SecurityFocus

SecurityFocus Newsletter #313 2005-08-22->2005-08-26 Dec 21 2005 11:17AM
Tsuneo Ogasawara (t ogaswr lac co jp)

$B>.3^86(B@$B%i%C%/$G$9!#(B

SecurityFocus Newsletter $BBh(B 313 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

------------------------------------------------------------------------
---
BugTraq-JP $B$K4X$9$k(B FAQ ($BF|K\8l(B):
http://www.securityfocus.com/archive/79/description
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0l<!G[I[$5$l$F$$$^$9(B
$B!&(BBugTraq-JP $B$X$N;22CJ}K!!"C&B`J}K!$O$3$N(B FAQ $B$r$4;2>H$/$@$5$$(B
------------------------------------------------------------------------
---
SecurityFocus Newsletter $B%"!<%+%$%V(B ($B1Q8l(B):
http://www.securityfocus.com/archive/78
BugTraq $B$K4X$9$k(B FAQ ($B1Q8l(B):
http://www.securityfocus.com/archive/1/description
------------------------------------------------------------------------
---
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
$B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#
(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
$B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
$B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
------------------------------------------------------------------------
---
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^
(B
$B$9!#(B
------------------------------------------------------------------------
---
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
$BHG$r$4Ej9FD:$/$+!"4F=$<T(B (t.ogaswr (at) lac.co (dot) jp [email concealed]) $B$K$*CN$i$;$/$@$5$$!#(B
$B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
------------------------------------------------------------------------
---
This translation is encoded and posted in ISO-2022-JP.

$B86HG(B:
Date: Tue, 30 Aug 2005 17:05:58 -0600
Message-ID: <4314E656.9080702 (at) securityfocus (dot) com [email concealed]>

SecurityFocus Newsletter #313
-----------------------------

This Issue is Sponsored By: IT-Harvest

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
1. The great firewall of China
II. BUGTRAQ SUMMARY
1. Elm Expires Header Remote Buffer Overflow Vulnerability
2. Sysinternals Process Explorer CompanyName Value Buffer Overflow Vulnerability
3. Woltlab Burning Board ModCP.PHP SQL Injection Vulnerability
4. Land Down Under Multiple SQL Injection Vulnerabilities
5. Land Down Under Multiple Cross-Site Scripting Vulnerabilities
6. PCRE Regular Expression Heap Overflow Vulnerability
7. Computer Associates Message Queuing Denial Of Service Vulnerability
8. Computer Associates Message Queuing Buffer Overflow Vulnerability
9. Computer Associates Message Queuing CAFT Spoofing Vulnerability
10. LM_sensors PWMConfig Insecure Temporary File Creation Vulnerability
11. Coppermine Displayimage.PHP Script Injection Vulnerability
12. NEPHP Browse.PHP Cross Site Scripting Vulnerability
13. DTLink Software AreaEdit SpellChecker Plugin Arbitrary Command Execution Vulnerability
14. Cisco IDS Management Software SSL Certificate Validation Vulnerability
15. PHPKit Multiple SQL Injection Vulnerabilities
16. RunCMS NewBB_Plus and Messages Modules Multiple SQL Injection Vulnerabilities
17. BEA WebLogic Portal Access Validation Vulnerability
18. Cisco Intrusion Prevention System Local Privilege Escalation Vulnerability
19. RunCMS Arbitrary Variable Overwrite Vulnerability
20. PostNuke Multiple Cross Site Scripting Vulnerabilities
21. PostNuke DL-viewdownload.PHP SQL Injection Vulnerability
22. Netquery Host Parameter Arbitrary Command Execution Vulnerability
23. Adobe Version Cue for Mac OS X Local Privilege Escalation Vulnerabilities
24. SaveWebPortal Unauthorized Access Vulnerability
25. SLocate Local Database Corruption Vulnerability
26. SaveWebPortal Multiple Remote File Include Vulnerabilities
27. SaveWebPortal Multiple Cross Site Scripting Vulnerabilities
28. SaveWebPortal Multiple Directory Traversal Vulnerabilities
29. Ventrilo Status Requests Denial Of Service Vulnerability
30. ZipTorrent Proxy Server Password Disclosure Vulnerability
31. Mercora IMRadio Plaintext Password Disclosure Weakness
32. HAURI Anti-Virus ACE Archive Handling Remote Buffer Overflow Vulnerability
33. PADL Software PAM_LDAP Authentication Bypass Vulnerability
34. SqWebMail File Attachment Script Injection Vulnerability
35. WebCalendar Send_Reminders.PHP Remote File Include Vulnerability
36. MPlayer Audio Header Buffer Overflow Vulnerability
37. Home Ftp Server Multiple Vulnerabilities
38. PAFileDB Auth.PHP SQL Injection Vulnerability
39. LeapFTP Client LSQ File Remote Buffer Overflow Vulnerability
40. QNX RTOS InputTrap Local Arbitrary File Disclosure Vulnerability
41. Foojan PHPWeblog Html Injection Vulnerability
42. Tor Cryptographic Handshake Remote Information Disclosure Vulnerability
43. Apache CGI Byterange Request Denial of Service Vulnerability
44. Linux Kernel 64 Bit ELF Header Processing Memory Leak Local Denial Of Service Vulnerability
45. HP OpenView Network Node Manager Multiple Remote Command Execution Vulnerabilities
46. HP-UX Veritas File System Unauthorized Data Access Vulnerability
47. Quake 2 Lithium II Mod Memory Corruption Vulnerability
48. Astaro Security Linux HTTP CONNECT Unauthorized Access Weakness
49. Simpleproxy Remote Syslog() Format String Vulnerability
50. Simple PHP Blog Remote Arbitrary File Upload Vulnerability
51. Gallery Script Injection Vulnerability
52. PHPgraphy Script Injection Vulnerability
53. YaPig Script Injection Vulnerability
54. PhotoPost Script Injection Vulnerability
55. Nokia Affix BTSRV Device Name Remote Command Execution Vulnerability
56. NTPD Insecure Privileges Vulnerability
III. SECURITYFOCUS NEWS
1. Zotob suspects arrested in Turkey and Morocco
2. Storm brewing over SHA-1 as further breaks are found
3. Plug-and-play bots worming and warring among Windows systems
4. Worm spreading through Microsoft Plug-and-Play flaw
5. Zotob arrests throws open trade in compromised PCs
6. Brazil cuffs 85 in online bank hack dragnet
7. Polyglot IM worm targets MSN
8. The GIMP threatens PIN number security

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
----------------------------

II. BUGTRAQ SUMMARY
--------------------
1. Elm Expires Header Remote Buffer Overflow Vulnerability
BugTraq ID: 14613
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-20
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14613
$BMWLs(B:
Elm $B$K$O%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"967b
(B
$B<T$,0-0U$"$k%3!<%I$r<B9T$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#$3$NL
dBj(B
$B$O%f!<%6$,;XDj$7$?%G!<%?$N6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$
7$^(B
$B$9!#(B

$B967b$,@.8y$9$k$H!"8GDjD9$N%P%C%U%!$G%*!<%P!<%U%m!<$,0z$-5/$3$5$l!"LdB
j$N(B
$B$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%I$,<B9T$
5$l(B
$B$k2DG=@-$,$"$j$^$9!#(B

2. Sysinternals Process Explorer CompanyName Value Buffer Overflow Vulnerability
BugTraq ID: 14616
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-20
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14616
$BMWLs(B:
Process Explorer $B$K$O%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O%f!<%6$,;XDj$7$?%G!<%?$N6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$
KM3(B
$BMh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"8GDjD9$N%P%C%U%!$G%*!<%P!<%U%m!<$,0z$-5/$3$5$l!"LdB
j$N(B
$B$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%I$,<B9T$
5$l(B
$B$k2DG=@-$,$"$j$^$9!#(B

3. Woltlab Burning Board ModCP.PHP SQL Injection Vulnerability
BugTraq ID: 14617
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-20
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14617
$BMWLs(B:
Woltlab Burning Board $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:(B
$B=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B967b<T$OLdBj$N$"$k%9%/%j%W%H$K%"%/%;%9$9$k$?$a$K%b%G%l!<%?$N>ZL@=q$r<
hF@(B
$B$7$F$$$kI,MW$,$"$kE@$KN10U$9$Y$-$G$9!#(B

4. Land Down Under Multiple SQL Injection Vulnerabilities
BugTraq ID: 14618
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-20
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14618
$BMWLs(B:
Land Down Under $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j(B
$B$^$9!#$3$l$i$NLdBj$O%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"(B
$BF~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

5. Land Down Under Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14619
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-20
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14619
$BMWLs(B:
Land Down Under $B$K$O%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%
$%:(B
$B=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"I8E
*$H(B
$B$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$
9$k(B
$B2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N96(B
$B7b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

6. PCRE Regular Expression Heap Overflow Vulnerability
BugTraq ID: 14620
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-20
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14620
$BMWLs(B:
PCRE $B$K$O%R!<%WNN0h$G%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O(B

$B%f!<%6$,;XDj$7$?F~NOCM$rFbIt%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%
C%/(B
$B$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$NMxMQ$,@.8y$7$?>l9g$N1F6A$O!"LdBj$N$"$k%i%$%V%i%j$r;HMQ$9$k%
"%W(B
$B%j%1!<%7%g%s$*$h$S%f!<%6$NG'>Z=q$K$h$C$F0[$J$j$^$9!#967b$,@.8y$9$k$H!
"96(B
$B7b<T$,=EMW$J%a%b%j@)8f9=B$$NFbMF$r@)8f$7!"G$0U$N%a%b%jNN0h$KG$0U$N%G!
<%?(B
$B$r=q$-9~$`$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

7. Computer Associates Message Queuing Denial Of Service Vulnerability
BugTraq ID: 14621
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14621
$BMWLs(B:
Computer Associates Message Queuing (CAM) $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j(B
$B%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"@55,%f!<%6$X$N%5!<%S%95qH]$r>7$
/$3(B
$B$H$,$G$-$^$9!#(B

$B$3$NLdBj$,MxMQ$5$l$F$b!"LdBj$N$"$k%"%W%j%1!<%7%g%s$K$h$C$F%7%9%F%`%j%
=!<(B
$B%9$,>CHq$5$l$k7k2L$K$O$J$i$J$$E@$KN10U$9$Y$-$G$9!#4{CN$N1F6A$O(B TCP $B%]!<(B
$B%H$K@\B3$G$-$J$/$J$k$3$H$N$_$G$9!#(B

8. Computer Associates Message Queuing Buffer Overflow Vulnerability
BugTraq ID: 14622
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14622
$BMWLs(B:
Computer Associates Message Queuing (CAM) $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,(B
$BH/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$N6-3&%A%'%
C%/(B
$B$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%W%m%;%9$N<B9T%9%?%C%/$N%*!<%P!<%U%m!<$,0z$-5/$3$5$
l!"(B
$BLdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%3!<%I$
,<B(B
$B9T$5$l$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"8"8B$,(B SYSTEM $B%l%Y%k$K>:3J$5$l$F$7(B
$B$^$&2DG=@-$,$"$j$^$9!#(B

9. Computer Associates Message Queuing CAFT Spoofing Vulnerability
BugTraq ID: 14623
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14623
$BMWLs(B:
CAM $B$K$O(B CAM $B%$%s%9%?%s%9$r;HMQ$9$k(B CAFT $B%"%W%j%1!<%7%g%s$N56Au$,5v$5$l(B
$B$F$7$^$&5?$$$,$"$j$^$9!#$3$l$K$h$j!"G$0U$N%3!<%I$r<B9T$9$k$3$H$,5v$5$
l$F(B
$B$7$^$&2DG=@-$,$"$j$^$9!#(B

CAFT $B$O(B CAM $B$r;HMQ$7$F%U%!%$%k$NAw<u?.$r9T$&%U%!%$%kE>Aw%"%W%j%1!<%7%g%s(B
$B$G$9!#$3$NLdBj$O(B CAM $B%5!<%S%9$G(B CAFT $B%"%W%j%1!<%7%g%s$NBEEv@-3NG'$,<:GT(B
$B$9$k$3$H$KM3Mh$7$^$9!#967b<T$O@55,$N(B CAFT $B%$%s%9%?%s%9$r56Au$9$k$3$H$K$h(B
$B$j!">:3J$5$;$?8"8B$GG$0U$N(B CAM $B%3%^%s%I$r<B9T$G$-$^$9!#(B

10. LM_sensors PWMConfig Insecure Temporary File Creation Vulnerability
BugTraq ID: 14624
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14624
$BMWLs(B:
lm_sensors $B$G$O0l;~%U%!%$%k$N:n@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$^$;$s!#$3(B
$B$NLdBj$O(B 'pwmconfig' $B%9%/%j%W%H$KB8:_$7$^$9!#(B

$BLdBj$rMxMQ$7$?967b$K$h$j=EMW$J%U%!%$%k$,>e=q$-$5$l$F$7$^$&$H!"%G!<%?$
,<:(B
$B$o$l$?$j%5!<%S%9ITG=>uBV$K4Y$C$?$j$9$k2DG=@-$,9b$$$H9M$($i$l$^$9!#$=$
NB>(B
$B$N967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

lm_sensors 2.9.1 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B
$B$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

11. Coppermine Displayimage.PHP Script Injection Vulnerability
BugTraq ID: 14625
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14625
$BMWLs(B:
Coppermine $B$K$O!"%9%/%j%W%H$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<%6(B
$B$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!
#(B

$B0-0U$"$k%f!<%6$O5?$$$r;}$?$J$$I8E*$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"(B
Web $B%V(B
$B%i%&%6$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!
"I8(B
$BE*$N%V%i%&%6%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"(BCookie
$B$KM3(B
$BMh$9$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

12. NEPHP Browse.PHP Cross Site Scripting Vulnerability
BugTraq ID: 14626
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14626
$BMWLs(B:
nePHP $B$K$O%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#$3$NLd(B

$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$KITHw$,$"$k$3$H$KM3Mh$7$
^$9!#(B

$B$3$NLdBj$OLdBj$N$"$k%"%W%j%1!<%7%g%s$N%[%9%H$H$J$k%5%$%H$N%;%-%e%j%F%
#%3(B
$B%s%F%-%9%HFb$G!"0-0U$"$k%f!<%6$,5?$$$r;}$?$J$$%f!<%6$KBP$7$F967b$r2C$
($k(B
$B$3$H$r5v$7$F$7$^$$$^$9!#(B

$B$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k(B
$B2DG=@-$,$"$j$^$9!#(B

13. DTLink Software AreaEdit SpellChecker Plugin Arbitrary Command Execution Vulnerability
BugTraq ID: 14627
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14627
$BMWLs(B:
AreaEdit $B$O%j%b!<%H$+$iG$0U$N%3%^%s%I$r<B9T2DG=$JLdBj$N1F6A$r<u$1$^$9!#(B

$B$3$NLdBj$NMxMQ$,@.8y$9$k$H!"(BWeb $B%5!<%P%W%m%;%9$N8"8B$G%3%^%s%I$,<B9T$5$l(B
$B$F$7$^$$$^$9!#$3$l$K$h$j!"LdBj$N$"$k%3%s%T%e!<%?$X$NIT@5%"%/%;%9$J$I!
"$5(B
$B$^$6$^$J967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

AreaEdit 0.4.3 $B$h$jA0$N%P!<%8%g%s$K$*$$$F$3$NLdBj$N1F6A$r<u$1$^$9!#(B

14. Cisco IDS Management Software SSL Certificate Validation Vulnerability
BugTraq ID: 14628
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14628
$BMWLs(B:
CiscoWorks Management Center for IDS Sensors$B!"$*$h$S(B Cisco Monitoring
Center for Security $B$K$O!"(BSSL $BG'>Z$NBEEv@-3NG'$KLdBj$,B8:_$9$k2DG=@-$,$"(B
$B$j$^$9!#$3$NLdBj$O!"(BSSL $BG'>Z$NBEEv@-3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7(B
$B$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F(B SSL $BG'>Z$r56Au$9$k$3$H$K$h$j!"(BCisco Intrusion
Detection Sensor $B$d(B Cisco Intrusion Prevention System $B%G%P%$%9$K$J$j$9$^(B
$B$92DG=@-$,$"$j$^$9!#(B

$B$3$l$i$N@\B3$r56Au$9$k$3$H$K$h$j!"967b<T$O%m%0%$%s$N>ZL@=q$K%"%/%;%9$
7!"(B
$B99$J$k967b$N<j=u$1$H$7$FMxMQ$9$k2DG=@-$,$"$j$^$9!#$^$?!"56Au$5$l$?@\B
3$K(B
$B$h$j!"LdBj$N$"$k4IM}%=%U%H%&%'%"$X$N8m$C$?%G!<%?$NA^F~!"B>$NM-8z$J%G!
<%?(B
$B$N2~$6$s$dGK2u$r<B9T$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"967b<T$
,0-(B
$B0U$"$k3hF0$N:/@W$r1#$9$3$H$,$G$-$k$?$a!"$"$?$+$b0BA4$G$"$k$+$N$h$&$J8
m2r(B
$B$r>7$$$F$7$^$$$^$9!#$=$NB>$N967b$,9T$o$l$k2DG=@-$b$"$j$^$9!#(B

15. PHPKit Multiple SQL Injection Vulnerabilities
BugTraq ID: 14629
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14629
$BMWLs(B:
PHPKit $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l(B
$B$i$NLdBj$O%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5(B
$B%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

16. RunCMS NewBB_Plus and Messages Modules Multiple SQL Injection Vulnerabilities
BugTraq ID: 14631
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14631
$BMWLs(B:
RunCMS $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l(B
$B$i$NLdBj$O%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5(B
$B%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

17. BEA WebLogic Portal Access Validation Vulnerability
BugTraq ID: 14632
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14632
$BMWLs(B:
BEA WebLogic Portal $B$O!"%"%/%;%9$NBEEv@-3NG'$NLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O0U?^E*$K:n@.$7$?(B HTTP GET $B%j%/%(%9%H$rH/9T$9$k$3$H$K$h$j!"%V%C%/(B
$B$N$9$Y$F$N%Z!<%8$J$I!"@)8B$5$l$?FbMF$K%"%/%;%9$G$-$^$9!#(B

WebLogic Portal 8.1 Service Pack 4 $B$h$jA0$N%P!<%8%g%s$K$*$$$F$3$NLdBj$N(B
$B1F6A$r<u$1$^$9!#(B

18. Cisco Intrusion Prevention System Local Privilege Escalation Vulnerability
BugTraq ID: 14633
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14633
$BMWLs(B:
Cisco IPS $B$K$O%m!<%+%k$G8"8B>:3J$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$3$NLd(B
$BBj$O%3%^%s%I%i%$%s%$%s%?%U%'!<%9(B (CLI) $B$NO@M}9=B$$NITHw$KM3Mh$7$^$9!#(B

VIEWER $B8"8B$d(B OPERATOR $B8"8B$r;}$D%f!<%6$O!"$3$NLdBj$rMxMQ$7!"LdBj$N$"$k(B
$B%G%P%$%9$KBP$7$F4IM}<T%"%/%;%9$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$i$N8"8
B$O(B
IPS $B%G%P%$%9$N4F;k$H%H%i%V%k%7%e!<%F%#%s%0$r9T$&$?$a$N8"8B$rIUM?$5$l$J$$
(B
$B%"%+%&%s%H$G$9!#(B

$B$3$NLdBj$rMxMQ$9$k$3$H$K$h$j!"967b<T$OLdBj$N$"$k%G%P%$%9>e$G40A4$J4IM
}<T(B
$B8"8B$r<hF@$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"%G%P%$%9$N%M%C%H%o!<%/%;%
-%e(B
$B%j%F%#5!G=$r2sHr$7!"99$J$k967b$N<j=u$1$H$7$FMxMQ$9$k$3$H$,5v$5$l$F$7$
^$&(B
$B2DG=@-$,$"$j$^$9!#$^$?!"G$0U$N%3!<%I$r<B9T$7$?$j!"%M%C%H%o!<%/$r%5!<%
S%9(B
$BITG=>uBV$K4Y$l$?$j$9$k$3$H$b2DG=$G$9!#(B

19. RunCMS Arbitrary Variable Overwrite Vulnerability
BugTraq ID: 14634
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14634
$BMWLs(B:
RunCMS $B$K$OG$0U$NJQ?t$r>e=q$-$9$k$3$H$,5v$5$l$F$7$^$&5?$$$,$"$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"%"%W%j%1!<%7%g%sA4BN$G;HMQ$5$l$kG$0U$NJQ?
t$r(B
$B>e=q$-$G$-$^$9!#967b<T$O(B POST $B%a%=%C%I$r;HMQ$7$F?7$7$$CM$r;XDj$7$^$9!#(B

$B$3$NLdBj$NMxMQ$,@.8y$9$k$H!">e=q$-$5$l$kJQ?t!"$*$h$SLdBj$N$"$k%"%W%j%
1!<(B
$B%7%g%s$NE,MQHO0O$H%Q!<%_%C%7%g%s$K$h$C$F$O!"J#?t$N1F6A$,H/@8$9$k2DG=@
-$,(B
$B$"$j$^$9!#(B

20. PostNuke Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14635
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14635
$BMWLs(B:
PostNuke $B$K$O%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8:_$9$k(B
$B5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$
,E,(B
$B@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k(B
$B2DG=@-$,$"$j$^$9!#(B

21. PostNuke DL-viewdownload.PHP SQL Injection Vulnerability
BugTraq ID: 14636
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-22
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14636
$BMWLs(B:
PostNuke $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<%6$,;X(B
$BDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

22. Netquery Host Parameter Arbitrary Command Execution Vulnerability
BugTraq ID: 14637
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14637
$BMWLs(B:
Netquery $B$O!"%j%b!<%H$+$i%3%^%s%I$r<B9T2DG=$JLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O(B 'nquser.php' $B%9%/%j%W%H$N(B 'host' $B%Q%i%a!<%?$r;HMQ$7$FG$0U$N%3%^(B
$B%s%I$r;XDj$G$-$^$9!#$3$l$K$h$j!"967b<T$,LdBj$N$"$k%5!<%P$N%;%-%e%j%F%
#%3(B
$B%s%F%-%9%HFb$G%3%^%s%I$r<B9T$7!"IT@5%"%/%;%9$r<B9T$9$k$3$H$,5v$5$l$F$
7$^(B
$B$&2DG=@-$,$"$j$^$9!#(B

Netquery 3.11 $B$K$*$$$F$3$NLdBj$N1F6A$r<u$1$^$9!#$3$l$h$jA0$N%P!<%8%g%s$K(B
$B$bLdBj$,B8:_$9$k2DG=@-$,$"$j$^$9!#(B

23. Adobe Version Cue for Mac OS X Local Privilege Escalation Vulnerabilities
BugTraq ID: 14638
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14638
$BMWLs(B:
Adobe Version Cue for Mac OS X $B$K$O!"%m!<%+%k$G$N8"8B>:3J$K4XO"$9$k(B 2 $B7o(B
$B$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O%m!<%+%k$N967b<T$,G$0U$N%i%
$%V(B
$B%i%j$r%m!<%I$7$?$j%U%!%$%k$r>e=q$-$7$?$j$9$k$3$H$r5v$7$F$7$^$&2DG=@-$
,$"(B
$B$j$^$9!#(B

$BBh(B 1 $B$NLdBj(B (CAN-2005-1842) $B$O%m!<%+%k%f!<%6$,(B VCNative $B%"%W%j%1!<%7%g%s(B
$B$r2p$7$F!"4IM}<T$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%U%!%$%k$r>e=q$-$
9$k(B
$B$3$H$r5v$7$F$7$^$$$^$9!#$3$NLdBj$O8"8B>:3J$r5v$7$F$7$^$$!"%+%9%?%`$N%
G!<(B
$B%?$K$h$C$F%U%!%$%k$,>e=q$-$5$l$k2DG=@-$,$"$j$^$9!#(B

$BBh(B 2 $B$NLdBj(B (CAN-2005-1843) $B$O%m!<%+%k%f!<%6$,(B VCNative $B%"%W%j%1!<%7%g%s(B
$B$r2p$7$F!"4IM}<T$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%i%$%V%i%j$r%m!<%
I$9(B
$B$k$3$H$r5v$7$F$7$^$$$^$9!#$3$l$K$h$j!"8"8B>:3J$,5v$5$l$F$7$^$$$^$9!#
(B

Adobe Version Cue 1.0 $B$*$h$S(B 1.0.1 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

24. SaveWebPortal Unauthorized Access Vulnerability
BugTraq ID: 14639
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14639
$BMWLs(B:
SaveWebPortal $B$K$O!"IT@5%"%/%;%9$,9T$o$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"4I(B
$BM}%9%/%j%W%H$N%"%/%;%9@)8B$KITHw$,$"$k$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$
,$"(B
$B$j$^$9!#$3$l$K$h$jIT@5%"%/%;%9$,0z$-5/$3$5$l!"LdBj$N$"$k%5%$%H$KBP$7$
F99(B
$B$J$k967b$,2C$($i$l$k2DG=@-$,$"$j$^$9!#(B

25. SLocate Local Database Corruption Vulnerability
BugTraq ID: 14640
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14640
$BMWLs(B:
slocate $B$K$O%m!<%+%k$G%G!<%?%Y!<%9$,GK2u$5$l$k2DG=@-$,$"$j$^$9!#$3$NLdBj(B
$B$O%G%#%l%/%H%j$*$h$S%U%!%$%kL>$NM=4|$5$l$J$$F~NOCM$N=hM}$,<:GT$9$k$3$
H$K(B
$BM3Mh$7$^$9!#(B

$B$3$NLdBj$O0U?^E*$K:n@.$5$l$?%G%#%l%/%H%j9=B$$N%$%s%G%C%/%92=$,;n9T$5$
l$k(B
$B$H$-$K0z$-5/$3$5$l$^$9!#%G%#%l%/%H%j9=B$$N=hM}$,<:GT$7%$%s%F%C%/%92=%
W%m(B
$B%;%9$r40N;$G$-$^$;$s!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F!"%$%s%G%C%/%92=%W%m%;%9$,40N;$;$
:$K(B
$B<:GT$9$k$h$&$K;E8~$1$k$3$H$,$G$-$k$N$G!"IT40A4$J%G!<%?%Y!<%9$,:n@.$5$
l$^(B
$B$9!#%G!<%?%Y!<%9$,%;%-%e%j%F%#!"%P%C%/%"%C%W$J$I$N=EMW$J5!G=$G;HMQ$5$
l$k(B
$B$H!"IT40A4$J%G!<%?$K$h$j0MB8$9$k%5!<%S%9$KLdBj$,@8$8$k2DG=@-$,$"$j$^$
9!#(B

slocate 2.7 $B$K$*$$$F$3$NLdBj$,Js9p$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A(B
$B$r<u$1$k2DG=@-$,$"$j$^$9!#(B

26. SaveWebPortal Multiple Remote File Include Vulnerabilities
BugTraq ID: 14641
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14641
$BMWLs(B:
SaveWebPortal $B$K$O!"%j%b!<%H$+$i%U%!%$%k$r%$%s%/%k!<%I2DG=$JJ#?t$NLdBj$,(B
$BB8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%
?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"(BWeb $B%5!<%P%W%m%;%9$N8"8B$GLdBj$N$"$k%3%s(B
$B%T%e!<%?>e$GG$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$
^$9!#(B
$B$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

27. SaveWebPortal Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 14642
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14642
$BMWLs(B:
SaveWebPortal $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%
$%:(B
$B=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"I8E
*$H(B
$B$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$
9$k(B
$B2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N96(B
$B7b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

28. SaveWebPortal Multiple Directory Traversal Vulnerabilities
BugTraq ID: 14643
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14643
$BMWLs(B:
SaveWebPortal $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k$K4XO"$9$kJ#?t$NLdBj$,B8:_$9(B
$B$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM
}$,(B
$BE,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$,MxMQ$5$l$k$3$H$K$h$j!"5!L)@-$*$h$S@09g@-$,B;$J$o$l$k2DG=@-$
,$"(B
$B$j$^$9!#<hF@$5$l$?>pJs$O!"%P%C%/%(%s%I%7%9%F%`$KBP$7$F99$J$k967b$r;n$
_$k(B
$B$?$a$N<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#B>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$
"$j(B
$B$^$9!#(B

$B$^$?!"967b<T$O$3$NLdBj$rMxMQ$7$F%m!<%+%k$NG$0U$N(B PHP $B%U%!%$%k$r<B9T$G$-(B
$B$^$9!#$3$NLdBj$N1F6A$OMxMQ2DG=$J(B PHP $B%U%!%$%k$K$h$C$F0[$J$j$^$9!#(B

29. Ventrilo Status Requests Denial Of Service Vulnerability
BugTraq ID: 14644
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14644
$BMWLs(B:
Ventrilo $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j(B
$B$^$9!#$3$NLdBj$ONc30E*$J>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$
9!#(B

$BLdBj$NMxMQ$,@.8y$9$k$H!"%=%U%H%&%'%"$,=*N;$7@55,%f!<%6$X$N%5!<%S%95qH
]$,(B
$B0z$-5/$3$5$l$^$9!#(B

30. ZipTorrent Proxy Server Password Disclosure Vulnerability
BugTraq ID: 14645
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14645
$BMWLs(B:
ZipTorrent $B$O%;%-%e%j%F%#>e$NLdBj$N1F6A$r<u$1$^$9!#$3$l$K$h$j%m!<%+%k$N(B
$B967b<T$O!"LdBj$N1F6A$r<u$1$k%f!<%6$N%W%m%-%7%5!<%P$N%Q%9%o!<%I$r<hF@$
9$k(B
$B$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$K$h$j!"=EMW>pJs$N3+<($J$I!"LdBj$N1F6A$r<u$1$k%f!<%6$KBP$9$k$
5$^(B
$B$6$^$J967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

ZipTorrent 1.3.7.3 $B$K$*$$$F$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s(B
$B$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

31. Mercora IMRadio Plaintext Password Disclosure Weakness
BugTraq ID: 14646
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-23
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14646
$BMWLs(B:
Mercora IMRadio $B$K$O!"J?J8$N%Q%9%o!<%I$,3+<($5$l$k5?$$$,$"$j$^$9!#$3$N%"(B
$B%W%j%1!<%7%g%s$N%l%8%9%H%j%-!<$O$$$+$J$kJ}K!$G$b0E9f2=$^$?$OHsI=<($K$
5$l(B
$B$^$;$s!#(B

$B%m!<%+%k$N967b<T$O%m!<%+%k$N4IM}<T$K$h$k%-!<%\!<%I!"(BCRT$B!"$*$h$S
%^%&%9$N(B
$BA`:n$r4F;k$7!"LdBj$N$"$k%"%W%j%1!<%7%g%s$NB>$N%f!<%6$N%f!<%6L>$*$h$S%
Q%9(B
$B%o!<%I$r<hF@$9$k2DG=@-$,$"$j$^$9!#DL>o$N%f!<%6%"%+%&%s%H$K$O!"$3$l$i$
N%l(B
$B%8%9%H%j%-!<$rFI$_<h$k5!G=$,$J$$E@$KN10U$9$Y$-$G$9!#(B

$B967b<T$,2?$i$+$NJ}K!$K$h$C$F4IM}<T8"8B$r<hF@$7$?>l9g$O!"$3$l$i$N%f!<%
6L>(B
$B$*$h$S%Q%9%o!<%I$r1\Mw$7$F5-O?$7!"LdBj$N$"$k%3%s%T%e!<%?$KBP$7$F99$J$
k96(B
$B7b$r;E3]$1$k$3$H$,2DG=$H$J$j$^$9!#(B

32. HAURI Anti-Virus ACE Archive Handling Remote Buffer Overflow Vulnerability
BugTraq ID: 14647
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14647
$BMWLs(B:
HAURI Anti-Virus $B$O%j%b!<%H$+$i$N967b$K$h$j!"(BACE $B%"!<%+%$%V$r=hM}$9$k$H(B
$B$-$K%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O0U?^E*$K:n@.$7$?%U%!%$%kL>$r4^$`0-0U$"$k(B ACE $B%"!<%+%$%V$r:n@.$7!"(B
$B$3$N%"!<%+%$%V$rLdBj$N$"$k%3%s%T%e!<%?$KAw?.$9$k$3$H$K$h$j!"$3$NLdBj$
rMx(B
$BMQ$G$-$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"4IM}<T$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G%j%b!
<%H(B
$B$+$iIT@5$K%"%/%;%9$9$k2DG=@-$,$"$j$^$9!#(B

33. PADL Software PAM_LDAP Authentication Bypass Vulnerability
BugTraq ID: 14649
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14649
$BMWLs(B:
PAM_LDAP $B$K$O!"?7$7$$%Q%9%o!<%I%]%j%7$K$h$k4IM}5!G=$r;HMQ$9$k$H$-$KG'>Z(B
$B$,2sHr$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$OK\Mh5v2D$5$l$J$$%f!<%6$,G'>Z$r2
sHr(B
$B$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

PAM_LDAP build 169 $B$+$i(B build 179 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,(B
$BJs9p$5$l$F$$$^$9!#(B

34. SqWebMail File Attachment Script Injection Vulnerability
BugTraq ID: 14650
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14650
$BMWLs(B:
SqWebMail $B$K$O!"E:IU%U%!%$%k$r4^$`EE;R%a!<%k$K4XO"$9$kLdBj$,B8:_$9$k5?$$(B
$B$,$"$j$^$9!#(B

$B$3$NLdBj$NMxMQ$,@.8y$9$k$H!"I8E*%"%+%&%s%H$N%;%-%e%j%F%#%3%s%F%-%9%HF
b$G(B
$B0-0U$"$k%9%/%j%W%H%3!<%I$,<B9T$5$l$F$7$^$$$^$9!#967b<T$,Ds6!$9$k0-0U$
"$k(B
$B%3!<%I$O!"I8E*$HF1MM$KEE;R%a!<%k%a%C%;!<%8$NAw?.$d1\Mw$J$I$N5!G=$r<B9
T$G(B
$B$-$^$9!#$5$i$K!"B>$N967b$,2C$($i$l$k2DG=@-$b$"$j$^$9!#(B

35. WebCalendar Send_Reminders.PHP Remote File Include Vulnerability
BugTraq ID: 14651
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14651
$BMWLs(B:
WebCalendar $B$K$O!"%j%b!<%H$+$i%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$
3$H(B
$B$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$
,$"(B
$B$j$^$9!#$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

36. MPlayer Audio Header Buffer Overflow Vulnerability
BugTraq ID: 14652
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14652
$BMWLs(B:
MPlayer $B$O!"%P%C%U%!%*!<%P!<%U%m!<$NLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"%f!<(B

$B%6$,;XDj$7$?J8;zNs$r8GDjD9$N%W%m%;%9%P%C%U%!$K%3%T!<$9$kA0$K!"J8;zNsD
9$N(B
$BBEEv@-3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O%X%C%@Fb$K2aEY$KD9$$CM$r4^$`2;@<%9%H%j!<%`$,=hM}$5$l$k$H$-$
K0z(B
$B$-5/$3$5$l$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$r<B9T$9$k%f!<%
6$N(B
$B8"8B$GG$0U$N%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"IT@5%"%/%;%
9$d(B
$B8"8B>:3J$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

37. Home Ftp Server Multiple Vulnerabilities
BugTraq ID: 14653
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14653
$BMWLs(B:
Home Ftp Server $B$O!"J#?t$NLdBj$N1F6A$r<u$1$^$9!#$3$l$i$NLdBj$O!"%m!<%+%k(B
$B$N967b<T$,=EMW$J>pJs$r3+<($7$?$j!"%j%b!<%H$N967b<T$,%G%#%l%/%H%j%H%i%
P!<(B
$B%5%k967b$r<B9T$7$?$j$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

Home Ftp Server 1.0.7 b45 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l(B
$B$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

38. PAFileDB Auth.PHP SQL Injection Vulnerability
BugTraq ID: 14654
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14654
$BMWLs(B:
paFileDB $B$K$O(B SQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<%6$,;XDj(B
$B$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B(B
$B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$,MxMQ$5$l$k$H!"%=%U%H%&%'%"$KBP$9$k6<0R$,>7$+$l$?$j!"%;%C%7%
g%s(B
$B$N%O%$%8%c%C%/$d%P%C%/%(%s%I%G!<%?%Y!<%9$KBP$9$k967b$r<B9T$7$?$j$9$k$
3$H(B
$B$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#$=$NB>$N967b$,<B9T$5$l$k2DG=@-$b$"$
j$^(B
$B$9!#(B

39. LeapFTP Client LSQ File Remote Buffer Overflow Vulnerability
BugTraq ID: 14655
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14655
$BMWLs(B:
LeapFTP $B%/%i%$%"%s%H$K$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<(B
$B$,H/@8$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$O0U?^E*$K:n@.$5$l$?(B LeapFTP Site Queue (.lsq) $B%U%!%$%k$,=hM}$5(B
$B$l$k$H$-$K0z$-5/$3$5$l$^$9!#(B

$B%j%b!<%H$N967b<T$O!"$3$N%"%W%j%1!<%7%g%s$r<B9T$9$k%f!<%6$N%;%-%e%j%F%
#%3(B
$B%s%F%-%9%HFb$GIT@5%"%/%;%9$r9T$&2DG=@-$,$"$j$^$9!#(B

LeapFTP 2.7.6.612 $BL$K~$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

40. QNX RTOS InputTrap Local Arbitrary File Disclosure Vulnerability
BugTraq ID: 14656
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14656
$BMWLs(B:
QNX RTOS $B$K$O!"G$0U$N%m!<%+%k%U%!%$%k$,3+<($5$l$k2DG=@-$,$"$j$^$9!#$3$N(B
$BLdBj$O(B 'inputtrap' $B%f!<%F%#%j%F%#$G%"%/%;%9%3%s%H%m!<%k$K$h$k@)8B$,E,@Z(B
$B$K<BAu$5$l$F$$$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O%m!<%+%k$N0-0U$"$k%f!<%6$,4IM}<T8"8B$GG$0U$N%U%!%$%k$NFbMF$
K%"(B
$B%/%;%9$7!"99$J$k967b$N<j=u$1$H$9$k$3$H$r5v$7$F$7$^$$$^$9!#(B

QNX RTOS 6.1 $B$*$h$S(B 6.3 $B$K$*$$$F$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g(B
$B%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O(B BID 4901 $B$K<($5$l$F$$$kLdBj(B
$B$KN`;w$7$F$$$^$9!#(B

41. Foojan PHPWeblog Html Injection Vulnerability
BugTraq ID: 14658
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14658
$BMWLs(B:
Foojan PHPWeblog $B$K$O(B HTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<(B
$B%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$
9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$O!"LdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(BCookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

42. Tor Cryptographic Handshake Remote Information Disclosure Vulnerability
BugTraq ID: 14659
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14659
$BMWLs(B:
Tor $B$K$O%j%b!<%H$+$i>pJs$,3+<($5$l$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O(B
Diffie-Hellman $B808r49%W%m%H%3%k$N<BAu$K$*$1$kITHw$KM3Mh$7$^$9!#(B

$B6qBNE*$K$O!"(BDiffie-Hellman $B808r49$G;HMQ$5$l$kFCDj$NCM$,%;%-%e%j%F%#>eIT(B
$BE,@Z$G$"$j!"$3$N$h$&$JCM$,;HMQ$5$l$k$H<h$j8r$o$5$l$?0E9f80$K967b<T$,%
"%/(B
$B%;%9$G$-$k$h$&$K$J$j$^$9!#(B

$B$3$NLdBj$O(B Tor $B%5!<%P$H%/%i%$%"%s%H$N4V$NDL?.$r0E9f2=$9$k$?$a$K;HMQ$5$l(B
$B$k!"<h$j8r$o$5$l$?80$KBP$7$F!"967b<T$,%"%/%;%9$9$k$3$H$r5v$7$F$7$^$$$
^$9!#(B
$B$3$l$O967b<T$,(B Tor $B%M%C%H%o!<%/>e$GI8E*%f!<%6$+$iAw?.$5$l$k$9$Y$F$N%H%i(B
$B%U%#%C%/$rFI$_=P$7$?$j2~$6$s$7$?$j$9$k$3$H$r5v$7$F$7$^$$$^$9!#$3$NLdB
j$N(B
$BMxMQ$K$h$j!"%M%C%H%o!<%/$NF?L>@-!"5!L)@-!"$*$h$S@09g@-$,B;$J$o$l$^$9!
#(B

43. Apache CGI Byterange Request Denial of Service Vulnerability
BugTraq ID: 14660
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14660
$BMWLs(B:
Apache $B$K$OBg$-$J(B CGI $B%P%$%H%l%s%8$r;}$D%j%/%(%9%H$N=hM};~$K%5!<%S%9ITG=(B
$B>uBV$K4Y$k5?$$$,$"$j$^$9!#(B

44. Linux Kernel 64 Bit ELF Header Processing Memory Leak Local Denial Of Service Vulnerability
BugTraq ID: 14661
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14661
$BMWLs(B:
64 $B%S%C%H$N(B x86 $B%W%i%C%H%U%)!<%`>e$GF0:n$9$k(B Linux Kernel $B$K$*$$$F!"(BELF
$B%X%C%@=hM}5!G=$,%m!<%+%k$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj$N1
F6A(B
$B$r<u$1$^$9!#(B

$B967b$,@.8y$9$k$H!"%m!<%+%k$N967b<T$,%+!<%M%k$N%5!<%S%9ITG=>uBV$r0z$-5
/$3(B
$B$92DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$O(B BID 11846 (Linux Kernel 64 Bit ELF Header Local Denial Of
Service Vulnerability) $B$K<($5$l$F$$$kLdBj$K4XO"$7$F$$$k2DG=@-$,$"$j$^$9!#(B
$B$3$l$K$D$$$F$O>pJsITB-$K$h$j8=;~E@$G$OL$8!>Z$G$9!#99$J$kJ,@O$K$h$j$3$
l$i(B
$B$NLdBj$,F10l$G$"$k$3$H$,L@$i$+$K$J$C$?>l9g$O!"$3$N(B BID $B$OGK4~$5$l$^$9!#(B

45. HP OpenView Network Node Manager Multiple Remote Command Execution Vulnerabilities
BugTraq ID: 14662
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14662
$BMWLs(B:
HP OpenView Network Node Manager $B$K$O!"%j%b!<%H$+$iG$0U$N%3%^%s%I$r<B9T(B
$B2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$O(B 'system()' $B4X?t$H0l=o$K<B9T$5$l$k%3%^%s%I$G!"$5$^$6$^$J%9(B
$B%/%j%W%H$N%f!<%6@lMQ$N(B 'node' URI $B%Q%i%a!<%?$,;HMQ$5$l$k$H$-$K0z$-5/$3$5(B
$B$l$^$9!#(B

$B$3$l$i$NLdBj$K$h$j!"LdBj$N$"$k%3%s%T%e!<%?$N(B Web $B%5!<%P$N%;%-%e%j%F%#%3(B
$B%s%F%-%9%HFb$G!"%j%b!<%H$+$iIT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$
^$9!#(B

Solaris $B%W%i%C%H%U%)!<%`8~$1$N%P!<%8%g%s(B 6.41 $B$*$h$S(B7.5 $B$K$*$$$F!"$3$l$i(B
$B$NLdBj$N1F6A$r<u$1$^$9!#(BMicrosoft Windows $B%W%i%C%H%U%)!<%`8~$1$N%Q%C%1!<(B
$B%8$b1F6A$r<u$1$^$9$,!"%P!<%8%g%s$OITL@$G$9!#$=$NB>$N%P!<%8%g%s$*$h$S%
W%i%C(B
$B%H%U%)!<%`$,LdBj$N1F6A$r<u$1$k2DG=@-$b$"$j$^$9!#(B

46. HP-UX Veritas File System Unauthorized Data Access Vulnerability
BugTraq ID: 14663
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-08-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14663
$BMWLs(B:
HP-UX $B$O%;%-%e%j%F%#>e$NLdBj$N1F6A$r<u$1$^$9!#%m!<%+%k$NK\Mh5v2D$5$l$F$$(B

$B$J$$%f!<%6$,@x:_E*$K=EMW$J%G!<%?$K%"%/%;%9$9$k$3$H$r5v$7$F$7$^$&2DG=@
-$,(B
$B$"$j$^$9!#(B

$B$3$NLdBj$O(B Veritas File System (VxFS) $B$r2TF0$9$k(B HP-UX $B%7%9%F%`$G0z$-5/(B
$B$3$5$l$^$9!#(B

$B967b$,@.8y$9$k$H!"=EMW$J>pJs$,3+<($5$l!"LdBj$N$"$k%3%s%T%e!<%?$KBP$7$
F99(B
$B$J$k967b$r;n$_$k$?$a$N<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#(B

47. Quake 2 Lithium II Mod Memory Corruption Vulnerability
BugTraq ID: 14664
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14664
$BMWLs(B:
Quake 2 Lithium II Mod $B$O!"%a%b%j$rGK2u$5$l$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b$,@.8y$9$k$H!"967b<T$O%W%m%;%9%a%b%j$rGK2u$7$FG$0U$N%3!<%I$r<B9T$
7!"(B
$B$=$N7k2L%j%b!<%H$+$i$NIT@5%"%/%;%9$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#
(B

$B$3$NLdBj$K$h$j%U%)!<%^%C%H%9%H%j%s%0967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$
^$9(B
$B$,!"$3$l$K$D$$$F8=;~E@$G$OL$8!>Z$G$9!#(B

Lithium II 1.24 $B$K$*$$$F$3$NLdBj$N1F6A$r<u$1$^$9!#(B

48. Astaro Security Linux HTTP CONNECT Unauthorized Access Weakness
BugTraq ID: 14665
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-25
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14665
$BMWLs(B:
Astaro Security Linux $B$K$O!"%j%b!<%H$N967b<T$,LdBj$N$"$k%3%s%T%e!<%?$NG$(B
$B0U$N%]!<%H$K@\B3$9$k$3$H$r5v$7$F$7$^$&5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$rB>$N967b$HAH$_9g$o$;$k$3$H$K$h$j!"@x:_E*$JLdBj$,MxMQ$5$l$k2
DG=(B
$B@-$,$"$j$^$9!#$3$N967b$K$h$j!"967b<T$,%"%W%j%1!<%7%g%s$K$h$C$F<BAu$5$
l$F(B
$B$$$k%"%/%;%9%3%s%H%m!<%k$r2sHr$9$k2DG=@-$,$"$j$^$9!#(B

Astaro Security Linux 6.001 $B$K$*$$$F$3$NLdBj$N5?$$$,$"$j$^$9!#(B

49. Simpleproxy Remote Syslog() Format String Vulnerability
BugTraq ID: 14666
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14666
$BMWLs(B:
simpleproxy $B$K$O%U%)!<%^%C%H%9%H%j%s%0$NLdBj$,B8:_$9$k$3$H$,Js9p$5$l$F$$(B
$B$^$9!#$3$NLdBj$O;XDj$5$l$?%U%)!<%^%C%H$KJQ49$7$F=PNO$r9T$&4X?t$G!"%f!
<%6(B
$B$,;XDj$7$?F~NOCM$r%U%)!<%^%C%H;XDj;R$H$7$F;HMQ$9$kA0$K!"F~NOCM$N%5%K%
?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$NMxMQ$,@.8y$9$k$H!"967b<T$,LdBj$N$"$k%3%s%T%e!<%?>e$K$*$$$FL
dBj(B
$B$N$"$k%Q%C%1!<%8$N8"8B$G!"G$0U$N%3!<%I$r<B9T$9$k$3$H$,5v$5$l$F$7$^$$$
^$9!#(B
$B$3$N%"%W%j%1!<%7%g%s$O!"8"8B$N$"$k(B TCP $B%]!<%H$N%W%m%-%7$H$7$F5!G=$9$k$?(B
$B$a!"4IM}<T$H$7$F<B9T$9$k>l9g$,$"$j$^$9!#(B

simpleproxy 3.4 $BL$K~$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js(B
$B9p$5$l$F$$$^$9!#(B

50. Simple PHP Blog Remote Arbitrary File Upload Vulnerability
BugTraq ID: 14667
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14667
$BMWLs(B:
Simple PHP Blog $B$K$O%j%b!<%H$+$iG$0U$N%U%!%$%k$,%"%C%W%m!<%I$5$l$k5?$$$,(B
$B$"$j$^$9!#(B

$B$3$NLdBj$O%j%b!<%H$N967b<T$,LdBj$N$"$k%5!<%P>e$G0-0U$"$k%9%/%j%W%H$J$
I$N(B
$BG$0U$N%U%!%$%k$r%"%C%W%m!<%I$7$?$j!"%9%/%j%W%H$r<B9T$7$?$j$9$k$3$H$r5
v$7(B
$B$F$7$^$&2DG=@-$,$"$j$^$9!#(B

Simple PHP Blog 0.4.0 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g(B
$B%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

51. Gallery Script Injection Vulnerability
BugTraq ID: 14668
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14668
$BMWLs(B:
Gallery $B$K$O%9%/%j%W%H$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<%6$,;XDj(B
$B$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B0-0U$"$k%f!<%6$O!"5?$$$r;}$?$J$$I8E*$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"
(BWeb
$B%V%i%&%6$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$
j!"(B
$BI8E*$N%V%i%&%6%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"(BCook
ie $B$K(B
$BM3Mh$9$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B99$J$k967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

52. PHPgraphy Script Injection Vulnerability
BugTraq ID: 14669
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14669
$BMWLs(B:
phpGraphy $B$K$O%9%/%j%W%H$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<%6$,;X(B
$BDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B0-0U$"$k%f!<%6$O!"5?$$$r;}$?$J$$I8E*$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"
(BWeb
$B%V%i%&%6$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$
j!"(B
$BI8E*$N%V%i%&%6%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"(BCook
ie $B$K(B
$BM3Mh$9$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B99$J$k967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

53. YaPig Script Injection Vulnerability
BugTraq ID: 14670
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14670
$BMWLs(B:
YaPig $B$K$O%9%/%j%W%H$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<%6$,;XDj$7(B

$B$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B0-0U$"$k%f!<%6$O!"5?$$$r;}$?$J$$I8E*$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"
(BWeb
$B%V%i%&%6$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$
j!"(B
$BI8E*$N%V%i%&%6%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"(BCook
ie $B$K(B
$BM3Mh$9$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B99$J$k967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

54. PhotoPost Script Injection Vulnerability
BugTraq ID: 14671
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14671
$BMWLs(B:
PhotoPost $B$K$O%9%/%j%W%H$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O%f!<%6$,;X(B
$BDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B0-0U$"$k%f!<%6$O!"5?$$$r;}$?$J$$I8E*$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"
(BWeb
$B%V%i%&%6$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$
j!"(B
$BI8E*$N%V%i%&%6%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"(BCook
ie $B$K(B
$BM3Mh$9$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B99$J$k967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

55. Nokia Affix BTSRV Device Name Remote Command Execution Vulnerability
BugTraq ID: 14672
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14672
$BMWLs(B:
Nokia Affix BTSRV $B$O%j%b!<%H$+$i%3%^%s%I$r<B9T2DG=$JLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O%G%P%$%9L>$r2p$7$FG$0U$N%3%^%s%I$r;XDj$7!"%5!<%S%9$N%;%-%e%j%
F%#(B
$B%3%s%F%-%9%HFb$G<B9T$9$k$3$H$,$G$-$^$9!#$3$N$?$a!"5!G=$,40A4$KB;$J$o$
l$k(B
$B2DG=@-$,$"$j$^$9!#(B

56. NTPD Insecure Privileges Vulnerability
BugTraq ID: 14673
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-08-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14673
$BMWLs(B:
ntpd $B$G$O8"8B$N%;%-%e%j%F%#$,E,@Z$G$J$$5?$$$,$"$j$^$9!#(B

$B$3$N%"%W%j%1!<%7%g%s$O8"8B$rIUM?$5$l$?%f!<%6$NM-8z$J%Q!<%_%C%7%g%s$G5
/F0(B
$B$5$l!"2?$i$+$N<jCJ$K$h$C$F6<0R$,>7$+$l$k$H!"967b<T$,99$J$k967b$r<B9T$
9$k(B
$B$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Zotob suspects arrested in Turkey and Morocco
$BCx<T(B: Robert Lemos
$B99?7(B: $BEv6I$O!":G6a$N(B Zotob $B%o!<%`$NG[?.$K4XM?$7$?5?$$$G%H%k%3?M$NCK$H%b(B
$B%m%C%3?M$NCK$rBaJa$7$^$7$?!#(B

http://www.securityfocus.com/news/11297

2. Storm brewing over SHA-1 as further breaks are found
$BCx<T(B: Robert Lemos
3 $BL>$NCf9q?M8&5f<T$O!"%I%-%e%a%s%H$NEE;R=pL>$KMQ$$$k0E9f2=5,3J$KBP$9$k9
6(B
$B7bJ}K!$r@:O#$7!"0E9f8&5f<T$K!"(BSecure Hash Algorithm (SHA) $B$N;HMQ$rB.$d$+(B
$B$K=*$o$i$;$kI,MW$,$"$k$N$G$O$J$$$+$H$$$&O@5D$rBw$7$F$$$^$9!#(B

http://www.securityfocus.com/news/11292

3. Plug-and-play bots worming and warring among Windows systems
$BCx<T(B: Robert Lemos
$B%\%C%I%=%U%H%&%'%"$r%Y!<%9$H$9$k?tB?$/$N0[$J$k%o!<%`$,!"%\%C%H%M%C%H$
r91(B
$B5W2=$5$;$kL\E*$G!"4{$K%;%-%e%j%F%#LdBj$rJz$($F$$$k(B Windows 2000 $B%7%9%F%`(B
$B$X$N967b$r3+;O$7$F$$$k$H!"%;%-%e%j%F%#$N@lLg2H$O7Y9p$7$F$$$^$9!#(BCN
N $B$d(B
New York Times $B$J$I$N$$$/$D$+$N4k6H$O%Q%C%A$NE,MQ$,CY$l$?$?$a$K4{$K46@w(B
$B$7$F$$$^$9!#(B

http://www.securityfocus.com/news/11285

4. Worm spreading through Microsoft Plug-and-Play flaw
$BCx<T(B: Robert Lemos
Zotob $B$H8F$P$l$k%3%s%T%e!<%?%&%$%k%9$O!"(BWindows $B%*%Z%l!<%F%#%s%0%7%9%F%`(B
$B$N(B Plug and Play $B5!G=$KB8:_$9$k%;%-%e%j%F%#>e$NLdBj$rMxMQ$7$F%3%s%T%e!<(B
$B%?$K46@w$7$^$9$,!"%;%-%e%j%F%#$N@lLg2H$?$A$O!":#2s$N967b$OA02s$NN.9T$
[$I(B
$B=EBg$J$b$N$G$O$J$$$H9M$($F$$$^$9!#(B

http://www.securityfocus.com/news/11281

5. Zotob arrests throws open trade in compromised PCs
$BCx<T(B: John Leyden
Zotob $B%o!<%`$K4XO"$7$F@h=5BaJa$5$l$?CK(B 2 $BL>$O!"B>$K$b(B 20 $B<oN`$N%&%$%k%9(B
$B$N:n@.$K4XM?$7$F$$$^$7$?!#(B

http://www.securityfocus.com/news/11299

6. Brazil cuffs 85 in online bank hack dragnet
$BCx<T(B: Lester Haines
$B%m%$%?!<DL?.<R$K$h$k$H!"%V%i%8%k$NO"K.7Y;!$O!"%*%s%i%$%s$N6d9T8}:B$KB
P$7(B
$B$F%O%C%-%s%0$r9T$$(B 3,300 $BK|%I%k$N%M%C%F%#%s%0$r9T$C$?MF5?$G!"(B7 $B$D$N=#$G(B
85 $B?M$rBaJa$7$^$7$?!#(B

http://www.securityfocus.com/news/11298

7. Polyglot IM worm targets MSN
$BCx<T(B: John Leyden
IM $B%M%C%H%o!<%/>e$G3H;6$9$k?7<o$N%o!<%`$O!"E,@Z$J8@8l$G%a%C%;!<%8$rAw?.
(B
$B$9$k$?$a$K!":G=i$K%7%9%F%`$N@_Dj$r%A%'%C%/$7$^$9!#(B

http://www.securityfocus.com/news/11295

8. The GIMP threatens PIN number security
$BCx<T(B: Lester Haines
Linux $B$N2hA|=hM}%W%m%0%i%`$G$"$k(B GIMP $B$O!"8D?M<1JLHV9f(B (PIN) $B$rM9Aw;~$K(B
$BK=$/$?$a$N%D!<%k$H$J$k2DG=@-$,$"$k$H$7$F!"=i$a$F;XE&$5$l$^$7$?!#(B

http://www.securityfocus.com/news/11296

--
$BK]Lu(B: LAC $BK]Lu%A!<%`(B
$B4F=$(B: $B>.3^8691M:(B (OGASAWARA Tsuneo)
LAC Co., Ltd.
http://www.lac.co.jp/index.html
0?l *?H?÷
?]0?Y10 +0 *?H?÷
?
û0?0?k9ÊT?þP"2þ2ÙÛû?0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
180518235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
?÷Îv\«??Ü?o49]?>kr,áÇ¢{@)¹x?ºLÅ£j^?n{ãòAf¾û®¢Î?ó¢4?´²¶$òåÕàÈåbm?{Ë¾»?|WÊð7©¯?î¾(?Ù&v ÍÄNð®Õ¾¯WjÐ BBBô
Ì¥x??&8?G0?0?kLÇêª?>qÓ?ø=:???0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
280801235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
©OÃ
Çg¾,ËÙ¨Í-uç~?;rë~ë\- ?Ökm`|å®Å#\JÐ¯±]óÇ¶
Ûà?
Ý¼Çv?µÝOÃ?u¸ÀæÉ[k¥¸?Ü¬¤ÝríN¡÷O¼ÓêÈdt{Â?A?esXñ?<j±?ÉÄ?¼ÏEmEân"?þ¼1\
èòÙ0?¶0? %îs<û ?U??{?í¿0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
020404000000Z
070403235959Z0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0?0
*?H?÷
0?¼+þîO×ùútüoÃøÊ?(v'È4 Ëªr-Éö?~?hòKïÉÿo½?îÓ??ÿ¨þîhU°¼ð°óåNhfisµ:V÷^uæo;êâd'\`?ÝÛ+·¼¶ª¡$)¯t¦?¯GöÕK~,e3îÛ¥<
KCp?ÙÙÂ??Äø(£¤0¡0Uÿ0ÿ0FU ?0=0;`?H?øE0,0*+https://www.verisign.co.jp/rpa0U
ÿ0 `?H?øB0 U0¤010UC1C2-1-40
*?H?÷
\?Ïh??¿ÏÓ_n²N>?Qs?e¢w ~ü v1?ÿîv4YVÊæGèãTÓÈ?Î?«bMo]?¸¢±?_K??Çó[m³#ÕcÑU*¿þ·ÄUò´o:?¿ê§q^/=¯?
?òt)ÿÌõ
?¬ÕÕ?ô÷7ªÔ?pd{0?10?? d2?7Åw?É??¹?b?ñ0
*?H?÷
0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0
050331000000Z
060331235959Z0ü10U
VeriSign Japan K.K.10UISP Service CA1503U,Terms of use at www.verisign.co.jp/rpa (c)011806U/Service Name - 5BF88D474BD2A6D3E7E073163F0C4D1210UHitachijoho10UTsuneo Ogasawara1!0 *?H?÷
t.ogaswr (at) lac.co (dot) jp0 [email concealed]?0
*?H?÷
0?¿*E´\2ÅÍóDíÐÏÇ~?+Ü=Ù&-u4)~è§ÊÇ2ÉnAàÙWÍØoÓÐûÊfÚq³.?³¥Hë¼ÀÚ×?!0¯6iÚ??±?rÙDÏdA[?Ùî?´q\~ãè?ú¨
Ä»ù?oÊi1¶+_ãr?#??>¥þ?IÁeA£ä0á0 U00EU >0<0:
`?H?øE0,0*+https://www.verisign.co.jp/rpa0U 0
`?H?øB?0ZUS0Q0O M K?Ihttp://onsitecrl.verisign.co.jp/VeriSi
gnJapanKKISPServiceCA/LatestCRL.crl0
`?H?øE ÿ0
*?H?÷
TMÎ¤©ýäøpßËµ"òÎ©,ÍË¶Q??`puÏ?¥?F?ÿ¬ãÅz?¸íñ²Oð)ô2ð$³q?âüý |øu
ßx©?Ì0³Jçjñ^9?^ p('?öC¦^ã=?øîÍ?&´ª.àTaxz4ÓÄÇ«<v?òY³QúÄ1?90?50Þ0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CAd2?7Åw?É??¹?b?ñ0 + ±0 *?H?÷
1 *?H?÷
0 *?H?÷
1
051221111700Z0# *?H?÷
1xâ{HIü!¹¶`.ÀS¿?ë¤#y0R *?H?÷
1E0C0
*?H?÷
0*?H?÷
?0+0
*?H?÷
@0
*?H?÷
(0
*?H?÷
?0²,½tj©ÏäYß£ ???6N^îû?Ò0¾4Ô¥O ½ÎË ¦??Ê?õwÆ?u°?G¯?á0êê=¡?¦
¼xð
JBÞ¬®Ób?U#òy à$»?èáW@÷Þ???~Sm?·
#4ÑÈGÃÖCl\R¾º<

[ reply ]