SecurityFocus

SecurityFocus Newsletter #323 2005-10-31->2005-11-04 Feb 17 2006 08:27AM
Tsuneo Ogasawara (t ogaswr lac co jp)

$B>.3^86(B@$B%i%C%/$G$9!#(B

SecurityFocus Newsletter $BBh(B 323 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

------------------------------------------------------------------------
---
BugTraq-JP $B$K4X$9$k(B FAQ ($BF|K\8l(B):
http://www.securityfocus.com/archive/79/description
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0l<!G[I[$5$l$F$$$^$9(B
$B!&(BBugTraq-JP $B$X$N;22CJ}K!!"C&B`J}K!$O$3$N(B FAQ $B$r$4;2>H$/$@$5$$(B
------------------------------------------------------------------------
---
SecurityFocus Newsletter $B%"!<%+%$%V(B ($B1Q8l(B):
http://www.securityfocus.com/archive/78
BugTraq $B$K4X$9$k(B FAQ ($B1Q8l(B):
http://www.securityfocus.com/archive/1/description
------------------------------------------------------------------------
---
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
$B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#
(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
$B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
$B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
------------------------------------------------------------------------
---
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^
(B
$B$9!#(B
------------------------------------------------------------------------
---
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
$BHG$r$4Ej9FD:$/$+!"4F=$<T(B (t.ogaswr (at) lac.co (dot) jp [email concealed]) $B$K$*CN$i$;$/$@$5$$!#(B
$B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
------------------------------------------------------------------------
---
This translation is encoded and posted in ISO-2022-JP.

$B86HG(B:
Date: Tue, 08 Nov 2005 16:47:05 -0700
Message-ID: <437138F9.2060700 (at) securityfocus (dot) com [email concealed]>

SecurityFocus Newsletter #323
-----------------------------

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
1. Automatic graylisting of unwanted software
2. Windows rootkits in 2005, part one
II. BUGTRAQ SUMMARY
1. MG2 Authentication Bypass Vulnerability
2. PHP Advanced Transfer Manager Remote Unauthorized Access Vulnerability
3. Subdreamer Multiple Remote SQL Injection Vulnerabilities
4. OpenVPN Client Remote Format String Vulnerability
5. Invision Gallery Index.PHP SQL Injection Vulnerability
6. Snitz Forum Post.ASP Cross-Site Scripting Vulnerability
7. NTop Insecure Temporary File Creation Vulnerability
8. PHPBB Global Variable Deregistration Bypass Vulnerabilities
9. PHPCafe Tutorial Manager Index.PHP SQL Injection Vulnerability
10. OaBoard Forum.PHP Multiple SQL Injection Vulnerabilities
11. PHPBB Multiple Unspecified Vulnerabilities
12. IBM AIX CHCONS Local Buffer Overflow Vulnerability
13. PHP PHPInfo Cross-Site Scripting Vulnerability
14. PHP Parse_Str Register_Globals Activation Weakness
15. PHP File Upload GLOBAL Variable Overwrite Vulnerability
16. Comersus BackOffice Multiple Input Validation And Information Disclosure Vulnerabilities
17. Apple Mac OS X Security Update 2005-10-31 Multiple Local Vulnerabilities
18. IOFTPD Username Enumeration Vulnerability
19. Belchior Foundry vCard Pro Addrbook.PHP SQL Injection Vulnerability
20. EyeOS Desktop.PHP HTML Injection Vulnerability
21. EyeOS User And Password Information Disclosure Vulnerability
22. Elite Forum HTML Injection Vulnerability
23. Multiple Vendor ReadDir_R Buffer Overflow Vulnerability
24. VUBB Index.PHP Cross-Site Scripting Vulnerability
25. OpenVMS Unspecified Local Denial of Service Vulnerability
26. Pax File Permission Modification Race Condition Weakness
27. NetBSD Insecure Temporary File Creation Vulnerability
28. NetBSD KernFS Local Kernel Memory Disclosure Vulnerability
29. XMB Forum Post.PHP SQL Injection Vulnerability
30. Microsoft Internet Explorer Malformed HTML Parsing Denial of Service Vulnerability
31. Cisco Management Center for IPS Sensors Configuration Download Weakness
32. OpenVPN Server Remote Denial Of Service Vulnerability
33. Sun Java System Communications Express Information Disclosure Vulnerability
34. Cisco Airespace WLAN Controller Unauthorized Network Access Vulnerability
35. RhinoSoft Serv-U FTP Server Unspecified Denial of Service Vulnerability
36. News2Net Index.PHP SQL Injection Vulnerability
37. Cisco IOS System Timers Heap Buffer Overflow Exploitation
38. phpWebThings Forum.PHP Cross-Site Scripting Vulnerability
39. PHPWebThing Forum.PHP SQL Injection Vulnerability
40. MailWatch for MailScanner Authenticate Function SQL Injection Vulnerability
41. Asus VideoSecurity Online Web Server Authentication Buffer Overflow Vulnerability
42. Glider Collect'N Kill Remote Buffer Overflow Vulnerability
43. Asus VideoSecurity Online Web Server Directory Traversal Vulnerability
44. Battle Carry Remote Denial of Service Vulnerability
45. Simple PHP Blog Multiple Input Validation Vulnerabilities
46. F-Secure Web Console Directory Traversal Vulnerability
47. GraphOn GO-Global For Windows Remote Buffer Overflow Vulnerability
48. Invision Gallery Image Upload HTML Injection Vulnerability
49. Johannes F. Kuhlmann FlatFrag Multiple Remote Buffer Overflow And Denial Of Service Vulnerabilities
50. NeroNet Limited Directory Traversal Vulnerability
51. NetBSD SO_LINGER DIAGNOSTIC Checking Local Denial of Service Vulnerability
52. NetBSD Local PTrace Privilege Escalation Vulnerability
53. IPSwitch WhatsUp Small Business 2004 Report Service Directory Traversal Vulnerability
54. Scorched 3D Multiple Vulnerabilities
55. F-Prot Antivirus ZIP Attachment Version Scan Evasion Vulnerability
56. PHP Handicapper Multiple Cross-Site Scripting Vulnerabilities
57. CutePHP CuteNews Directory Traversal Vulnerability
58. vBulletin Image Upload HTML Injection Vulnerability
59. PHP Handicapper Process_signup.PHP SQL Injection Vulnerability
60. Libungif Colormap Handling Memory Corruption Vulnerability
61. Microsoft November Advance Notification Unspecified Security Vulnerabilities
62. PHP Handicapper Process_signup.PHP HTTP Response Splitting Vulnerability
63. Movable Type Arbitrary Blog Creation Path Vulnerability
64. IBM WebSphere Application Server QueryString Information Disclosure Vulnerability
65. Libungif Null Pointer Dereference Denial of Service Vulnerability
66. Movable Type Blog Entry Posting HTML Injection Vulnerability
67. Apple QuickTime Embedded Pascal Style Remote Integer Overflow Vulnerability
68. Apple QuickTime Null Pointer Dereference Denial of Service Vulnerability
69. Apple QuickTime Movie Attributes Remote Integer Overflow Vulnerability
70. Apple QuickTime Compressed PICT Data Remote Buffer Overflow Vulnerability
71. Sun Java Development Kit Font Serialization Remote Denial of Service Vulnerability
72. Galerie ShowGallery.PHP SQL Injection Vulnerability
73. CHFN User Modification Privilege Escalation Vulnerability
74. Cerberus Helpdesk Information Disclosure Vulnerability
75. Clam Anti-Virus ClamAV TNEF File Handling Denial Of Service Vulnerability
76. Clam Anti-Virus ClamAV CAB File Handling Denial Of Service Vulnerability
77. Clam Anti-Virus ClamAV FSG File Handling Buffer Overflow Vulnerability
78. GpsDrive Friendsd Remote Format String Vulnerability
79. Acme Thttpd Insecure Temporary File Creation Vulnerability
80. IBM Lotus Domino Multiple Vulnerabilities
81. PunBB/Blog:CMS Image Upload HTML Injection Vulnerability
82. IBM AIX SWCONS Local Buffer Overflow Vulnerability
83. JPortal Multiple SQL Injection Vulnerabilities
84. Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
85. PunBB/BLOG:CMS Origin Spoofing Vulnerability
86. cPanel Chat Message Field HTML Injection Vulnerability
87. PunBB/BLOG:CMS Unspecified Information Disclosure Vulnerability
88. Ocean12 ASP Calendar Manager Authentication Bypass Vulnerability
89. Ocean12 ASP Calendar Manager SQL Injection Vulnerability
90. Multiple Vendor Web Browser Cookie Hostname Handling Weakness
91. Macromedia Flash Array Index Memory Access Vulnerability
92. ibProArcade User ID SQL Injection Vulnerability
III. SECURITYFOCUS NEWS
1. Suspected bot master busted
2. Hidden DRM code's legitimacy questioned
3. U.S. makes securing SCADA systems a priority
4. Web defacer sentenced, facing deportation
5. Skype under scrutiny for bugs
6. Say hello to the Skype Trojan
7. Shared music abuse bug hits iTunes

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
----------------------------

II. BUGTRAQ SUMMARY
--------------------
1. MG2 Authentication Bypass Vulnerability
BugTraq ID: 15235
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15235
$BMWLs(B:
MG2 $B$O!"G'>Z$r2sHr2DG=$JLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"%j%b!<%H$N967b
(B
$B<T$,%Q%9%o!<%I$GJ]8n$5$l$F$$$k2hA|%.%c%i%j!<$K%"%/%;%9$9$k$3$H$r5v$7$
F$7(B
$B$^$&2DG=@-$,$"$j$^$9!#(B

$B8=;~E@$G$O!"(BMG2 $B$N$9$Y$F$N%P!<%8%g%s$KLdBj$,B8:_$9$k$H9M$($i$l$^$9!#(B
Minigal B13 $B$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

2. PHP Advanced Transfer Manager Remote Unauthorized Access Vulnerability
BugTraq ID: 15237
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15237
$BMWLs(B:
PHP Advanced Transfer Manager $B$O!"%j%b!<%H$N967b<T$,IT@5%"%/%;%9$r9T$&$3(B
$B$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$BG'>ZMQ>pJs$r4^$`=EMW$J%U%!%$%k$X$N%"%/%;%9$,@)8B$5$l$F$$$J$$$?$a!"967
b<T(B
$B$O(B GET $B%j%/%(%9%H$rH/9T$9$k$@$1$G%f!<%6$N%Q%9%o!<%I%O%C%7%e$r<hF@$G$-$^(B
$B$9!#$3$N>pJs$O!"(BCookie $B$r;HMQ$9$k%5!<%S%9$G967b<T$,G'>Z$r<u$1$k$3$H$r5v(B
$B$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

PHP Advanced Transfer Manager 1.30 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$k$3$H$,Js(B
$B9p$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

3. Subdreamer Multiple Remote SQL Injection Vulnerabilities
BugTraq ID: 15238
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15238
$BMWLs(B:
Subdreamer $B$K$O!"%j%b!<%H$+$i(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?(B
$B$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$K$h$j!"%j%b!<%H$N967b<T$,%G!<%?%Y!<%9%/%(%j$K0-0U$"$kF~N
OCM(B
$B$rEO$7!"%/%(%j$NO@M}9=B$$rA`:n$9$k$J$I$N967b$r2C$($k$3$H$,5v$5$l$F$7$
^$&(B
$B2DG=@-$,$"$j$^$9!#967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$
+$l(B
$B$?$j!"%G!<%?$,3+<($5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967
b<T(B
$B$,%P%C%/%(%s%I%G!<%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2
DG=(B
$B@-$b$"$j$^$9!#(B

Subdreamer 2.2.1 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#$=(B
$B$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

4. OpenVPN Client Remote Format String Vulnerability
BugTraq ID: 15239
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15239
$BMWLs(B:
OpenVPN $B$K$O!"%j%b!<%H$+$i%U%)!<%^%C%H%9%H%j%s%0$NLdBj$,MxMQ$5$l$k5?$$$,(B
$B$"$k$3$H$,Js9p$5$l$F$$$^$9!#(B

$B0-0U$"$k%5!<%P$O!"%U%)!<%^%C%H;XDj;R$r4^$`%3%^%s%I%*%W%7%g%s(B
('dhcp-option' $B$J$I(B) $B$r0U?^E*$K:n@.$7$F%/%i%$%"%s%H$KAw?.$7!"$3$NLdBj$r(B
$B0z$-5/$3$9$3$H$,2DG=$G$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"G$0U$N%W%m%;%9%a%b%j$K=q$-9~$_!
"%3!<(B
$B%I$N<B9T$r0z$-5/$3$92DG=@-$,$"$j$^$9!#$3$l$K$h$j%j%b!<%H$+$iIT@5%"%/%
;%9(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

OpenVPN 2.0.x $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(BWindows $B$G<B9T$5$l$k(B
OpenVPN $B$O!"LdBj$N1F6A$r<u$1$^$;$s!#(B

5. Invision Gallery Index.PHP SQL Injection Vulnerability
BugTraq ID: 15240
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15240
$BMWLs(B:
Invision Gallery $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B
$B%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=h(B
$BM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

6. Snitz Forum Post.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 15241
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15241
$BMWLs(B:
Snitz Forum $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$"$
k%5(B
$B%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG
=@-(B
$B$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

7. NTop Insecure Temporary File Creation Vulnerability
BugTraq ID: 15242
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15242
$BMWLs(B:
ntop $B$G$O!"0l;~%U%!%$%k$N:n@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$^$;$s!#(B

$B$3$N967b$K$h$j=EMW$J%U%!%$%k$,>e=q$-$5$l$k>l9g!"%G!<%?$,GK2u$?$j%5!<%
S%9(B
$BITG=>uBV$K4Y$C$?$j$9$k2DG=@-$,9b$$$H9M$($i$l$^$9!#$=$NB>$N967b$,<B9T$
5$l(B
$B$k2DG=@-$b$"$j$^$9!#(B

8. PHPBB Global Variable Deregistration Bypass Vulnerabilities
BugTraq ID: 15243
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15243
$BMWLs(B:
phpBB $B$K$O!"(BGLOBAL $BJQ?t$NEPO?2r=|$,E,@Z$K9T$o$l$J$$$?$a$KJ#?t$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$O!"%j%b!<%H$N967b<T$,G$0U$N(B PHP $B%3!<%I$N<B9T!"(BSQL $B9=J8$NCm(B
$BF~!"(BHTML $B%?%0$NA^F~!"$*$h$S%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<B9T$9$k$3(B
$B$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

phpBB 2.0.17 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$l$i$NLdBj$N1F6A$r<u$1$^$9!#(B

9. PHPCafe Tutorial Manager Index.PHP SQL Injection Vulnerability
BugTraq ID: 15244
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15244
$BMWLs(B:
PHPcafe Tutorial Manager $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$N(B
$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

10. OaBoard Forum.PHP Multiple SQL Injection Vulnerabilities
BugTraq ID: 15245
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15245
$BMWLs(B:
OaBoard $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM(B
$B$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

11. PHPBB Multiple Unspecified Vulnerabilities
BugTraq ID: 15246
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15246
$BMWLs(B:
phpBB $B$K$O!"J#?t$NL$FCDj$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#0lIt$NLdBj$O%f!<(B

$B%6$,;XDj$7$?%G!<%?$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$
9$,!"(B
$B$=$NB>$NLdBj$N860x$H1F6A$OFCDj$5$l$^$;$s$G$7$?!#(B

phpBB 2.0.17 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$l$i$NLdBj$N1F6A$r<u$1$^$9!#(B

$B>\:Y$,ITL@$J$?$a!"99$J$k>pJs$O8=;~E@$G$ODs6!$5$l$F$$$^$;$s!#$3$l$i$NL
dBj(B
$B$N0lIt$O!"$3$N(B BID $B$N%j%j!<%9$h$jA0$KJs9p$5$l$F$$$k2DG=@-$,$"$j$^$9!#>\(B
$B:Y$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

12. IBM AIX CHCONS Local Buffer Overflow Vulnerability
BugTraq ID: 15247
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15247
$BMWLs(B:
IBM AIX $B$N(B chcons $B$K$O!"%m!<%+%k$G$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/(B
$B@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$r%5%$%:$,IT=
=J,(B
$B$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,<:GT$9$k$3$H$KM3Mh$7$
^$9!#(B
$B$3$NLdBj$O(B 'DEBUG MALLOC' $B$,M-8z$K$J$C$F$$$k$H$-$K0z$-5/$3$5$l$^$9!#(B

$BLdBj$N$"$k%f!<%F%#%j%F%#$K(B setuid root $B%S%C%H$,IUM?$5$l$F$$$k>l9g!"967b(B
$B$,@.8y$9$k$HG$0U$N%^%7%s%3!<%I$r4IM}<T8"8B$G<B9T$9$k$3$H$,5v$5$l$F$7$
^$&(B
$B2DG=@-$,$"$j$^$9!#(B

13. PHP PHPInfo Cross-Site Scripting Vulnerability
BugTraq ID: 15248
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15248
$BMWLs(B:
PHP $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#$3$NLd
(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$
KM3(B
$BMh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$"$
k%5(B
$B%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG
=@-(B
$B$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

14. PHP Parse_Str Register_Globals Activation Weakness
BugTraq ID: 15249
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15249
$BMWLs(B:
PHP $B$K$O!"967b<T$,(B 'register_globals' $B%G%#%l%/%F%#%V$r:FEYM-8z2=$9$k$3$H(B
$B$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"%a%b%j@)8B$NNc30=hM}$,<:G
T$9(B
$B$k$3$H$KM3Mh$7$^$9!#(B

'register_globals' $B%G%#%l%/%F%#%V$O!"LdBj$N$"$k=hM}$,40N;$9$k$^$GM-8z$J(B
$B>uBV$,J];}$5$l$^$9!#(BPHP $B$,(B Apache $B%b%8%e!<%k$H$7$F<B9T$5$l$k>l9g$O!"0-0U(B
$B$"$k%j%/%(%9%H$N=hM}$,40N;$9$k$^$G(B 'register_globals' $B$,M-8z$K$J$j$^$9!#(B
PHP $B$,(B CGI $B%W%m%;%9$H$7$F<B9T$5$l$k>l9g$O!"$3$NLdBj$,MxMQ$5$l$k2DG=@-$O(B
$BDc$$$H9M$($i$l$^$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$9$k$3$H$K$h$j!"(B'register_globals'
$B$rM-(B
$B8z$K$G$-$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"967b<T$,(B PHP $B%9%/%j%W%H$N@x:_E*(B
$B$JLdBj$r99$KMxMQ$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

15. PHP File Upload GLOBAL Variable Overwrite Vulnerability
BugTraq ID: 15250
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15250
$BMWLs(B:
PHP $B$K$O!"967b<T$,(B HTTP POST $B%j%/%(%9%H$r2p$7$F(B GLOBAL $BJQ?t$r>e=q$-$9$k(B
$B$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$9$k$3$H$K$h$j!"(BGLOBAL $BJQ?t$r>e=q$-$G$-(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"967b<T$,(B PHP $B%9%/%j%W%H$N@x:_E*$JLdBj$r(B
$B99$KMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B

16. Comersus BackOffice Multiple Input Validation And Information Disclosure Vulnerabilities
BugTraq ID: 15251
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15251
$BMWLs(B:
Comersus BackOfficePlus $B$*$h$S(B BackOfficeLite $B$K$O!"F~NOCM$NBEEv@-3NG'$*(B
$B$h$S>pJs$N3+<($K4XO"$9$kJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$N%"%W%j%1!<%7%g%s$K$O!"(BSQL $B9=J8$rCmF~$9$k967b$r<u$1$?$j!">pJs$,3+<($5(B
$B$l$?$j!"J#?t$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$?$j$9$k5?$$$,$"$
j$^(B
$B$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"=EMW$J>pJs$d8"8B$rI,MW$H$9$k>pJs$r<hF
@$7(B
$B$?$j!"%"%W%j%1!<%7%g%s$KBP$7$F4IM}%f!<%6$H$7$F%"%/%;%9$7$?$j!"%/%m%9%
5%$(B
$B%H%9%/%j%W%F%#%s%0967b$r<B9T$7$FI8E*%f!<%6$N(B Cookie $B$KM3Mh$9$kG'>ZMQ>pJs(B
$B$r<hF@$7$?$j$9$k2DG=@-$,$"$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$
b$"(B
$B$j$^$9!#(B

17. Apple Mac OS X Security Update 2005-10-31 Multiple Local Vulnerabilities
BugTraq ID: 15252
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-10-31
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15252
$BMWLs(B:
Mac OS X $B$K$*$1$k%m!<%+%k$GMxMQ2DG=$JJ#?t$NLdBj$r2r7h$9$k$?$a$K!"(BApple
$B$O(B Security Update 2005-10-31 $B$r%j%j!<%9$7$^$7$?!#(B

$B$3$N%;%-%e%j%F%#%"%C%W%G!<%H$G$O!"0J2<$NLdBj$,2r7h$5$l$^$7$?!#(B

- $B%U%!%$%k=jM-<T$NI=<($NLdBj(B: $B$"$?$+$b0BA4$G$"$k$+$N$h$&$J8m2r$r>7$/!#(B

- $B%=%U%H%&%'%"%"%C%W%G!<%H$N<:GT$NLdBj(B: $B=EMW$J%;%-%e%j%F%#$N=$@5$N%$%s%9(B
$B%H!<%k$,<:GT$9$k!#(B

- $B%0%k!<%W$N%a%s%PJQ99$NLdBj(B: $B%0%k!<%W$N%a%s%PJQ99$,CY$l$k$?$a$KIT@5%"%/(B
$B%;%9$,0z$-5/$3$5$l$k!#(B

- Keychain $B$N>pJsO31L$NLdBj(B: Keychain $B$,%?%$%`%"%&%H$K$h$C$F%m%C%/$5$l$?(B
$B8e$G$b!"K\Mh8"8B$r;}$?$J$$%f!<%6$,$9$G$KI=<($5$l$F$$$kJ?J8$N%Q%9%o!<%
I$r(B
$B1\Mw$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$,$"$k!#(B

- $B%+!<%M%k$G$N>pJsO31L$K4XO"$9$kJ#?t$NLdBj(B: $B%m!<%+%k%f!<%6$,=EMW$J>pJs$K(B
$B%"%/%;%9$7!"99$J$k967b$r<B9T$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$k!#(B

$B$3$l$i$NLdBj$O!"99$KJ,@O$5$l<!Bh8DJL$N(B BID $B$KJ,3d$5$l$kM=Dj$G$9!#(B

18. IOFTPD Username Enumeration Vulnerability
BugTraq ID: 15253
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15253
$BMWLs(B:
ioFTPD $B$K$O!"%f!<%6L>$,Ns5s$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;X(B
$BDj$7$?F~NOCM$NBEEv@-3NG'$K$*$1$k@_7W>e$NITHw$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"M-8z$J%f!<%6L>$r<1JL$9$k2DG=@-$,$"$j$^$9!
#$3(B
$B$l$O!"%Q%9%o!<%I$N%V%k!<%H%U%)!<%9967b(B ($BAmEv$j967b(B) $B$J$I$r<B9T$9$k$?$a$N(B
$B<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#(B

19. Belchior Foundry vCard Pro Addrbook.PHP SQL Injection Vulnerability
BugTraq ID: 15254
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15254
$BMWLs(B:
vCard PRO $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,(B
$B;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z(B
$B$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

20. EyeOS Desktop.PHP HTML Injection Vulnerability
BugTraq ID: 15255
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15255
$BMWLs(B:
eyeOS $B$K$O(B HTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj(B
$B$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%
:=h(B
$BM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(B Cookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

21. EyeOS User And Password Information Disclosure Vulnerability
BugTraq ID: 15256
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15256
$BMWLs(B:
eyeOS $B$K$O!">pJs$,O31L$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"=EMW$J>pJs$d8"8B$r(B

$BI,MW$H$9$k>pJs$X$N%"%/%;%98"8B$rIUM?$9$kA0$K!"%"%/%;%9$NBEEv@-3NG'$,E
,@Z(B
$B$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"M-8z$J%f!<%6L>$*$h$SBP1~$9$k0E9f2=$5$l$?%
Q%9(B
$B%o!<%I$N0lMw$r<hF@$G$-$^$9!#<hF@$5$l$?>pJs$O!"%P%C%/%(%s%I%7%9%F%`$KB
P$9(B
$B$k99$J$k967b$N<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#$=$NB>$N967b$,<B9T$5$l$k2
DG=(B
$B@-$b$"$j$^$9!#(B

22. Elite Forum HTML Injection Vulnerability
BugTraq ID: 15257
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15257
$BMWLs(B:
Elite Forum $B$K$O!"(BHTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<(B
$B%6$,;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!"F~NOCM$N%
5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(B Cookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

23. Multiple Vendor ReadDir_R Buffer Overflow Vulnerability
BugTraq ID: 15259
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15259
$BMWLs(B:
'readdir_r' $B4X?t$NFCDj$N;HMQ$K$h$j!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k2DG=(B
$B@-$,$"$j$^$9!#$3$NLdBj$O!"%a%b%j%P%C%U%!$N3d$jEv$F$H99$J$k=hM}$G$N%P%
C%U%!(B
$B$N;HMQ$N4V$G6%9g>uBV$,H/@8$9$k$3$H$KM3Mh$7$^$9!#(B

$B6qBNE*$K$O!"(B'readdir_r' $B4X?t$G$O!"7k2L$rJV$9%a%b%j%P%C%U%!$N%5%$%:$r;XDj(B
$B$7$?$j!"FCDj$N%5%$%:$rMW5a$7$?$j$9$k$3$H$K<:GT$7$F$7$^$$$^$9!#7k2L$rJ
V$9(B
$B$K$OIT==J,$J%5%$%:$N%a%b%j%P%C%U%!$r;HMQ$9$k$?$a$K!"%P%C%U%!%*!<%P!<%
U%m!<(B
$B$,H/@8$9$k2DG=@-$,$"$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%
3%s(B
$B%F%-%9%HFb$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#LdBj$rMxMQ$
7$h(B
$B$&$H$7$F<:GT$7$?>l9g$O!"%/%i%C%7%e$,5/$3$j!"@55,%f!<%6$X$N%5!<%S%95qH
]$,(B
$B0z$-5/$3$5$l$k2DG=@-$,9b$$$H9M$($i$l$^$9!#(B

$B0[$J$k%U%!%$%k%7%9%F%`4V$N:GBg%Q%9D9$KAj0c$,$J$$%*%Z%l!<%F%#%s%0%7%9%
F%`(B
$B$O!"$3$NLdBj$N1F6A$r<u$1$^$;$s!#(B

24. VUBB Index.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 15260
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15260
$BMWLs(B:
VUBB $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#$3$N(B

$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$
H$K(B
$BM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$"$
k%5(B
$B%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG
=@-(B
$B$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

25. OpenVMS Unspecified Local Denial of Service Vulnerability
BugTraq ID: 15261
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15261
$BMWLs(B:
OpenVMS $B$K$O!"%m!<%+%k$G%5!<%S%9ITG=>uBV$K4Y$kL$FCDj$NLdBj$,B8:_$9$k5?$$(B
$B$,$"$j$^$9!#$3$NLdBj$O!"Nc30E*$J>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM
3Mh(B
$B$9$k2DG=@-$,9b$$$H9M$($i$l$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"%"%W%j%1!<%7%g%s$rIT0BDj$J>uBV$K$7$?$jDd;
_$5(B
$B$;$?$j$7!"7k2LE*$K@55,%f!<%6$X$N%5!<%S%95qH]$r>7$/$3$H$,$G$-$^$9!#(B

$B$3$NLdBj$K$D$$$F!"8=;~E@$G$O>pJs$,$[$H$s$I8x3+$5$l$F$$$^$;$s!#>\:Y$,8
x3+(B
$B$5$l<!Bh$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

26. Pax File Permission Modification Race Condition Weakness
BugTraq ID: 15262
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15262
$BMWLs(B:
Pax $B$K$O!"%;%-%e%j%F%#>e$NLdBj$,B8:_$9$k5?$$$,$"$k$HJs9p$5$l$F$$$^$9!#$3
(B
$B$NLdBj$O!"$9$Y$F$N%f!<%6$,=q$-9~$_$G$-$k!"$^$?$O%0%k!<%W$G=q$-9~$_$G$
-$k(B
$B%G%#%l%/%H%j$K%"!<%+%$%V$,Cj=P$5$l$k>l9g$K$N$_H/@8$7$^$9!#(Bpax $B$G$O!"?7$7(B
$B$/Cj=P$7$?%U%!%$%k$KBP$7$FHs%"%H%_%C%/$J%W%m%7!<%8%c$G=q$-9~$_$r<B9T$
7!"(B
$B$=$N8e%Q!<%_%C%7%g%s$rJQ99$9$k$3$H$,Js9p$5$l$F$$$^$9!#(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F!"I8E*%U%!%$%k$N%U%!%$%k%Q!<%_%C%
7%g(B
$B%s$r2~$6$s$9$k2DG=@-$,$"$j$^$9!#(B

27. NetBSD Insecure Temporary File Creation Vulnerability
BugTraq ID: 15263
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15263
$BMWLs(B:
NetBSD $B$N(B X $B%S%k%I$G$O!"0l;~%U%!%$%k$N:n@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$^(B
$B$;$s!#%m!<%+%k$K%"%/%;%9$,2DG=$J967b<T$O$3$NLdBj$r;HMQ$7$F!"I8E*%f!<%
6$N(B
$B%;%-%e%j%F%#%3%s%F%-%9%HFb$G%U%!%$%k$r>e=q$-$9$k2DG=@-$,$"$j$^$9!#(B

$B$3$N967b$K$h$j=EMW$J%U%!%$%k$,>e=q$-$5$l$k>l9g!"%G!<%?$,GK2u$?$j%5!<%
S%9(B
$BITG=>uBV$K4Y$C$?$j$9$k2DG=@-$,9b$$$H9M$($i$l$^$9!#$=$NB>$N967b$,<B9T$
5$l(B
$B$k2DG=@-$b$"$j$^$9!#(B

28. NetBSD KernFS Local Kernel Memory Disclosure Vulnerability
BugTraq ID: 15264
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15264
$BMWLs(B:
NetBSD $B$N(B kernfs $B%U%!%$%k%7%9%F%`$K$O!"%+!<%M%k%a%b%j$,3+<($5$l$k5?$$$,(B
$B$"$j$^$9!#$3$NLdBj$O!"(B'kernfs_xread()' $B$KEO$5$l$k%f!<%6$,;XDj$7$?0z?t$N(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$N967b$K$h$C$F3+<($5$l$?>pJs$O!"G$0U$N%3%s%T%e!<%?$KBP$7$FB>$N967b$
r;E(B
$B3]$1!"5!G=$r40A4$KB;$M$k$?$a$K;HMQ$5$l$k2DG=@-$,$"$j$^$9!#(B

29. XMB Forum Post.PHP SQL Injection Vulnerability
BugTraq ID: 15267
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15267
$BMWLs(B:
XMB Nexus Forum $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<(B
$B%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,(B
$BE,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

30. Microsoft Internet Explorer Malformed HTML Parsing Denial of Service Vulnerability
BugTraq ID: 15268
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15268
$BMWLs(B:
Microsoft Internet Explorer $B$O!"%5!<%S%9ITG=>uBV$K4Y$kLdBj$N1F6A$r<u$1$^(B
$B$9!#$3$NLdBj$O!"0U?^E*$K:n@.$5$l$?FCDj$N(B HTML $B%3%s%F%s%D$N2r@O$,E,@Z$K<B(B
$B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O!"%f!<%6$,0-0U$"$k%5%$%H$K%"%/%;%9$9$k$h$&$KM6F3$9$k$3$H$K$h$
jLd(B
$BBj$rMxMQ$7!"7k2LE*$K%"%W%j%1!<%7%g%s$r%5!<%S%9ITG=>uBV$K4Y$i$;$k2DG=@
-$,(B
$B$"$j$^$9!#(B

$B$3$NLdBj$K$D$$$F$N>\:Y$O!"8=;~E@$G$O$[$H$s$I8xI=$5$l$F$$$^$;$s!#99$J$
k>\(B
$B:Y$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

31. Cisco Management Center for IPS Sensors Configuration Download Weakness
BugTraq ID: 15269
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15269
$BMWLs(B:
Cisco Management Center for IPS Sensors $B$K$O!"%G%W%m%$%a%s%HCf$K0lIt$N(B
IPS $B%7%0%M%A%c$,L58z2=$5$l$k5?$$$,$"$j$^$9!#(B

IPS MC 2.1 $B$K$h$j@_Dj$5$l$k(B Cisco IOS IPS $B%G%P%$%9$K$*$$$F!"$3$NLdBj$N5?(B
$B$$$,$"$j$^$9!#(BCisco IPS MC 2.1$B!"(BCisco IDS MC$B!"$^$?$O(B Cisco SDM $B$K$h$j@_(B
$BDj$5$l$k(B Cisco IDS/IPS $B%=%j%e!<%7%g%s!"$*$h$S(B Cisco IOS CLI $B$r;HMQ$7$F@_(B
$BDj$5$l$k(B Cisco IDS/IPS $B%=%j%e!<%7%g%s$b!"F1MM$KLdBj$N1F6A$r<u$1$^$9!#(B

32. OpenVPN Server Remote Denial Of Service Vulnerability
BugTraq ID: 15270
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15270
$BMWLs(B:
OpenVPN $B%5!<%P$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k5?$$$,(B
$B$"$j$^$9!#$3$NLdBj$O!"@_7W>e$NITHw$K$h$j!"(BTCP $B%b!<%I$G<B9T$7$F$$$k%5!<%P(B
$B$GNc30E*$J>u67$,E,@Z$K=hM}$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

OpenVPN 2.0 $B$N$9$Y$F$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#%Y%s(B
$B%@$O$3$NLdBj$r2r7h$9$k$?$a$K%P!<%8%g%s(B 2.0.4 $B$r%j%j!<%9$7$F$$$^$9!#(B

33. Sun Java System Communications Express Information Disclosure Vulnerability
BugTraq ID: 15271
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15271
$BMWLs(B:
Sun Java System Communications Express $B$K$O!">pJs$,O31L$9$k5?$$$,$"$j$^(B
$B$9!#(B

$B%j%b!<%H$N967b<T$O!"%"%W%j%1!<%7%g%s$N@_Dj%U%!%$%k$r<hF@$9$k2DG=@-$,$
"$j(B
$B$^$9!#(B

34. Cisco Airespace WLAN Controller Unauthorized Network Access Vulnerability
BugTraq ID: 15272
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15272
$BMWLs(B:
Cisco Airespace WLAN (Wireless LAN) $B%G%P%$%9$K$O!"K\Mh8"8B$r;}$?$J$$%f!<(B
$B%6$,J]8n$5$l$F$$$k%M%C%H%o!<%/$K%"%/%;%9$9$k$3$H$r5v$7$F$7$^$&5?$$$,$
"$j(B
$B$^$9!#(B

$B$3$NLdBj$O!"(BCisco $B$N%"%/%;%9%]%$%s%H$,(B Lightweight Access Point Protocol
(LWAPP) $B%b!<%I$G<B9T$9$k$h$&$K@_Dj$5$l$F$$$k>l9g$K0z$-5/$3$5$l$k2DG=@-$,(B
$B$"$j$^$9!#(B

$B$3$NLdBj$O!"K\Mh8"8B$r;}$?$J$$%f!<%6$,G'>Z:Q$_$NB>%[%9%H$N(B MAC $B%"%I%l%9(B
$B$K56Au$9$k$3$H$K$h$j!"J]8n$5$l$F$$$k%M%C%H%o!<%/$K0E9f2=$5$l$F$$$J$$%
M%C(B
$B%H%o!<%/%Q%1%C%H$rAw?.$9$k$3$H$r5v$7$F$7$^$&2DG=@-$,$"$j$^$9!#$3$l$K$
h$j(B
$BL5@~%M%C%H%o!<%/$N%;%-%e%j%F%#$,2sHr$5$l$k$N$G!"G'>Z$5$l$F$$$J$$%[%9%
H$K(B
$B$h$kIT@5%"%/%;%9$,5v$5$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B

35. RhinoSoft Serv-U FTP Server Unspecified Denial of Service Vulnerability
BugTraq ID: 15273
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15273
$BMWLs(B:
Serv-U FTP $B%5!<%P$K$O!"%5!<%S%9ITG=>uBV$K4Y$kL$FCDj$NLdBj$,B8:_$9$k5?$$(B
$B$,$"$j$^$9!#$3$NLdBj$O!"Nc30E*$J>u67$,E,@Z$K=hM}$5$l$J$$$3$H$KM3Mh$9$
k2D(B
$BG=@-$,9b$$$H9M$($i$l$^$9!#(B

$B$3$NLdBj$N6qBNE*$J>\:Y$O8=;~E@$G$O8x3+$5$l$F$$$^$;$s!#>\:Y$,8x3+$5$l<
!Bh!"(B
$B$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F%5!<%P$r%/%i%C%7%e$5$;!"@55,%f!<%6$X$N%5!<%
S%9(B
$B5qH]$r>7$/$3$H$,$G$-$^$9!#(B

36. News2Net Index.PHP SQL Injection Vulnerability
BugTraq ID: 15274
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15274
$BMWLs(B:
News2Net $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,(B
$B;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z(B
$B$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

37. Cisco IOS System Timers Heap Buffer Overflow Exploitation
BugTraq ID: 15275
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15275
$BMWLs(B:
Cisco IOS $B$K$O!"%R!<%WNN0h$G%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^(B
$B$9!#(BCisco $B$,%j%j!<%9$7$?%"%I%P%$%6%j$K$h$k$H!"(BIOS $B$N%"%C%W%0%l!<%I$K$h$j!"(B
$B%R!<%WNN0h$G$N%P%C%U%!%*!<%P!<%U%m!<$NLdBj$,MxMQ$5$l$k2DG=@-$KBP=h$G$
-$^(B
$B$9!#$3$N%"%I%P%$%6%j$K$h$jFCDj$N%R!<%W%*!<%P!<%U%m!<$NLdBj$,2r7h$5$l$
k$N(B
$B$+!"$^$?$OB>$N%R!<%W%*!<%P!<%U%m!<$NLdBj$,MxMQ$5$l$k4m81@-$r4KOB$9$k$
?$a(B
$B$N%;%-%e%j%F%#6/2=$,Ds6!$5$l$k$@$1$G$"$k$N$+$K$D$$$F$O!"8=;~E@$G$OL@$
i$+(B
$B$G$O$"$j$^$;$s!#(B

38. phpWebThings Forum.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 15276
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15276
$BMWLs(B:
phpWebThings $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$"$
k%5(B
$B%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$k2DG
=@-(B
$B$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z(B
$B$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

phpWebThings 1.4.4 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b(B
$B1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

39. PHPWebThing Forum.PHP SQL Injection Vulnerability
BugTraq ID: 15277
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15277
$BMWLs(B:
phpWebThing $B$K$O(B SQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6(B
$B$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,(B
$B@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

40. MailWatch for MailScanner Authenticate Function SQL Injection Vulnerability
BugTraq ID: 15278
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15278
$BMWLs(B:
MailWatch for MailScanner $B$K$O(B SQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$N(B
$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

41. Asus VideoSecurity Online Web Server Authentication Buffer Overflow Vulnerability
BugTraq ID: 15279
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15279
$BMWLs(B:
Asus VideoSecurity Online $B$N(B Web $B%5!<%P$K$O!"G'>Z%a%+%K%:%`$G%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(BWeb $B%5!<%P$GG'>Z$,M-8z$K(B
$B$J$C$F$$$k>l9g$K$N$_0z$-5/$3$5$l$^$9!#(B

Asus VideoSecurity Online $B$N(B Web $B%5!<%P$O!"%G%U%)%k%H$G$OM-8z$K$J$C$F$$(B
$B$^$;$s!#(B

Asus VideoSecurity Online 3.5.0 $B0JA0$N%P!<%8%g%s$K$*$$$F!"LdBj$N1F6A$r<u(B
$B$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B

42. Glider Collect'N Kill Remote Buffer Overflow Vulnerability
BugTraq ID: 15280
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15280
$BMWLs(B:
Glider Connect'n Kill $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<(B
$B$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NO%G!<%?$r%5%
$%:(B
$B$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F%a%b%j%P%C%U%!$K$*$$$F%*!<%P!<%U%m!<$r0z$-5
/$3(B
$B$9$3$H$,$G$-$k$?$a!"7k2LE*$K%5!<%S%9ITG=>uBV$,>7$+$l$k2DG=@-$,$"$j$^$
9!#(B
$BG$0U$N%3!<%I$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

43. Asus VideoSecurity Online Web Server Directory Traversal Vulnerability
BugTraq ID: 15281
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15281
$BMWLs(B:
Asus VideoSecurity Online $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$(B
$B$,$"$j$^$9!#$3$NLdBj$NMxMQ$K$h$j%j%b!<%H$N967b<T$,=EMW$J>pJs$r<hF@$9$
k$3(B
$B$H$,5v$5$l!"99$J$k967b$r;E3]$1$k$?$a$KMxMQ$5$l$k2DG=@-$,$"$j$^$9!#(B

Asus VideoSecurity Online $B$N(B Web $B%5!<%P$O!"%G%U%)%k%H$G$OM-8z$K$J$C$F$$(B
$B$^$;$s!#(B

Asus VideoSecurity Online 3.5.0 $B0JA0$N%P!<%8%g%s$K$*$$$F!"LdBj$N1F6A$r<u(B
$B$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B

44. Battle Carry Remote Denial of Service Vulnerability
BugTraq ID: 15282
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15282
$BMWLs(B:
Battle Carry $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k5?$$$,(B
$B$"$j$^$9!#$3$NLdBj$ONc30E*$J>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$
7$^(B
$B$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F%"%W%j%1!<%7%g%s$r%/%i%C%7%e$5$;!"7k2LE*$K@
55,(B
$B%f!<%6$X$N%5!<%S%95qH]$r>7$/2DG=@-$,$"$j$^$9!#(B

45. Simple PHP Blog Multiple Input Validation Vulnerabilities
BugTraq ID: 15283
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15283
$BMWLs(B:
Simple PHP Blog $B$K$O!"F~NOCM$NBEEv@-3NG'$K4XO"$9$kJ#?t$NLdBj$,B8:_$9$k5?(B
$B$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$
,E,(B
$B@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

46. F-Secure Web Console Directory Traversal Vulnerability
BugTraq ID: 15284
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15284
$BMWLs(B:
F-Secure Anti-Virus for Microsoft Exchange $B$*$h$S(B F-Secure Internet
Gatekeeper $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$N@=IJ$N(B Web $B%3%s%=!<%k$O!"%j%b!<%H$NK\Mh8"8B$r;}$?$J$$967b<T$,%"(B
$B%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%U%!%$%k$N1\Mw$r5v$
7$F(B
$B$7$^$&2DG=@-$,$"$k$3$H$,Js9p$5$l$F$$$^$9!#(B

F-Secure Anti-Virus for Microsoft Exchange $B$*$h$S(B F-Secure Internet
Gatekeeper $B$N(B Web $B%3%s%=!<%k$O!"%G%U%)%k%H$G$O%m!<%+%k%[%9%H$+$i$N@\B3$N(B
$B$_$r<u$1F~$l$k$h$&$K@_Dj$5$l$F$$$^$9!#$=$NB>$N@\B3$r<u$1F~$l$k$h$&$K@
_Dj(B
$B$5$l$F$$$k>l9g$K$N$_!"%j%b!<%H$+$iLdBj$rMxMQ2DG=$G$9!#%G%U%)%k%H$N@_D
j$G(B
$B$O!"%m!<%+%k$+$i$N$_LdBj$rMxMQ2DG=$G$9!#(B

47. GraphOn GO-Global For Windows Remote Buffer Overflow Vulnerability
BugTraq ID: 15285
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15285
$BMWLs(B:
GraphOn GO-Global For Windows $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NO%
G!<(B
$B%?$r%5%$%:$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@
Z$K(B
$B<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F%a%b%j%P%C%U%!$N%*!<%P!<%U%m!<$r0z$-5/$3$9$
3$H(B
$B$,$G$-$k$?$a!"7k2LE*$K%5!<%S%9ITG=>uBV$,>7$+$l$k2DG=@-$,$"$j$^$9!#G$0
U$N(B
$B%3!<%I$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

Versions 3.1.0.3270 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

48. Invision Gallery Image Upload HTML Injection Vulnerability
BugTraq ID: 15286
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15286
$BMWLs(B:
Invision Gallery $B$K$O!"(BHTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B
$B%f!<%6$,;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!"F~NOC
M$N(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(B Cookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

Microsoft Internet Explorer Web $B%V%i%&%6$r;HMQ$7$F$$$k>l9g$K$N$_$3$NLdBj(B
$B$,0z$-5/$3$5$l$^$9!#(B

49. Johannes F. Kuhlmann FlatFrag Multiple Remote Buffer Overflow And Denial Of Service Vulnerabilities
BugTraq ID: 15287
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15287
$BMWLs(B:
Johannes F. Kuhlmann FlatFrag $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<(B
$B%P!<%U%m!<$,H/@8$9$k!"$*$h$S%5!<%S%9ITG=>uBV$K4Y$kJ#?t$NLdBj$,B8:_$9$
k5?(B
$B$$$,$"$j$^$9!#%P%C%U%!%*!<%P!<%U%m!<$NLdBj$O!"%f!<%6$,;XDj$7$?%G!<%?$
rIT(B
$B==J,$J%5%$%:$N%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9
T$5(B
$B$l$J$$$3$H$KM3Mh$7$^$9!#%5!<%S%9ITG=>uBV$K4Y$kLdBj$O!"(BNULL $B%]%$%s%?$K$h(B
$B$k;2>HFI$_=P$7$N;n$_$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F%"%W%j%1!<%7%g%s$r%/%i%C%7%e$5$;$?$j!"L
dBj(B
$B$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%^%7%s%3!<%
I$r(B
$B<B9T$7$?$j$9$k2DG=@-$,$"$j$^$9!#(B

0.3 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$l$i$NLdBj$N1F6A$r<u$1$^$9!#(B

50. NeroNet Limited Directory Traversal Vulnerability
BugTraq ID: 15288
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15288
$BMWLs(B:
NeroNet $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^$9!#(B

$B$3$N@=IJ$O!"%j%b!<%H$NK\Mh8"8B$r;}$?$J$$967b<T$,%"%W%j%1!<%7%g%s$N%;%
-%e(B
$B%j%F%#%3%s%F%-%9%HFb$GG$0U$N%U%!%$%k$r1\Mw$9$k$3$H$r5v$7$F$7$^$&2DG=@
-$,(B
$B$"$k$3$H$,Js9p$5$l$F$$$^$9!#(B

$B$3$NLdBj$,MxMQ$5$l$k$H!"5!L)@-$,<:$o$l$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j<
hF@(B
$B$5$l$?>pJs$O!"%P%C%/%(%s%I%3%s%T%e!<%?$KBP$7$F99$J$k967b$r;n$_$k$?$a$
N<j(B
$B=u$1$H$J$k2DG=@-$,$"$j$^$9!#(B

NeroNET 1.2.0.2 $B0JA0$N%P!<%8%g%s$K$*$$$F!"LdBj$N1F6A$r<u$1$k$3$H$,Js9p$5(B
$B$l$F$$$^$9!#(B

51. NetBSD SO_LINGER DIAGNOSTIC Checking Local Denial of Service Vulnerability
BugTraq ID: 15289
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15289
$BMWLs(B:
NetBSD $B$O!"%m!<%+%k$G%5!<%S%9ITG=>uBV$K4Y$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"(B

SO_LINGER $B?GCG%A%'%C%/%3!<%I$K$*$1$k%+!<%M%k%l%Y%k$N%P%0$KM3Mh$7$^$9!#(B
NetBSD 2.x $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

$B%3%s%Q%$%k;~$K(B 'DIAGNOSTIC' $B%G%#%l%/%F%#%V$,M-8z2=$5$l$F$$$k(B NetBSD $B%+!<(B
$B%M%k$K$*$$$F$N$_!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

$B$3$NLdBj$O!"%m!<%+%k$N967b<T$,%+!<%M%k%Q%K%C%/$r0z$-5/$3$7!"@55,%f!<%
6$X(B
$B$N99$J$k%5!<%S%9$N5qH]$r>7$/$3$H$r5v$7$F$7$^$$$^$9!#(B

52. NetBSD Local PTrace Privilege Escalation Vulnerability
BugTraq ID: 15290
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15290
$BMWLs(B:
NetBSD $B$N(B $B%W%m%;%9DI@W5!G=(B 'ptrace' $B$K$O!"%m!<%+%k$G8"8B$,>:3J$5$l$k2DG=(B
$B@-$,$"$j$^$9!#$3$NLdBj$O!"%W%m%;%9$NDI@W$,9T$o$l$kA0$K>:3J$5$l$?8"8B$
G<B(B
$B9T2DG=%U%!%$%k$,<B9T$5$l$k$H!"%+!<%M%k$G$NBEEv@-3NG'$,<:GT$9$k$3$H$KM
3Mh(B
$B$7$^$9!#(B

$B$3$NLdBj$O%m!<%+%k$N967b<T$,8"8B$rI,MW$H$9$k%W%m%;%9$G(B ptrace $B$r<B9T$9$k(B
$B$3$H$r5v$7$F$7$^$$$^$9!#967b<T$O!"G$0U$N%7%9%F%`%3!<%k$r<B9T$7$FDI@W$
5$l(B
$B$?%W%m%;%9$N?6$kIq$$$rJQ99$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j%7%9%F%`$N5
!G=(B
$B$,40A4$KB;$J$o$l$k2DG=@-$,9b$$$H9M$($i$l$^$9!#(B

53. IPSwitch WhatsUp Small Business 2004 Report Service Directory Traversal Vulnerability
BugTraq ID: 15291
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15291
$BMWLs(B:
IPSwitch WhatsUp Small Business 2004 $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b(B
$B$r<u$1$k5?$$$,$"$j$^$9!#LdBj$NMxMQ$,@.8y$9$k$H!"%j%b!<%H$N967b<T$,(B
Web
$B%k!<%H0J30$N>l=j$K$"$k%U%!%$%k$K%"%/%;%9$9$k$3$H$,5v$5$l$F$7$^$&2DG=@
-$,(B
$B$"$j$^$9!#$3$l$K$h$j=EMW$J>pJs$,<hF@$5$l$k2DG=@-$,$"$j$^$9!#(B

54. Scorched 3D Multiple Vulnerabilities
BugTraq ID: 15292
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15292
$BMWLs(B:
Scorched 3D $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<!"%U%)!<%^%C%H%9%H%j%s%0!"%5!<%S(B
$B%9ITG=>uBV$K4Y$kLdBj!"G$0U$N%3!<%I<B9T$J$I$NB??t$NLdBj$,B8:_$9$k5?$$$
,$"(B
$B$j$^$9!#(B

$B$3$l$i$NLdBj$K$O%j%b!<%H$+$iMxMQ2DG=$JFC@-$,$"$j$^$9!#$^$?0lIt$NLdBj$
O!"(B
$BLdBj$r<B9T$9$k$?$a$K;vA0$KG'>Z$K@.8y$9$kI,MW$,$"$j$^$9!#(B

Scorched 3D 39.1 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$l$i$NLdBj$N1F6A$r<u$1$^$9!#(B

55. F-Prot Antivirus ZIP Attachment Version Scan Evasion Vulnerability
BugTraq ID: 15293
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15293
$BMWLs(B:
F-prot Antivirus $B$K$O!"(BZIP $B7A<0$NE:IU%U%!%$%k$N=hM};~$K%9%-%c%s$,2sHr$5(B
$B$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"@_7W>e$NITHw$K$h$j!"FCDj$N(B ZIP $B%U%!%$%k(B
$B$r2rE`$G$-$J$$>l9g$K4m81@-$,$J$$$HH=CG$5$l$k$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O0-0U$"$k%3!<%I$r4^$`(B ZIP $B%U%!%$%k$r0U?^E*$K:n@.$7!"$3$N%"%s%A%&(B
$B%$%k%9%=%U%H%&%'%"$r2sHr$9$k$3$H$K$h$j!"$3$NLdBj$rMxMQ$G$-$^$9!#(B

56. PHP Handicapper Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 15294
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15294
$BMWLs(B:
PHP Handicapper $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,(B
$BB8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%
?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N(B
$B967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

57. CutePHP CuteNews Directory Traversal Vulnerability
BugTraq ID: 15295
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15295
$BMWLs(B:
CuteNews $B$O!"%G%#%l%/%H%j%H%i%P!<%5%k$NLdBj$N1F6A$r<u$1$^$9!#(B

$BK\Mh8"8B$r;}$?$J$$967b<T$O!"LdBj$N$"$k(B URI $B%Q%i%a!<%?$r2p$7$F%G%#%l%/%H(B
$B%j;2>H$K4X$9$kJ8;zNs(B '../' $B$r;XDj$9$k$3$H$K$h$j!"G$0U$N%U%!%$%k$r<hF@$7(B
$B$?$j%"%C%W%m!<%I$7$?$j$G$-$^$9!#(B

$B$3$NLdBj$,MxMQ$5$l$k$H!"5!L)@-$,<:$o$l!"G$0U$N%U%!%$%k$,967b<T$K3+<($
5$l(B
$B$k2DG=@-$,$"$j$^$9!#<hF@$5$l$?>pJs$O!"%P%C%/%(%s%I%7%9%F%`$KBP$7$F99$
J$k(B
$B967b$r;n$_$k$?$a$N<j=u$1$H$J$k2DG=@-$,$"$j$^$9!#(B

$B$^$?!"967b<T$OG$0U$N%9%/%j%W%H$r%"%C%W%m!<%I$7$F<B9T$5$;$k$3$H$K$h$j!
"%5!<(B
$B%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G%j%b!<%H$+$i$N6<0R$r>7$/2DG=@-$b$"$j$
^$9!#(B

CuteNews 1.4.1 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B
$B$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

58. vBulletin Image Upload HTML Injection Vulnerability
BugTraq ID: 15296
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-02
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15296
$BMWLs(B:
vBulletin $B$K$O(B HTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,(B
$B;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%
?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(B Cookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

Microsoft Internet Explorer Web $B%V%i%&%6$r;HMQ$7$F$$$k>l9g$K$N$_$3$NLdBj(B
$B$,0z$-5/$3$5$l$^$9!#(B

59. PHP Handicapper Process_signup.PHP SQL Injection Vulnerability
BugTraq ID: 15298
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15298
$BMWLs(B:
PHP Handicapper $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<(B
$B%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,(B
$BE,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

60. Libungif Colormap Handling Memory Corruption Vulnerability
BugTraq ID: 15299
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15299
$BMWLs(B:
libungif $B$K$O!"%a%b%j$rGK2u$5$l$k5?$$$,$"$j$^$9!#(B

GIF $B%U%!%$%k$N%+%i!<%^%C%W=hM}$,E,@Z$K<B9T$5$l$J$$$?$a$K!"967b<T$,8"8B$r
(B
$BIUM?$5$l$F$$$J$$=q$-9~$_$r9T$C$F%a%b%j$rGK2u$G$-$k$3$H$,Js9p$5$l$F$$$
^$9!#(B

$B$3$l$K$h$j!"%5!<%S%9ITG=>uBV$K4Y$k2DG=@-$,$"$j$^$9!#(B

libungif 4.1.3 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$H9M$($i(B
$B$l$^$9!#(B

61. Microsoft November Advance Notification Unspecified Security Vulnerabilities
BugTraq ID: 15300
$B%j%b!<%H$+$i$N:F8=@-(B: $BITL@(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15300
$BMWLs(B:
Microsoft $B$O!"(B2005 $B7n(B 11 $B7n(B 8 $BF|$K%;%-%e%j%F%#>pJs$r%j%j!<%9$9$kM=Dj$G$"(B
$B$k$H$N;vA0DL9p$r=P$7$^$7$?!#(B

$B$3$N%;%-%e%j%F%#>pJs$O!"(BMicrosoft Windows $B$K1F6A$rM?$($kLdBj$K4XO"$9$k$b(B
$B$N$G$9!#(B

62. PHP Handicapper Process_signup.PHP HTTP Response Splitting Vulnerability
BugTraq ID: 15301
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15301
$BMWLs(B:
PHP Handicapper $B$O!"(BHTTP $B1~EzJ,3d$NLdBj$N1F6A$r<u$1$^$9!#$3$NLdBj$O!"%f!<(B
$B%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$
9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"%G!<%?$N2~$6$s!"%-%c%C%7%e1x@w$
d56$C(B
$B$?%3%s%F%s%D$rI=<($5$;$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"%/%i%$%"%s%H%f!
<%6(B
$B$r$"$?$+$b0BA4$G$"$k$H8m2r$5$;$k$h$&$K;E8~$1$k$5$^$6$^$J967b$KMxMQ$5$
l$k(B
$B2DG=@-$,$"$j$^$9!#(B

63. Movable Type Arbitrary Blog Creation Path Vulnerability
BugTraq ID: 15302
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15302
$BMWLs(B:
Movable Type $B$K$O!"G$0U$N%Q%9$K%V%m%0$r:n@.$G$-$kLdBj$,B8:_$9$k5?$$$,$"(B
$B$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9
T$5(B
$B$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B%V%m%0%(%s%H%j$r:n@.$9$k$?$a$K==J,$J%Q!<%_%C%7%g%s$,M-8z$J%f!<%6$KIUM
?$5(B
$B$l$F$$$k>l9g$K$N$_!"$3$NLdBj$,B8:_$9$kE@$KN10U$9$Y$-$G$9!#(B

64. IBM WebSphere Application Server QueryString Information Disclosure Vulnerability
BugTraq ID: 15303
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15303
$BMWLs(B:
IBM WebSphere Application Server $B$O!"%j%b!<%H$+$iMxMQ2DG=$J>pJsO31L$NLd(B
$BBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B

$B0-0U$"$k%f!<%6$O$3$NLdBj$rMxMQ$7$F@x:_E*$K=EMW$J>pJs$r3+<($7!"99$J$k9
67b(B
$B$N<j=u$1$H$9$k2DG=@-$,$"$j$^$9!#(B

65. Libungif Null Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 15304
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15304
$BMWLs(B:
libungif $B$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#$3$NLdBj$ONc30E*$J(B
$B>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$BLdBj$NMxMQ$,@.8y$9$k$H!"LdBj$N$"$k%i%$%V%i%j$r;HMQ$9$k%"%W%j%1!<%7%g%
s$,(B
$B%/%i%C%7%e$7!"<B<AE*$K@55,%f!<%6$X$N%5!<%S%95qH]$,>7$+$l$^$9!#(B

libungif 4.1.3 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$H9M$($i(B
$B$l$^$9!#(B

66. Movable Type Blog Entry Posting HTML Injection Vulnerability
BugTraq ID: 15305
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15305
$BMWLs(B:
Movable Type $B$K$O!"(BHTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<(B
$B%6$,;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!"F~NOCM$N%
5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(B Cookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

67. Apple QuickTime Embedded Pascal Style Remote Integer Overflow Vulnerability
BugTraq ID: 15306
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15306
$BMWLs(B:
Apple QuickTime $B$O!"%j%b!<%H$+$iMxMQ2DG=$J@0?t%*!<%P!<%U%m!<$NLdBj$N1F6A(B
$B$r<u$1$^$9!#$3$NLdBj$O!"@0?tId9f$r;HMQ$7$F=EMW$J=hM}$r<B9T$9$kA0$KBEE
v@-(B
$B3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$FLdBj$N$"$k(B QuickTime $B%/%i%$%"%s%H$r%/%i%C%7%e(B
$B$5$;!"$3$l$K$h$j@55,%f!<%6$X$N%5!<%S%95qH]$r>7$/2DG=@-$,$"$j$^$9!#$^$
?!"(B
$B$3$NLdBj$K$h$j%3!<%I<B9T$,0z$-5/$3$5$l$k2DG=@-$,$"$k$H9M$($i$l$^$9!#$
3$N(B
$B>l9g$O!"LdBj$N$"$k%=%U%H%&%'%"$r5/F0$7$?%f!<%6$N8"8B$G%3!<%I$,<B9T$5$
l$^(B
$B$9!#(B

68. Apple QuickTime Null Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 15307
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15307
$BMWLs(B:
QuickTime $B$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#$3$NLdBj$ONc30E*$J(B
$B>u67$N=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$BLdBj$NMxMQ$,@.8y$9$k$H%"%W%j%1!<%7%g%s$,%/%i%C%7%e$7!"<B<AE*$K@55,%f!
<%6(B
$B$X$N%5!<%S%95qH]$,>7$+$l$^$9!#(B

69. Apple QuickTime Movie Attributes Remote Integer Overflow Vulnerability
BugTraq ID: 15308
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15308
$BMWLs(B:
Apple QuickTime $B$O!"%j%b!<%H$+$iMxMQ2DG=$J@0?t%*!<%P!<%U%m!<$NLdBj$N1F6A(B
$B$r<u$1$^$9!#$3$NLdBj$O!"@0?tId9f$r;HMQ$7$F=EMW$J=hM}$r<B9T$9$kA0$KBEE
v@-(B
$B3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$FLdBj$N$"$k(B QuickTime $B%/%i%$%"%s%H$r%/%i%C%7%e(B
$B$5$;!"$3$l$K$h$j@55,%f!<%6$X$N%5!<%S%95qH]$r>7$/2DG=@-$,$"$j$^$9!#$^$
?!"(B
$B$3$NLdBj$K$h$j%3!<%I<B9T$,0z$-5/$3$5$l$k2DG=@-$,$"$k$H9M$($i$l$^$9!#$
3$N(B
$B>l9g$O!"LdBj$N$"$k%=%U%H%&%'%"$r5/F0$7$?%f!<%6$N8"8B$G%3!<%I$,<B9T$5$
l$^(B
$B$9!#(B

70. Apple QuickTime Compressed PICT Data Remote Buffer Overflow Vulnerability
BugTraq ID: 15309
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15309
$BMWLs(B:
Apple QuickTime $B$O!"%j%b!<%H$+$iMxMQ2DG=$J%P%C%U%!%*!<%P!<%U%m!<$NLdBj$N(B
$B1F6A$r<u$1$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NO%G!<%?$r%5%$%:$,IT==J
,$J(B
$B%a%b%j%P%C%U%!$K%3%T!<$9$kA0$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$
KM3(B
$BMh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$FLdBj$N$"$k(B QuickTime $B%/%i%$%"%s%H$r%/%i%C%7%e(B
$B$5$;!"$3$l$K$h$j@55,%f!<%6$X$N%5!<%S%95qH]$r>7$/2DG=@-$,$"$j$^$9!#$^$
?!"(B
$B$3$NLdBj$K$h$j%3!<%I<B9T$,0z$-5/$3$5$l$k2DG=@-$,$"$k$H9M$($i$l$^$9!#$
3$N(B
$B>l9g$O!"LdBj$N$"$k%=%U%H%&%'%"$r5/F0$7$?%f!<%6$N8"8B$G%3!<%I$,<B9T$5$
l$^(B
$B$9!#(B

71. Sun Java Development Kit Font Serialization Remote Denial of Service Vulnerability
BugTraq ID: 15312
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15312
$BMWLs(B:
Sun Java Development Kit (JDK) $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9IT(B
$BG=>uBV$K4Y$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%U%)%s%H$N%G%7%j%"%i%$%<!<%7%
g%s(B
$B$NITHw$KM3Mh$7$^$9!#$3$NLdBj$rMxMQ$9$k$H!"LdBj$N$"$k%P!<%8%g%s$N(B JDK $B$r(B
$B;HMQ$9$k(B JBoss $B$NJ#?t$N%P!<%8%g%s$K967b$r2C$($k$3$H$,2DG=$G$"$k$3$H$,<((B
$B$5$l$F$$$^$9$,!"LdBj<+BN$O(B JDK $B$KB8:_$7$^$9!#(B

$BLdBj$NMxMQ$,@.8y$9$k$H(B JDK $B$r<BAu$9$k%"%W%j%1!<%7%g%s$,<:GT$7!"@55,%f!<(B
$B%6$X$N%5!<%S%95qH]$,>7$+$l$^$9!#(B

72. Galerie ShowGallery.PHP SQL Injection Vulnerability
BugTraq ID: 15313
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15313
$BMWLs(B:
Galerie $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;X(B
$BDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K(B
$B<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

73. CHFN User Modification Privilege Escalation Vulnerability
BugTraq ID: 15314
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15314
$BMWLs(B:
chfn $B$K$O!"8"8B>:3J$,0z$-5/$3$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,(B

$B;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#
(B

$B%m!<%+%k$N967b<T$O$3$NLdBj$rMxMQ$7$F!"4IM}<T%"%+%&%s%HMQ$N8"8B$K>:3J$
5$;(B
$B$k$3$H$,$G$-$^$9!#(B

74. Cerberus Helpdesk Information Disclosure Vulnerability
BugTraq ID: 15315
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15315
$BMWLs(B:
Cerberus Helpdesk $B$K$O!">pJs$,O31L$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6(B
$B$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!
#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"(BWeb $B%5!<%P%W%m%;%9$N%;%-%e%j%F%#%3%s%F%-%9%H(B
$BFb$GB>$N%f!<%6$NG$0U$NEE;R%a!<%kE:IU%U%!%$%k$r<hF@$G$-$^$9!#<hF@$5$l$
?>p(B
$BJs$O!"%P%C%/%(%s%I%7%9%F%`$KBP$9$k99$J$k967b$N<j=u$1$H$J$k2DG=@-$,$"$
j$^(B
$B$9!#$=$NB>$N967b$,<B9T$5$l$k2DG=@-$b$"$j$^$9!#(B

75. Clam Anti-Virus ClamAV TNEF File Handling Denial Of Service Vulnerability
BugTraq ID: 15316
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15316
$BMWLs(B:
ClamAV $B$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"0U?^E*$K(B
$B:n@.$5$l$?(B TNEF $B%U%!%$%k$N=hM}$,<:GT$9$k$3$H$KM3Mh$7$^$9!#(B

$BLdBj$NMxMQ$K$h$j%"%W%j%1!<%7%g%s$,L58B%k!<%W$K4Y$j!"%5!<%S%9ITG=>uBV$
,>7(B
$B$+$l$k2DG=@-$,$"$j$^$9!#(B

76. Clam Anti-Virus ClamAV CAB File Handling Denial Of Service Vulnerability
BugTraq ID: 15317
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15317
$BMWLs(B:
ClamAV $B$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"0U?^E*$K(B
$B:n@.$5$l$?(B CAB $B%U%!%$%k$N=hM}$,<:GT$9$k$3$H$KM3Mh$7$^$9!#(B

$BLdBj$NMxMQ$K$h$j%"%W%j%1!<%7%g%s$,L58B%k!<%W$K4Y$j!"%5!<%S%9ITG=>uBV$
,>7(B
$B$+$l$k2DG=@-$,$"$j$^$9!#(B

77. Clam Anti-Virus ClamAV FSG File Handling Buffer Overflow Vulnerability
BugTraq ID: 15318
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15318
$BMWLs(B:
ClamAV $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B

$B%f!<%6$,;XDj$7$?F~NO%G!<%?$r%5%$%:$,IT==J,$J%a%b%j%P%C%U%!$K%3%T!<$9$
kA0(B
$B$K!"6-3&%A%'%C%/$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$O!"(BFSG $B%U%!%$%k$,=hM}$5$l$k$H$-$K0z$-5/$3$5$l$^$9!#(B

$BLdBj$NMxMQ$K$h$j!"LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%
HFb(B
$B$G!"967b<T$,%^%7%s%3!<%I$r;XDj$7$F<B9T$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$
,$"(B
$B$j$^$9!#$3$NLdBj$O!"%a!<%k%2!<%H%&%'%$$J$I$N5!4o$K$*$$$F!"0U?^E*$K:n@
.$5(B
$B$l$?%U%!%$%k$N<jF0$^$?$O<+F0%9%-%c%s$,9T$o$l$k>l9g$K0z$-5/$3$5$l$^$9!
#(B

78. GpsDrive Friendsd Remote Format String Vulnerability
BugTraq ID: 15319
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15319
$BMWLs(B:
GpsDrive $B$K$O!"%j%b!<%H$+$i%U%)!<%^%C%H%9%H%j%s%0$NLdBj$,MxMQ$5$l$k5?$$(B
$B$,$"$j$^$9!#%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"G$0U$N%W%m%;%9%a%b%
j$K(B
$B=q$-9~$_!"%3!<%I$N<B9T$r0z$-5/$3$92DG=@-$,$"$j$^$9!#$3$l$K$h$j%j%b!<%
H$+(B
$B$iIT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

79. Acme Thttpd Insecure Temporary File Creation Vulnerability
BugTraq ID: 15320
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15320
$BMWLs(B:
thttpd $B$G$O!"0l;~%U%!%$%k$N:n@.$,%;%-%e%j%F%#>eE,@Z$K9T$o$l$^$;$s!#(B

$B%m!<%+%k$K%"%/%;%9$,2DG=$J967b<T$O$3$NLdBj$r;HMQ$9$k$3$H$K$h$j!"(BWe
b $B%5!<(B
$B%P%W%m%;%9$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G%U%!%$%k$r>e=q$-$9$k2DG=@-$,$
"$j(B
$B$^$9!#(B

$B$3$N967b$K$h$j=EMW$J%U%!%$%k$,>e=q$-$5$l$k>l9g!"%G!<%?$,GK2u$?$j%5!<%
S%9(B
$BITG=>uBV$K4Y$C$?$j$9$k2DG=@-$,9b$$$H9M$($i$l$^$9!#$=$NB>$N967b$,<B9T$
5$l(B
$B$k2DG=@-$b$"$j$^$9!#(B

80. IBM Lotus Domino Multiple Vulnerabilities
BugTraq ID: 15321
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15321
$BMWLs(B:
IBM Lotus Domino $B$K$O!"J#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#0lIt$NLdBj$,(B
$BMxMQ$5$l$k$H%/%i%C%7%e$,0z$-5/$3$5$l$^$9!#$^$?!"1F6A$,ITL@$J$$$/$D$+$
NL$(B
$BFCDj$NLdBj$,B8:_$9$k$3$H$b3NG'$5$l$F$$$^$9!#(B

Lotus Domino 6.5.4 Fix Pack 2 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$l$i$NLdBj$N(B
$B1F6A$r<u$1$^$9!#(B

81. PunBB/Blog:CMS Image Upload HTML Injection Vulnerability
BugTraq ID: 15322
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15322
$BMWLs(B:
PunBB $B$*$h$S(B Blog:CMS $B$K$O!"(BHTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!
"F~(B
$BNOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(B Cookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

Microsoft Internet Explorer Web $B%V%i%&%6$r;HMQ$7$F$$$k>l9g$K$N$_$3$NLdBj(B
$B$,0z$-5/$3$5$l$^$9!#(B

82. IBM AIX SWCONS Local Buffer Overflow Vulnerability
BugTraq ID: 15323
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-03
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15323
$BMWLs(B:
IBM AIX $B$N(B swcons $B$K$O!"%m!<%+%k$G$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/(B
$B@8$9$k5?$$$,$"$j$^$9!#(B

$BLdBj$N$"$k%f!<%F%#%j%F%#$K(B setuid root $B%S%C%H$,IUM?$5$l$F$$$k>l9g$O!"96(B
$B7b$,@.8y$9$k$3$H$K$h$jG$0U$N%^%7%s%3!<%I$r4IM}<T8"8B$G<B9T$9$k$3$H$,5
v$5(B
$B$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B

83. JPortal Multiple SQL Injection Vulnerabilities
BugTraq ID: 15324
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15324
$BMWLs(B:
JPortal $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM(B
$B$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

84. Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
BugTraq ID: 15325
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15325
$BMWLs(B:
Apache Tomcat $B$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$kLdBj$N1F(B
$B6A$r<u$1$^$9!#$3$NLdBj$O!"%G%#%l%/%H%j0lMw$KBP$9$kJ#?t$N%j%/%(%9%H$,E
,@Z(B
$B$K=hM}$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$,0z$-5/$3$5$l$k$H!"(BTomcat $B$N%W%m%;%9$r:F5/F0$9$k$^$G$O@55,%f!<(B
$B%6$X$N%j%/%(%9%H$NAw?.$K<:GT$7$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k967b<T$O!"LdBj$N$"$k%=%U%H%&%'%"$r%5!<%S%9ITG=>uBV$
K4Y(B
$B$i$;$k2DG=@-$,$"$j$^$9!#(B

85. PunBB/BLOG:CMS Origin Spoofing Vulnerability
BugTraq ID: 15326
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15326
$BMWLs(B:
PunBB $B$*$h$S(B Blog:CMS $B$O!"967b<T$,(B HTTP $B%X%C%@$N(B X_FORWARDED_FOR $B%U%#!<(B
$B%k%I$r;HMQ$7$F%"%I%l%9$r1#JC$9$k$3$H$r5v$7$F$7$^$$$^$9!#(B

$B$3$l$i$N%"%W%j%1!<%7%g%s$G$O!"%f!<%6$,(B HTTP $B%X%C%@$K;XDj$7$?CM$r%j%/%(%9(B
$B%H85$N(B IP $B%"%I%l%9$H$7$F<u$1F~$l$^$9!#%j%b!<%H$N%[%9%H$O4D6-JQ?t$K56$N(B
IP $B%"%I%l%9$r;XDj$7!"%j%/%(%9%H85$r1#JC$9$k$3$H$,2DG=$G$9!#(B

86. cPanel Chat Message Field HTML Injection Vulnerability
BugTraq ID: 15327
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15327
$BMWLs(B:
cPanel $B$K$O(B HTML $B%?%0$rA^F~$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;X(B
$BDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%
$%:(B
$B=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(B Cookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

$B$3$NLdBj$rMxMQ$9$k$K$O!"967b<T$,(B cPanel $B%"%+%&%s%H$r;}$C$F$$$kI,MW$,$"$k(B
$B2DG=@-$,9b$$$H9M$($i$l$kE@$KN10U$9$k$Y$-$G$9!#(B

87. PunBB/BLOG:CMS Unspecified Information Disclosure Vulnerability
BugTraq ID: 15328
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15328
$BMWLs(B:
PunBB $B$*$h$S(B Blog:CMS $B$K$O!">pJsO31L$K4XO"$9$kL$FCDj$NLdBj$,B8:_$9$k5?$$(B
$B$,$"$j$^$9!#(B

$B$3$NLdBj$K$D$$$F$N>\:Y$J>pJs$O$[$H$s$I8x3+$5$l$F$$$^$;$s!#99$J$k>pJs$
,8x(B
$B3+$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

88. Ocean12 ASP Calendar Manager Authentication Bypass Vulnerability
BugTraq ID: 15329
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15329
$BMWLs(B:
Ocean12 ASP Calendar Manager $B$K$O!"G'>Z$,2sHr$5$l$k5?$$$,$"$j$^$9!#$3$N(B
$BLdBj$O!"%"%/%;%9$NBEEv@-3NG'$NITHw$KM3Mh$7$^$9!#(B

$B%"%/%;%98"8B$NBEEv@-3NG'$,E,@Z$K<B9T$5$l$:!"967b<T$,@)8B$5$l$?%G!<%?$
K%"(B
$B%/%;%9$9$k$3$H$r5v$7$F$7$^$$$^$9!#(B

$B%P!<%8%g%s(B 1.01 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A(B
$B$r<u$1$k2DG=@-$,$"$j$^$9!#(B

89. Ocean12 ASP Calendar Manager SQL Injection Vulnerability
BugTraq ID: 15330
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15330
$BMWLs(B:
Ocean12 ASP Calendar Manager $B$K$O!"(BSQL $B9=J8$rCmF~$5$l$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

90. Multiple Vendor Web Browser Cookie Hostname Handling Weakness
BugTraq ID: 15331
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-04
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15331
$BMWLs(B:
$BJ#?t$N(B Web $B%V%i%&%6$K$O!"(BCookie $B$N%[%9%HL>=hM}$NLdBj$K$h$j=EMW$J>pJs$,3+(B
$B<($5$l$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"(BCookie $B$H%I%a%$%sL>$N4XO"IU$1$,(B
Web $B%V%i%&%6$GE,@Z$K3NG'$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$BLdBj$N$"$k(B Web $B%V%i%&%6$r<B9T$9$k%3%s%T%e!<%?$N(B DNS $B%j%>%k%P%i%$%V%i%j$K(B
$B8!:w%Q%9$,@_Dj$5$l$F$$$k>l9g$K!"$3$NLdBj$,0z$-5/$3$5$l$^$9!#(B

$B$3$NLdBj$K$h$j!"%j%b!<%H$N967b<T$O%V%i%&%6$N(B Cookie $B$K3JG<$5$l$F$$$k@x:_(B
$BE*$K=EMW$J>pJs$K%"%/%;%9$7!"99$J$k967b$N<j=u$1$H$7$F;HMQ$G$-$^$9!#$^$
?!"(B
$B%"%/%;%9@h$N(B URI $B$r56Au$9$k$3$H$K$h$j!"$3$NLdBj$rMxMQ$7$F%U%#%C%7%s%0:>(B
$B5=$,9T$o$l$k2DG=@-$b$"$j$^$9!#(B

$B4{B8$N:G>e0L%I%a%$%s$HFbItE*$K%[%9%H$5$l$F$$$k%I%a%$%s$GF1;~$KM-8z$J%
[%9(B
$B%HL>$r%f!<%6$,;HMQ$9$k>l9g$K$N$_!"$3$NLdBj$rMxMQ2DG=$G$"$kE@$KN10U$9$
Y$-(B
$B$G$9!#(B

91. Macromedia Flash Array Index Memory Access Vulnerability
BugTraq ID: 15332
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-05
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15332
$BMWLs(B:
Flash $B%W%i%0%$%s$O!"F~NOCM$NBEEv@-3NG'$NITHw$NLdBj$N1F6A$r<u$1$^$9!#$3$N(B

$B$?$a$K!"G$0U$N%3!<%I$,<B9T$5$l$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"=EMW$JG
[Ns(B
$B%$%s%G%C%/%9$NCM$NBEEv@-3NG'$NITHw$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$FG$0U$N%3!<%I$r<B9T$G$-$^$9!#(BWeb $B%5%$%H$KG[CV$5(B
$B$l$?!"LdBj$r0z$-5/$3$9$?$a$N0-0U$"$k(B SWF $B%U%!%$%k$,967b7PO)$H$J$k2DG=@-(B
$B$,$b$C$H$b9b$$$H9M$($i$l$^$9!#(B

Macromedia Flash 6 $B$*$h$S(B 7 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F(B
$B$$$^$9!#(B

92. ibProArcade User ID SQL Injection Vulnerability
BugTraq ID: 15333
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-05
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15333
$BMWLs(B:
$BF~NOCM$NBEEv@-3NG'$NITHw$KM3Mh$9$k(B SQL $B9=J8$rCmF~$9$k967b$,Js9p$5$l$F$$(B
$B$^$9!#(BPowerBoard $B$*$h$S(B vBulletin $B$N%$%s%9%H!<%k$N(B "index.php" $B%9%/%j%W(B
$B%H$K$*$$$F!"$3$N%b%8%e!<%k$,M-8z$K$J$C$F$$$k>l9g$KLdBj$,B8:_$9$k$3$H$
,Js(B
$B9p$5$l$F$$$^$9!#(BPowerBoard $B%f!<%6$N(B "id" $B$*$h$S(B vBulletin $B%f!<%6$N(B
"userid" $B$H$$$&(B HTML $BJQ?t$,!"(BSQL $B%/%(%jJ8;zNs$KKd$a9~$^$l$kA0$KE,@Z$K%((B
$B%9%1!<%W$5$l$J$$$3$H$,Js9p$5$l$F$$$^$9!#(B

III. SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Suspected bot master busted
$BCx<T(B: Robert Lemos
$B%\%C%H%=%U%H%&%'%"$K$h$j(B 40 $BK|Bf$N%3%s%T%e!<%?$r46@w$5$;!"IT@5$J%"%U%#%j(B
$B%(%$%H>R2p$GHo32$r<u$1$?%7%9%F%`$X$NHNGd3hF0$K$h$k%"%/%;%9$K$h$C$FMx1
W$r(B
$B>e$2$F$$$?MF5?$G!"%+%j%U%)%k%K%"=#:_=;$NCK$,9pH/$5$l$^$7$?!#(B

http://www.securityfocus.com/news/11353

2. Hidden DRM code's legitimacy questioned
$BCx<T(B: Robert Lemos
Sony BMG $B$,Ds6!$9$k2;3Z(B CD $B$N%3%T!<%W%m%F%/%H$K$h$j!"(BWindows $B%3%s%T%e!<(B
$B%?>e$K$O%"%s%$%s%9%H!<%k$,:$Fq$J%G%8%?%kCx:n8"4IM}(B (DRM) $B%=%U%H%&%'%"$,(B
$B1#$5$l$F%$%s%9%H!<%k$5$l$^$9!#$3$N$3$H$K$D$$$F!"%;%-%e%j%F%#$N@lLg2H$
?$A(B
$B$O%l%3!<%I2q<R$,%k!<%H%-%C%H$rAH$_9~$s$G$$$k$HHsFq$7$F$$$^$9!#(B

http://www.securityfocus.com/news/11352

3. U.S. makes securing SCADA systems a priority
$BCx<T(B: Robert Lemos
$BJF9q$K$*$$$F9q2H$NEENO%7%9%F%`$H8x1W;v6HMQ$N%M%C%H%o!<%/$O4m81$K$5$i$
5$l(B
$B$F$$$k$3$H$,7|G0$5$l$F$$$^$9!#JF9q9qEZ0BA4J]>c>J$O3F4k6H$,@)8f%7%9%F%
`$r(B
$B%m%C%/%@%&%s$G$-$k$h$&$K$9$k$?$a$N?7$?$J;n$_$r9T$C$F$$$^$9!#(B

http://www.securityfocus.com/news/11351

4. Web defacer sentenced, facing deportation
$BCx<T(B: Robert Lemos
Rafael Nunez-Aponte $B$OJF9q6u73$N(B Web $B%5%$%H2~$6$s$K$D$$$F;JK!<h0z$K9g0U(B
$B$7!"I~Lr$9$k$3$H$K$J$j$^$7$?!#$7$+$7!"(BNASA $B4XO"J8=q$NO31L$K4XO"$9$kMF5?(B
$B$K$D$$$F$O$^$@7hCe$7$F$$$^$;$s!#(B

http://www.securityfocus.com/news/11350

5. Skype under scrutiny for bugs
$BCx<T(B: John Leyden
$B9-$/;HMQ$5$l$F$$$k(B VoIP $B%3%_%e%K%1!<%7%g%s%=%U%H%&%'%"$G$"$k(B Skype $B$K4X(B
$BO"$9$k:G6a$N(B 2 $B7o$N?<9o$J%;%-%e%j%F%#>e$NLdBj$O!"%Y%s%@$K$H$C$F:G0-$N%?(B
$B%$%_%s%0$G5/$3$j$^$7$?!#(B

http://www.securityfocus.com/news/11354

6. Say hello to the Skype Trojan
$BCx<T(B: John Leyden
$B%&%$%k%9:n@.<T$O!"?M5$$N9b$$(B VoIP $B%=%U%H%&%'%"$N:G?7%P!<%8%g%s$K8+$;$+$1(B
$B$??7$?$J%H%m%$$NLZGO$r;HMQ$7$F!"(BSkype $B%f!<%6$rI8E*$K$7$F$$$^$9(B

http://www.securityfocus.com/news/11348

7. Shared music abuse bug hits iTunes
$BCx<T(B: John Leyden
$B%;%-%e%j%F%#8&5f<T$O!"?M5$$N9b$$(B Apple $B$N(B iTunes $B%W%m%0%i%`$GLdBj$rH/8+(B
$B$7$^$7$?!#$3$NLdBj$O!"6&M-$N2;3Z$r%@%&%s%m!<%I$9$k%$%s%?!<%U%'!<%9$G<
B9T(B
$B$5$l$k2DG=@-$,$"$j$^$9!#(B

http://www.securityfocus.com/news/11347

8. US cybersecurity all at sea
$BCx<T(B: John Leyden
$B9qEZ0BA4J]>c>J$K$h$k%"%a%j%+9qFb$N%5%$%P!<%;%-%e%j%F%#%j%9%/$N4IM}$OI
T==(B
$BJ,$G$"$k!"$H@h$NJF9qBgE}NN>pJs%;%-%e%j%F%#C4Ev8\Ld$OH/8@$7$F$$$^$9!#
(B

http://www.securityfocus.com/news/11345

--
$BK]Lu(B: LAC $BK]Lu%A!<%`(B
$B4F=$(B: $B>.3^8691M:(B (OGASAWARA Tsuneo)
LAC Co., Ltd.
http://www.lac.co.jp/index.html
0?l *?H?÷
?]0?Y10 +0 *?H?÷
?
û0?0?k9ÊT?þP"2þ2ÙÛû?0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
180518235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
?÷Îv\«??Ü?o49]?>kr,áÇ¢{@)¹x?ºLÅ£j^?n{ãòAf¾û®¢Î?ó¢4?´²¶$òåÕàÈåbm?{Ë¾»?|WÊð7©¯?î¾(?Ù&v ÍÄNð®Õ¾¯WjÐ BBBô
Ì¥x??&8?G0?0?kLÇêª?>qÓ?ø=:???0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
280801235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
©OÃ
Çg¾,ËÙ¨Í-uç~?;rë~ë\- ?Ökm`|å®Å#\JÐ¯±]óÇ¶
Ûà?
Ý¼Çv?µÝOÃ?u¸ÀæÉ[k¥¸?Ü¬¤ÝríN¡÷O¼ÓêÈdt{Â?A?esXñ?<j±?ÉÄ?¼ÏEmEân"?þ¼1\
èòÙ0?¶0? %îs<û ?U??{?í¿0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
020404000000Z
070403235959Z0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0?0
*?H?÷
0?¼+þîO×ùútüoÃøÊ?(v'È4 Ëªr-Éö?~?hòKïÉÿo½?îÓ??ÿ¨þîhU°¼ð°óåNhfisµ:V÷^uæo;êâd'\`?ÝÛ+·¼¶ª¡$)¯t¦?¯GöÕK~,e3îÛ¥<
KCp?ÙÙÂ??Äø(£¤0¡0Uÿ0ÿ0FU ?0=0;`?H?øE0,0*+https://www.verisign.co.jp/rpa0U
ÿ0 `?H?øB0 U0¤010UC1C2-1-40
*?H?÷
\?Ïh??¿ÏÓ_n²N>?Qs?e¢w ~ü v1?ÿîv4YVÊæGèãTÓÈ?Î?«bMo]?¸¢±?_K??Çó[m³#ÕcÑU*¿þ·ÄUò´o:?¿ê§q^/=¯?
?òt)ÿÌõ
?¬ÕÕ?ô÷7ªÔ?pd{0?10?? d2?7Åw?É??¹?b?ñ0
*?H?÷
0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0
050331000000Z
060331235959Z0ü10U
VeriSign Japan K.K.10UISP Service CA1503U,Terms of use at www.verisign.co.jp/rpa (c)011806U/Service Name - 5BF88D474BD2A6D3E7E073163F0C4D1210UHitachijoho10UTsuneo Ogasawara1!0 *?H?÷
t.ogaswr (at) lac.co (dot) jp0 [email concealed]?0
*?H?÷
0?¿*E´\2ÅÍóDíÐÏÇ~?+Ü=Ù&-u4)~è§ÊÇ2ÉnAàÙWÍØoÓÐûÊfÚq³.?³¥Hë¼ÀÚ×?!0¯6iÚ??±?rÙDÏdA[?Ùî?´q\~ãè?ú¨
Ä»ù?oÊi1¶+_ãr?#??>¥þ?IÁeA£ä0á0 U00EU >0<0:
`?H?øE0,0*+https://www.verisign.co.jp/rpa0U 0
`?H?øB?0ZUS0Q0O M K?Ihttp://onsitecrl.verisign.co.jp/VeriSi
gnJapanKKISPServiceCA/LatestCRL.crl0
`?H?øE ÿ0
*?H?÷
TMÎ¤©ýäøpßËµ"òÎ©,ÍË¶Q??`puÏ?¥?F?ÿ¬ãÅz?¸íñ²Oð)ô2ð$³q?âüý |øu
ßx©?Ì0³Jçjñ^9?^ p('?öC¦^ã=?øîÍ?&´ª.àTaxz4ÓÄÇ«<v?òY³QúÄ1?90?50Þ0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CAd2?7Åw?É??¹?b?ñ0 + ±0 *?H?÷
1 *?H?÷
0 *?H?÷
1
060217082700Z0# *?H?÷
1Zbx®ç?Ç4_¬È^øñ04?´?\0R *?H?÷
1E0C0
*?H?÷
0*?H?÷
?0+0
*?H?÷
@0
*?H?÷
(0
*?H?÷
?±5y?eÛÊïZpN#'àg ùâ »?eHÔ£g®|ºÜ4¯MÙ¢?ìZ?R4Ô`Ãwå¡Låã!0åp>?)¨txØA*õf,GÖDûëp4mCð?.Ò?2¾JVi<{#ê?Ð6 lai\
?o"è}T

[ reply ]