SecurityFocus

SecurityFocus Newsletter #318 2005-09-26->2005-09-30 Jan 20 2006 09:31AM
Tsuneo Ogasawara (t ogaswr lac co jp)

$B>.3^86(B@$B%i%C%/$G$9!#(B

SecurityFocus Newsletter $BBh(B 318 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

------------------------------------------------------------------------
---
BugTraq-JP $B$K4X$9$k(B FAQ ($BF|K\8l(B):
http://www.securityfocus.com/archive/79/description
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0l<!G[I[$5$l$F$$$^$9(B
$B!&(BBugTraq-JP $B$X$N;22CJ}K!!"C&B`J}K!$O$3$N(B FAQ $B$r$4;2>H$/$@$5$$(B
------------------------------------------------------------------------
---
SecurityFocus Newsletter $B%"!<%+%$%V(B ($B1Q8l(B):
http://www.securityfocus.com/archive/78
BugTraq $B$K4X$9$k(B FAQ ($B1Q8l(B):
http://www.securityfocus.com/archive/1/description
------------------------------------------------------------------------
---
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
$B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#
(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
$B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
$B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
------------------------------------------------------------------------
---
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^
(B
$B$9!#(B
------------------------------------------------------------------------
---
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
$BHG$r$4Ej9FD:$/$+!"4F=$<T(B (t.ogaswr (at) lac.co (dot) jp [email concealed]) $B$K$*CN$i$;$/$@$5$$!#(B
$B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
------------------------------------------------------------------------
---
This translation is encoded and posted in ISO-2022-JP.

$B86HG(B:
Date: Tue, 04 Oct 2005 16:10:09 -0600
Message-ID: <4342FDC1.9000200 (at) securityfocus (dot) com [email concealed]>

SecurityFocus Newsletter #318
-----------------------------

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
1. Can writing software be a crime?
2. Reducing browser privileges
3. Security-related innovation in Unix
II. BUGTRAQ SUMMARY
1. Interchange Multiple Vulnerabilities
2. AlstraSoft E-Friends Remote File Include Vulnerability
3. UNU Networks MailGust User_email.PHP SQL Injection Vulnerability
4. Wzdftpd SITE Command Arbitrary Command Execution Vulnerability
5. SEO-Board Admin.PHP SQL Injection Vulnerability
6. CMS Made Simple Index.PHP Cross-Site Scripting Vulnerability
7. Sony PSP Photo Viewer TIFF Image Handling Remote Buffer Overflow Vulnerability
8. Riverdark RSS Syndicator Module RSS.PHP Multiple Cross-Site Scripting Vulnerabilities
9. MultiTheftAuto Multiple Remote Vulnerabilities
10. RSyslog Syslog Message SQL Injection Vulnerability
11. Qpopper Local Arbitrary File Modification Vulnerability
12. RealNetworks RealPlayer And Helix Player Format String Vulnerability
13. FL Studio FLP File Processing Heap Overflow Vulnerability
14. SecureW2 Insecure Pre-Master Secret Generation Vulnerability
15. Nokia 3210 And 7610 Remote OBEX Denial Of Service Vulnerability
16. Sun Solaris Xsun and Xprt Local Privilege Escalation Vulnerability
17. Astaro Security Linux PPTP Server Unspecified Remote Denial of Service Vulnerability
18. LucidCMS Index.PHP Cross-Site Scripting Vulnerability
19. Novell GroupWise Client Local Integer Overflow Vulnerability
20. CJ LinkOut Top.PHP Cross-Site Scripting Vulnerability
21. CJ Tag Board Multiple Cross-Site Scripting Vulnerabilities
22. Linux Kernel USB Subsystem Local Denial Of Service Vulnerability
23. CJ Web2Mail Multiple Cross-Site Scripting Vulnerabilities
24. PHP Open_BaseDir Security Restriction Bypass Vulnerability
25. PostNuke PN_BBCode Local File Include Vulnerability
26. IBM AIX Getconf Local Buffer Overflow Vulnerability
27. TWiki TWikiUsers INCLUDE Function Remote Arbitrary Command Execution Vulnerability
28. Polipo Off-By-One Buffer Overflow Vulnerability
29. CubeCart Multiple Cross-Site Scripting Vulnerabilities
30. PHP-Fusion Messages.PHP SQL Injection Vulnerability
31. Zone Labs ZoneAlarm Pro DDE-IPC Advanced Program Control Bypass Weakness
32. BitDefender Antivirus Logging Function Format String Vulnerability
33. Microsoft Internet Explorer XmlHttpRequest Parameter Validation Weakness
34. Polipo Web Root Restriction Bypass Vulnerability
35. AbiWord RTF File Processing Buffer Overflow Vulnerability
36. SBLim-SFCB Malformed Header Denial Of Service Vulnerability
37. SquirrelMail Address Add Plugin Add.PHP Cross-Site Scripting Vulnerability
38. NateOn Messenger Arbitrary File Download And Buffer Overflow Vulnerabilities
39. Macromedia Breeze Plaintext Password Storage Weakness
40. lucidCMS Login SQL Injection Vulnerability
41. BackupNinja Insecure Temporary File Creation Vulnerability
42. NTLM Authorization Proxy Server Insecure Configuration File Permissions Vulnerability
43. IceWarp Multiple Cross-Site Scripting Vulnerabilities
44. 4D WebStar Remote IMAP Denial of Service Vulnerability
45. ApacheTop Insecure Temporary File Creation Vulnerability
46. Blender Command Line Processing Buffer Overflow Vulnerability
47. EasyGuppy Printfaq.PHP Directory Traversal Vulnerability
48. MediaWiki Multiple Cross-Site Scripting Vulnerabilities
49. Merak Mail Server Arbitrary File Deletion Vulnerability
50. Citrix MetaFrame Presentation Server Security Policy Bypass Vulnerability
51. Virtools Web Player Buffer Overflow Vulnerability
52. Virtools Web Player Directory Traversal Vulnerability
53. PHP-Fusion Multiple SQL Injection Vulnerabilities
54. ProZilla Buffer Overflow Vulnerability
55. GNU CFEngine Insecure Temporary File Creation Vulnerability
56. Bugzilla config.cgi Information Disclosure Vulnerability
57. Bugzilla User-Matching Information Disclosure Vulnerability
58. Procom Technology NetFORCE 800 Information Disclosure Vulnerability
III. SECURITYFOCUS NEWS
1. E-voting experts call for revised security guidelines
2. Digital plague hits online game World of Warcraft
3. Mozilla's popularity stressing its security image
4. Key clicks betray passwords, typed text
5. Political hackers deface Novell SUSE sites
6. Backdoor Trojan targets Microsoft Access
7. NetSky-P tops moribund malware chart
8. Warning over unattended PC peril

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
----------------------------

II.BUGTRAQ SUMMARY
--------------------
1. Interchange Multiple Vulnerabilities
BugTraq ID: 14931
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14931
$BMWLs(B:
Interchange $B$K$O!"J#?t$NLdBj$,B8:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B

$B0J2<$NLdBj$,H/8+$5$l$F$$$^$9!#(B

Interchange 5.2.0 $B$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$N1F6A$r<u$1$^$9!#967b$,@.(B
$B8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3+<($5$l$
?$j(B
$BA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%G!<%?%Y!
<%9(B
$B$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#(B

Interchange 5.0.1 $B$K$O!"(BInterchange Tag Language (ITL) $B$,A^F~$5$l$kLdBj(B
$B$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$K$h$j!"%;%C%7%g%s%O%$%8%c%C%/$,0z$
-5/(B
$B$3$5$l$k$^$?$O%5%$%H$N%3%s%F%s%D$,A`:n$5$l$k2DG=@-$,$"$j$^$9!#(B

2. AlstraSoft E-Friends Remote File Include Vulnerability
BugTraq ID: 14932
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14932
$BMWLs(B:
AlstraSoft E-Friends $B$O!"%j%b!<%H$+$i%U%!%$%k$r%$%s%/%k!<%I2DG=$JLdBj$N(B
$B1F6A$r<u$1$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$
,$"(B
$B$j$^$9!#$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

AlstraSoft E-Friends 4.0 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$(B
$B$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

3. UNU Networks MailGust User_email.PHP SQL Injection Vulnerability
BugTraq ID: 14933
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14933
$BMWLs(B:
MailGust $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$O!"(B'/gorum/user_email.php' $B%9%/%j%W%H$K%f!<%6$,;XDj$7$?F~NOCM$r(B
SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H
(B
$B$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

MailGust 1.9 $B$K$*$$$F!"$3$NLdBj$N5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B

4. Wzdftpd SITE Command Arbitrary Command Execution Vulnerability
BugTraq ID: 14935
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14935
$BMWLs(B:
wzdftpd $B$O%j%b!<%H$+$iG$0U$N%3%^%s%I$r<B9T2DG=$JLdBj$N1F6A$r<u$1$^$9!#(B

$B$3$l$K$h$j!"967b<T$,LdBj$N$"$k%5!<%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G%3%
^%s(B
$B%I$r<B9T$7!"IT@5%"%/%;%9$r<B9T$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$
9!#(B

wzdftpd 0.5.4 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$HJs9p$5$l$F$$$^$9!#$=$NB>(B
$B$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

5. SEO-Board Admin.PHP SQL Injection Vulnerability
BugTraq ID: 14936
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14936
$BMWLs(B:
SEO-Board $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?(B
$B%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

6. CMS Made Simple Index.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14937
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14937
$BMWLs(B:
CMS Made Simple $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j(B
$B$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$
5$l(B
$B$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$
"$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

CMS Made Simple 0.10 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$(B
$B$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

7. Sony PSP Photo Viewer TIFF Image Handling Remote Buffer Overflow Vulnerability
BugTraq ID: 14938
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14938
$BMWLs(B:
Sony PSP $B$K$O!"0U?^E*$K:n@.$5$l$?(B TIFF $B%U%!%$%k$,=hM}$5$l$k$H%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B

$B$3$NLdBj$NMxMQ$K@.8y$9$k$H!"%5!<%S%9ITG=>uBV$K4Y$k2DG=@-$,$"$j$^$9!#8
=;~(B
$BE@$G$O!"G$0U$N%3!<%I<B9T$N2DG=@-$K$D$$$F$O3NG'$G$-$F$$$^$;$s!#(B

$B%U%!!<%`%&%'%"(B 2.0 $B$GF0:n$9$k(B Sony PSP $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k(B
$B$HJs9p$5$l$F$$$^$9!#(B

8. Riverdark RSS Syndicator Module RSS.PHP Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14940
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14940
$BMWLs(B:
Riverdark RSS Syndicator Module $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"(B
$B$9$kJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$
7$?(B
$BF~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

9. MultiTheftAuto Multiple Remote Vulnerabilities
BugTraq ID: 14941
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14941
$BMWLs(B:
MultiTheftAuto $B$K$O!"J#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B0J2<$NLdBj$,H/8+$5$l$F$$$^$9!#(B

$BBh(B 1 $B$NLdBj$O!"967b<T$,4IM}MQ%U%!%$%k$KIT@5$K%"%/%;%9$9$k$3$H$r5v$7$F$7(B

$B$^$&2DG=@-$,$"$j$^$9!#(B

$BBh(B 2 $B$NLdBj$O!"967b<T$,%"%W%j%1!<%7%g%s$N%/%i%C%7%e$r%H%j%,$9$k$3$H$r5v(B

$B$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

MultiTheftAuto 0.5 patch 1 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$l$i$NLdBj$N1F6A(B
$B$r<u$1$^$9!#(B

10. RSyslog Syslog Message SQL Injection Vulnerability
BugTraq ID: 14942
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14942
$BMWLs(B:
RSyslog $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

11. Qpopper Local Arbitrary File Modification Vulnerability
BugTraq ID: 14944
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14944
$BMWLs(B:
Qpopper $B$O!"(BLinux $B$*$h$S(B Unix$B%Y!<%9$N%7%9%F%`$GMxMQ2DG=$J(B POP3 $B%a!<%k%5!<(B
$B%P$G$9!#(B

Qpopper $B$K$O!"G$0U$N%m!<%+%k%U%!%$%k$,2~$6$s$5$l$k2DG=@-$,$"$j$^$9!#$3$N(B
$BLdBj$O!"(Bsetuid root $B%S%C%H$,IUM?$5$l$F$$$k(B 'poppassd' $B%"%W%j%1!<%7%g%s$K(B
$B$*$$$F!"%U%!%$%k$N=hM}$,E,@Z$K9T$o$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F!"4IM}<T8"8B$GG$0U$N%U%!%$%k$N%Q!
<%_%C(B
$B%7%g%s$rJQ99$7$?$j!"%U%!%$%kFbMF$r>e=q$-$"$k$$$O2~$6$s$7$?$j$9$k2DG=@
-$,(B
$B$"$j$^$9!#$3$NLdBj$O!"2~$6$s$5$l$?%U%!%$%k$K$h$C$F!"%7%9%F%`$N%/%i%C%
7%e(B
$B$,0z$-5/$3$5$l$k!"$"$k$$$O967b<T$,8"8B$r>:3J$9$k$3$H$r5v$7$F$7$^$&2DG
=@-(B
$B$,$"$j$^$9!#(B

12. RealNetworks RealPlayer And Helix Player Format String Vulnerability
BugTraq ID: 14945
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14945
$BMWLs(B:
RealPlayer $B$*$h$S(B Helix Player $B$O!"%U%)!<%^%C%H%9%H%j%s%0$NLdBj$N1F6A$r(B
$B<u$1$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<
B9T(B
$B$5$l$J$$$3$H$KM3Mh$7$F$$$^$9!#$=$N$?$a!"%j%b!<%H$N967b<T$,;XDj$5$l$?%
U%)!<(B
$B%^%C%H$KJQ49$7$F=PNO$r9T$&4X?t$KBP$7$F=q<0;XDj;R$rD>@\;XDj$9$k$3$H$r5
v$7(B
$B$F$7$^$$$^$9!#(B

$B$3$NLdBj$NMxMQ$K@.8y$9$k$H!"%j%b!<%H$N967b<T$,LdBj$N$"$k%"%W%j%1!<%7%
g%s(B
$B$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k$3$H$r5v$7$
F$7(B
$B$^$$$^$9!#(B

Linux $BMQ$N(B RealPlayer 10.0 $B$+$i(B 10.0.5$B!"$*$h$S(B Helix Player 1.0 $B$+$i(B
1.0.5 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k5?$$$,$"$j$^$9!#(B

13. FL Studio FLP File Processing Heap Overflow Vulnerability
BugTraq ID: 14946
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14946
$BMWLs(B:
FL Studio $B$O!"%j%b!<%H$+$i$N967b$K$h$j%R!<%WNN0h$G%*!<%P!<%U%m!<$,H/@8$9(B
$B$kLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NO%G!<%?$r%5%$%
:$,(B
$BIT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$
J$$(B
$B$3$H$KM3Mh$7$^$9!#(B

FLP $B%U%!%$%k$K4^$^$l$F$$$k%f!<%6$,;XDj$7$?F~NO%G!<%?$N6-3&%A%'%C%/$K<:GT
(B
$B$9$k$?$a!"7k2L$H$7$F08@h%R!<%W%P%C%U%!$G%*!<%P!<%U%m!<$,H/@8$9$k2DG=@
-$,(B
$B$"$j$^$9!#$3$NLdBj$rMxMQ$9$k967b<T$O!"=EMW$J%a%b%j@)8f9=B$$NFbMF$r@)8
f$7!"(B
$BG$0U$N%a%b%jNN0h$KG$0U$N%G!<%?$r=q$-9~$`$3$H$,2DG=$H$J$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$r<B9T$9$k%f!<%
6$N(B
$B%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k2DG=@-$,$"$j$
^$9!#(B

FL Studio 5.0.1 $B$K$*$$$F!"$3$NLdBj$,Js9p$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s(B
$B$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

14. SecureW2 Insecure Pre-Master Secret Generation Vulnerability
BugTraq ID: 14947
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14947
$BMWLs(B:
SecureW2 $B$O!"(Bpremaster secret $B$N@8@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$J$$LdBj(B
$B$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"@_7W>e$NITHw$K$h$j!"0E9f2=A`:n$K$*$$$F@
H<e(B
$B$JMp?t$,;HMQ$5$l$k$3$H$KM3Mh$7$^$9!#(B

$BMp?t$r@8@.$9$k4X?t$N;HMQ$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$J$$$3$H$K$h$j!"$
=$N(B
$B8e$N%/%i%$%"%s%H(B - $B%5!<%P4V$NDL?.$,967b<T$K$h$C$FM=B,$5$l$F$7$^$&2DG=@-(B
$B$,$"$j$^$9!#$3$NLdBj$K$h$j!"(BEAP-TTLS $B%W%m%H%3%k$K4XO"$9$k%;%-%e%j%F%#%W(B
$B%m%Q%F%#$,B;$J$o$l!"7k2L$H$7$F$"$?$+$b0BA4$G$"$k$H$N8m2r$r>7$/2DG=@-$
,$"(B
$B$j$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k$3$H$K$h$j!"967b<T$O0E9f2=DL?.$NJ?J8$N%3%s%F%s%D$K%
"%/(B
$B%;%9$7!"99$J$k967b$N<j=u$1$H$7$FMxMQ$9$k2DG=@-$,$"$j$^$9!#$^$?!"%5!<%
P$H(B
$B%/%i%$%"%s%H$H$N4V$KF~$j!"$d$j<h$j$5$l$k>pJs$r2~$6$s$*$h$S@`<h$9$k967
b$J(B
$B$I!"$=$NB>$N967b$,9T$o$l$k2DG=@-$b$"$j$^$9!#(B

15. Nokia 3210 And 7610 Remote OBEX Denial Of Service Vulnerability
BugTraq ID: 14948
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14948
$BMWLs(B:
Nokia 3210 $B$*$h$S(B 7610 $B$NEEOC$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>u(B
$BBV$K4Y$kLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"%*%Z%l!<%F%#%s%0%7%9%F%`$,
(B
Bluetooth OBEX $BE>Aw$K$*$$$F%U%!%$%kL>$K4^$^$l$kFCDj$NJ8;z$N=hM}$K<:GT$9(B
$B$k$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k(B Nokia $B%G%P%$%9$,0J9_$N(B Bluetooth
OBEX $BDL?.$K1~Ez$7$J$$$h$&$K;E8~$1$k2DG=@-$,$"$j$^$9!#LdBj$N$"$kEEOC$,:F(B

$B5/F0$9$k$^$G!"DL?.$,$G$-$J$/$J$k2DG=@-$,$"$j$^$9!#(B

$BJ#?t$N%G%P%$%94V$G%3!<%I$,:FMxMQ$5$l$F$$$k$?$a!"B>$NEEOC$K$*$$$F$b$3$
NLd(B
$BBj$N1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

16. Sun Solaris Xsun and Xprt Local Privilege Escalation Vulnerability
BugTraq ID: 14949
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14949
$BMWLs(B:
Sun Solaris $B$K$O!"G$0U$N%3!<%I<B9T$K$h$C$F9b$$8"8B$N<hF@$r967b<T$K5v$7$F(B
$B$7$^$&LdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(BXsun $B%3%^%s%I$*$h$S(B Xprt
$B%3%^%s%I$rDL$8$FH/@8$7$^$9!#(B

17. Astaro Security Linux PPTP Server Unspecified Remote Denial of Service Vulnerability
BugTraq ID: 14950
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14950
$BMWLs(B:
Astaro Security Linux $B$N(B PPTP (Point-to-Point Tunneling Protocol) $B%5!<%P(B
$B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$kL$FCDj$NLdBj$N1F6
A$r(B
$B<u$1$^$9!#(B

$B%j%b!<%H$N967b<T$O!"0U?^E*$K:n@.$5$l$?%G!<%?$r(B PPTP $B%5!<%P$KAw?.$7!"%"%W(B
$B%j%1!<%7%g%s$r%/%i%C%7%e$5$;$k$3$H$K$h$j!"$3$NLdBj$rMxMQ$9$k2DG=@-$,$
"$k(B
$B$H?d;!$5$l$^$9!#(B

$B>\:Y$,ITL@$J$?$a!"99$J$k>pJs$O8=;~E@$G$ODs6!$5$l$F$$$^$;$s!#>\:Y$,8x3
+$5(B
$B$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

18. LucidCMS Index.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14951
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14951
$BMWLs(B:
LucidCMS $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$
"$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

19. Novell GroupWise Client Local Integer Overflow Vulnerability
BugTraq ID: 14952
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14952
$BMWLs(B:
Novell GroupWise Client $B$K$O!"%m!<%+%k$G$N967b$K$h$j@0?t%*!<%P!<%U%m!<$,(B
$BH/@8$9$k5?$$$,$"$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F%W%m%;%9%a%b%j$rGK2u$7!"%/%i%C%7%e$^$?$OG$0
U$N(B
$B%3!<%I<B9T$r0z$-5/$3$92DG=@-$,$"$j$^$9!#LdBj$N$"$k%7%9%F%`$N5!G=$,40A
4$K(B
$BB;$J$o$l$k2DG=@-$b$"$j$^$9!#(B

GroupWise 6.5.3 $B$K$*$$$F!"1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#$=$NB>$N%P!<(B
$B%8%g%s$bLdBj$N1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

20. CJ LinkOut Top.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14953
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14953
$BMWLs(B:
CJ LinkOut $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$
"$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

21. CJ Tag Board Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14954
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14954
$BMWLs(B:
CJ Tag Board $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

22. Linux Kernel USB Subsystem Local Denial Of Service Vulnerability
BugTraq ID: 14955
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14955
$BMWLs(B:
Linux Kernel $B$N(B USB $B%5%V%7%9%F%`$O!"%m!<%+%k$G$N967b$K$h$j%5!<%S%9ITG=>u(B
$BBV$K4Y$kLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"J#?t$N(B URB (USB $B%j%/%(%9%H%V%m%C(B
$B%/(B) $B$N=hM}$r;n$_$k$H$-$K!"M=4|$;$L>u67$,E,@Z$K=hM}$5$l$J$$$3$H$KM3Mh$7$^
(B
$B$9!#(B

$B$3$NLdBj$O!"LdBj$rJz$($k(B USB $B%5%V%7%9%F%`$,M-8z$K@_Dj$5$l$F$$$k%3%s%T%e!<(B
$B%?>e$G(B kernel 'Oops' $B$r%H%j%,$9$k$?$a$K!"%m!<%+%k%f!<%6$K$h$C$FMxMQ$5$l(B
$B$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"@55,%f!<%6$X$N%5!<%S%95qH]$r0z$-5/$3$
9$?(B
$B$a$KMxMQ$5$l$k2DG=@-$,$"$j$^$9!#(B

23. CJ Web2Mail Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14956
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14956
$BMWLs(B:
CJ Web2Mail $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=
hM}(B
$B$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$
"$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

24. PHP Open_BaseDir Security Restriction Bypass Vulnerability
BugTraq ID: 14957
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-27
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14957
$BMWLs(B:
PHP $B$K$O!"%Y!<%9%G%#%l%/%H%j0J30$N>l=j$K$"$k%G%#%l%/%H%j$X$NIT@5%"%/%;%9
(B
$B$K4XO"$9$kLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$O!"(B'open_basedir' $B%G%#%l%/%F%#%V$,=hM}$5$l$k$H$-$KH/@8$7$^$9!#(B

$B967b$,@.8y$9$k$H!";XDj$5$l$?%Y!<%9%G%#%l%/%H%j0J30$N%G%#%l%/%H%j$K%"%
/%;(B
$B%9$9$k$3$H$r967b<T$K5v$7$F$7$^$$$^$9!#$3$NLdBj$K$h$j>pJs$,3+<($5$l!"H
kL)(B
$B>pJs$X$NIT@5%"%/%;%9$r>7$/2DG=@-$,$"$j$^$9!#(B

PHP 4.4.0 $B$*$h$S(B 5.0.5 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$HJs9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

25. PostNuke PN_BBCode Local File Include Vulnerability
BugTraq ID: 14958
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14958
$BMWLs(B:
PostNuke $B$K$O!"%m!<%+%k$G%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$
3$H(B
$B$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$
,$"(B
$B$j$^$9!#$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$NG$0U$N%U%!%$%k$r(B Web $B%5!<(B
$B%P$N8"8B$GFI$_<h$k2DG=@-$,$"$k$3$H$bN10U$9$Y$-$G$9!#(B

26. IBM AIX Getconf Local Buffer Overflow Vulnerability
BugTraq ID: 14959
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14959
$BMWLs(B:
IBM AIX getconf $B$K$O!"%m!<%+%k$G$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/@8(B
$B$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$r%5%$%:$,==J,$
G$J(B
$B$$%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,<:GT$9$k$3$H$KM3Mh$7$
^$9!#(B

$BLdBj$N$"$k%"%W%j%1!<%7%g%s$,(B setuid root $B%S%C%H$,IUM?$5$l$F%$%s%9%H!<%k(B
$B$5$l$F$$$k$?$a!"967b$,@.8y$9$k$H4IM}<T8"8B$GG$0U$N%^%7%s%3!<%I$,<B9T$
5$l(B
$B$F$7$^$$$^$9!#(B

27. TWiki TWikiUsers INCLUDE Function Remote Arbitrary Command Execution
Vulnerability
BugTraq ID: 14960
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14960
$BMWLs(B:
$B$3$N%"%W%j%1!<%7%g%s$O!"%j%b!<%H$+$i%3%^%s%I$,<B9T$5$l$kLdBj$N1F6A$r<
u$1(B
$B$^$9!#(B

TWikiUsers $B%9%/%j%W%H$N%j%S%8%g%s@)8f5!G=$O!"(Bbacktick $B%7%'%k$N%a%?%-%c%i(B
$B%/%?$r;HMQ$7$F%3%^%s%I%i%$%s$r9=C[$7$^$9!#967b<T$O!"0U?^E*$K:n@.$5$l$
?(B
URI $B$r;HMQ$7$F!"%7%'%k$r2p$7$FG$0U$N%3%^%s%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#
(B

$B$3$N967b$O!"1F6A$r<u$1$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$
G0z(B
$B$-5/$3$5$l!"%j%b!<%H$+$i$NIT@5%"%/%;%9$r>7$/2DG=@-$,$"$j$^$9!#(B

28. Polipo Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 14961
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14961
$BMWLs(B:
Polipo $B$K$O!"0l$D$:$l$K$h$k%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"%5!<%S%9ITG=>uBV$r0z$-5/$3$92DG=@-$,$"$j$
^$9!#(B
$BG$0U$N%3!<%I$,<B9T$5$l$k2DG=@-$b$"$k$H?d;!$5$l$^$9!#(B

29. CubeCart Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14962
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14962
$BMWLs(B:
CubeCart $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kJ#?t$NLdBj$,B8:_(B
$B$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%
:=h(B
$BM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"I8E
*$H(B
$B$J$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N(B
$B967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

30. PHP-Fusion Messages.PHP SQL Injection Vulnerability
BugTraq ID: 14964
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14964
$BMWLs(B:
PHP-Fusion $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$N(B
$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

31. Zone Labs ZoneAlarm Pro DDE-IPC Advanced Program Control Bypass Weakness
BugTraq ID: 14966
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14966
$BMWLs(B:
ZoneAlarm Pro $B$K$O!"(BAdvanced Program Control $B5!G=$N@_Dj$r2sHr$9$k$3$H$r(B
$B5v$7$F$7$^$&LdBj$,B8:_$9$k5?$$$,$$$"$j$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"@)8B$N@_Dj$r2sHr$7!"5v2D$5$l$?%"%W%j%1!<%
7%g(B
$B%s$r;HMQ$7$F30It%=!<%9$K%G!<%?$rAw?.$G$-$^$9!#(B

$B99?7(B: $B%Y%s%@$O$3$NLdBj$rD4::$7!"$3$N967b$K$h$C$F(B Advanced Program
Control $B$,2sHr$5$l$k$3$H$O$J$$$H=R$Y$F$$$^$9!#$=$N$?$a!"$3$l$O%;%-%e%j%F%#(B

$B>e$NLdBj$G$O$J$$$H8+$J$5$l!"$3$N(B BID $B$OGK4~$5$l$^$7$?!#(B

32. BitDefender Antivirus Logging Function Format String Vulnerability
BugTraq ID: 14968
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14968
$BMWLs(B:
BitDefender Antivirus $B$O!"J#?t$N%W%i%C%H%U%)!<%`8~$1$NFH<+3+H/$5$l$?%"%s(B
$B%A%&%$%k%9@=IJ$G$9!#(B

BitDefender Antivirus $B$N%m%.%s%05!G=$O!"%U%)!<%^%C%H%9%H%j%s%0$NLdBj$N1F(B
$B6A$r<u$1$^$9!#$3$NLdBj$O!";XDj$5$l$?%U%)!<%^%C%H$KJQ49$7$F=PNO$r9T$&4
X?t(B
$B$G%f!<%6$,;XDj$7$?F~NOCM$r%U%)!<%^%C%H;XDj;R$H$7$F;HMQ$9$kA0$K!"F~NOC
M$N(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"G$0U$N%W%m%;%9%a%b%j$K=q$-9~$_!
"8"(B
$B8B$N>:3J$r0z$-5/$3$92DG=@-$,$"$j$^$9!#(B

Windows $BMQ$N(B BitDefender 7.2$B!"(B8$B!"$*$h$S(B 9 $B$K$*$$$F!"$3$NLdBj$,Js9p$5$l$^(B
$B$7$?!#$=$NB>$N%P!<%8%g%s$*$h$S%W%i%C%H%U%)!<%`$b1F6A$r<u$1$k2DG=@-$,$
"$j(B
$B$^$9!#(B

33. Microsoft Internet Explorer XmlHttpRequest Parameter Validation Weakness
BugTraq ID: 14969
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-24
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14969
$BMWLs(B:
Microsoft Internet Explorer $B$K$O!"(BXmlHttpRequest $B$KEO$5$l$k%Q%i%a!<%?$N(B
$BBEEv@-3NG'$,E,@Z$K9T$o$l$J$$$?$a!"G$0U$N(B HTTP $B%j%/%(%9%H$NA^F~$r5v$7$F$7(B
$B$^$&LdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B967b<T$O!"LdBj$N$"$k%3%s%H%m!<%k$r%$%s%9%?%s%92=$9$k(B Web $B%5%$%H$r:n@.$7!"(B
$BE>Aw%W%m%-%7$,;HMQ$5$l$k>l9g$KF10l%[%9%H$^$?$OJL$N%[%9%H>e$N%5%$%H$rM
W5a(B
$B$9$k$h$&$K%V%i%&%6$r;E8~$1$k2DG=@-$,$"$j$^$9!#<!$K!"967b<T$O1~Ez$rK5<
u$7(B
$B$F!"967b$r;n$_$k$?$a$N<j=u$1$H$J$k=EMW$J%G!<%?$r@`<h$9$k2DG=@-$,$"$j$
^$9!#(B

$B967b$,@.8y$9$k$H!"$=$N7k2L$H$7$F(B HTTP $B%j%/%(%9%H%9%^%0%j%s%0967b!"%5!<%P(B
$B$H%/%i%$%"%s%H$H$N4V$KF~$j!"$d$j<h$j$5$l$k>pJs$r2~$6$s$*$h$S@`<h$9$k9
67b!"(B
$B$*$h$S>pJs$NO31L$r>7$/2DG=@-$,$"$j$^$9!#(B

34. Polipo Web Root Restriction Bypass Vulnerability
BugTraq ID: 14970
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14970
$BMWLs(B:
Polipo $B$K$O!"(BWeb $BMQ$N%I%-%e%a%s%H%k!<%H0J30$N>l=j$K$"$k%U%!%$%k$X$N%"%/(B
$B%;%9$r5v2D$7$F$7$^$&LdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$N%"%W%j%1!<%7%g%
s$,(B
$B860x$G(B Web $B%5!<%P$,%m!<%+%k%k!<%H30$N>l=j$K$"$k%U%!%$%k$r3+<($7$F$7$^$&(B
$B2DG=@-$,$"$k$3$H$r=|$-!"$3$NLdBj$K4X$9$k>pJs$O$[$H$s$I8x3+$5$l$F$$$^$
;$s!#(B
$B?7$?$J>pJs$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

$B$3$NLdBj$NMxMQ$K@.8y$9$k$H!">pJs$,O31L$9$k2DG=@-$,$"$j$^$9!#$3$N967b$
K$h(B
$B$jF~<j$5$l$?>pJs$O99$J$k967b$KMxMQ$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"$=$NB
>$N(B
$B967b$,9T$o$l$k2DG=@-$b$"$j$^$9!#(B

35. AbiWord RTF File Processing Buffer Overflow Vulnerability
BugTraq ID: 14971
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14971
$BMWLs(B:
AbiWord $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B

RTF $B%U%!%$%k$N%$%s%]!<%HCf$K%f!<%6$,;XDj$7$?%G!<%?$r%5%$%:$,IT==J,$J%a%b
(B
$B%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3M
h$7(B
$B$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$r<B9T$9$k%f!<%
6$N(B
$B%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k2DG=@-$,$"$j$
^$9!#(B

36. SBLim-SFCB Malformed Header Denial Of Service Vulnerability
BugTraq ID: 14972
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14972
$BMWLs(B:
sblim-sfcb $B$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"0U?^(B
$BE*$K:n@.$5$l$?%X%C%@$,E,@Z$K=hM}$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"@55,%f!<%6$X$N%5!<%S%95qH]$r>7$/$3$H$,$G$
-$^(B
$B$9!#(B

37. SquirrelMail Address Add Plugin Add.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 14973
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14973
$BMWLs(B:
SquirrelMail Address Add Plugin $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r(B
$B<u$1$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=
hM}(B
$B$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$
"$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

38. NateOn Messenger Arbitrary File Download And Buffer Overflow Vulnerabilities
BugTraq ID: 14974
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14974
$BMWLs(B:
NateOn Messenger $B$O!"G$0U$N%U%!%$%k$,%@%&%s%m!<%I$5$l$kLdBj$*$h$S%P%C%U%!(B
$B%*!<%P!<%U%m!<$,H/@8$9$kLdBj$N1F6A$r<u$1$^$9!#$3$l$i$NLdBj$O!"$3$N%"%
W%j(B
$B%1!<%7%g%s$H$H$b$K%$%s%9%H!<%k$5$l$k(B NateonDownloadManager.ocx' ActiveX
$B%3%s%H%m!<%k$GH/@8$7$^$9!#(B

$B$3$l$i$NLdBj$rMxMQ$9$k967b<T$O!"1F6A$r<u$1$k(B ActiveX $B%3%s%H%m!<%k$K%"%/(B
$B%;%9$9$k%9%/%j%W%H%3!<%I$r4^$s$@0-0U$"$k(B HTML $B$r:n@.$9$k2DG=@-$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%j%b!<%H$N967b<T$,G$0U$N%j%b!<%H%U%!%$%k$rC%<h$7!"%m!<%+%
k%^(B
$B%7%s>e$KJ]B8$9$k$3$H$r5v$7$F$7$^$$$^$9!#(B

$B%P%C%U%!%*!<%P!<%U%m!<$NLdBj$O!"%j%b!<%H$N967b<T$,LdBj$N$"$k%=%U%H%&%
'%"(B
$B$r<B9T$9$k%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9
T$9(B
$B$k$3$H$r5v$7$F$7$^$$!"%j%b!<%H%7%9%F%`$KBP$9$k6<0R$r>7$/2DG=@-$,$"$j$
^$9!#(B

$B967b<T$O!"0-0U$"$k%3!<%I$rI8E*%f!<%6$KAw?.$7<B9T$9$k$?$a$K!"$3$l$i$NL
dBj(B
$B$rJ;MQ$9$k2DG=@-$,$"$j$^$9!#(B

39. Macromedia Breeze Plaintext Password Storage Weakness
BugTraq ID: 14975
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14975
$BMWLs(B:
Macromedia Breeze $B$O!"%*%s%i%$%s%H%l!<%K%s%0$*$h$SDL?.$N$?$a$N>&MQ%7%9%F(B
$B%`$G$9!#(B

Mercora Breeze $B$K$O!"J?J8$N%Q%9%o!<%I$NJ]4I$KLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%Q%9%o!<%I$N%j%;%C%H5!G=$K$*$1$k@_7W>e$NITHw$KM3Mh$7$
^$9!#(B

$B%f!<%6G'>ZMQ>pJs$KIT@5%"%/%;%9$9$k$?$a$K!"$3$NLdBj$H%[%9%H$K$*$1$kB>$
N@x(B
$B:_E*$JLdBj$,J;MQ$5$l$k2DG=@-$,$"$j$^$9!#J#?t$N%5!<%S%9$GG'>ZMQ>pJs$,:
FMx(B
$BMQ$5$l$k2DG=@-$,$"$k$?$a!"$5$i$J$k4m81$r$b$?$i$i$9MW0x$H$J$j$^$9!#(B

40. lucidCMS Login SQL Injection Vulnerability
BugTraq ID: 14976
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14976
$BMWLs(B:
lucidCMS $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B:G=*E*$K$3$NLdBj$rMxMQ$9$k967b<T$O!"4IM}<T8"8B$rC%<h$9$k2DG=@-$,$"$j$
^$9!#(B
$B$3$l$K$h$j!"%P%C%/%(%s%I%7%9%F%`$KBP$9$k6<0R$r>7$/2DG=@-$,$"$j$^$9!#B
>$N(B
$B967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

41. BackupNinja Insecure Temporary File Creation Vulnerability
BugTraq ID: 14978
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14978
$BMWLs(B:
backupninja $B$G$O!"0l;~%U%!%$%k$N:n@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$^$;$s!#(B
$B$3$NLdBj$O!"%m!<%+%k$N967b<T$,%7%s%\%j%C%/%j%s%/967b$r<B9T$9$k$3$H$r5
v$7(B
$B$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"=EMW$J%G!<%?$^$?$O@_Dj%U%!%$%k$,>e=q$-$5$l$k2DG=@-$
,$"(B
$B$j$^$9!#$3$l$K$h$j!"%5!<%S%9ITG=>uBV$K4Y$k2DG=@-$,$"$j$^$9!#$=$NB>$N9
67b(B
$B$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

42. NTLM Authorization Proxy Server Insecure Configuration File Permissions Vulnerability
BugTraq ID: 14979
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14979
$BMWLs(B:
NTLM Authorization Proxy Server (ntlmaps) $B$K$O!"@_Dj%U%!%$%k$N%Q!<%_%C%7%g(B
$B%s@_Dj$,E,@Z$K9T$o$l$J$$$3$H$K4XO"$9$kLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$
3$N(B
$BLdBj$O!"%$%s%9%H!<%k8e%9%/%j%W%H$N@_Dj$NITHw$KM3Mh$7$^$9!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F!"(Bntlmaps $B$,@\B3$9$k(B Microsoft
Windows NT $B%7%9%F%`$N%f!<%6L>$*$h$S%Q%9%o!<%I$rC%<h$9$k2DG=@-$,$"$j$^$9!#(B

43. IceWarp Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14980
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14980
$BMWLs(B:
IceWarp $B$K$O%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8:_$9$k5?(B
$B$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$
,E,(B
$B@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

44. 4D WebStar Remote IMAP Denial of Service Vulnerability
BugTraq ID: 14981
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14981
$BMWLs(B:
4D WebStar $B$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj$N1F6A(B
$B$r<u$1$^$9!#$3$NLdBj$ONc30E*$J>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3M
h$7(B
$B$^$9!#(B

$B$3$NLdBj$N860x$K4X$9$k>\:Y>pJs$O!"8=;~E@$G$O8x3+$5$l$F$$$^$;$s!#>\:Y>
pJs(B
$B$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

45. ApacheTop Insecure Temporary File Creation Vulnerability
BugTraq ID: 14982
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14982
$BMWLs(B:
ApacheTop $B$G$O!"0l;~%U%!%$%k$N:n@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$^$;$s!#$3(B
$B$NLdBj$O!"%m!<%+%k$N967b<T$,%7%s%\%j%C%/%j%s%/967b$r<B9T$9$k$3$H$r5v$
7$F(B
$B$7$^$&2DG=@-$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"=EMW$J%G!<%?$^$?$O@_Dj%U%!%$%k$,>e=q$-$5$l$k2DG=@-$
,$"(B
$B$j$^$9!#$3$l$K$h$j!"%5!<%S%9ITG=>uBV$K4Y$k2DG=@-$,$"$j$^$9!#$=$NB>$N9
67b(B
$B$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

46. Blender Command Line Processing Buffer Overflow Vulnerability
BugTraq ID: 14983
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14983
$BMWLs(B:
Blender $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B

$B%3%^%s%I%i%$%s0z?t$N=hM}Cf$K%f!<%6$,;XDj$7$?%G!<%?$r%5%$%:$,IT==J,$J%
a%b(B
$B%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3M
h$7(B
$B$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$r<B9T$9$k%f!<%
6$N(B
$B%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k2DG=@-$,$"$j$
^$9!#(B

Blender 2.37a $B$K$*$$$F!"$3$NLdBj$,Js9p$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b(B
$B1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

47. EasyGuppy Printfaq.PHP Directory Traversal Vulnerability
BugTraq ID: 14984
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14984
$BMWLs(B:
EasyGuppy $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^$9!#(B

$B$3$N%"%W%j%1!<%7%g%s$O!"(BHTTP POST $B%j%/%(%9%H$^$?$O(B Cookie $B$G;XDj$5$l$?F~(B
$BNOCM$rE,@Z$K%5%K%?%$%:=hM}$7$F$$$^$;$s!#(B

$B$3$NLdBj$,MxMQ$5$l$k$H!"5!L)@-$,<:$o$l!"G$0U$N%U%!%$%k$,967b<T$K3+<($
5$l(B
$B$k2DG=@-$,$"$j$^$9!#(B

48. MediaWiki Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 14987
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14987
$BMWLs(B:
MediaWiki $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8:_$9(B
$B$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=
hM}(B
$B$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N(B
$B967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

49. Merak Mail Server Arbitrary File Deletion Vulnerability
BugTraq ID: 14988
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14988
$BMWLs(B:
Merak Mail Server $B$O!"G$0U$N%U%!%$%k$,:o=|$5$l$kLdBj$N1F6A$r<u$1$^$9!#$3(B
$B$NLdBj$OF~NOCM$NBEEv@-3NG'$NITHw$KM3Mh$7$F$*$j!"%"%W%j%1!<%7%g%s$r<B9
T$9(B
$B$k(B Web $B%5!<%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G%U%!%$%k$r:o=|$9$k$3$H$r967b(B
$B<T$K5v$7$F$7$^$$$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"%G!<%?$NGKB;$KM3Mh$9$k%5!<%S%9ITG=>uBV$r0
z$-(B
$B5/$3$92DG=@-$,$"$j$^$9!#(B

Merak Mail Server 8.2.4r $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

50. Citrix MetaFrame Presentation Server Security Policy Bypass Vulnerability
BugTraq ID: 14989
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14989
$BMWLs(B:
Citrix MetaFrame Presentation Server $B$K$O!"%5!<%P%]%j%7$,2sHr$5$l$k5?$$(B
$B$,$"$j$^$9!#$3$NLdBj$O!"%"%W%j%1!<%7%g%s$,%]%j%7$r7hDj$9$k:]$K%/%i%$%
"%s(B
$B%H$,;XDj$7$?%G!<%?$r;HMQ$*$h$S?.Mj$7$F$$$k$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O!"(B'launch.ica' $B%U%!%$%k$N%3%s%F%s%D$rJQ99$9$k$3$H$K$h$C$F!"%;%-%e(B
$B%j%F%#%]%j%7$r2sHr$9$k2DG=@-$,$"$j$^$9!#(B

$B$3$l$K$h$j!"4IM}<T$K$h$C$FDj5A$5$l$?%;%-%e%j%F%#%]%j%7$r2sHr$9$k$3$H$
r96(B
$B7b<T$K5v$7$F$7$^$$!"99$J$k967b$r;n$_$k$?$a$N<j=u$1$H$J$k2DG=@-$,$"$j$
^$9!#(B

51. Virtools Web Player Buffer Overflow Vulnerability
BugTraq ID: 14990
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14990
$BMWLs(B:
Virtools Web Player $B$K$O%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$N6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$
3$H(B
$B$KM3Mh$7$^$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$FG$0U$N%3!<%I$r<B9T$7!"IT@5%"%/%;%
9$r(B
$B9T$&2DG=@-$,$"$j$^$9!#(B

52. Virtools Web Player Directory Traversal Vulnerability
BugTraq ID: 14991
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14991
$BMWLs(B:
Virtools Web Player $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j(B
$B$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$
5$l(B
$B$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$r;HMQ$9$k$3$H$K$h$j!"1F6A$r<u$1$k%"%W%j%1!<%7%g%s$N%
;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$GG$0U$N%U%!%$%k$r>e=q$-$9$k2DG=@-$,$"$j$^$9!#(B

53. PHP-Fusion Multiple SQL Injection Vulnerabilities
BugTraq ID: 14992
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-09-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14992
$BMWLs(B:
PHP-Fusion $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

54. ProZilla Buffer Overflow Vulnerability
BugTraq ID: 14993
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14993
$BMWLs(B:
ProZilla $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O!"%f!<%6$,;XDj$7$?F~NOCM$r%5%$%:$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$
kA0(B
$B$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$N%"%W%j%1!<%7%g%s$r<B9T$9$k%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0
U$N(B
$B%3!<%I$,<B9T$5$l$k2DG=@-$,$"$j$^$9!#(B

55. GNU CFEngine Insecure Temporary File Creation Vulnerability
BugTraq ID: 14994
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14994
$BMWLs(B:
GNU cfengine $B$K$O%;%-%e%j%F%#>eITE,@Z$K0l;~%U%!%$%k$,:n@.$5$l$k5?$$$,$"(B
$B$j$^$9!#$3$NLdBj$,MxMQ$5$l$k$H!"G$0U$N%U%!%$%k$,>e=q$-$5$l$k2DG=@-$,$
"$j(B
$B$^$9!#(B

56. Bugzilla config.cgi Information Disclosure Vulnerability
BugTraq ID: 14995
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14995
$BMWLs(B:
Bugzilla $B$K$O!"(Bconfig.cgi $B$r2p$7$F0z$-5/$3$5$l$k>pJsO31L$NLdBj$,B8:_$9$k(B
$B5?$$$,$"$j$^$9!#$3$NLdBj$O!"K\Mh8"8B$r;}$?$J$$%f!<%6$,HkL)$G$"$k$O$:$
N@=(B
$BIJL>$K%"%/%;%9$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

Bugzilla 2.18rc1 $B$+$i(B 2.18.3$B!"(B2.19 $B$+$i(B 2.20rc2$B!"$*$h$S(B 2.21 $B$K$*$$$F1F(B
$B6A$r<u$1$^$9!#(B

57. Bugzilla User-Matching Information Disclosure Vulnerability
BugTraq ID: 14996
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14996
$BMWLs(B:
Bugzilla $B$K$O!"%f!<%6%^%C%A5!G=$,M-8z$K$J$C$F$$$k$H$-$K>pJs$,O31L$9$kLd(B
$BBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"967b<T$,%7%9%F%`$N%f!<%6L>$rN
s5s(B
$B$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

Bugzilla 2.19.1 $B$+$i(B 2.20rc2$B!"$*$h$S(B 2.21 $B$K$*$$$F!"$3$NLdBj$,B8:_$9$k5?(B
$B$$$,$"$j$^$9!#(B

58. Procom Technology NetFORCE 800 Information Disclosure Vulnerability
BugTraq ID: 14997
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14997
$BMWLs(B:
Procom Technology NetFORCE 800 $B$K$O!">pJs$,3+<($5$l$k5?$$$,$"$j$^$9!#$3(B
$B$N%*%Z%l!<%F%#%s%0%7%9%F%`$O!"%Q%9%o!<%I%O%C%7%e$rJ?J8$N?GCGEE;R%a!<%
k%a%C(B
$B%;!<%8$GAw?.$7$F$7$^$$$^$9!#(B

NetFORCE 800 v4.02 M10 (Build 20) $B$K$*$$$F!"$3$NLdBj$,Js9p$5$l$^$7$?!#$=(B
$B$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

III.SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. E-voting experts call for revised security guidelines
$BCx<T(B: Robert Lemos
$BO"K.@/I\$N;q6b$G1?1D$5$l$F$$$kEjI<5;=Q@lLg2H$N%0%k!<%W$O!"JF9qA*5s;Y1
g0Q(B
$B0w2q$KBP$7!"A*5s%7%9%F%`$N0BA4@-$NI>2A%W%m%;%9$r2~A1$9$k$h$&$K5a$a$^$
7$?!#(B

http://www.securityfocus.com/news/11336

2. Digital plague hits online game World of Warcraft
$BCx<T(B: Robert Lemos
$B<+8JA}?#$,@)8B$5$l$F$$$k%2!<%`$N8z2L$,0-0U$"$k%2!<%^!<$K$h$C$FMxMQ$*$
h$S(B
$B3H;6$5$l!"%W%m%0%i%`$KEA@wG=NO$r;}$?$;$k$3$H$N4m81@-$r:]N)$?$;$F$$$^$
9!#(B

http://www.securityfocus.com/news/11330

3. Mozilla's popularity stressing its security image
$BCx<T(B: Robert Lemos
$B:G6a$NLdBj$N3+<(!"$*$h$SA}2C$9$k%;%-%e%j%F%#>e$NLdBj$rJs9p$7$?H>G/$K
(B 1
$BEY$N%l%]!<%H$K$h$j!"%*!<%W%s%=!<%9$N(B Firefox $B%V%i%&%6$N0BA4@-$,5?Ld;k$5(B
$B$l$F$$$^$9!#(B

http://www.securityfocus.com/news/11327

4. Key clicks betray passwords, typed text
$BCx<T(B: Robert Lemos
$B%f!<%6$N%?%$%WF~NO$r(B 10 $BJ,4V5-O?$9$k$@$1$G!"%3%s%T%e!<%?%-!<%\!<%I$KF~NO(B
$B$5$l$?C18l$N(B 90 % $B0J>e$r<}=8$G$-$k$3$H$,Bg3X$N8&5f<T$K$h$C$FJ,$+$j$^$7$?!#(B

http://www.securityfocus.com/news/11318

5. Political hackers deface Novell SUSE sites
$BCx<T(B: John Leyden
3 $B$D$N(B Novell OpenSUSE $B%3%_%e%K%F%#(B Web $B%5%$%H$NFbMF$,!"@/<#E*F05!$r;}$C(B
$B$?%O%C%+!<$?$A$K$h$C$FF|MKF|$K2~$6$s$5$l$^$7$?!#(B

http://www.securityfocus.com/news/11334

6. Backdoor Trojan targets Microsoft Access
$BCx<T(B: John Leyden
$B%&%$%k%9:n@.<T$O!"%Q%C%A$,E,MQ$5$l$F$$$J$$(B Microsoft Office $B$NLdBj$rMxMQ(B
$B$7$F(B Windows PC $B$r>h$C<h$k%H%m%$$NLZGO$r:n@.$7$^$7$?!#(B

http://www.securityfocus.com/news/11335

7. NetSky-P tops moribund malware chart
$BCx<T(B: John Leyden
$B%^%k%&%'%"$N:GA0@~$K$*$$$F!"%&%$%k%9%l%Y%k$,$3$N(B 1 $BG/$G:G$bDc$/!"(B
NetSky-P $B%o!<%`$,%&%$%k%9LBOG%A%c!<%H$N(B 1 $B0L$K5o:B$jB3$1$?(B 9 $B7n$O!"J?2:(B
$B$J(B 1 $B%v7n$H$J$j$^$7$?!#(B

http://www.securityfocus.com/news/11333

8. Warning over unattended PC peril
$BCx<T(B: John Leyden
$BJ|CV$5$l$F$$$k(B PC $B$OFbIt$+$i$N967b$NL\I8$H$J$j$D$D$"$k!"$H(B Gartner $B$O=R(B
$B$Y$F$$$^$9!#!VC/$+B>$N?M$,;d$N(B PC $B$r;H$C$?$K0c$$$J$$!W$H$$$&$N$,!"ITE,@Z(B
$B$J%*%s%i%$%s9TF0$rRk$a$i$l$?>l9g$NE57?E*$J8@$$Lu$H$J$C$F$$$k!"$H?d;!$
7$F(B
$B$$$^$9!#(B

http://www.securityfocus.com/news/11332

--
$BK]Lu(B: LAC $BK]Lu%A!<%`(B
$B4F=$(B: $B>.3^8691M:(B (OGASAWARA Tsuneo)
LAC Co., Ltd.
http://www.lac.co.jp/index.html
0?l *?H?÷
?]0?Y10 +0 *?H?÷
?
û0?0?k9ÊT?þP"2þ2ÙÛû?0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
180518235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
?÷Îv\«??Ü?o49]?>kr,áÇ¢{@)¹x?ºLÅ£j^?n{ãòAf¾û®¢Î?ó¢4?´²¶$òåÕàÈåbm?{Ë¾»?|WÊð7©¯?î¾(?Ù&v ÍÄNð®Õ¾¯WjÐ BBBô
Ì¥x??&8?G0?0?kLÇêª?>qÓ?ø=:???0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
280801235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
©OÃ
Çg¾,ËÙ¨Í-uç~?;rë~ë\- ?Ökm`|å®Å#\JÐ¯±]óÇ¶
Ûà?
Ý¼Çv?µÝOÃ?u¸ÀæÉ[k¥¸?Ü¬¤ÝríN¡÷O¼ÓêÈdt{Â?A?esXñ?<j±?ÉÄ?¼ÏEmEân"?þ¼1\
èòÙ0?¶0? %îs<û ?U??{?í¿0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
020404000000Z
070403235959Z0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0?0
*?H?÷
0?¼+þîO×ùútüoÃøÊ?(v'È4 Ëªr-Éö?~?hòKïÉÿo½?îÓ??ÿ¨þîhU°¼ð°óåNhfisµ:V÷^uæo;êâd'\`?ÝÛ+·¼¶ª¡$)¯t¦?¯GöÕK~,e3îÛ¥<
KCp?ÙÙÂ??Äø(£¤0¡0Uÿ0ÿ0FU ?0=0;`?H?øE0,0*+https://www.verisign.co.jp/rpa0U
ÿ0 `?H?øB0 U0¤010UC1C2-1-40
*?H?÷
\?Ïh??¿ÏÓ_n²N>?Qs?e¢w ~ü v1?ÿîv4YVÊæGèãTÓÈ?Î?«bMo]?¸¢±?_K??Çó[m³#ÕcÑU*¿þ·ÄUò´o:?¿ê§q^/=¯?
?òt)ÿÌõ
?¬ÕÕ?ô÷7ªÔ?pd{0?10?? d2?7Åw?É??¹?b?ñ0
*?H?÷
0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0
050331000000Z
060331235959Z0ü10U
VeriSign Japan K.K.10UISP Service CA1503U,Terms of use at www.verisign.co.jp/rpa (c)011806U/Service Name - 5BF88D474BD2A6D3E7E073163F0C4D1210UHitachijoho10UTsuneo Ogasawara1!0 *?H?÷
t.ogaswr (at) lac.co (dot) jp0 [email concealed]?0
*?H?÷
0?¿*E´\2ÅÍóDíÐÏÇ~?+Ü=Ù&-u4)~è§ÊÇ2ÉnAàÙWÍØoÓÐûÊfÚq³.?³¥Hë¼ÀÚ×?!0¯6iÚ??±?rÙDÏdA[?Ùî?´q\~ãè?ú¨
Ä»ù?oÊi1¶+_ãr?#??>¥þ?IÁeA£ä0á0 U00EU >0<0:
`?H?øE0,0*+https://www.verisign.co.jp/rpa0U 0
`?H?øB?0ZUS0Q0O M K?Ihttp://onsitecrl.verisign.co.jp/VeriSi
gnJapanKKISPServiceCA/LatestCRL.crl0
`?H?øE ÿ0
*?H?÷
TMÎ¤©ýäøpßËµ"òÎ©,ÍË¶Q??`puÏ?¥?F?ÿ¬ãÅz?¸íñ²Oð)ô2ð$³q?âüý |øu
ßx©?Ì0³Jçjñ^9?^ p('?öC¦^ã=?øîÍ?&´ª.àTaxz4ÓÄÇ«<v?òY³QúÄ1?90?50Þ0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CAd2?7Åw?É??¹?b?ñ0 + ±0 *?H?÷
1 *?H?÷
0 *?H?÷
1
060120093100Z0# *?H?÷
1m7?
ª?Ïu¤©Ã(uÏ?,àÆj0R *?H?÷
1E0C0
*?H?÷
0*?H?÷
?0+0
*?H?÷
@0
*?H?÷
(0
*?H?÷
?5?#ÊôyI§Ü?7ì?:Z¯?ì´it?Â·#ZÉRÒ3_Äÿ?È:rµ?eõ£ dÉ??dÃîl!ß*`¡:ÇÈ`(
bî"5À¶±HF>?J´U;NHº4?m8?'?½Ë?mçe??Ñ^»ZÁÄ,Ìx±ÏDÐì?M??¡Äñ¼~ãs

[ reply ]