r5v$7$F$
7$^(B
$B$$$^$9!#$^$?!"967b<T$O%f!<%6$N%"%P%?!<2hA|$r56Au$G$-$k2DG=@-$b$"$k$?$
a!"(B
$B56Au$5$l$?%a%C%;!<%8$r<u?.$9$k%f!<%6$,!"Aw?.85$r8m$C$FG'<1$7$F$7$^$&2
DG=(B
$B@-$,9b$/$J$j$^$9!#(B

3. ClamAV Multiple Integer Overflow Vulnerabilities
BugTraq ID: 14359
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14359
$BMWLs(B:
ClamAV $B$K$O!"@0?t%*!<%P!<%U%m!<$,H/@8$9$kJ#?t$NLdBj$N1F6A$r<u$1$^$9!#(B

$B6qBNE*$K$O!"(BClamAV $B$N%"%s%A%&%$%k%9%i%$%V%i%j$,0-0U$"$k%U%!%$%k$r=hM}$9(B
$B$k$H$-$K$3$l$i$NLdBj$,H/@8$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"<B9T%U%m!<$r@)8f$7!"LdBj$N$"$k%"%W%j%1!<%
7%g(B
$B%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G967b<T$,;XDj$9$k%3!<%I$r<B9T$9$k2DG=@
-$,(B
$B$"$j$^$9!#(B

ClamAV 0.86.1 $B0JA0$N%P!<%8%g%s$K$*$$$F1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B

4. SCO UnixWare RPC Portmapper Denial of Service Vulnerability
BugTraq ID: 14360
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14360
$BMWLs(B:
SCO UnixWare $B$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B

$B$3$NLdBj$O!"J#?t$NL58z$J(B portmap $B%j%/%(%9%H$,=hM}$5$l$k$H$-$K0z$-5/$3$5(B
$B$l$k$HJs9p$5$l$F$$$^$9!#(B

UnixWare 7.x$B$,1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B

5. Beehive Forum Webtag Multiple SQL Injection Vulnerabilities
BugTraq ID: 14361
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14361
$BMWLs(B:
Beehive Forum $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"(B
$BF~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

6. Sophos Anti-Virus Library Unspecified Remote Heap Overflow Vulnerability
BugTraq ID: 14362
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14362
$BMWLs(B:
Sophos Anti-Virus Library $B$K$O!"%j%b!<%H$+$iMxMQ2DG=$JL$FCDj$N%R!<%W%*!<(B
$B%P!<%U%m!<$NLdBj$,B8:_$7$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NO%G!<%?$
rFb(B
$BIt%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$
H$K(B
$BM3Mh$7$^$9!#(B

$B8=;~E@$G$O>\:Y$J>pJs$O8x3+$5$l$F$$$^$;$s!#>\:Y$,8x3+$5$l<!Bh!"$3$N(B
BID
$B$O99?7$5$l$kM=Dj$G$9!#(B

7. Beehive Forum Webtag Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14363
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14363
$BMWLs(B:
Beehive Forum $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,(B
$BB8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%
?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$N$$$:$l$+$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%
&%6(B
$B$G!"I8E*$H$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%
3!<(B
$B%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N(B
$B@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

8. ECI Telecom B-FOCuS Router 312+ Unauthorized Access Vulnerability
BugTraq ID: 14364
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14364
$BMWLs(B:
B-FOCuS Router 312+ $B$O!"LdBj$N$"$k%G%P%$%9$K967b<T$,IT@5%"%/%;%9$9$k$3$H(B
$B$r5v$7$F$7$^$&2DG=@-$N$"$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O!"$3$N%G%P%$%9$N(B Web $B%$%s%?%U%'!<%9$r2p$7$F4IM}<T%Q%9%o!<%I$r3+(B
$B<($9$k$3$H$,$G$-$^$9!#(B

$B$3$NLdBj$K$h$j!"$3$N%k!<%?$N5!G=$,40A4$KB;$J$o$l$k2DG=@-$,$"$j$^$9!#
(B

9. Hobbit Monitor Remote Denial Of Service Vulnerability
BugTraq ID: 14365
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14365
$BMWLs(B:
Hobbit Monitor $B$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj$N(B
$B1F6A$r<u$1$^$9!#$3$NLdBj$ONc30E*$J>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$
KM3(B
$BMh$7$^$9!#(B

Hobbit Monitor $B$G$O!"<u?.$7$?%G!<%?$,E,@Z$K=hM}$5$l$F$$$^$;$s!#$3$NLdBj(B
$B$rMxMQ$9$k967b<T$O!"0-0U$"$k%G!<%?$rAw$j$D$1$k$3$H$K$h$C$FLdBj$N$"$k%
"%W(B
$B%j%1!<%7%g%s$r%/%i%C%7%e$5$;!"7k2L$H$7$F@55,%f!<%6$X$N%5!<%S%95qH]$r>
7$/(B
$B2DG=@-$,$"$j$^$9!#(B

10. FTPLocate Remote Arbitrary Command Execution Vulnerability
BugTraq ID: 14367
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14367
$BMWLs(B:
FtpLocate $B$K$O!"%j%b!<%H$+$iG$0U$N%3%^%s%I$,<B9T$5$l$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$
3$H(B
$B$KM3Mh$7$^$9!#(B

$B967b<T$OG$0U$N%3%^%s%I$r;XDj$7!"%5!<%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G<
B9T(B
$B$9$k$3$H$,2DG=$G$9!#(B

$B$3$NLdBj$K$h$j!"%[%9%H$9$k(B Web $B%5!<%P$r<B9T$9$k%3%s%T%e!<%?$KBP$9$k%j%b!<(B
$B%H$+$i$NIT@5%"%/%;%9$r>7$/2DG=@-$,$"$j$^$9!#(B

11. Atomic Photo Album Apa_PHPInclude.INC.PHP Remote File Include Vulnerability
BugTraq ID: 14368
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14368
$BMWLs(B:
Atomic Photo Album $B$O!"%j%b!<%H$+$i(B PHP $B%U%!%$%k$r%$%s%/%k!<%I2DG=$JLdBj(B
$B$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$
,E,(B
$B@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N(B PHP $B%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h(B
$B$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

12. SAP Internet Graphics Server Directory Traversal Vulnerability
BugTraq ID: 14369
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14369
$BMWLs(B:
Internet Graphics Server $B$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$N1F6A$r<u$1$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$BK\Mh8"8B$r;}$?$J$$%j%b!<%H$N%f!<%6$O!"%G%#%l%/%H%j;2>H$K4X$9$kJ8;zNs
(B
'../' $B$r;HMQ$7$F!"G$0U$N%m!<%+%k%U%!%$%k$NFbMF$r3+<($9$k$3$H$,2DG=$G$9!#(B

$B$3$NLdBj$,MxMQ$5$l$k$H!"5!L)@-$,B;$J$o$l$k2DG=@-$,$"$j$^$9!#(B

13. 3Com OfficeConnect Wireless 11g Access Point Remote Information Disclosure Vulnerability
BugTraq ID: 14370
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14370
$BMWLs(B:
3Com OfficeConnect Wireless 11g Access Point 3CRWE454G72 $B$K$O!">pJs$,O3(B
$B1L$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B

$B$3$N967b$K$h$j<}=8$5$l$?>pJs$O!"967b<T$K$3$N%G%P%$%9$N%f!<%6$^$?$OB>$
N%M%C(B
$B%H%o!<%/%f!<%6$KBP$7$FB>$N967b$r<B9T$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$
j$^(B
$B$9!#(B

3Com OfficeConnect Wireless 11g Access Point 3CRWE454G72 $B$N(B 1.03.12 $B$h$j(B
$BA0$N%U%!!<%`%&%'%"%P!<%8%g%s$K$*$$$F!"$3$NLdBj$,B8:_$9$k5?$$$,$"$k$HJ
s9p(B
$B$5$l$F$$$^$9!#(B

14. PHPFirstpost Block.PHP Remote File Include Vulnerability
BugTraq ID: 14371
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14371
$BMWLs(B:
Phpfirstpost $B$O!"%j%b!<%H$+$i(B PHP $B%U%!%$%k$r%$%s%/%k!<%I2DG=$JLdBj$N1F6A(B
$B$r<u$1$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$
K<B(B
$B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N(B PHP $B%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h(B
$B$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

15. Siemens Santis 50 Wireless Router Web Interface Denial Of Service Vulnerability
BugTraq ID: 14372
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14372
$BMWLs(B:
Siemens Santis 50 Wireless Router $B$N(B Web $B%$%s%?%U%'!<%9$O!"%j%b!<%H$+$i(B
$B$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"(BWeb $B%$%s%?%U%'!<%9$X$N%5!<%S%95qH]$r0z$-5/$3(B
$B$7!"8"8B$rI,MW$H$9$k(B Telnet CLI $B$N5!G=$KIT@5%"%/%;%9$9$k$3$H$,2DG=$G$9!#(B
$B$3$l$i$N5!G=$O!"967b<T$K%G%P%$%9$N@_Dj$*$h$S@\B3$K4X$9$k>pJs$r<hF@$9$
k$3(B
$B$H2DG=$K$7$^$9!#967b<T$O(B Flash $B%3%s%F%s%D$r>C5n$9$k$3$H$b2DG=$G$9!#(B

$B<hF@$5$l$?>pJs$O!"LdBj$rJz$($k%G%P%$%9$^$?$O$=$N%G%P%$%9$,2TF0$9$k%M%
C%H(B
$B%o!<%/$KBP$9$k99$J$k967b$KMxMQ$5$l$k2DG=@-$,$"$j$^$9!#(B

Ericsson HN294dp $B$*$h$S(B Dynalink RTA300W $B$N3F%k!<%?$K$*$$$F$b!"$3$NLdBj(B
$B$N1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#$3$l$i$N%G%P%$%9$G$O!"(BSiemens Santis 50
$B%o%$%d%l%9%k!<%?$HF1$8%O!<%I%&%'%"$,;HMQ$5$l$F$$$k$H9M$($i$l$^$9$,!"$
3$l(B
$B$K$D$$$F(B Symantec $B$G$OL$8!>Z$G$9!#(B

16. Netquery Multiple Remote Vulnerabilities
BugTraq ID: 14373
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14373
$BMWLs(B:
Netquery $B$O!"%j%b!<%H$+$i<B9T2DG=$JJ#?t$NLdBj$N1F6A$r<u$1$^$9!#%j%b!<%H(B
$B$N967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"G$0U$N%3%^%s%I$N<B9T!"=EMW$J>pJs$N3
+<(!"(B
$B$*$h$S%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

Netquery 3.1 $B$K$*$$$F!"$3$l$i$NLdBj$N1F6A$r<u$1$^$9!#(B

17. Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability
BugTraq ID: 14374
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14374
$BMWLs(B:
Vim $B$N(B ModeLines $B$K$O!"G$0U$N%3%^%s%I$,<B9T$5$l$kLdBj$N1F6A$r<u$1$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b<T$,!"%7%'%k%a%?%-%c%i%/%?$r;HMQ$7$F!"(B'glob()' $B4X?t$^$?$O(B 'expand()'
$B4X?t$r4^$s$@(B ModeLines $B$r%F%-%9%H%U%!%$%k$KDI2C$9$k$3$H$G!"G$0U$N%3%^%s(B
$B%I$,<B9T$5$l$k2DG=@-$,$"$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"(BVim $B%f!<%6$N8"8B$GG$0U$N%3%^%s%I$r<B9T$9$k2D(B
$BG=@-$,$"$j$^$9!#7k2L$H$7$F!"967b<T$OLdBj$N$"$k%=%U%H%&%'%"$r<B9T$9$k%
3%s(B
$B%T%e!<%?$K%j%b!<%H$+$iIT@5%"%/%;%9$9$k$3$H$,2DG=$K$J$j$^$9!#(B

$B$3$NLdBj$O!"(BBID 6384 $B$*$h$S(B BID 11941 $B$HN`;w$7$F$$$^$9!#(B

18. Gentoo Sandbox Multiple Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 14375
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14375
$BMWLs(B:
Sandbox $B$K$O!"%m!<%+%k$G%;%-%e%j%F%#>eITE,@Z$K0l;~%U%!%$%k$,:n@.$5$l$kJ#(B
$B?t$NLdBj$,B8:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3$l$i$NLdBj$O!"@_7W>
e$N(B
$BITHw$K$h$j!"%U%!%$%k$X$N=q$-9~$_A0$K%U%!%$%k$NB8:_$N3NG'$K<:GT$7$F$7$
^$&(B
$B$3$H$KM3Mh$7$^$9!#(B

Sandbox $B$O4IM}<T8"8B$G<B9T$5$l$k$?$a!"%m!<%+%k$N967b<T$,G$0U$N%U%!%$%k$r(B
$B>e=q$-$9$k$3$H$r5v$7$F$7$^$$$^$9!#$=$N$?$a!"%7%9%F%`A4BN$,%/%i%C%7%e$
7!"(B
$B7k2L$H$7$F@55,%f!<%6$X$N%5!<%S%95qH]$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!
#$3(B
$B$NLdBj$rMxMQ$9$k$3$H$K$h$j8"8B$N>:3J$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9$
,!"(B
$B$3$l$K$D$$$F$OL$8!>Z$G$9!#(B

19. Microsoft Windows Unspecified USB Driver Buffer Overflow
Vulnerability
BugTraq ID: 14376
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14376
$BMWLs(B:
Microsoft Windows $B%*%Z%l!<%F%#%s%0%7%9%F%`$N(B USB $B%I%i%$%P$O!"%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$kL$FCDj$NLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"(BUSB $B%G%P%$(B
$B%9$K$h$kF~NOCM$N6-3&%A%'%C%/$,!"$3$N%I%i%$%P$GE,@Z$K<B9T$5$l$J$$$3$H$
KM3(B
$BMh$7$^$9!#(B

$BLdBj$N$"$k%G%P%$%9%I%i%$%P$r<B9T$9$k%3%s%T%e!<%?$K(B USB $B%G%P%$%9$r@\B3$9(B
$B$k$H$-$K$3$NLdBj$,H/@8$7$^$9!#%G%P%$%9$rA^F~$9$k$H!"%*%Z%l!<%F%#%s%0%
7%9(B
$B%F%`$O?75,%O!<%I%&%'%"$r<h$j07$&$?$a$KE,@Z$J%G%P%$%9%I%i%$%P$r<+F0E*$
KFI(B
$B$_9~$_$^$9!#%*%Z%l!<%F%#%s%0%7%9%F%`$KJV$5$l$k%G!<%?$r0U?^E*$K2~$6$s$
9$k(B
$B$3$H$K$h$j!"LdBj$N$"$k(B USB $B%I%i%$%P$G;HMQ$5$l$k%a%b%j$G%*!<%P!<%U%m!<$r(B
$BH/@8$5$;$k$3$H$,2DG=$G$9!#(B

$B8=;~E@$G$O!">\:Y$J5;=QE*@bL@$rDs6!$9$k$N$K==J,$J>pJs$,8x3+$5$l$F$$$^$
;$s!#(B
$B>\:Y>pJs$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B SYSTEM $B8"8B$GG$0U(B
$B$N%^%7%s%3!<%I$r<B9T$9$k!"$"$k$$$OLdBj$N$"$k%3%s%T%e!<%?$r%/%i%C%7%e$
5$;(B
$B$k2DG=@-$,$"$j$^$9!#LdBj$N$"$k%3%s%T%e!<%?>e$K%"%+%&%s%H$r;}$C$F$$$J$
/$F(B
$B$b!"$=$N%3%s%T%e!<%?$K0-0U$"$k(B USB $B%G%P%$%9$r@\B3$9$k$3$H$K$h$j!"$3$NLd(B
$BBj$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

20. Ares Fileshare Remote Buffer Overflow Vulnerability
BugTraq ID: 14377
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14377
$BMWLs(B:
Ares Fileshare $B$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/@8(B
$B$9$kLdBj$N1F6A$r<u$1$^$9!#(B

$B$3$NLdBj$O!"%"%W%j%1!<%7%g%s$K$*$$$FD9$$8!:wJ8;zNs$,=hM}$5$l$k$H$-$K0
z$-(B
$B5/$3$5$l$^$9!#(B

$B$3$N967b$K@.8y$9$k$H%a%b%j$,GK2u$5$l!"7k2L$H$7$F$3$N%"%W%j%1!<%7%g%s$
r<B(B
$B9T$9$k%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%I$,<B9T$5$l$k2DG
=@-(B
$B$,$"$j$^$9!#(B

Ares FileShare 1.1 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

21. PSToText Arbitrary Code Execution Vulnerability
BugTraq ID: 14378
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14378
$BMWLs(B:
pstotext $B$O!"G$0U$N%3%^%s%I$,<B9T$5$l$kLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"(B
GhostScript $B$,%;%-%e%j%F%#>eE,@Z$JJ}K!$G<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"LdBj$N$"$k%f!<%F%#%j%F%#$G2r@O$5$l$k$HG$0
U$N(B
$B%3%^%s%I$,<B9T$5$l$k$3$H$r5v$7$F$7$^$&0-0U$"$k(B PostScript $B%U%!%$%k$r:n@.(B
$B$9$k$3$H$,2DG=$G$9!#$3$l$O!"LdBj$N$"$k%f!<%F%#%j%F%#$r<B9T$9$k%f!<%6$
N%;(B
$B%-%e%j%F%#%3%s%F%-%9%HFb$G0z$-5/$3$5$l$^$9!#(B

22. NetPBM PSToPNM Arbitrary Code Execution Vulnerability
BugTraq ID: 14379
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14379
$BMWLs(B:
pstopnm $B$O!"G$0U$N%3%^%s%I$,<B9T$5$l$kLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"(B
GhostScript $B$,%;%-%e%j%F%#>eE,@Z$JJ}K!$G<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"LdBj$N$"$k%f!<%F%#%j%F%#$G2r@O$5$l$k$HG$0
U$N(B
$B%3%^%s%I$,<B9T$5$l$k$3$H$r5v$7$F$7$^$&0-0U$"$k(B PostScript $B%U%!%$%k$r:n@.(B
$B$9$k$3$H$,2DG=$G$9!#$3$l$O!"LdBj$N$"$k%f!<%F%#%j%F%#$r<B9T$9$k%f!<%6$
N%;(B
$B%-%e%j%F%#%3%s%F%-%9%HFb$G0z$-5/$3$5$l$^$9!#(B

netpbm 10.0 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$HJs9p$5$l$F$$$^$9!#$=$NB>$N(B
$B%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9(B

23. ProFTPD SQLShowInfo SQL Output Format String Vulnerability
BugTraq ID: 14380
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14380
$BMWLs(B:
ProFTPD $B$K$O!"%U%)!<%^%C%H%9%H%j%s%0$NLdBj$,B8:_$7$^$9!#$3$NLdBj$O!"(B
SQLShowInfo $B%G%#%l%/%F%#%V$,M-8z$K@_Dj$5$l$F$$$k>l9g$KH/@8$7$^$9!#967b<T(B
$B$,%P%C%/%(%s%I$N(B SQL $B%G!<%?%Y!<%9$N%G!<%?$rA`:n$G$-$k>l9g!"(BProFTPD $B$,%/(B
$B%(%j$9$k%G!<%?$NCf$K0-0U$"$k=q<0;XDj;R$r4^$`J8;zNs$rA^F~$9$k$3$H$K$h$
C$F(B
$B$3$NLdBj$rMxMQ$9$k$3$H$,2DG=$G$9!#(B

$B967b$,@.8y$9$k$H!"$3$N%5!<%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%
I$,(B
$B<B9T$5$l$F$7$^$$$^$9!#(B

24. ProFTPD Shutdown Message Format String Vulnerability
BugTraq ID: 14381
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14381
$BMWLs(B:
ProFTPD $B$K$O!"%U%)!<%^%C%H%9%H%j%s%0$NLdBj$,B8:_$7$^$9!#$3$NLdBj$O!"%+%l(B
$B%s%H%G%#%l%/%H%j$J$IFCDj$NJQ?t$r4^$s$@%7%c%C%H%@%&%s%a%C%;!<%8$r%5!<%
P$,(B
$BI=<($9$k$H$-$KH/@8$7$^$9!#967b<T$O!"%5!<%P>e$K%G%#%l%/%H%j$r:n@.$9$k$
3$H(B
$B$,$G$-$k>l9g$K$3$NLdBj$r0z$-5/$3$92DG=@-$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"$3$N%5!<%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%
I$,(B
$B<B9T$5$l$F$7$^$$$^$9!#(B

25. FTPShell Server Denial of Service Vulnerability
BugTraq ID: 14382
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14382
$BMWLs(B:
FTPshell $B%5!<%P$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#$3$NLdBj$ONc(B
$B30E*$J>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O!"967b<T$,(B 'quit' $B%3%^%s%I$r;HMQ$;$:$K%"%W%j%1!<%7%g%s$X$N@\B3(B
$B$rJ#?t2s%*!<%W%s$*$h$S%/%m!<%:$9$k$H$-$KH/@8$7$^$9!#$3$N7k2L!"%"%W%j%
1!<(B
$B%7%g%s$,=*N;$7$F$7$^$$$^$9!#967b<T$O$3$NLdBj$rMxMQ$7$F!"@55,%f!<%6$X$
N%5!<(B
$B%S%95qH]$r>7$/2DG=@-$,$"$j$^$9!#(B

26. VBZoom Forum Show.PHP SQL Injection Vulnerability
BugTraq ID: 14383
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14383
$BMWLs(B:
VBZooM Forum $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5(B
$B%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

27. Fetchmail POP3 Client Remote Denial of Service Vulnerabilities
BugTraq ID: 14384
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14384
$BMWLs(B:
Fetchmail $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$kJ#?t$NLdBj(B
$B$N1F6A$r<u$1$^$9!#(B

$B$3$l$i$NLdBj$O!"(BID 14349 (Fetchmail POP3 Client Buffer Overflow
Vulnerability) $B$KBP$7$F%j%j!<%9$5$l$?=$@5%Q%C%A$KM3Mh$7$^$9!#(B

$B6qBNE*$K$O!"0-0U$"$k%5!<%P$+$iAw?.$5$l$k0U?^E*$K:n@.$5$l$?1~Ez$K$h$j!
"%/(B
$B%i%$%"%s%H$N%/%i%C%7%e$,0z$-5/$3$9$3$H$,2DG=$G$9(B

Fetchmail 6.2.5.1 $B$K$*$$$F!"$3$l$i$NLdBj$N1F6A$r<u$1$^$9!#(B

28. SPI Dynamics WebInspect Cross Application Script Injection Vulnerability
BugTraq ID: 14385
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14385
$BMWLs(B:
WebInspect $B$O!"%"%W%j%1!<%7%g%s4V$G%9%/%j%W%H$rA^F~2DG=$JLdBj$N1F6A$r<u(B
$B$1$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$r(B Internet Explorer $B$N(B COM $B%*(B
$B%V%8%'%/%H$G%l%s%@%j%s%0$5$l$?%3%s%F%s%D$K4^$a$kA0$K!"%G!<%?$N%5%K%?%
$%:(B
$B=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$K$h$j!"967b<T$,LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%
F%-(B
$B%9%HFb$GG$0U$N%9%/%j%W%H$r<B9T$9$k$3$H$,5v$5$l$F$7$^$$$^$9!#$^$?!"967
b<T(B
$B$OI8E*%7%9%F%`>e$NM=B,2DG=$J%U%!%$%k$NCN<1$rMxMQ$9$k$3$H$K$h$j!"!V%m!
<%+(B
$B%k%^%7%s%>!<%s!W$K$*$$$FG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$
^$9!#(B
$B$=$N7k2L!"%j%b!<%H$N%^%7%s%3!<%I$,%$%s%9%H!<%k$5$l<B9T$5$l$k2DG=@-$,$
"$j(B
$B$^$9!#(B

29. CartWIZ ViewCart.ASP Cross Site Scripting Vulnerability
BugTraq ID: 14386
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14386
$BMWLs(B:
CartWIZ $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$
3$H(B
$B$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"I8E*$H$
J$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

30. IBM Access Connections Shared Section Insecure Permissions Vulnerability
BugTraq ID: 14387
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14387
$BMWLs(B:
IBM Access Connections $B$G$O!"%;%-%e%j%F%#>eITE,@Z$JJ}K!$G(B Shared Section
$B$,;HMQ$5$l$^$9!#(BIBM Access Connections $B$O!"(BShared Section $B$N%a%b%jNN0h$r(B
$B:n@.$9$k$H$-$K%;%-%e%j%F%#>eITE,@Z$J%Q!<%_%C%7%g%s$rIUM?$7$F$7$^$&$?$
a!"(B
$B%m!<%+%k$N967b<T$,(B Shared Section $B$KIT@5%"%/%;%9$9$k$3$H$r5v$7$F$7$^$$$^(B
$B$9!#(B

$B967b<T$O!"$3$N%a%b%jNN0h$K3JG<$5$l$F$$$k%G!<%?$rFI$_<h$k2DG=@-$,$"$k$
?$a!"(B
$B@x:_E*$K=EMW$J>pJs$KIT@5%"%/%;%9$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$
O6&(B
$BM-%a%b%j%;%0%a%s%H$KG$0U$N%G!<%?$r=q$-9~$a$k2DG=@-$b$"$k$?$a!"$=$N%;%
0%a(B
$B%s%H$r;HMQ$9$k%W%m%;%9$r%/%i%C%7%e$5$;!"@55,%f!<%6$X$N%5!<%S%95qH]$r>
7$/(B
$B2DG=@-$,$"$j$^$9!#(B

31. IBM Lotus Domino WebMail Information Disclosure Vulnerability
BugTraq ID: 14388
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14388
$BMWLs(B:
IBM Lotus Domino Webmail $B$O!">pJs$,O31L$9$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O%f!<%6$N%Q%9%o!<%I%O%C%7%e$r<hF@$9$k$3$H$,2DG=$G$9!#(B

$BB3$$$F967b<T$O%V%k!<%H%U%)!<%9967b(B ($BAmEv$j967b(B) $B$r<B9T$7$F%Q%9%o!<%I$r2r(B
$BFI$7!"%f!<%6%"%+%&%s%H$KIT@5%"%/%;%9$9$k2DG=@-$,$"$j$^$9!#(B

32. IBM Lotus Domino Password Encryption Weakness
BugTraq ID: 14389
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14389
$BMWLs(B:
IBM Lotus Domino $B$O!"%Q%9%o!<%I$N0E9f2=$K4X$9$kLdBj$N1F6A$r<u$1$^$9!#$3(B
$B$NLdBj$O@_7W>e$NITHw$KM3Mh$7$^$9!#(B

$B%f!<%6%Q%9%o!<%I$r0E9f2=$9$k$?$a$K(B Lotus Domino $B$,;HMQ$9$k%"%k%4%j%:%`$O!"(B
salt $BCM$r;HMQ$7$F$$$J$$$3$H$,Js9p$5$l$F$$$^$9!#(B

$B$3$NLdBj$O!"%Q%9%o!<%I$N2r@O$KI,MW$J;~4V$rBgI}$K:o8:$9$k$?$a!"%V%k!<%
H%U%)!<(B
$B%9967b(B ($BAmEv$j967b(B) $B$N<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#967b<T$O!"LdBj$N$"$k(B
$B%3%s%T%e!<%?$rI8E*$K$9$kA0$K!"M=$a%Q%9%o!<%I%O%C%7%e$r7W;;$9$k2DG=@-$
b$"(B
$B$j$^$9!#(B

Lotus Domino $B$N$9$Y$F$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$H9M$((B
$B$i$l$^$9!#(B

33. NETonE PHPBook Guestbook.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14390
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14390
$BMWLs(B:
NETonE PHPBook $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j(B
$B$^$9!#$3$NLdBj$O!"%f!<%6$,(B 'guestbook.php' $B%9%/%j%W%H$N(B 'admin' $B%Q%i%a!<(B
$B%?$K;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$
9!#(B

$B$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k(B
$B2DG=@-$,$"$j$^$9!#(B

34. Advanced Guestbook User-Agent HTML Injection Vulnerability
BugTraq ID: 14391
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14391
$BMWLs(B:
Advanced Guestbook $B$K$O!"(BHTML $B%?%0$rA^F~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HM
Q$9(B
$B$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#
(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l!"$3$l$K$h$j(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N(B
$B@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$NLdBj$rMxMQ$7$
F!"(B
$B%f!<%6$KBP$9$k%5%$%H$N2r<aJ}K!$r@)8f$9$k2DG=@-$b$"$j$^$9!#$=$NB>$N967
b$,(B
$B0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

35. PNG Counter Demo.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14392
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14392
$BMWLs(B:
PNG Counter $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"F0E*$K@8@.$5$l$k(B Web $B%Z!<%8$K=PNO$5$l$k%f!<%6$,;XDj$7$?(B URI
$BF~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$GG$0U$N%9%
/%j(B
$B%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#967b<T$O!"5?$$$r;}$?$J$$%f!<%6$
,Ld(B
$BBj$N$"$k%Q%i%a!<%?$KKd$a9~$^$l$?%9%/%j%W%H$r4^$`0-0U$"$k%j%s%/$r%/%j%
C%/(B
$B$9$k$h$&$K;E8~$1$kI,MW$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>p(B
$BJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

PNG Counter 1.0 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

36. Hosting Controller Unauthorized Access Vulnerability
BugTraq ID: 14393
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14393
$BMWLs(B:
Hosting Controller $B$K$O!"IT@5%"%/%;%9$,<B9T$5$l$k5?$$$,$"$j$^$9!#(B

$B967b<T$O%"%W%j%1!<%7%g%s$rA`:n$7$F<+J,$N%U%)%k%@0J30$N>l=j$K0\F0$7!"
(B
Hosting Controller $B%"%W%j%1!<%7%g%s$N$3$N%$%s%9%?%s%9$r;HMQ$9$k$9$Y$F$N(B
$B%j%;%i!<$*$h$S(B Web $B4IM}<T$N%U%)%k%@$r1\Mw$9$k$3$H$,2DG=$G$9!#7k2L$H$7$F!"(B
$B>pJs$N3+<($d5!L)@-$NB;<:$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#<hF@$5$l$?>
pJs(B
$B$O!"99$J$k967b$r;n$_$k$?$a$N<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#(B

37. FreeBSD IPsec Session AES-XCBC-MAC Authentication Constant Key Usage Vulnerability
BugTraq ID: 14394
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14394
$BMWLs(B:
FreeBSD $B$O!"K\Mh8"8B$r;}$?$J$$%j%b!<%H$N967b<T$,(B Ipsec $B%;%C%7%g%s$r3NN)(B
$B$9$k$3$H$r5v$7$F$7$^$&2DG=@-$N$"$kLdBj$N1F6A$r<u$1$^$9!#(B

$B$3$NLdBj$O!"B>$N(B IPsec $B0E9f2=%a%=%C%I$rJ;MQ$;$:$K(B 'AES-XCBC-MAC' $B%"%k%4(B
$B%j%:%`$,;HMQ$5$l$k$H$-$KH/@8$7$^$9!#(B

$B967b$,@.8y$9$k$H!"967b<T$,%Q%1%C%H$r56B$$9$k$3$H$,5v$5$l$F$7$^$$$^$9!
#$^(B
$B$?!"(BIPsec $B%;%C%7%g%s$r3NN)$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#$3$l(B
$B$K$h$j!"MM!9$J967b$,<B9T$5$l$k2DG=@-$,$"$j$^$9!#(B

38. Clever Copy Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14395
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14395
$BMWLs(B:
Clever Copy $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%
$%:(B
$B=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$N$$$:$l$+$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%
&%6(B
$B$G!"I8E*$H$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%
3!<(B
$B%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N(B
$B@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

39. BMForum Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14396
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14396
$BMWLs(B:
BMForum $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,B8:_$9(B
$B$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=
hM}(B
$B$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$N$$$:$l$+$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%
&%6(B
$B$G!"I8E*$H$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%
3!<(B
$B%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N(B
$B@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

40. Clever Copy Private Message Unauthorized Access Vulnerability
BugTraq ID: 14397
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14397
$BMWLs(B:
Clever Copy $B$O!"IT@5%"%/%;%9$,<B9T$5$l$kLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"(B
$B%W%i%$%Y!<%H%a%C%;!<%8$N5!G=$X$N%"%/%;%9$r5v2D$9$kA0$K!"%"%/%;%9$NBEE
v@-(B
$B3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"@55,%f!<%6$NG$0U$N%W%i%$%Y!<%H%a%C%;!<%8$
r:o(B
$B=|$^$?$O1\Mw$9$k$3$H$,2DG=$G$9!#(B

41. Novell GroupWise Client Remote Buffer Overflow Vulnerability
BugTraq ID: 14398
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14398
$BMWLs(B:
Novell GroupWise Client $B$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<(B
$B$,H/@8$9$kLdBj$N1F6A$r<u$1$^$9!#(B

$B6qBNE*$K$O!"0-0U$"$k(B 'GWVW02??.INI' $B%U%!%$%k$r4^$`(B GroupWise $B%]%9%H%*%U%#(B
$B%9$X$N%m%0%$%s$r%f!<%6$,;n$_$k$H$-$KH/@8$7$^$9!#(B

$B$3$l$K$h$j!"%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GIT@5%"%/%;%9$,0z$-5/$
3$5(B
$B$l$k2DG=@-$,$"$j$^$9!#(B

$BF|IU$,(B 2005 $BG/(B 7 $B7n(B 15 $BF|$h$jA0$N(B Novell GroupWise 6.5 $B%/%i%$%"%s%H$N$9(B
$B$Y$F$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

42. Ethereal Multiple Protocol Dissector Vulnerabilities
BugTraq ID: 14399
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14399
$BMWLs(B:
Ethereal $B$G$O!"B?$/$NLdBj$,%Y%s%@$K$h$C$FH/8+$5$l$F$$$^$9!#Js9p$5$l$F$$(B
$B$kLdBj$O!"$5$^$6$^$J%W%m%H%3%k2r@OIt$KB8:_$7$^$9!#(B

$B0J2<$NLdBj$,Js9p$5$l$F$$$^$9!#(B
- $B%P%C%U%!%*!<%P!<%U%m!<$NLdBj(B
- $B%U%)!<%^%C%H%9%H%j%s%0$NLdBj(B
- NULL $B%]%$%s%?$K$h$k;2>HFI$_=P$7$K$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj(B
- $BL58B%k!<%W$K$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj(B
- $B%a%b%j$r;H$$?T$/$7%5!<%S%9ITG=>uBV$K4Y$kLdBj(B
- $B%5!<%S%9ITG=>uBV$K4Y$kL$FCDj$NLdBj(B

$B$3$l$i$NLdBj$O!"%j%b!<%H$N967b<T$,LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%
j%F%#(B
$B%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k$3$H$r5v$7$F$7$^$&2DG=@-$
,$"(B
$B$j$^$9!#$^$?!"967b<T$OLdBj$N$"$k%"%W%j%1!<%7%g%s$r%/%i%C%7%e$5$;$k2DG
=@-(B
$B$,$"$j$^$9!#(B

Ethereal 0.80.5 $B$+$i(B 0.100.11 $B$^$G$N%P!<%8%g%s$,!"$=$l$>$l0[$J$kLdBj$N1F(B
$B6A$r<u$1$^$9!#(B

43. MDaemon Content Filter Directory Traversal Vulnerability
BugTraq ID: 14400
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14400
$BMWLs(B:
MDaemon $B%5!<%P$K$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K9T$o$l(B
$B$F$$$J$$$?$a$K!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^$9!#
(B

$B%U%!%$%kL>$*$h$S%Q%9$N%5%K%?%$%:=hM}$K<:GT$9$k$H!"%"%W%j%1!<%7%g%s$N3
VN%(B
$B%G%#%l%/%H%j0J30$N>l=j$K$"$k%U%!%$%k%7%9%F%`$KBP$9$k6<0R$r>7$/2DG=@-$
,$"(B
$B$j$^$9!#(B

44. Opera Web Browser Content-Disposition Header Download Dialog File Extension Spoofing Vulnerability
BugTraq ID: 14402
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14402
$BMWLs(B:
Opera Web Browser $B$K$O!"%j%b!<%H$N967b<T$,%@%&%s%m!<%I%@%$%"%m%0$r2p$7(B
$B$F%U%!%$%k3HD%;R$r56Au$9$k$3$H$r5v$7$F$7$^$&5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"%U%!%$%k3HD%;R$r56Au$9$k(B HTTP
'Content-Disposition' $B%X%C%@$r0U?^E*$K:n@.$9$k$3$H$K$h$j!"1F6A$r<u$1$k%f!<(B
$B%6$,0-0U$"$k%U%!%$%k$r3+$$$F<B9T$9$k$h$&$K;E8~$1$k2DG=@-$,$"$j$^$9!#
(B

Opera Web Browser 8.02 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1(B
$B$^$9!#(B

45. PHPList Admin Page SQL Injection Vulnerability
BugTraq ID: 14403
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14403
$BMWLs(B:
PHPList $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O!"%f!<%6$,;XDj$7$?%G!<%?$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"%5%K%?%$%:=hM}$,(B
$BE,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

46. Website Baker Browse.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14404
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14404
$BMWLs(B:
Website Baker $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"I8E*$H$
J$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

47. Gforge Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14405
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14405
$BMWLs(B:
Gforge $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,B8:_$9(B
$B$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=
hM}(B
$B$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$N$$$:$l$+$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%
&%6(B
$B$G!"I8E*$H$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%
3!<(B
$B%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N(B
$B@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

48. Website Baker Arbitrary File Upload Vulnerability
BugTraq ID: 14406
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14406
$BMWLs(B:
Website Baker $B$K$O!"%j%b!<%H$+$iG$0U$N%U%!%$%k$,%"%C%W%m!<%I$5$l$k5?$$$,(B
$B$"$j$^$9!#$3$NLdBj$O!"%"%C%W%m!<%I$5$l$?%a%G%#%"%U%!%$%k$KBP$9$k%5%K%
?%$(B
$B%:=hM}$,<B9T$5$l$J$$$3$H$,860x$GH/@8$7$^$9!#(B

$B$3$NLdBj$K$h$j!":G=*E*$K(B Web $B%5!<%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GIT@5%"(B
$B%/%;%9$r>7$/2DG=@-$,$"$j$^$9!#(B

$BDL>o$O4IM}<T$N$_$,%"%C%W%m!<%I5!G=$K%"%/%;%9$9$k$3$H$,2DG=$G$9$,!"$9$
Y$F(B
$B$N%f!<%6$,5/F0$G$-$kE@$KN10U$9$Y$-$G$9!#(B

49. Linksys WRT54G Wireless Router Default SSL Certificate and Private Key Vulnerability
BugTraq ID: 14407
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14407
$BMWLs(B:
Linksys WRT54G $B%o%$%d%l%9%k!<%?$K$O!"%G%U%)%k%H$N(B SSL $BG'>Z$*$h$SHkL)80$,(B
$B4^$^$l$F$$$^$9!#(B

$B$3$NG'>Z(B / $B80$N91>oE*$J%Z%"$O!"%G%P%$%9$K%"%/%;%9$9$k$?$a$KI,$:;HMQ$5$l(B
$B$^$9!#(B

$B$3$l$K$h$j!"G'>Z(B / $B80$N%Z%"$r<hF@$7!"MM!9$J967b$r<B9T$9$k$3$H$r967b<T$K(B
$B5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B%G%P%$%9$N5!G=$,40A4$KB;$J$o$l$k2DG=@-$,$"$j$^$9!#(B

50. @Mail Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14408
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14408
$BMWLs(B:
@Mail $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,B8:_$9$k(B

$B5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM
}$,(B
$BE,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$N$$$:$l$+$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%
&%6(B
$B$G!"I8E*$H$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%
3!<(B
$B%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N(B
$B@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

51. Thomson Web Skill Vantage Manager SQL Injection Vulnerability
BugTraq ID: 14409
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14409
$BMWLs(B:
Thomson Web Skill Vantage Manager $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9(B
$B$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ(B
$B$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!
#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#$
3$N(B
$BLdBj$NMxMQ$K@.8y$9$k$H!"LdBj$N$"$k%"%W%j%1!<%7%g%s$K$*$1$k40A4$J4IM}<
T8"(B
$B8B$,967b<T$KM?$($i$l$F$7$^$&$3$H$,Js9p$5$l$F$$$^$9!#(B

52. Opera Web Browser Image Dragging Cross-Domain Scripting and File Retrieval Vulnerability
BugTraq ID: 14410
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14410
$BMWLs(B:
Opera Web Browser $B$K$O!"967b<T$,%/%m%9%I%a%$%s%9%/%j%W%F%#%s%0967b$r<B9T(B
$B$7$F!"%m!<%+%k%3%s%T%e!<%?>e$N%U%!%$%k$rFI$_9~$`$3$H$r5v$7$F$7$^$&LdB
j$,(B
$BB8:_$9$k5?$$$,$"$j$^$9!#(B

Opera Web Browser 8.02 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1(B
$B$^$9!#(B

53. Cisco IOS IPv6 Processing Arbitrary Code Execution Vulnerability
BugTraq ID: 14414
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14414
$BMWLs(B:
Cisco IOS $B$N(B IPv6 $B=hM}5!G=$O!"%j%b!<%H$+$i$N967b$K$h$jG$0U$N%3!<%I$,<B9T(B
$B$5$l$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b$,@.8y$9$k$H!"%j%b!<%H$N967b<T$K$h$C$FG$0U$N%3!<%I$,<B9T$5$l!"$3$
N%G(B
$B%P%$%9$KBP$7$FIT@5%"%/%;%9$,9T$o$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$
3$N(B
$BLdBj$rMxMQ$7$FI8E*%G%P%$%9$r%j%m!<%I$5$;!"@55,%f!<%6$X$N%5!<%S%95qH]$
r>7(B
$B$/2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$O(B BID 12368 (Cisco IOS IPv6 Processing Remote Denial Of Service
Vulnerability) $B$K4XO"$7$F$$$k2DG=@-$,$"$j$^$9!#(B

Cisco IOS XR $B$K$*$$$F$3$NLdBj$,MxMQ$5$l$k$H!"(BIPv6 $B$N%M%$%P!<8!=P%W%m%;%9(B
$B$,:F5/F0$5$;$i$l$k2DG=@-$,$"$k$H(B Cisco $B$O=R$Y$F$$$^$9!#$3$NLdBj$,7+$jJV(B
$B$7MxMQ$5$l$?>l9g!"7k2L$H$7$FD94|$KEO$k%5!<%S%95qH]$,0z$-5/$3$5$l!"$3$
N%G(B
$B%P%$%9$r2p$7$FAw<u?.$5$l$k(B IPv6 $B%H%i%U%#%C%/$,1F6A$r<u$1$k2DG=@-$,$"$j$^(B
$B$9!#(B

54. Easypx41 Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14416
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14416
$BMWLs(B:
Easypx41 $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"I8E
*$H(B
$B$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N(B
$B967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

55. LibTiff Tiff Image Header Divide By Zero Denial of Service Vulnerability
BugTraq ID: 14417
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14417
$BMWLs(B:
LibTIFF $B$O!"$3$N%i%$%V%i%j$rMxMQ$9$k%"%W%j%1!<%7%g%s$r%5!<%S%9ITG=>uBV$K(B
$B4Y$i$;$k2DG=@-$N$"$kLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"$3$N%i%$%V%i%j$
K$*(B
$B$$$FFCDj$N%X%C%@CM$NBEEv@-3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#
(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"LdBj$N$"$k%i%$%V%i%j$rMxMQ$9$k%"%W%j%1!<%
7%g(B
$B%s$G%5!<%S%95qH]$^$?$O%G!<%?$NJ6<:$r0z$-5/$3$92DG=@-$,$"$j$^$9!#(B

CUPS $B$N0u:~%7%9%F%`$*$h$S(B Evolution $B$NEE;R%a!<%k%/%i%$%"%s%H$K$*$$$F!"$3(B
$B$NLdBj$N1F6A$r<u$1$k$3$H$,L@$i$+$K$J$C$F$$$^$9!#(BLibTIFF $B%i%$%V%i%j$r;HMQ(B
$B$9$k$=$NB>$N%"%W%j%1!<%7%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$O(B BID 12874 (ImageMagick TIFF Image File Unspecified Denial Of
Service Vulnerability) $B$K4XO"$7$F$$$k2DG=@-$,$"$j$^$9!#(B

56. HP NonStop Server DCE Core Services Remote Denial of Service Vulnerability
BugTraq ID: 14418
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14418
$BMWLs(B:
DCE Core Services $B$r<B9T$9$k(B HP NonStop Server $B$O!"%j%b!<%H$+$i$N967b$K(B
$B$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b$K@.8y$9$k$H!":F5/F0$9$k$?$a$K(B DCED $B$K0MB8$7$F$$$k!"I,MW$J%5!<%S%9$r(B
DCED $B$,=*N;$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

T8403 DCE Core Services revision ABH $B$r<B9T$9$k!"(BG06.14 $B$+$i(B G06.26 $B$^$G(B
$B$G2TF0$9$k(B HP NonStop Server $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

57. Novell eDirectory NMAS Authentication Bypass Vulnerability
BugTraq ID: 14419
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14419
$BMWLs(B:
Novell eDirectory $B$K$O!"%f!<%6$N%"%+%&%s%H$X$NIT@5%"%/%;%9$r>7$/2DG=@-$N(B
$B$"$kLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

Novell eDirectory $B$G$O3NG'$N$?$a$N<ALd$KBP$9$k2sEz$NBEEv@-3NG'$,$G$-$J$$(B
$B$?$a!"K\Mh8"8B$r;}$?$J$$967b<T$,%f!<%6$N%Q%9%o!<%I$rJQ99$9$k$3$H$,2DG
=$G(B
$B$9!#(B

eDirectory NMAS 2.3.8 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^(B
$B$9!#(B

58. Gopher Insecure Temporary File Creation Vulnerability
BugTraq ID: 14420
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14420
$BMWLs(B:
Gopher $B$K$O%;%-%e%j%F%#>eITE,@Z$K0l;~%U%!%$%k$,:n@.$5$l$kL$FCDj$NLdBj$,(B
$BB8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"@_7W>e$NITHw$K$h$j!"%U%!%$%k$X$N=
q$-(B
$B9~$_A0$K%U%!%$%k$NB8:_$N3NG'$K<:GT$7$F$7$^$&$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$K4X$7$F>\:Y$J5;=QE*@bL@$rDs6!$9$k$N$K==J,$J>pJs$,8x3+$5$l$F$
$$^(B
$B$;$s!#>\:Y$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"$3$N%"%W%j%1!<%7%g%s$r<B9T$9$k!"5?$$$r;}$
?$J(B
$B$$%f!<%6$N8"8B$G!"G$0U$N%U%!%$%k$r>e=q$-$9$k2DG=@-$,$"$j$^$9!#(B

59. Easypx41 Multiple Variable Injection Vulnerabilities
BugTraq ID: 14421
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14421
$BMWLs(B:
Easypx41 $B$K$O!"JQ?t$rA^F~2DG=$JJ#?t$NLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O!"J#?t$N%9%/%j%W%HF~NOCM$NJQ?t$rA`:n$7$F%"%/%;%9%3%s%H%m!<%k$
r2s(B
$BHr$7!"=EMW$JHkL)>pJs$r<hF@$9$k$3$H$,2DG=$G$9!#<hF@$5$l$?>pJs$O!"LdBj$
rJz(B
$B$($k%"%W%j%1!<%7%g%s$^$?$O%P%C%/%(%s%I%7%9%F%`$KBP$9$k99$J$k967b$N<j=
u$1(B
$B$H$J$k2DG=@-$,$"$j$^$9!#(B

60. Ung Arbitrary Email Header Injection Vulnerability
BugTraq ID: 14422
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14422
$BMWLs(B:
UNG $B$K$O!"G$0U$NEE;R%a!<%k%X%C%@$NA^F~$K4XO"$9$kLdBj$,B8:_$9$k5?$$$,$"$j
(B
$B$^$9!#$=$N$?$a!"(BWeb $B%Y!<%9$NEE;R%a!<%k%5%V%_%C%7%g%s$,@)8f$5$l$:$KG[?.$5(B
$B$l$k$3$H$r5v$7$F$7$^$$$^$9!#(B

$B$3$N%"%W%j%1!<%7%g%s$OK\<AE*$K%a!<%k%j%l!<$r9T$&$b$N$H$J$C$F$7$^$&$?$
a!"(B
$B0-0U$"$k%f!<%6$,I8E*$H$9$kEE;R%a!<%k%"%I%l%9$KITMW$JEE;R%a!<%k$rAw?.$
9$k(B
$B$3$H$r5v$7$F$7$^$$$^$9!#(B

61. VBZooM Forum Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14423
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14423
$BMWLs(B:
VBZooM Forum $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,(B
$BB8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%
?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$N$$$:$l$+$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%
&%6(B
$B$G!"I8E*$H$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%
3!<(B
$B%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N(B
$B@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

62. Simplicity oF Upload Download.PHP Remote File Include Vulnerability
BugTraq ID: 14424
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14424
$BMWLs(B:
Simplicity oF Upload $B$K$O!"%j%b!<%H$+$i%U%!%$%k$,%$%s%/%k!<%I$5$l$k2DG=(B
$B@-$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@
Z$K(B
$B<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N(B PHP $B%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h(B
$B$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

63. Kayako LiveResponse Multiple Input Validation Vulnerabilities
BugTraq ID: 14425
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14425
$BMWLs(B:
Kayako LiveResponse $B$K$O!"J#?t$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj!"(BSQL
$B9=J8$rCmF~2DG=$JLdBj!"$*$h$S(B HTML $B%?%0$rA^F~2DG=$JLdBj$,B8:_$9$k5?$$$,$"(B
$B$j$^$9!#$3$l$i$NLdBj$O$9$Y$F!"F~NOCM$KBP$9$kBEEv@-$N3NG'$NITHw$K4XO"$
7$F(B
$B$$$^$9!#(B

$B%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$*$h$S(B HTML $B%?%0$,A^F~2DG=$JLdBj$K$h$j!"(B
Cookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j(B
$B$^$9!#(BSQL $B9=J8$rCmF~2DG=$JLdBj$K$h$j!"$3$N%=%U%H%&%'%"$KBP$9$k6<0R$r>7$/!"(B
$B$"$k$$$O%G!<%?%Y!<%9$KBP$7$F$=$NB>$N967b$r<B9T$9$k$3$H$r%j%b!<%H$N967
b<T(B
$B$K5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

64. PluggedOut CMS Multiple Input Validation Vulnerabilities
BugTraq ID: 14426
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14426
$BMWLs(B:
PluggedOutCMS $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$*$h$S(B SQL $B9=J8$r(B
$BCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$,@`<h$5$l$k!"$^$?$O%G!<%?%Y!<(B
$B%9$N%G!<%?$KIT@5%"%/%;%9$5$l$k2DG=@-$,$"$j$^$9!#$=$NB>$N967b$,<B9T$5$
l$k(B
$B2DG=@-$b$"$j$^$9!#(B

65. PC-Experience/Toppe Unauthorized User Access Vulnerability
BugTraq ID: 14427
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14427
$BMWLs(B:
PC-Experience $B$*$h$S(B Toppe $B$K$O!"G$0U$N%f!<%6%"%+%&%s%H$KIT@5$K%"%/%;%9(B
$B$9$k$3$H$r%j%b!<%H$N967b<T$K5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#$3$NLdBj$O!
"(B
Cookie $B$KM3Mh$9$kG'>ZMQ>pJs$K4XO"$9$k%"%/%;%9$NBEEv@-3NG'$NITHw$KM3Mh$7(B
$B$^$9!#(B

66. PC-Experience/Toppe PM.PHP MSG Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 14428
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14428
$BMWLs(B:
PC-Experience $B$*$h$S(B Toppe $B$K$O!"$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r(B
$B<u$1$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"B>$N(B PC-Experience/Toppe $B%f!<%6$N(B
Cookie $B$KM3Mh$9$kG'>ZMQ>pJs$KIT@5%"%/%;%9$9$k$3$H$r%j%b!<%H$N967b<T$K5v(B
$B$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

67. Ragnarok Online Control Panel Authentication Bypass Vulnerability
BugTraq ID: 14429
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14429
$BMWLs(B:
Ragnarok Online Control Panel (ROCP) $B$K$O!"%j%b!<%H$N967b<T$,%f!<%6G'>Z(B
$B$r2sHr2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O(B PHP $BJQ?t$N=hM}J}K!(B
$B$K4XO"$7$F$*$j!"%f!<%6G'>Z$N%A%'%C%/$K;HMQ$5$l$kJQ?t$rA`:n$9$k$3$H$r9
67b(B
$B<T$K5v$7$F$7$^$$$^$9!#(B

$B$3$NLdBj$,MxMQ$5$l$k$H!"(BROCP $B%5%$%H$X$N4IM}<T%"%/%;%9$r5v$7$F$7$^$&2DG=(B
$B@-$,$"$j$^$9!#(B

$B$3$NLdBj$O!"(BApache Web $B%5!<%P>e$G2TF0$9$k(B ROCP $B$r%[%9%H$9$k%5%$%H$K8BDj(B
$B$5$l$k2DG=@-$,$"$j$^$9!#$3$l$K$D$$$F$O!"L$8!>Z$G$9!#(B

68. Kismet Multiple Unspecified Remote Vulnerabilities
BugTraq ID: 14430
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14430
$BMWLs(B:
Kismet $B$K$O!"%j%b!<%H$+$iMxMQ2DG=$JL$FCDj$N(B 3 $B$D$NLdBj$,B8:_$9$k5?$$$,$"(B
$B$j$^$9!#$3$l$i$NLdBj$rMxMQ$7$F(B Kismet $B$r<B9T$9$k%3%s%T%e!<%?$r40A4$K@)8f(B
$B$9$k$3$H$K$h$j!"%o%$%d%l%9%M%C%H%o!<%/>e$N%H%i%U%#%C%/$,K5<u$5$l$k2DG
=@-(B
$B$,$"$j$^$9!#(B

$B8=;~E@$G$O>\:Y$J>pJs$O8x3+$5$l$F$$$^$;$s!#(B

69. Metasploit Framework Unspecified Remote Vulnerability
BugTraq ID: 14431
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-07-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14431
$BMWLs(B:
Metasploit Framework $B$K$O!"L$FCDj$N%;%-%e%j%F%#>e$NLdBj$,B8:_$9$k5?$$$,(B
$B$"$j$^$9!#%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%
7%g(B
$B%s$r<B9T$9$k%f!<%6$N%3%s%T%e!<%?$KBP$9$k6<0R$r>7$/2DG=@-$,$"$j$^$9!#
(B

$B$3$NLdBj$O!"L$CN$N%M%C%H%o!<%/@\B3$K$*$$$F%"%W%j%1!<%7%g%s$K0-0U$"$k%
G!<(B
$B%?$rJV$9$3$H$K$h$C$F<B9T$5$l$k2DG=@-$,9b$/!"7k2L$H$7$F%9%-%c%s$r<B9T$
9$k(B
$B%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%I$,<B9T$5$l$
F$7(B
$B$^$$$^$9!#(B

$B99?7(B: $B$3$NLdBj$O@H<e@-$G$O$J$$$HH=CG$5$l$?$?$a!"$3$N(B BID $B$OGQ4~$5$l$^$7(B
$B$?!#$3$NLdBj$O!"30It$+$i$NF~NOCM$r5-O?$9$k$H$-$K@x:_E*$K0-0U$N$"$k%?!
<%_(B
$B%J%k%(%9%1!<%W%7!<%1%s%9$N%U%#%k%?=hM}$,==J,$G$O$J$$$3$H$KM3Mh$7$F$$$
k!"(B
$B$H$9$kDI2C>pJs$,8x3+$5$l$^$7$?!#$3$l$i$N%(%9%1!<%W%7!<%1%s%9$O$$$:$l$
N;~(B
$BE@$K$*$$$F$b%"%W%j%1!<%7%g%s$K$h$C$F2r<a$5$l$F$*$i$:!"2r<a$9$k%?!<%_%
J%k(B
$B%(%_%e%l!<%?%W%m%0%i%`Fb$G30It%S%e!<%"$r;HMQ$7$F%l%s%@%j%s%0$5$l$?$H$
7$F(B
$B$b6<0R$r>7$/$3$H$K$7$+$J$j$^$;$s!#$=$N$h$&$J>l9g!"(B

$B%?!<%_%J%k%(%_%e%l!<%?%W%m%0%i%`$K$*$$$F%;%-%e%j%F%#>e$NLdBj$,H/@8$7$
^$9!#(B
Metasploit $B<+BN$,0-0U$"$kF~NOCM$r2r<a$9$k$3$H$O$J$$$?$a!"$3$N%"%W%j%1!<(B
$B%7%g%s$,$3$N<o$NF~NOCM$r%U%#%k%?=hM}$9$k$3$H$O$"$j$^$;$s!#$3$NLdBj$K$
h$C(B
$B$F(B Metasploit $B<+BN$N%;%-%e%j%F%#FC@-$,1F6A$r<u$1$k$3$H$O$J$$$?$a!"$3$l$O(B
Metasploit $B$NLdBj$G$O$"$j$^$;$s!#(B

III.SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Exploit writers team up to target Cisco routers
$BCx<T(B: Robert Lemos
$B%;%-%e%j%F%#LdBj$rH/8+<T$K$h$k:G6a$N$"$kH/I=$r5Q2<$7$h$&$H$7$?(B Cisco $B<R(B
$B$KJ"$rN)$F$?%;%-%e%j%F%#8&5f<T$*$h$S%O%C%+!<C#$O!"$3$N5pBg$J%M%C%H%o!
<%/(B
$B4k6H%"%s%H$N%$%s%?!<%M%C%H@=IJ$rI8E*$H$7$?967b$N:F8=$*$h$S3HBg$rL\O@$
s$G(B
$B$$$^$9!#(B

http://www.securityfocus.com/news/11263

2. Reading, rooting, 'rithmetic: Preschoolers learn programming
$BCx<T(B: Robert Lemos
$B$H$"$k650i@lLg2H$O!";R6!$?$A$NAOB$@-$H5;=Q=,F@$r6/2=$9$k$?$a$K$O!"="3
XA0(B
$B$+$i%3%s%T%e!<%?%W%m%0%i%_%s%0$*$h$S%O%C%-%s%0$N5;=Q$r65$($k$Y$-$G$"$
k$H(B
$BO@$8$F$$$^$9!#(B

http://www.securityfocus.com/news/11262

3. Settlement reached in Cisco flaw dispute
$BCx<T(B: Robert Lemos
Cisco $B<R$N%k!<%?$r%j%b!<%H$+$i967b$9$kJ}K!$r8x3+$7$?8&5f<T$O!"$9$Y$F$N4X(B

$BO";qNA$r0z$-EO$5$J$/$F$O$J$i$J$/$J$j$^$7$?!#$^$?!"$3$l$i$NLdBj$K4X$9$
k>p(B
$BJs$*$h$S0lHLE*$J$3$N%M%C%H%o!<%/%O!<%I%&%'%">e$G%3!<%I$r<B9T$9$k$?$a$
K;H(B
$BMQ$7$?%F%/%K%C%/$r!"$3$l0J>eN.I[$7$J$$$3$H$KF10U$7$^$7$?!#(B

http://www.securityfocus.com/news/11260

4. Cisco, ISS file suit against rogue researcher
$BCx<T(B: Robert Lemos
$B99?7(B: Black Hat Conference $B$N1?1D<T$*$h$S!V(BCisco $B$N%k!<%?$KBP$7$F9-HO$K(B
$B967b$r9T$&$3$H$,$G$-$k!W$H%+%s%U%!%l%s%9;22C<T$KOC$r$7$?%;%-%e%j%F%#@
lLg(B
$B2H$KBP$7$F!"(B2 $B$D$N4k6H$,6X;_L?Na$N?=$7N)$F$r9T$$$^$7$?!#(B

http://www.securityfocus.com/news/11259

5. Infrared exploits open the door to hotel hacking
$BCx<T(B: John Leyden
$B%;%-%e%"$G$J$$%[%F%k$N@V30@~DL?.$N%7%9%F%`$K$h$C$F!"%O%C%+!<$OB>$N=IG
q5R(B
$B$NEE;R%a!<%k$rEp$_FI$s$@$j!"L5NA$G%]%k%N1G2h$r4U>^$7$?$j!"$"$k$$$OB>$
N=I(B
$BGq5R$N@A5a=q$NFbMF$r2~$6$s$7$?$j$9$k$3$H$,2DG=$K$J$j$^$9!#(B

http://www.securityfocus.com/news/11265

6. Linux Bluetooth hackers hijack car audio
$BCx<T(B: John Leyden
Linux $B$rA`$k%O%C%+!<$?$A$O!"%;%-%e%j%F%#>e$NLdBj$N$"$k(B Bluetooth $BBP1~$N(B
$B%O%s%I%U%j!<%f%K%C%H$r;HMQ$7$F$$$kDL$j$,$+$j$N<VN>$+$iAw?.$5$l$k2;@<?
.9f(B
$B$KBP$7$F%G!<%?$rA^F~$7$?$j!"2;@<?.9f$r5-O?$7$?$j$9$kJ}K!$r%G%b%s%9%H%
l!<(B
$B%7%g%s$7$^$7$?!#(B

http://www.securityfocus.com/news/11266

7. Cisco details Black Hat vuln fix
$BCx<T(B: John Leyden
$B%5!<%S%95qH]$r0z$-5/$3$9967b$,<B9T$5$l$k2DG=@-$N$"$kLdBj$,H/8+$5$l$?$
3$H(B
$B$r<u$1!"(BCisco $B<R$O@h=5!"F1<R$N%M%C%H%o!<%-%s%0%-%C%H$r;HMQ%f!<%6$KBP$7!"(B
$B;HMQ$7$F$$$k%=%U%H%&%'%"$r%"%C%W%0%l!<%I$9$k$h$&$K4+9p$7$^$7$?!#(B

http://www.securityfocus.com/news/11264

8. Sophos bug highlights wider anti-virus flaws
$BCx<T(B: John Leyden
Sophos $B$N%&%$%k%9BP:v@=IJ$N%f!<%6$KBP$7!"@x:_E*$K?<9o$J%;%-%e%j%F%#LdBj(B
$B$K4X$9$k7Y9p$,=P$5$l$^$7$?!#(B

http://www.securityfocus.com/news/11261

--
$BK]Lu(B: LAC $BK]Lu%A!<%`(B
$B4F=$(B: $B>.3^8691M:(B (OGASAWARA Tsuneo)
LAC Co., Ltd.
http://www.lac.co.jp/index.html

[ reply ]