$B>.3^86(B@$B%i%C%/$G$9!#(B

SecurityFocus Newsletter $BBh(B 319 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

------------------------------------------------------------------------
---
BugTraq-JP $B$K4X$9$k(B FAQ ($BF|K\8l(B):
http://www.securityfocus.com/archive/79/description
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0l<!G[I[$5$l$F$$$^$9(B
$B!&(BBugTraq-JP $B$X$N;22CJ}K!!"C&B`J}K!$O$3$N(B FAQ $B$r$4;2>H$/$@$5$$(B
------------------------------------------------------------------------
---
SecurityFocus Newsletter $B%"!<%+%$%V(B ($B1Q8l(B):
http://www.securityfocus.com/archive/78
BugTraq $B$K4X$9$k(B FAQ ($B1Q8l(B):
http://www.securityfocus.com/archive/1/description
------------------------------------------------------------------------
---
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
$B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#
(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
$B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
$B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
------------------------------------------------------------------------
---
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^
(B
$B$9!#(B
------------------------------------------------------------------------
---
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
$BHG$r$4Ej9FD:$/$+!"4F=$<T(B (t.ogaswr (at) lac.co (dot) jp [email concealed]) $B$K$*CN$i$;$/$@$5$$!#(B
$B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
------------------------------------------------------------------------
---
This translation is encoded and posted in ISO-2022-JP.

$B86HG(B:
Date: Tue, 11 Oct 2005 16:58:55 -0600
Message-ID: <434C43AF.4040107 (at) securityfocus (dot) com [email concealed]>

SecurityFocus Newsletter #319
-----------------------------

This Issue is Sponsored By: Qualys

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
1. Can writing software be a crime?
2. Reducing browser privileges
II. BUGTRAQ SUMMARY
1. ProZilla Buffer Overflow Vulnerability
2. GNU CFEngine Insecure Temporary File Creation Vulnerability
3. Bugzilla config.cgi Information Disclosure Vulnerability
4. Bugzilla User-Matching Information Disclosure Vulnerability
5. Procom Technology NetFORCE 800 Information Disclosure Vulnerability
6. Kaspersky Anti-Virus Library CAB Record Remote Heap Overflow Vulnerability
7. Weex Log_Flush() Function Remote Format String Vulnerability
8. DIA SVG File Import Remote Arbitrary Code Execution Vulnerability
9. Symantec AntiVirus Scan Engine Web Service Administrative Interface Buffer Overflow Vulnerability
10. Berkeley MPEG Tools Insecure Temporary File Creation Vulnerabilities
11. Hitachi Cosminexus Remote Information Disclosure Vulnerability
12. Gnome-PTY-Helper UTMP Hostname Spoofing Vulnerability
13. PHP-Fusion Multiple SQL Injection Vulnerabilities
14. MailEnable W3C Logging Buffer Overflow Vulnerability
15. UIM LibUIM Environment Variables Privilege Escalation Weakness
16. Microsoft Windows Wireless Zero Configuration Service Information Disclosure Vulnerability
17. University Of Washington IMAP Mailbox Name Buffer Overflow Vulnerability
18. ALTools ALZip Multiple Archive Formats File Name Buffer Overflow Vulnerability
19. IBM Tivoli Monitoring Web Health Console Multiple Denial of Service Vulnerabilities
20. TellMe Multiple Cross-Site Scripting Vulnerabilities
21. Sun ONE Directory Server Unspecified Remote Vulnerability
22. Planet Technology FGSW-2402RS Switch Backdoor Password Reset Vulnerability
23. Mozilla Firefox IFRAME Handling Denail Of Service Vulnerability
24. Webroot Software Desktop Firewall Multiple Local Vulnerabilities
25. MyBloggie Search.PHP SQL Injection Vulnerability
26. PHP-Fusion Register.PHP And FAQ.PHP SQL Injection Vulnerabilities
27. Debian Linux Mason Init.d Firewall Loading Failure Vulnerability
28. Microsoft October Advance Notification Unspecified Security Vulnerabilities
29. AspReady FAQ Manager SQL Injection Vulnerability
30. OScommerce Additional_Images.PHP SQL Injection Vulnerability
31. MediaWiki HTML Inline Style Attributes Unspecified Cross-Site Scripting Vulnerability
32. Computer Associates Multiple Product HTTP Request Remote Buffer Overflow Vulnerability
33. SuSE YaST Package Repositories Insecure Permissions Vulnerability
34. Utopia News Pro Multiple Cross-Site Scripting Vulnerabilities
35. Utopia News Pro SQL Injection Vulnerability
36. Mozilla Firefox Multiple Unspecified Vulnerabilities
37. Oracle iSQLPlus Cross-Site Scripting Vulnerability
38. Oracle HTML DB Cross-Site Scripting Vulnerabilities
39. Oracle iSQL*Plus TLS Listener Remote Denial Of Service Vulnerability
40. Oracle HTML DB Plaintext Password Storage Vulnerability
41. Oracle XML DB Cross-Site Scripting Vulnerability
42. W3C Libwww Multiple Unspecified Vulnerabilities
43. Aenovo Multiple SQL Injection Vulnerabilities
44. SUSE ResMgr Unauthorized USB Device Access Vulnerabilities
45. Aenovo Multiple Unspecified Cross-Site Scripting Vulnerabilities
46. Oracle Forms Servlet TLS Listener Remote Denial Of Service Vulnerability
47. SUSE Linux Multiple Local Privilege Escalation Vulnerabilities
48. MediaWiki History Database Corruption Vulnerability
49. SUSE Linux PowerSave Daemon Local Denial Of Service Vulnerability
50. HylaFAX Insecure UNIX Domain Socket Usage Vulnerability
51. Xine-Lib Remote CDDB Information Format String Vulnerability
52. HAURI Anti-Virus ALZ Archive Handling Remote Buffer Overflow Vulnerability
53. Multiple Vendor Antivirus Products Malformed Archives Scan Evasion Vulnerability
54. Cyphor Multiple Input Validation Vulnerabilities
III. SECURITYFOCUS NEWS
1. Fingerprint payments taking off despite security concerns
2. E-voting experts call for revised security guidelines
3. Digital plague hits online game World of Warcraft
4. Mozilla's popularity stressing its security image
5. Users want ISPs to filter spyware
6. Security pros savage Tsunami hacker verdict
7. Virus naming scheme gets mixed reception
8. 'DEC hacking' trial opens

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
----------------------------

II. BUGTRAQ SUMMARY
--------------------
1. ProZilla Buffer Overflow Vulnerability
BugTraq ID: 14993
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14993
$BMWLs(B:
ProZilla $B$K$O%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B
$B%f!<%6$,;XDj$7$?F~NOCM$r%5%$%:$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$
K!"(B
$B6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$N%"%W%j%1!<%7%g%s$r<B9T$7$F$$$k%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$
G!"(B
$BG$0U$N%3!<%I$,<B9T$5$l$k2DG=@-$,$"$j$^$9!#(B

2. GNU CFEngine Insecure Temporary File Creation Vulnerability
BugTraq ID: 14994
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14994
$BMWLs(B:
GNU cfengine $B$K$O%;%-%e%j%F%#>eITE,@Z$K0l;~%U%!%$%k$,:n@.$5$l$k5?$$$,$"(B
$B$j$^$9!#$3$NLdBj$,MxMQ$5$l$k$H!"G$0U$N%U%!%$%k$r>e=q$-$9$k$3$H$,5v$5$
l$F(B
$B$7$^$&2DG=@-$,$"$j$^$9!#(B

3. Bugzilla config.cgi Information Disclosure Vulnerability
BugTraq ID: 14995
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14995
$BMWLs(B:
Bugzilla $B$K$O(B config.cgi $B$r2p$7$F>pJs$,O31L$9$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O!"K\Mh5v2D$5$l$J$$%f!<%6$,5!L)07$$$N@=IJL>$K%"%/%;%9$9$k$3$H$r5v$7$
F$7(B
$B$^$&2DG=@-$,$"$j$^$9!#(B

Bugzilla 2.18rc1 $B$+$i(B 2.18.3$B!"(B2.19 $B$+$i(B 2.20rc2$B!"$*$h$S(B 2.21 $B$K$*$$$F!"(B
$B$3$NLdBj$N1F6A$r<u$1$^$9!#(B

4. Bugzilla User-Matching Information Disclosure Vulnerability
BugTraq ID: 14996
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14996
$BMWLs(B:
Bugzilla $B$K$O%f!<%6$N>H9g$,M-8z$K$J$C$F$$$k>l9g$K>pJs$,O31L$9$kLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O967b<T$,%7%9%F%`$N%f!<%6L>$rNs5s$9$k$
3$H(B
$B$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

Bugzilla 2.19.1 $B$+$i(B 2.20rc2 $B$*$h$S(B 2.21 $B$K$*$$$F!"$3$NLdBj$N5?$$$,$"$j(B
$B$^$9!#(B

5. Procom Technology NetFORCE 800 Information Disclosure Vulnerability
BugTraq ID: 14997
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14997
$BMWLs(B:
Procom Technology NetFORCE 800 $B$K$O>pJs$,3+<($5$l$k5?$$$,$"$j$^$9!#$3$N(B
$B%*%Z%l!<%F%#%s%0%7%9%F%`$G$O!"%Q%9%o!<%I%O%C%7%e$r4^$`J?J8$N?GCG%a%C%
;!<(B
$B%8$,EE;R%a!<%k$GAw?.$5$l$^$9!#(B

NetFORCE 800 v4.02 M10 (Build 20) $B$K$*$$$F!"$3$NLdBj$,B8:_$9$k$3$H$,Js9p(B
$B$5$l$^$7$?!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

6. Kaspersky Anti-Virus Library CAB Record Remote Heap Overflow Vulnerability
BugTraq ID: 14998
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14998
$BMWLs(B:
Kaspersky Anti-Virus $B%i%$%V%i%j$K$O%j%b!<%H$+$i$N967b$K$h$j%R!<%WNN0h$G(B
$B%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O(B .CAB $B%U%!%$%k$N2r@OCf(B
$B$K0z$-5/$3$5$l$^$9!#$3$NLdBj$O%G%9%/%H%C%W!"%5!<%P!"$*$h$S%2!<%H%&%'%
$$N(B
$B%"%s%A%&%$%k%9@=IJ$J$I!"$3$N%i%$%V%i%j$r4^$`$9$Y$F$N(B Kaspersky $B@=IJ$K1F(B
$B6A$r5Z$\$92DG=@-$,$"$j$^$9!#$3$NLdBj$O(B Windows $BHG%j%j!<%9$K$N$_1F6A$r5Z(B
$B$\$7$^$9!#(BKaspersky Anti-Virus 4.5 $B$O!"$3$NLdBj$N1F6A$r<u$1$^$;$s!#(B

$B967b$,@.8y$9$k$H!"LdBj$N$"$k%"%W%j%1!<%7%g%s$N%[%9%H$H$J$k%3%s%T%e!<%
?$K(B
$BBP$7$F%7%9%F%`%l%Y%k$N6<0R$,>7$+$l$k2DG=@-$,$"$j$^$9!#(B

7. Weex Log_Flush() Function Remote Format String Vulnerability
BugTraq ID: 14999
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/14999
$BMWLs(B:
Weex $B$O%j%b!<%H$+$iMxMQ2DG=$J%U%)!<%^%C%H%9%H%j%s%0$NLdBj$N1F6A$r<u$1$^(B

$B$9!#(B

$B$3$NLdBj$O(B 'log.c' $B%U%!%$%k$N(B 'log_flush()' $B4X?t$KB8:_$7!"%U%)!<%^%C%H;X(B
$BDj;R$r4^$`%(%i!<%m%0$N%(%s%H%j$N=q$-9~$_$,;n9T$5$l$k$H$-$K0z$-5/$3$5$
l$^(B
$B$9!#(B

Weex 2.6.1 $B$*$h$S(B 2.6.1.5$B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l(B
$B$F$$$^$9!#(B

8. DIA SVG File Import Remote Arbitrary Code Execution Vulnerability
BugTraq ID: 15000
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15000
$BMWLs(B:
DIA $B$OG$0U$N%3!<%I$r<B9T2DG=$JLdBj$N1F6A$r<u$1$^$9!#(B

$B$3$NLdBj$O!"0-0U$"$k(B Scalable Vector Graphics (SVG) $B%U%!%$%k$,=hM}$5$l$k(B
$B$H$-$K0z$-5/$3$5$l$^$9!#(B

$B967b$,@.8y$9$k$H!"%j%b!<%H$N967b<T$,%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%
s%F(B
$B%-%9%HFb$GG$0U$N(B Python $B%3!<%I$r<B9T$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^(B
$B$9!#$3$l$,%j%b!<%H$+$i$N967b$N<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#(B

$B8=;~E@$G$O!"(BDIA $B$N$9$Y$F$N%P!<%8%g%s$,LdBj$N1F6A$r<u$1$k2DG=@-$,$"$k$H9M(B
$B$($i$l$^$9!#(B

9. Symantec AntiVirus Scan Engine Web Service Administrative Interface Buffer Overflow Vulnerability
BugTraq ID: 15001
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15001
$BMWLs(B:
Symantec Antivirus Scan Engine $B$N(B Web $B4IM}%$%s%?%U%'!<%9$K$O!"%P%C%U%!%*!<(B
$B%P!<%U%m!<$NLdBj$,B8:_$7$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r%5%
$%:(B
$B$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O!"967b<T$,LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%
9%H(B
$BFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k$3$H$r5v$7$F$7$^$$$^$9!#$3$NLdBj$O!"%
j%b!<(B
$B%H$N967b<T$,LdBj$N$"$k%"%W%j%1!<%7%g%s$r<B9T$9$k%3%s%T%e!<%?$KBP$7$F!
"%j(B
$B%b!<%H$+$i$N8"8B$rIUM?$5$l$?%"%/%;%9$r<B9T$9$k$3$H$r5v$7$F$7$^$$$^$9!
#(B

10. Berkeley MPEG Tools Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 15002
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15002
$BMWLs(B:
Berkeley MPEG Tools $B$G$O!"0l;~%U%!%$%k$N:n@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l(B
$B$^$;$s!#(B

$BLdBj$NMxMQ$,@.8y$9$k$H!"=EMW$J%G!<%?$d@_Dj%U%!%$%k$,>e=q$-$5$l$k2DG=@
-$,(B
$B$"$j$^$9!#$3$N$?$a!"%G!<%?$NGK2u$K$h$k%5!<%S%9ITG=>uBV$,>7$+$l$k2DG=@
-$,(B
$B$"$j$^$9!#$=$NB>$N967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

$B8=;~E@$G$O!"(BBerkeley MPEG Tools 1.5b $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3(B
$B$H$,3NG'$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$
9!#(B

11. Hitachi Cosminexus Remote Information Disclosure Vulnerability
BugTraq ID: 15003
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15003
$BMWLs(B:
$BF|N)$N(B Cosminexus $B$O!">pJs$,O31L$9$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O!"2a5n$K(B HTTP POST $B%j%/%(%9%H$r2p$7$FAw?.$5$l$?B>$N%f!<%6$N8D?M(B
$B>pJs$J$I$N@x:_E*$K=EMW$J>pJs$r3+<($9$k2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$rMxMQ$7$F<}=8$5$l$?>pJs$O!"$=$NB>$N967b$r;n$_$k$?$a$N<j=u$1$
H$J(B
$B$k2DG=@-$,$"$j$^$9!#(B

12. Gnome-PTY-Helper UTMP Hostname Spoofing Vulnerability
BugTraq ID: 15004
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15004
$BMWLs(B:
'gnome-pty-helper' $B$G$O!"%m!<%+%k$G(B UTMP $B%[%9%HL>$,56Au$5$l$k2DG=@-$,$"(B
$B$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$r;HMQ$7$F(B UTMP $B%l%3!<%I$r99?7(B
$B$9$kA0$K!"BEEv@-3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O!"%f!<%6$,(B UTMP $B%l%3!<%I$K4^$^$l$k%j%b!<%H%[%9%H$NL>A0$r56Au$9(B
$B$k$3$H$r5v$7$F$7$^$$$^$9!#$3$l$O!"4IM}<T$d%f!<%6$,@5$7$$967b85$rFCDj$
G$-(B
$B$J$$$h$&$K967b<T$,;E8~$1$k>e$GLrN)$D2DG=@-$,$"$j$^$9!#(B

13. PHP-Fusion Multiple SQL Injection Vulnerabilities
BugTraq ID: 15005
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15005
$BMWLs(B:
PHP-Fusion $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

14. MailEnable W3C Logging Buffer Overflow Vulnerability
BugTraq ID: 15006
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15006
$BMWLs(B:
MailEnable $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$O(B W3C $B%m%.%s%0$N=hM};~$K0z$-5/$3$5$l$^$9!#967b<T$O$3$NLdBj$rMx(B
$BMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B SYSTEM $B8"8B$GG$0U$N%3!<%I$r<B9T$9$k2D(B
$BG=@-$,$"$j$^$9!#(B

MailEnable Professional 1.6 $B0JA0$N%P!<%8%g%s!"$*$h$S(B MailEnable
Enterprise 1.1 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

15. UIM LibUIM Environment Variables Privilege Escalation Weakness
BugTraq ID: 15007
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15007
$BMWLs(B:
Uim $B$K$O!"8"8B>:3J$,0z$-5/$3$5$l$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#(B

$BLdBj$N$"$k%"%W%j%1!<%7%g%s$,%$%s%9%H!<%k$5$l$F$$$k%7%9%F%`$K%m!<%+%k$
G%$(B
$B%s%?%i%/%F%#%V$K%"%/%;%92DG=$J967b<T$O!"$3$NLdBj$rMxMQ$7$F8"8B$r>:3J$
G$-(B
$B$k2DG=@-$,$"$j$^$9!#(B

0.4.9.1 $B$h$jA0$N$9$Y$F$N0BDj%P!<%8%g%s!"$*$h$S(B 0.5.0.1 $B$h$jA0$N3+H/%P!<(B
$B%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B

16. Microsoft Windows Wireless Zero Configuration Service Information Disclosure Vulnerability
BugTraq ID: 15008
$B%j%b!<%H$+$i$N:F8=@-(B: $BITL@(B
$B8xI=F|(B: 2005-10-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15008
$BMWLs(B:
WZCSVC $B$O!">pJsO31L$NLdBj$N1F6A$r<u$1$^$9!#(B

$B%m!<%+%k$NK\Mh5v2D$5$l$J$$967b<T$O!"(BWi-Fi Protected Access (WPA) $B;vA06&(B
$BM-%-!<G'>Z$N(B Pairwise Master Key (PMK)$B!"$*$h$S%$%s%?%U%'!<%9$N(B WEP $B%-!<(B
$B$r<hF@$9$k2DG=@-$,$"$k$3$H$,Js9p$5$l$F$$$^$9!#(B

$B967b$,@.8y$9$k$H!"967b<T$,%-!<$r<hF@$7!"$3$l$K$h$C$F%G%P%$%9$KIT@5$K%
"%/(B
$B%;%9$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#$3$N967b$O!"%$%s%?!<%M%
C%H(B
$B%+%U%'$J$I$N8BDjE*$^$?$O0l;~E*$JL5@~%"%/%;%9$rMxMQ2DG=$JJ#?t%f!<%64D6
-$G(B
$B0z$-5/$3$5$l$^$9!#$3$N$h$&$J4D6-$K$*$$$F!"967b<T$O8eF|La$C$FIT@5%"%/%
;%9(B
$B$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

Microsoft Windows XP SP2 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l(B
$B$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

17. University Of Washington IMAP Mailbox Name Buffer Overflow Vulnerability
BugTraq ID: 15009
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15009
$BMWLs(B:
$B%o%7%s%H%sBg3X$N(B IMAP $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O%a!<%k%\%C%/%9L>$N2r@O;~$K0z$-5/$3$5$l$^$9!#(B

$BLdBj$NMxMQ$,@.8y$9$k$H!"%5!<%P%W%m%;%9$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG
$0U(B
$B$N%3!<%I<B9T$,5v$5$l$F$7$^$$$^$9!#967b<T$,$3$NLdBj$rMxMQ$9$k$K$O!"%5!
<%S(B
$B%9$NG'>Z$r<u$1$kI,MW$,$"$j$^$9!#(B

18. ALTools ALZip Multiple Archive Formats File Name Buffer Overflow Vulnerability
BugTraq ID: 15010
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-05
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15010
$BMWLs(B:
ALZip $B$K$O!"$5$^$6$^$J%"!<%+%$%V7A<0$r=hM}$9$k$H$-$K%P%C%U%!%*!<%P!<%U%m!<
(B
$B$,H/@8$9$k5?$$$,$"$j$^$9!#(B

$B%=!<%9%G!<%?$N%5%$%:$,E,@Z$K@)8B$5$l$F$$$J$$$?$a!"D9$$%U%!%$%kL>$,8GD
jD9(B
$B$N%9%?%C%/%P%C%U%!$K%3%T!<$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#$3$N$?$a$K!"%
9%?%C(B
$B%/%a%b%j$NNY@\NN0h$,GK2u$5$l$k2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$NMxMQ$K$h$C$FG$0U$N%3!<%I$,<B9T$5$l!"%j%b!<%H$+$i967b$,0z$-5
/$3(B
$B$5$l$k2DG=@-$,$"$j$^$9!#(B

19. IBM Tivoli Monitoring Web Health Console Multiple Denial of Service Vulnerabilities
BugTraq ID: 15011
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-05
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15011
$BMWLs(B:
IBM Tivoli Monitoring $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y(B
$B$kJ#?t$NLdBj$N1F6A$r<u$1$^$9!#$3$l$i$NLdBj$O!"(BWeb Health Console of
Tivoli Monitoring $B$G;HMQ$5$l$k8E$$%P!<%8%g%s(B (1.3.28 $B$h$jA0(B) $B$N(B IBM HTTP
Server $B$K$*$1$kLdBj$KM3Mh$7$^$9!#(B

IBM HTTP Server (1.3.28 $B$h$jA0(B) $B$r;HMQ$9$k(B Tivoli Monitoring $B$N$9$Y$F$N(B
$B%P!<%8%g%s$K$*$$$F!"$3$l$i$NLdBj$N1F6A$r<u$1$^$9!#(B

20. TellMe Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 15012
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-05
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15012
$BMWLs(B:
TellMe $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8:_$9$k(B
$B5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E
,@Z(B
$B$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N(B
$B967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

21. Sun ONE Directory Server Unspecified Remote Vulnerability
BugTraq ID: 15013
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15013
$BMWLs(B:
Sun ONE Directory Server $B$K$O!"%j%b!<%H$+$iMxMQ2DG=$JL$FCDj$NLdBj$,B8:_(B
$B$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$N860x$OL$FCDj$G$9$,!"967b<T$,LdBj$N$"$k%3%s%T%e!<%?$r%j%b!<%
H$+(B
$B$i967b$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$k$3$H$,Js9p$5$l$F$$$^$9!#(B

Sun ONE Directory Server 5.2 patch 3 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj(B
$B$N1F6A$r<u$1$^$9!#(BSun Java System Directory Server $B$b1F6A$r<u$1$k2DG=@-(B
$B$,$"$j$^$9!#(B

$B>\:Y$,ITL@$J$?$a!"99$J$k>pJs$O8=;~E@$G$ODs6!$5$l$F$$$^$;$s!#>\:Y$,8x3
+$5(B
$B$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

22. Planet Technology FGSW-2402RS Switch Backdoor Password Reset Vulnerability
BugTraq ID: 15014
$B%j%b!<%H$+$i$N:F8=@-(B: $BITL@(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15014
$BMWLs(B:
Planet Technology FGSW-2402RS $B%9%$%C%A$K$O%7%9%F%`$N%Q%9%o!<%I$r%j%;%C%H(B
$B$9$k$?$a$N%G%U%)%k%H$N%Q%9%o!<%I$,4^$^$l$F$$$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"%9%$%C%A$K4IM}<T8"8B$G%"%/%;%9$9$k2DG=@-$
,$"(B
$B$j$^$9!#LdBj$N1F6A$O!"%M%C%H%o!<%/$N9=@.$K$h$C$F0[$J$j$^$9!#(B

$B967b<T$,$3$NLdBj$rMxMQ$9$k$K$O!"(BRS-232 $B%]!<%H@\B3$r2p$7$FLdBj$N$"$k%G%P(B
$B%$%9$KD>@\@\B3$7$F$$$k%^%7%s$K%"%/%;%9$9$kI,MW$,$"$j$^$9!#(B

$B$=$NB>$NJ}K!$K$h$j%G%P%$%9$X$N%"%/%;%9$,2DG=$G$"$k>l9g$O!"%j%b!<%H$+$
iLd(B
$BBj$rMxMQ$G$-$k2DG=@-$,$"$j$^$9$,!"$3$l$K$D$$$F$OL$8!>Z$G$9!#%j%b!<%H$
+$i(B
$BMxMQ2DG=$J>l9g$O!"LdBj$,MxMQ$5$l967b$K$5$i$5$l$k4m81@-$,Hs>o$K9b$/$J$
j$^(B
$B$9!#(B

23. Mozilla Firefox IFRAME Handling Denail Of Service Vulnerability
BugTraq ID: 15015
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-05
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15015
$BMWLs(B:
Mozilla Firefox $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k5?$$(B
$B$,$"$j$^$9!#(B

$B$3$NLdBj$O!"0U?^E*$K:n@.$5$l$?(B IFRAME $B$,%V%i%&%6$G=hM}$5$l$k$H$-$K0z$-5/(B
$B$3$5$l$^$9!#(B

$B967b$,@.8y$9$k$H%"%W%j%1!<%7%g%s$,%/%i%C%7%e$7$?$j!"LdBj$N$"$k%"%W%j%
1!<(B
$B%7%g%s$r<B9T$9$k%3%s%T%e!<%?$N(B CPU $B$d%a%b%j%j%=!<%9$,2aEY$K>CHq$5$l$?$j(B
$B$9$k2DG=@-$,$"$j$^$9!#(B

Linux $B>e$G<B9T$5$l$k(B Firefox 1.0.6 $B$*$h$S(B 1.0.7 $B$,$3$NLdBj$N1F6A$r<u$1$k(B
$BE@$KN10U$9$Y$-$G$9!#0[$J$k%W%i%C%H%U%)!<%`>e$G<B9T$5$l$kB>$N%P!<%8%g%
s$b(B
$B1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

24. Webroot Software Desktop Firewall Multiple Local Vulnerabilities
BugTraq ID: 15016
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15016
$BMWLs(B:
Webroot Software Desktop Firewall $B$K$O!"%m!<%+%k$GMxMQ2DG=$JJ#?t$NLdBj$,(B
$BB8:_$9$k2DG=@-$,$"$j$^$9!#(B

$BBh(B 1 $B$K!"%P%C%U%!%*!<%P!<%U%m!<$NLdBj$,B8:_$7$^$9!#$3$NLdBj$O!"%f!<%6$,(B

$B;XDj$7$?%G!<%?$r%5%$%:$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%
A%'%C(B
$B%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F!"(BSYSTEM $B8"8B$GG$0U$N%^%7%s%3!<%I$r(B
$B<B9T$9$k2DG=@-$,$"$j$^$9!#967b<T$O!"%U%!%$%"%&%)!<%k$K$h$jG'$a$i$l$F$
$$k(B
$B%"%W%j%1!<%7%g%s$N%j%9%H$rJQ99$G$-$J$1$l$P$J$j$^$;$s!#(B

$BBh(B 2 $B$K!"G'>Z$,2sHr$5$l$kLdBj$,B8:_$7$^$9!#$3$NLdBj$O!"$3$N%U%!%$%"%&%)!<
(B
$B%k$KAH$_9~$^$l$F$$$k%Q%9%o!<%IJ]8n5!G=$,E,@Z$KE,MQ$5$l$J$$$3$H$KM3Mh$
7$^(B
$B$9!#$3$N$?$a$K!"%m!<%+%k$N967b<T$,%U%!%$%"%&%)!<%k$rL58z$K$9$k$3$H$,5
v$5(B
$B$l$F$7$^$$$^$9!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F%U%!%$%"%&%)!<%k$rL58z$K$7!"$3$l$
r<j(B
$B=u$1$H$7$F99$J$k967b$r;n$_$k2DG=@-$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$O!"%U%!%$%"%&%)!<%k%I%i%$%P$K%3%^%s%I$rAw?.$9$k$?$a$N(B

'DeviceIoControl()' $B$r;HMQ$G$-$k8"8B$rIUM?$5$l$?%m!<%+%k$N967b<T$K$h$C$F(B
$B$N$_MxMQ2DG=$G$9!#(B

$B%P!<%8%g%s(B 1.3.0.43 $B$K$*$$$F!"$3$l$i$NLdBj$,B8:_$9$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

25. MyBloggie Search.PHP SQL Injection Vulnerability
BugTraq ID: 15017
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15017
$BMWLs(B:
myBloggie $B$K$O(B SQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,(B
$B;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z(B
$B$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

26. PHP-Fusion Register.PHP And FAQ.PHP SQL Injection Vulnerabilities
BugTraq ID: 15018
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15018
$BMWLs(B:
PHP-Fusion $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

27. Debian Linux Mason Init.d Firewall Loading Failure Vulnerability
BugTraq ID: 15019
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15019
$BMWLs(B:
Debian Linux Mason $B%Q%C%1!<%8$K$O!"%7%9%F%`5/F0;~$K%U%!%$%"%&%)!<%k$,%m!<(B
$B%I$5$l$J$/$J$k5?$$$,$"$j$^$9!#I,MW$J5!G=$r<B9T$9$k5/F0%9%/%j%W%H$,%$%
s%9(B
$B%H!<%k%Q%C%1!<%8$K4^$^$l$F$$$^$;$s!#(B

$B$3$N$?$a!"LdBj$N$"$k%3%s%T%e!<%?$,:F5/F0$9$k$H$-$K!"%"%W%j%1!<%7%g%s$
N=j(B
$BM-<T$O$"$?$+$b0BA4$G$"$k$+$N$h$&$K8m2r$7$F$7$^$$$^$9!#(B

$B%j%b!<%H$N967b<T$O!"K\Mh%j%b!<%H$+$iMxMQ$G$-$J$$%]!<%H$K@\B3$9$k$3$H$
K$h(B
$B$j!"$3$N@_Dj%(%i!<$rMxMQ$9$k2DG=@-$,$"$j$^$9!#(B

28. Microsoft October Advance Notification Unspecified Security Vulnerabilities
BugTraq ID: 15020
$B%j%b!<%H$+$i$N:F8=@-(B: $BITL@(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15020
$BMWLs(B:
Microsoft $B$O!"(B2005 $B7n(B 10 $B7n(B 11 $BF|$K(B 9 $B7o$N%;%-%e%j%F%#>pJs$r%j%j!<%9$9$k(B
$BM=Dj$G$"$k$H$N;vA0DL9p$r=P$7$^$7$?!#(B

8 $B7o$O(B Microsoft Windows $B$K1F6A$9$kLdBj$G$"$j!"(B1 $B7o$O(B Microsoft Exchange
$B$*$h$S(B Microsoft Windows $B$K1F6A$9$kLdBj$G$9!#(B

29. AspReady FAQ Manager SQL Injection Vulnerability
BugTraq ID: 15022
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15022
$BMWLs(B:
aspReady FAQ Manager $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#(B

SQL $B9=J8$rCmF~$9$k967b$K$h$j!"$5$^$6$^$J%Q%i%a!<%?$*$h$S%U%#!<%k%I$,1F6A
(B
$B$r<u$1$k$3$H$,?d;!$5$l$^$9$,!"$3$l$K$D$$$F$OL$8!>Z$G$9!#967b$,@.8y$9$
k$H!"(B
$B%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3+<($5$l$?$jA`:n$5$
l$?(B
$B$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%G!<%?%Y!<%9$N<BAu$
NLd(B
$BBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#967b<T$O$3$NLdBj$rM
xMQ(B
$B$7$F%U%)!<%i%`$X$N4IM}<T%"%/%;%9$r<B9T$G$-$k$3$H$,Js9p$5$l$F$$$^$9!#
(B

$B8=;~E@$G$O!"$3$N%"%W%j%1!<%7%g%s$N$9$Y$F$N%P!<%8%g%s$,LdBj$N1F6A$r<u$
1$k(B
$B$H9M$($i$l$^$9!#(B

$B$3$NLdBj$N6qBNE*$J>\:Y$O8x3+$5$l$F$$$^$;$s!#>\:Y$,8x3+$5$l<!Bh!"$3$N
(B BID
$B$O99?7$5$l$kM=Dj$G$9!#(B

30. OScommerce Additional_Images.PHP SQL Injection Vulnerability
BugTraq ID: 15023
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15023
$BMWLs(B:
OSCommerce $B$K$O(B SQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,(B
$B;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z(B
$B$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

31. MediaWiki HTML Inline Style Attributes Unspecified Cross-Site Scripting Vulnerability
BugTraq ID: 15024
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15024
$BMWLs(B:
MediaWiki $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$"$
k%5(B
$B%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG
=@-(B
$B$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

32. Computer Associates Multiple Product HTTP Request Remote Buffer Overflow Vulnerability
BugTraq ID: 15025
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15025
$BMWLs(B:
Computer Associates $B$NJ#?t$N@=IJ$K$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!
<%?(B
$B$r%5%$%:$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$
K<B(B
$B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O!"(BComputer Associates $B$NJ#?t$N@=IJ$G;HMQ$5$l$F$$$k(B iTechnology
iGateway $B%3%s%]!<%M%s%H$KB8:_$7$^$9!#(B

iGateway 1.x$B!"(B2.x$B!"$*$h$S8=9T%P!<%8%g%s$G$"$k(B 4.x $B$O!"$3$NLdBj$N1F6A$r<u(B
$B$1$^$;$s!#(B3.0.040107 $B0JA0$N(B 3.x $B%P!<%8%g%s$,LdBj$N1F6A$r<u$1$^$9!#%G%U%)(B
$B%k%H0J30$N%3%s%]!<%M%s%H$,%$%s%9%H!<%k$5$l$F$*$j!"(B'igateway.conf' $B@_Dj%U%!(B
$B%$%k$N%G%P%C%05!G=$,M-8z$K$J$C$F$*$j!"%5!<%S%9$,<jF0$G:F5/F0$5$l$?>l9
g$K(B
$B$N$_!"$3$NLdBj$rMxMQ2DG=$G$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%
-%e(B
$B%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#
(B

33. SuSE YaST Package Repositories Insecure Permissions Vulnerability
BugTraq ID: 15026
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15026
$BMWLs(B:
SuSE YaST $B$O%Q!<%_%C%7%g%s$N%;%-%e%j%F%#$,E,@Z$G$J$$LdBj$N1F6A$r<u$1$^$9!#(B
$B$3$NLdBj$O!"%m!<%+%k%f!<%6$,%Q%C%1!<%8$N%a%?%U%!%$%k$r>e=q$-$9$k$3$H$
r5v(B
$B$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B$3$N%"%W%j%1!<%7%g%s$O!"%Q%C%1!<%8=jM-<T$N=jM-8"$d%Q!<%_%C%7%g%s$r4^$
`%j(B
$B%b!<%H$N%l%]%8%H%j$r%m!<%+%k%7%9%F%`$K%3%T!<$7$^$9!#%;%-%e%j%F%#$,ITE
,@Z(B
$B$J%Q!<%_%C%7%g%s$,$3$N%Q%C%1!<%8$K4XO"IU$1$i$l$F$$$k>l9g!"$3$NLdBj$K$
h$j(B
$B%G!<%?GK2u$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$O!"(BBID 14861 (SuSE YaST Local Buffer Overflow Vulnerability) $B$K(B
$B<($5$l$F$$$kLdBj$rMxMQ$9$k<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#$3$N>l9g!"967
b<T(B
$B$O;vA0$K(B YaST $B%Q%C%1!<%8$N%a%?%U%!%$%k$r>e=q$-$9$kI,MW$,$"$j$^$9!#(B

34. Utopia News Pro Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 15027
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15027
$BMWLs(B:
Utopia News Pro $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,(B
$BB8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

35. Utopia News Pro SQL Injection Vulnerability
BugTraq ID: 15028
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15028
$BMWLs(B:
Utopia News Pro $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<(B
$B%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,(B
$BE,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

36. Mozilla Firefox Multiple Unspecified Vulnerabilities
BugTraq ID: 15029
$B%j%b!<%H$+$i$N:F8=@-(B: $BITL@(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15029
$BMWLs(B:
Firefox $B$O!"J#?t$NL$FCDj$NLdBj$N1F6A$r<u$1$^$9!#%j%b!<%H$N967b<T$O$3$l$i(B
$B$NLdBj$rMxMQ$7!"G$0U$N%3!<%I$r<B9T$7$FLdBj$N$"$k%3%s%T%e!<%?$K%"%/%;%
9$9(B
$B$k2DG=@-$,$"$j$^$9!#0lIt$NLdBj$K$h$j!"%5!<%S%9ITG=>uBV$,0z$-5/$3$5$l$
k2D(B
$BG=@-$,$"$j$^$9!#(B

Mozilla Firefox 1.5 beta 2 $B$N%j%j!<%9$K$h$j!"$3$l$i$NLdBj$O2r7h$5$l$F$$(B
$B$^$9!#(B

$B>\:Y$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l!"LdBj$4$H$K8DJL$N(B BID $B$KJ,3d$5$l(B
$B$kM=Dj$G$9!#(B

37. Oracle iSQLPlus Cross-Site Scripting Vulnerability
BugTraq ID: 15030
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15030
$BMWLs(B:
Oracle iSQL*Plus $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"(B
$B$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9
T$5(B
$B$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$"$
k%5(B
$B%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG
=@-(B
$B$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$O!"Ev=i(B BID 13139 (Oracle Multiple Vulnerabilities) $B$GJs9p$5$l(B
$B$F$$$k$h$&$K!"(BOracle Critical Patch Update - April 2005 $B$G@bL@$*$h$S2r7h(B
$B$5$l$^$7$?!#99$J$k>pJs$,8x3+$5$l$?$N$KH<$$!"8DJL$N(B BID $B$,3d$jEv$F$i$l$^(B
$B$7$?!#(B

38. Oracle HTML DB Cross-Site Scripting Vulnerabilities
BugTraq ID: 15031
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15031
$BMWLs(B:
Oracle HTML DB $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j(B
$B$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#(B

$B$^$?967b<T$O!"LdBj$N1F6A$r<u$1$k%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G
(B SQL
$B%9%F!<%H%a%s%H$r<B9T$9$k$3$H$b$G$-$^$9!#(B

$B$3$l$i$NLdBj$O!"Ev=i(B BID 13139 (Oracle Multiple Vulnerabilities) $B$GJs9p(B
$B$5$l$F$$$k$h$&$K!"(BOracle Critical Patch Update - April 2005 $B$G@bL@$*$h$S(B
$B2r7h$5$l$^$7$?!#99$J$k>pJs$,8x3+$5$l$?$N$KH<$$!"8DJL$N(B BID $B$,3d$jEv$F$i(B
$B$l$^$7$?!#(B

39. Oracle iSQL*Plus TLS Listener Remote Denial Of Service Vulnerability
BugTraq ID: 15032
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15032
$BMWLs(B:
Oracle iSQL*PLUS $B$K$O!"%j%b!<%H$N967b<T$,(B TNS Listener $B%5!<%S%9$rDd;_$5(B
$B$;!"@55,%f!<%6$X$N99$J$k%G!<%?%Y!<%9%5!<%S%9$r5qH]$9$k$h$&$K;E8~$1$k$
3$H(B
$B$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B%j%b!<%H$N967b<T$O!"FCDj$N(B HTTP $B%j%/%(%9%H$rH/9T$9$k$3$H$K$h$jLdBj$N$"$k(B
$B%"%W%j%1!<%7%g%s$N(B TNS Listener $B$rDd;_$5$;$k2DG=@-$,$"$j$^$9!#(B

Oracle Database 9.0.2.4 $B$K$*$$$F!"$3$NLdBj$,Js9p$5$l$^$7$?!#$=$NB>$N%P!<(B
$B%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$O!"Ev=i(B BID 14238 (Oracle July Security Update Multiple
Vulnerabilities) $B$GJs9p$5$l$F$$$k$h$&$K!"(BOracle Critical Patch Update -
July 2005 $B$G@bL@$*$h$S2r7h$5$l$^$7$?!#99$J$k>pJs$,8x3+$5$l$?$N$KH<$$!"8D(B
$BJL$N(B BID $B$,3d$jEv$F$i$l$^$7$?!#(B

40. Oracle HTML DB Plaintext Password Storage Vulnerability
BugTraq ID: 15033
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15033
$BMWLs(B:
Oracle HTML DB $B$K$O!"%Q%9%o!<%I$,J?J8$G3JG<$5$l$k5?$$$,$"$j$^$9!#(B

$B<jF0%$%s%9%H!<%k;~$K!"(B'SYS' $B%f!<%6$N%Q%9%o!<%I$r%U%!%$%k%7%9%F%`>e$KJ?J8(B
$B$N%U%!%$%k$G3JG<$7$^$9!#%m!<%+%k$N967b<T$O$3$N%U%!%$%k$K%"%/%;%9$7$F%
Q%9(B
$B%o!<%I$r<hF@$7!"%"%W%j%1!<%7%g%s$X$N4IM}<T8"8B$K$h$k%"%/%;%9$r<hF@$9$
k2D(B
$BG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$O!"Ev=i(B BID 13139 (Oracle Multiple Vulnerabilities) $B$GJs9p$5$l(B
$B$F$$$k$h$&$K!"(BOracle Critical Patch Update - April 2005 $B$G@bL@$*$h$S2r7h(B
$B$5$l$^$7$?!#99$J$k>pJs$,8x3+$5$l$?$N$KH<$$!"8DJL$N(B BID $B$,3d$jEv$F$i$l$^(B
$B$7$?!#(B

41. Oracle XML DB Cross-Site Scripting Vulnerability
BugTraq ID: 15034
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15034
$BMWLs(B:
Oracle XML DB $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$"$
k%5(B
$B%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG
=@-(B
$B$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B$3$NLdBj$O!"Ev=i(B BID 13139 (Oracle Multiple Vulnerabilities) $B$GJs9p$5$l(B
$B$F$$$k$h$&$K!"(BOracle Critical Patch Update - April 2005 $B$G@bL@$*$h$S2r7h(B
$B$5$l$^$7$?!#99$J$k>pJs$,8x3+$5$l$?$N$KH<$$!"8DJL$N(B BID $B$,3d$jEv$F$i$l$^(B
$B$7$?!#(B

42. W3C Libwww Multiple Unspecified Vulnerabilities
BugTraq ID: 15035
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15035
$BMWLs(B:
W3C Libwww $B$K$O!"L$FCDj$NJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$K$O!"%P%C%U%!%*!<%P!<%U%m!<$NLdBj$d(B multipart/byteranges $B7A(B
$B<0$N%3%s%F%s%D$N=hM}$K4XO"$9$kLdBj$,4^$^$l$^$9!#(B

$B>\:Y$,ITL@$J$?$a!"99$J$k>pJs$O8=;~E@$G$ODs6!$5$l$F$$$^$;$s!#>\:Y$,8x3
+$5(B
$B$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

Libwww 5.4.0 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#$=$NB>(B
$B$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#$^$?!"$3$N%i%$%V%i%j$r<BA
u$9(B
$B$kB>$N%"%W%j%1!<%7%g%s$r2p$7$F!"$3$l$i$NLdBj$,MxMQ$5$l$k2DG=@-$b$"$j$
^$9!#(B

43. Aenovo Multiple SQL Injection Vulnerabilities
BugTraq ID: 15036
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15036
$BMWLs(B:
Aenovo$B!"(BaeNovoShop $B$*$h$S(B aeNovoWYSI $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLd(B
$BBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r
(B SQL
$B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$
KM3(B
$BMh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

44. SUSE ResMgr Unauthorized USB Device Access Vulnerabilities
BugTraq ID: 15037
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15037
$BMWLs(B:
resmgr $B$K$O!"(BUSB $B%G%P%$%9$X$NIT@5%"%/%;%9$r5v$7$F$7$^$&J#?t$NLdBj$,B8:_(B
$B$9$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$,MxMQ$5$l$k$H!"%"%/%;%9%3%s%H%m!<%k$,2sHr$5$l!"$"$?$+$b0
BA4(B
$B$G$"$k$+$N$h$&$J8m2r$,@8$8$k2DG=@-$,$"$j$^$9!#$^$?!"%G!<%?$,K5<u$5$l$
?>l(B
$B9g$O5!L)@-$,B;$J$o$l$k2DG=@-$,$"$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2
DG=(B
$B@-$b$"$j$^$9!#(B

45. Aenovo Multiple Unspecified Cross-Site Scripting Vulnerabilities
BugTraq ID: 15038
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15038
$BMWLs(B:
aeNovo $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8:_$9$k(B
$B5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM
}$,(B
$BE,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

46. Oracle Forms Servlet TLS Listener Remote Denial Of Service Vulnerability
BugTraq ID: 15039
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15039
$BMWLs(B:
Oracle Forms $B$K$O!"%j%b!<%H$N967b<T$,(B TNS Listener $B%5!<%S%9$rDd;_$5$;!"(B
$B@55,%f!<%6$X$N99$J$k%G!<%?%Y!<%9%5!<%S%9$r5qH]$9$k$h$&$K;E8~$1$k$3$H$
r5v(B
$B$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B%j%b!<%H$N967b<T$O!"FCDj$N(B HTTP $B%j%/%(%9%H$rH/9T$9$k$3$H$K$h$jLdBj$N$"$k(B
$B%"%W%j%1!<%7%g%s$N(B TNS Listener $B$rDd;_$5$;$k2DG=@-$,$"$j$^$9!#(B

2005 $BG/(B 7 $B7n$h$jA0$K%j%j!<%9$5$l$?%P!<%8%g%s$N(B Oracle Forms $B$K$*$$$F!"$3(B
$B$NLdBj$,Js9p$5$l$^$7$?!#(B

$B$3$NLdBj$O!"Ev=i(B BID 14238 (Oracle July Security Update Multiple
Vulnerabilities) $B$GJs9p$5$l$F$$$k$h$&$K!"(BOracle Critical Patch Update -
July 2005 $B$G@bL@$*$h$S2r7h$5$l$^$7$?!#99$J$k>pJs$,8x3+$5$l$?$N$KH<$$!"8D(B
$BJL$N(B BID $B$,3d$jEv$F$i$l$^$7$?!#(B

47. SUSE Linux Multiple Local Privilege Escalation Vulnerabilities
BugTraq ID: 15040
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15040
$BMWLs(B:
SUSE Linux $B$NJ#?t$N%"%W%j%1!<%7%g%s$K$O!"%m!<%+%k$G8"8B>:3J$,0z$-5/$3$5(B
$B$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"LdBj$N$"$k%P%$%J%j$G(B 'LD_LIBRARY_PATH'
$BJQ?t$,0BA4$JJ}K!$G=hM}$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$r<B9
T$9(B
$B$k%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"6&M-%i%$%V%i%j$GG$0U$N%3!<%I$
r<B(B
$B9T$9$k2DG=@-$,$"$j$^$9!#(B

$BB>$NL$FCDj$N%Q%C%1!<%8$bLdBj$N1F6A$r<u$1$^$9!#$3$l$i$N%Q%C%1!<%8$K(B

setuid root $B%S%C%H$,IUM?$5$l$?8"8B$,4^$^$l$k>l9g!"%m!<%+%k$G8"8B>:3J$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

48. MediaWiki History Database Corruption Vulnerability
BugTraq ID: 15041
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15041
$BMWLs(B:
MediaWiki $B$K$O!"%G!<%?%Y!<%9$NGK2u$,0z$-5/$3$5$l$k5?$$$,$"$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"%G!<%?%Y!<%9$N:G?7$NJQ99$rGK2u$G$-$^$9!#
(B

49. SUSE Linux PowerSave Daemon Local Denial Of Service Vulnerability
BugTraq ID: 15042
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15042
$BMWLs(B:
SUSE Linux $B$N%Q%o!<%;!<%V%G!<%b%s$K$O!"%m!<%+%k$G%5!<%S%9ITG=>uBV$K4Y$k(B
$B2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"%$%s%9%H!<%k$5$l$?%G!<%b%s$N%Q!<%_%C%7%
g%s(B
$B$K$*$1$kITHw$KM3Mh$7$^$9!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7!"EE8;4IM}%G!<%b%s$r@)8f$7$F%3%s%T%
e!<(B
$B%?$r0l;~Dd;_$5$;!"@55,%f!<%6$X$N%5!<%S%95qH]$r>7$/2DG=@-$,$"$j$^$9!#$
=$N(B
$BB>$N967b$,9T$o$l$k2DG=@-$b$"$j$^$9!#(B

50. HylaFAX Insecure UNIX Domain Socket Usage Vulnerability
BugTraq ID: 15043
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-07
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15043
$BMWLs(B:
HylaFAX $B$K$O!"(BUNIX $B%I%a%$%s%=%1%C%H$,%m!<%+%k$G%;%-%e%j%F%#>eE,@Z$K;HMQ(B
$B$5$l$J$$2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"(BUNIX $B%I%a%$%s$N%M%C%H%o!<%/DL?.$,(B
$B%;%-%e%j%F%#>eE,@Z$K<BAu$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O!"@x:_E*$K=EMW$J>pJs$r4^$`(B FAX $B%a%C%;!<%8$NFbMF$K%"%/%;%9$7$?$j!"(B
$B@55,%f!<%6$X$N(B FAX $B%5!<%S%9$N5qH]$r0z$-5/$3$7$?$j$9$k2DG=@-$,$"$j$^$9!#(B
$B$=$NB>$N967b$,9T$o$l$k2DG=@-$b$"$j$^$9!#(B

51. Xine-Lib Remote CDDB Information Format String Vulnerability
BugTraq ID: 15044
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-08
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15044
$BMWLs(B:
Xine-lib $B$K$O!"%j%b!<%H$+$iMxMQ2DG=$J%U%)!<%^%C%H%9%H%j%s%0$NLdBj$,B8:_(B
$B$9$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!";XDj$5$l$?%U%)!<%^%C%H$KJQ49$7$F=PN
O$r(B
$B9T$&4X?t$,%;%-%e%j%F%#>eE,@Z$K<BAu$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$NMxMQ$,@.8y$9$k$H!"%j%b!<%H$N967b<T$,LdBj$N$"$k%"%W%j%1!<%7%
g%s(B
$B$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k$3$H$,5v$5$
l$F(B
$B$7$^$$$^$9!#(B

Xine-lib 0.9.13$B!"(B1.0$B!"(B1.0.1$B!"(B1.0.2$B!"$*$h$S(B 1.1.0 $B$K$*$$$F!"LdBj$N1F6A$r(B
$B<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s!"$*$h$S!"LdBj$N$"$k%
P!<(B
$B%8%g%s$N%i%$%V%i%j$r;HMQ$9$k$9$Y$F$N%"%W%j%1!<%7%g%s$,1F6A$r<u$1$k2DG
=@-(B
$B$b$"$j$^$9!#(B

52. HAURI Anti-Virus ALZ Archive Handling Remote Buffer Overflow Vulnerability
BugTraq ID: 15045
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-06
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15045
$BMWLs(B:
HAURI Anti-Virus $B$O%j%b!<%H$+$i$N967b$K$h$j!"(BALZ $B%"!<%+%$%V$r=hM}$9$k$H(B
$B$-$K%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$kLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O0U?^E*$K:n@.$7$?%U%!%$%kL>$r;HMQ$9$k05=L%U%!%$%k$r4^$`0-0U$"$
k(B
ALZ $B%"!<%+%$%V$r:n@.$7!"$3$N%"!<%+%$%V$rLdBj$N$"$k%3%s%T%e!<%?$KAw?.$9$k
(B
$B$3$H$K$h$j!"$3$NLdBj$rMxMQ$G$-$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"4IM}<T$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G%j%b!
<%H(B
$B$+$iIT@5$K%"%/%;%9$9$k2DG=@-$,$"$j$^$9!#(B

'vrAZMain.dll' 5.8.22.137 $B$r;HMQ$9$k@=IJ$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k(B
$B$3$H$,Js9p$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$
^$9!#(B

53. Multiple Vendor Antivirus Products Malformed Archives Scan Evasion Vulnerability
BugTraq ID: 15046
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-08
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15046
$BMWLs(B:
$B$5$^$6$^$J%Y%s%@$+$iDs6!$5$l$F$$$kJ#?t$N%"%s%A%&%$%k%9@=IJ$K$O!"0U?^E
*$K(B
$B:n@.$5$l$?%"!<%+%$%V%U%!%$%k$,8!=P$r2sHr$9$k$3$H$r5v$7$F$7$^$&5?$$$,$
"$k(B
$B$3$H$,Js9p$5$l$F$$$^$9!#(B

$B$3$NLdBj$O!"8m2r$r>7$/2DG=@-$N$"$k56$N(B MS-DOS $B<B9T2DG=%U%!%$%k$N(B MZ $B%X%C(B
$B%@$r4^$`!"0U?^E*$KJQ99$5$l$?%"!<%+%$%V%U%!%$%k$,=hM}$5$l$k$H$-$K0z$-5
/$3(B
$B$5$l$^$9!#(B

$B$3$NLdBj$K$h$j0-0U$"$k%"!<%+%$%V$,8!=P$r2sHr$7!"<u?.<T$,FbMF$r3+$/$3$
H$,(B
$B5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$BLdBj$N$"$k%Q%C%1!<%8$*$h$S%P!<%8%g%s$K$D$$$F$N6qBNE*$J>pJs$O8=;~E@$G$
O8x(B
$BI=$5$l$F$$$J$$E@$KN10U$9$Y$-$G$9!#$3$NLdBj$NJs9p<T$O!"0U?^E*$K:n@.$7$
?J#(B
$B?t$N0[$J$k%"!<%+%$%V$K3JG<$5$l$?(B EICAR $B%F%9%H%a%C%;!<%8$r;HMQ$7$^$7$?!#(B
$BLdBj$,$"$k$3$H$,Js9p$5$l$F$$$k%Q%C%1!<%8$,!"<B:]$OLdBj$N1F6A$r<u$1$J$
$2D(B
$BG=@-$,$"$j$^$9!#(B

$B>\:Y>pJs$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

54. Cyphor Multiple Input Validation Vulnerabilities
BugTraq ID: 15047
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-08
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15047
$BMWLs(B:
Cyphor $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$*$h$S(B SQL $B9=J8$rCmF~2DG=(B
$B$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$BLdBj$,MxMQ$5$l$k$3$H$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$d%G!<%?%Y!<(B
$B%9$N%G!<%?$KBP$9$kIT@5%"%/%;%9$J$I$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$
=$N(B
$BB>$N967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Fingerprint payments taking off despite security concerns
$BCx<T(B: Robert Lemos
$B6a$$>-Mh!">CHq<T$O:bI[$r;}$DI,MW$,$J$/$J$k$+$b$7$l$^$;$s!#$7$+$7!";XL
fG'(B
$B>Z$r;HMQ$9$k7h:Q$K$h$j!"BP:v$r9V$8$K$/$$?HJ,:>>N$d!";TL18"$KBP$9$kBg$
-$J(B
$B6<0R$,>7$+$l$k2DG=@-$,$"$k$H!"%;%-%e%j%F%#$*$h$S8D?M>pJsJ]8n$N@lLg2H$
O4m(B
$BW|$7$F$$$^$9!#(B

http://www.securityfocus.com/news/11339

2. E-voting experts call for revised security guidelines
$BCx<T(B: Robert Lemos
$BO"K.@/I\$N;q6b$G1?1D$5$l$F$$$kEjI<5;=Q@lLg2H$N%0%k!<%W$O!"JF9qA*5s;Y1
g0Q(B
$B0w2q$KBP$7!"A*5s%7%9%F%`$N0BA4@-$NI>2A%W%m%;%9$r2~A1$9$k$h$&$K5a$a$^$
7$?!#(B

http://www.securityfocus.com/news/11336

3. Digital plague hits online game World of Warcraft
$BCx<T(B: Robert Lemos
$B<+8JA}?#$,@)8B$5$l$F$$$k%2!<%`$N8z2L$,0-0U$"$k%2!<%^!<$K$h$C$FMxMQ$*$
h$S(B
$B3H;6$5$l!"%W%m%0%i%`$KEA@wG=NO$r;}$?$;$k$3$H$N4m81@-$r:]N)$?$;$F$$$^$
9!#(B

http://www.securityfocus.com/news/11330

4. Mozilla's popularity stressing its security image
$BCx<T(B: Robert Lemos
$B:G6a$NLdBj$N3+<(!"$*$h$SA}2C$9$k%;%-%e%j%F%#>e$NLdBj$rJs9p$7$?H>G/$K
(B 1
$BEY$N%l%]!<%H$K$h$j!"%*!<%W%s%=!<%9$N(B Firefox $B%V%i%&%6$N0BA4@-$,5?Ld;k$5(B
$B$l$F$$$^$9!#(B

http://www.securityfocus.com/news/11327

5. Users want ISPs to filter spyware
$BCx<T(B: John Leyden
$B%$%s%?!<%M%C%H%f!<%6$NBgB??t$O!"(BISP $B$,%9%Q%$%&%'%"$N%H%i%U%#%C%/$r<WCG$9(B
$B$k$3$H$rK>$s$G$$$^$9!#(B

http://www.securityfocus.com/news/11340

6. Security pros savage Tsunami hacker verdict
$BCx<T(B: John Oates
$B85(B IT $B%;%-%e%j%F%#%3%s%5%k%?%s%H$N(B Daniel Cuthbert $B$O!"%3%s%T%e!<%?IT@5(B
$B;HMQK!0cH?$GM-:aH=7h$r<u$1!"(B400 $B%]%s%I$NH36b$H(B 600 $B%]%s%I$N=tHqMQ;YJ'$$(B
$B$rL?$<$i$l$^$7$?!#(B

http://www.securityfocus.com/news/11341

7. Virus naming scheme gets mixed reception
$BCx<T(B: John Leyden
$B%&%$%k%9$NL?L>$K4XO"$7$F5/$3$k:.Mp$K$D$$$FBP:v$r9V$8$kCDBN$,@5<0$KH/B
-$7(B
$B$^$7$?!#(B

http://www.securityfocus.com/news/11338

8. 'DEC hacking' trial opens
$BCx<T(B: John Oates
2004 $BG/(B 12 $B7n$KH/@8$7$?DEGH:R32$N5A1g6b%5%$%H$X$N%O%C%-%s%0$NMF5?$G5/AJ(B
$B$5$l$F$$$k%$!<%9%H%m%s%I%s:_=;$NCK$KBP$9$k>Z5r$N?3M}$,!"%[!<%9%U%'%j!
<%m!<(B
$B%I2<5iH=;v:[H==j$G;O$^$j$^$7$?!#(B

http://www.securityfocus.com/news/11337

--
$BK]Lu(B: LAC $BK]Lu%A!<%`(B
$B4F=$(B: $B>.3^8691M:(B (OGASAWARA Tsuneo)
LAC Co., Ltd.
http://www.lac.co.jp/index.html
0?l *?H?÷

 ?]0?Y

10 +0 *?H?÷


 ?
û0?0?k9ÊT?þP"2þ2ÙÛû?0
 *?H?÷


0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
180518235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
 *?H?÷



0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ݪY?
Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu

0
 *?H?÷


?÷Îv\«??Ü?o49]?>kr,áÇ¢{@)¹x?ºLÅ£j^?n{ãòAf¾­û®¢Î?ó¢4?´²¶$òåÕàÈåbm?{˾»?|WÊð7©¯?î¾(?Ù&v ÍĝNð®Õ¾¯WjРBBBô
Ì¥x??&8?G0?0?kLÇêª?>qÓ?ø=:???0
 *?H?÷


0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
280801235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
 *?H?÷



0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ݪY?
Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu

0
 *?H?÷


©OÃ
Çg¾,ËÙ¨Í-uç~?;rë~ë\- ?Ökm`|å®Å#\JЯ±]óǶ
Ûà?
ݼÇv?µÝOÃ?u¸
ÀæÉ[k¥¸?ܬ¤ÝríN¡÷O¼ÓêÈdt{Â?A?esXñ?<j±?ÉÄ?¼ÏEmEân"?þ¼1\
èòÙ0?¶0? 
%îs<û ?U??{?í¿0
 *?H?÷


0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
020404000000Z
070403235959Z0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0?0
 *?H?÷



0?¼+þîO×ùútüoÃøÊ?(v'È4 ˪r-É­ö?~?hòKïÉÿo½?îÓ??ÿ¨þîhU°¼ð°óåNhfisµ:V÷^uæo;êâd'\`?ÝÛ+·¼¶ª¡$)¯t¦?¯GöÕK~,e3îÛ¥<
KCp?ÙÙÂ??Äø(

£¤0¡0U

ÿ0

ÿ
0FU ?0=0;`?H
?øE

0,0*+

https://www.verisign.co.jp/rpa0U


ÿ
0 `?H
?øB


0 U0¤010UC1C2-1-40
 *?H?÷


\?Ïh??¿ÏÓ_n²N>?Qs?e¢w ~ü v1?ÿîv4YVÊæGèãTÓÈ?Î?«bMo]?¸¢±?_K??Çó[m³#ÕcÑU*¿þ·ÄUò´o:?¿ê§q^/=¯?
?òt)ÿÌõ
?¬ÕÕ?ô÷7ªÔ?pd{0?10?? 
d2?7Åw?É??¹?b?ñ0
 *?H?÷


0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0
050331000000Z
060331235959Z0ü10U
VeriSign Japan K.K.10UISP Service CA1503U,Terms of use at www.verisign.co.jp/rpa (c)011806U/Service Name - 5BF88D474BD2A6D3E7E073163F0C4D1210UHitachijoho10UTsuneo Ogasawara1!0 *?H?÷


t.ogaswr (at) lac.co (dot) jp0 [email concealed]?0
 *?H?÷



0?¿*E´\2ÅÍóDíÐÏÇ~?+Ü=Ù&-u4)~è§ÊÇ2ÉnAàÙWÍØoÓÐûÊfÚq³
.?³¥Hë¼ÀÚ×?!0¯6iÚ??±?rÙDÏdA[?Ùî?´q\~ãè?ú¨
Ä»ù?oÊi1¶+_ãr?#??>¥þ?IÁeA

£ä0á0 U00EU >0<0:
`?H
?øE
0,0*+

https://www.verisign.co.jp/rpa0U 0
`?H
?øB

?0ZUS0Q0O M K?Ihttp://onsitecrl.verisign.co.jp/VeriSi
gnJapanKKISPServiceCA/LatestCRL.crl0
`?H
?øE
 

ÿ0
 *?H?÷


TMΤ©ýäøpß˵"òΩ,Í˶Q??`puÏ?¥?F?ÿ¬ãÅz?¸íñ²Oð)ô2ð$³q?âüý |øu
ßx©?Ì0³Jçjñ^9?^ p('?öC¦^ã=?øîÍ?&´ª.àTaxz4ÓÄÇ«<v?òY³QúÄ1?90?5

0Þ0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CAd2?7Åw?É??¹?b?ñ0 + ±0 *?H?÷

1 *?H?÷


0 *?H?÷

1
060127090600Z0# *?H?÷

1?B$Iø}æNÉùH ¼Ýg|m0R *?H?÷

1E0C0
*?H?÷
0*?H?÷
?0+0
*?H?÷

@0
*?H?÷

(0
 *?H?÷



?t¥iþÉ?ï??kbõn´§?
zDúxá|îkª%LÊ
Ú?o
5[54|~???é¢l?;)»¬P²ûãèàajý«ØkhJïVð9$
<­R4¯Þ?x)
®1Ñ4¤ÔÊ?îóÁ×¾]_
-cCòn?ýdC
+Uêè

[ reply ]