SecurityFocus

SecurityFocus Newsletter #327 2005-11-28->2005-12-02 Mar 10 2006 08:23AM
Tsuneo Ogasawara (t ogaswr lac co jp)

$B>.3^86(B@$B%i%C%/$G$9!#(B

SecurityFocus Newsletter $BBh(B 327 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$B"(Bh(B 326 $B9f$O7gHV$H$J$C$F$$$k$h$&$G$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

------------------------------------------------------------------------
---
BugTraq-JP $B$K4X$9$k(B FAQ ($BF|K\8l(B):
http://www.securityfocus.com/archive/79/description
$B!&(BSecurityFocus Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0l<!G[I[$5$l$F$$$^$9(B
$B!&(BBugTraq-JP $B$X$N;22CJ}K!!"C&B`J}K!$O$3$N(B FAQ $B$r$4;2>H$/$@$5$$(B
------------------------------------------------------------------------
---
SecurityFocus Newsletter $B%"!<%+%$%V(B ($B1Q8l(B):
http://www.securityfocus.com/archive/78
BugTraq $B$K4X$9$k(B FAQ ($B1Q8l(B):
http://www.securityfocus.com/archive/1/description
------------------------------------------------------------------------
---
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B SecurityFocus $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o$l$F$$$^$9!#(B
$B!&(BSecurityFocus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web,
$B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$NA4J80zMQ$r$*4j$$$7$^$9!#
(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;$s$,!"(B
$B=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k7A<0$N(B
$B%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
------------------------------------------------------------------------
---
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^
(B
$B$9!#(B
------------------------------------------------------------------------
---
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
$BHG$r$4Ej9FD:$/$+!"4F=$<T(B (t.ogaswr (at) lac.co (dot) jp [email concealed]) $B$K$*CN$i$;$/$@$5$$!#(B
$B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
------------------------------------------------------------------------
---
This translation is encoded and posted in ISO-2022-JP.

$B86HG(B:
Date: Tue, 06 Dec 2005 14:19:14 -0700
Message-ID: <43960052.7060109 (at) securityfocus (dot) com [email concealed]>

SecurityFocus Newsletter #327
-----------------------------

This Issue is Sponsored By: Watchfire AppScan

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
1. Evading NIDS, revisited
2. Regaining control
II. BUGTRAQ SUMMARY
1. PBLang Bulletin Board System Multiple HTML Injection Vulnerabilities
2. Athena PHP Website Administration Remote File Include Vulnerability
3. PHPGreetz Remote File Include Vulnerability
4. Q-News Remote File Include Vulnerability
5. Unalz Archive Filename Buffer Overflow Vulnerability
6. Enterprise Connector SQL Injection Vulnerabilities
7. Zainu SQL Injection Vulnerabilities
8. Babe Logger SQL Injection Vulnerabilities
9. Top Music Module SQL Injection Vulnerabilities
10. PHPWordPress Multiple SQL Injection Vulnerabilities
11. Bedeng PSP SQL Injection Vulnerabilities
12. Nelogic Nephp Publisher SQL Injection Vulnerabilities
13. Softbiz Resource Repository Script SQL Injection Vulnerabilities
14. BerliOS SourceWell SQL Injection Vulnerability
15. AllWeb Search SQL Injection Vulnerability
16. K-Search SQL Injection Vulnerabilities
17. EdmoBBS SQL Injection Vulnerabilities
18. JBB SQL Injection Vulnerabilities
19. UGroup SQL Injection Vulnerabilities
20. ShockBoard Offset Parameter SQL Injection Vulnerability
21. Netzbrett P_Entry Parameter SQL Injection Vulnerability
22. SimpleBBS Search Module Parameters SQL Injection Vulnerability
23. ADC2000 NG Pro SQL Injection Vulnerabilities
24. Simple Document Management System SQL Injection Vulnerabilities
25. Nicecoder iDesk FAQ.PHP SQL Injection Vulnerability
26. PDJK-support Suite Multiple SQL Injection Vulnerabilities
27. Randshop Multiple SQL Injection Vulnerabilities
28. KTools Remote Buffer Overflow Vulnerability
29. FreeWebStat Multiple Cross-Site Scripting Vulnerabilities
30. Cisco IOS HTTP Service HTML Injection Vulnerability
31. PHP Web Statistik Content Injection Vulnerabilities
32. Helpdesk Issue Manager Multiple SQL Injection Vulnerabilities
33. OASYS Lite Search.ASP Cross-Site Scripting Vulnerability
34. WebCalendar Multiple SQL Injection Vulnerabilities
35. OKBSYS Lite Search.ASP Cross-Site Scripting Vulnerability
36. WebCalendar Export_Handler.PHP File Corruption Vulnerability
37. GuppY Error.PHP Remote File Include and Command Execution Vulnerability
38. GuppY Multiple Local File Include and Information Disclosure Vulnerabilities
39. PHP Doc System Local File Include Vulnerability
40. SearchSolutions Multiple Products Cross-Site Scripting Vulnerabilities
41. Microsoft Windows SynAttackProtect Predictable Hash Remote Denial of Service Vulnerability
42. Gallery Multiple Input Validation Vulnerabilities
43. Sun Java Runtime Environment Multiple Privilege Escalation Vulnerabilities
44. Panda Software Antivirus Library ZOO Archive Heap Overflow Vulnerability
45. ASP-Rider Default.ASP SQL Injection Vulnerability
46. Cisco Security Agent Unspecified Local Privilege Escalation Vulnerability
47. QNX Phgrafx Local Buffer Overflow Vulnerability
48. Kadu Remote Denial of Service Vulnerability
49. PHP Upload Center Index.PHP Directory Traversal Vulnerability
50. Fantastic Scripts Fantastic News News.PHP SQL Injection Vulnerability
51. Xaraya Directory Traversal Vulnerability
52. DotClear Unspecified Trackback Vulnerability
53. Linux Kernel PTraced Child Auto-Reap Local Denial of Service Vulnerability
54. PHP Upload Center Directory Traversal Vulnerability
55. Linux Kernel Time_Out_Leases PrintK Local Denial of Service Vulnerability
56. DMANews Multiple SQL Injection Vulnerabilities
57. Perl Perl_sv_vcatpvfn Format String Integer Wrap Vulnerability
58. DRZES HMS Register_domain.PHP Cross-Site Scripting Vulnerability
59. Entergal MX Multiple SQL Injection Vulnerabilities
60. BosDates Multiple SQL Injection Vulnerabilities
61. Post Affiliate Pro Index.PHP SQL Injection Vulnerability
62. GhostScripter Amazon Shop Search.PHP SQL Injection Vulnerability
63. KBase Express Multiple SQL Injection Vulnerabilities
64. ltwCalendar Calendar.PHP SQL Injection Vulnerability
65. Orca Knowledgebase Knowledgebase.PHP SQL Injection Vulnerability
66. Orca Blog Blog.PHP SQL Injection Vulnerability
67. Orca Ringmaker Ringmaker.PHP SQL Injection Vulnerability
68. FAQ System Multiple SQL Injection Vulnerabilities
69. Survey System Survey.PHP SQL Injection Vulnerability
70. Linux Kernel PTrace CLONE_THREAD Local Denial of Service Vulnerability
71. N-13 News SQL Injection Vulnerability
72. DRZES HMS Multiple SQL Injection Vulnerabilities
73. NuFW Malformed Packet Remote Denial Of Service Vulnerability
74. pcAnywhere Authentication Denial of Service Vulnerability
75. Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities
76. CenterICQ Malformed Packet Handling Remote Denial of Service Vulnerability
77. SocketKB Index.PHP SQL Injection Vulnerability
78. PHPAlbum Local File Include Vulnerability
79. Softbiz B2B Trading Marketplace Multiple SQL Injection Vulnerabilities
80. Softbiz FAQ Multiple SQL Injection Vulnerabilities
81. Atlantis Knowledge Base Search.PHP SQL Injection Vulnerability
82. FAQRing Answer.PHP SQL Injection Vulnerability
83. WSN Knowledge Base Multiple SQL Injection Vulnerabilities
84. O-Kiraku Nikki Nikki.PHP SQL Injection Vulnerability
85. 88Scripts Event Calendar Index.PHP SQL Injection Vulnerability
86. Instant Photo Gallery Multiple SQL Injection Vulnerabilities
87. Microsoft Internet Explorer CSS Import Cross-Domain Restriction Bypass Vulnerability
88. Tradesoft CMS Multiple SQL Injection Vulnerabilities
89. WebCalendar Multiple SQL Injection Vulnerabilities
90. Drupal Image Upload HTML Injection Vulnerability
91. Citrix Multiple Applications Login Form Cross-Site Scripting Vulnerability
92. Lore Article.PHP SQL Injection Vulnerability
93. Astaro Security Linux ISAKMP IKE Traffic Denial of Service Vulnerability
94. DotClear Session.PHP SQL Injection Vulnerability
95. Avaya TN2602AP IP Media Resource 320 Remote Denial of Service Vulnerability
96. FastJar Archive Extraction Directory Traversal Vulnerability
97. Microsoft Windows CreateRemoteThread Local Denial of Service Vulnerability
98. MXChange Multiple Unspecified Input Validation Vulnerabilities
99. WebCalendar Layers_Toggle.PHP HTTP Response Splitting Vulnerability
100. Drupal View User Profile Authorization Bypass Vulnerability
III. SECURITYFOCUS NEWS
1. Federal flaw database commits to grading system
2. Mac OS X security under scrutiny
3. Texas puts Sony BMG in its sights
4. Sony BMG's copy-protection problems grow
5. Skype under scrutiny for bugs
6. Say hello to the Skype Trojan
7. Shared music abuse bug hits iTunes
8. US cybersecurity all at sea

I. FRONT AND CENTER ($BF|K\8lLu$J$7(B)
----------------------------

II.BUGTRAQ SUMMARY
--------------------
1. PBLang Bulletin Board System Multiple HTML Injection Vulnerabilities
BugTraq ID: 15573
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15573
$BMWLs(B:
PBLang $B$K$O!"(BHTML $B%?%0$rA^F~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$
9$k(B
$BA0$K!"F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(BCookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

PBLang 4.65 $B$K$*$$$F$bJL$N;w$?(B HTML $B%?%0$rA^F~$5$l$kLdBj$,;XE&$5$l$F$$$^(B
$B$9!#$3$NLdBj$O!"0J2<$N(B BID $B$G;XE&$5$l$F$$$kLdBj$H4X78$7$F$$$k2DG=@-$,$"(B
$B$j$^$9!#(B
- 14728, PBLang Bulletin Board System Multiple Remote Vulnerabilities
- 14766, PBLang Bulletin Board System HTML Injection Vulnerability

2. Athena PHP Website Administration Remote File Include Vulnerability
BugTraq ID: 15574
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15574
$BMWLs(B:
Athena PHP Website Administration $B$K$O!"%j%b!<%H$+$i%U%!%$%k$,%$%s%/%k!<(B
$B%I$5$l$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%
:=h(B
$BM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N(B PHP $B%3!<%I$r%j%b!<%H$+$i<B9T$9$k2DG=@-$,$"$j$^(B
$B$9!#$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

3. PHPGreetz Remote File Include Vulnerability
BugTraq ID: 15575
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15575
$BMWLs(B:
phpGreetz $B$K$O!"%j%b!<%H$+$i%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N(B PHP $B%3!<%I$r%j%b!<%H$+$i<B9T$9$k2DG=@-$,$"$j$^(B
$B$9!#$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

4. Q-News Remote File Include Vulnerability
BugTraq ID: 15576
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-26
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15576
$BMWLs(B:
Q-News $B$K$O!"%j%b!<%H$+$i%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$
3$H(B
$B$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N(B PHP $B%3!<%I$r%j%b!<%H$+$i<B9T$9$k2DG=@-$,$"$j$^(B
$B$9!#$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

5. Unalz Archive Filename Buffer Overflow Vulnerability
BugTraq ID: 15577
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15577
$BMWLs(B:
unalz $B$K$O!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B

$BD9$$L>A0$,IU$1$i$l$?%U%!%$%k$r4^$`(B ALZ $B%"!<%+%$%V$r2rE`$9$k:]$K0z$-5/$3(B
$B$5$l$^$9!#(B

$B$3$NLdBj$,MxMQ$5$l$k$H!"0-0U$"$k%"!<%+%$%V$r2rE`$9$k%f!<%6$N%;%-%e%j%
F%#(B
$B%3%s%F%-%9%HFb$GG$0U$N%3!<%I$,<B9T$5$l$k2DG=@-$,$"$j$^$9!#(B

6. Enterprise Connector SQL Injection Vulnerabilities
BugTraq ID: 15578
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15578
$BMWLs(B:
Enterprise Connector $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$(B
$B$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0(B
$B$K!"F~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!
#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

7. Zainu SQL Injection Vulnerabilities
BugTraq ID: 15579
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15579
$BMWLs(B:
Zainu $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l(B
$B$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP$9(B
$B$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

8. Babe Logger SQL Injection Vulnerabilities
BugTraq ID: 15580
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15580
$BMWLs(B:
Babe Logger $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

9. Top Music Module SQL Injection Vulnerabilities
BugTraq ID: 15581
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15581
$BMWLs(B:
PHP-Nuke $B$N(B Top Music Module $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9(B
$B$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ(B
$B$9$kA0$K!"F~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$
7$^(B
$B$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

10. PHPWordPress Multiple SQL Injection Vulnerabilities
BugTraq ID: 15582
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15582
$BMWLs(B:
PHPWordPress $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

PHPWordPress 3.0 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9$,!"(B
$B$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

11. Bedeng PSP SQL Injection Vulnerabilities
BugTraq ID: 15583
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15583
$BMWLs(B:
Bedeng PSP $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

12. Nelogic Nephp Publisher SQL Injection Vulnerabilities
BugTraq ID: 15584
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15584
$BMWLs(B:
Nelogic Nephp Publisher $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?(B
$B$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$k(B
$BA0$K!"F~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$
9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

13. Softbiz Resource Repository Script SQL Injection Vulnerabilities
BugTraq ID: 15585
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15585
$BMWLs(B:
Softbiz Resource Repository Script $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj(B
$B$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%((B
$B%j$G;HMQ$9$kA0$K!"F~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$
H$K(B
$BM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

14. BerliOS SourceWell SQL Injection Vulnerability
BugTraq ID: 15586
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15586
$BMWLs(B:
BerliOS SourceWell $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

15. AllWeb Search SQL Injection Vulnerability
BugTraq ID: 15587
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15587
$BMWLs(B:
AllWeb Search $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5(B
$B%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

16. K-Search SQL Injection Vulnerabilities
BugTraq ID: 15588
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15588
$BMWLs(B:
K-Search $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

17. EdmoBBS SQL Injection Vulnerabilities
BugTraq ID: 15589
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15589
$BMWLs(B:
edmoBBS $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP(B
$B$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

18. JBB SQL Injection Vulnerabilities
BugTraq ID: 15590
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15590
$BMWLs(B:
JBB $B$K$O(B SQL $B9=J8$rCmF~$5$l$kJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l$i(B
$B$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP$9$k(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

19. UGroup SQL Injection Vulnerabilities
BugTraq ID: 15591
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15591
$BMWLs(B:
UGroup $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l(B
$B$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP$9(B
$B$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

20. ShockBoard Offset Parameter SQL Injection Vulnerability
BugTraq ID: 15592
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15592
$BMWLs(B:
ShockBoard $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$N(B
$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

21. Netzbrett P_Entry Parameter SQL Injection Vulnerability
BugTraq ID: 15593
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15593
$BMWLs(B:
Netzbrett $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?(B
$B%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

22. SimpleBBS Search Module Parameters SQL Injection Vulnerability
BugTraq ID: 15594
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15594
$BMWLs(B:
SimpleBBS $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?(B
$B%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

23. ADC2000 NG Pro SQL Injection Vulnerabilities
BugTraq ID: 15595
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15595
$BMWLs(B:
ADC2000 NG Pro $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j(B
$B$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~(B
$BNOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

24. Simple Document Management System SQL Injection Vulnerabilities
BugTraq ID: 15596
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15596
$BMWLs(B:
Simple Document Management System (SDMS) $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t(B
$B$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r
(B SQL
$B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

25. Nicecoder iDesk FAQ.PHP SQL Injection Vulnerability
BugTraq ID: 15597
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15597
$BMWLs(B:
Nicecoder iDesk $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.0 $B$,$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#$=$NB>$N(B
$B%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

26. PDJK-support Suite Multiple SQL Injection Vulnerabilities
BugTraq ID: 15598
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15598
$BMWLs(B:
PDJK-support Suite $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,(B
$B$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"%j%b!<%H$N967b<T$,%G!<%?%Y!<%9%/%(%j$K0
-0U(B
$B$"$kF~NOCM$rEO$7!"%/%(%j$NO@M}9=B$$rA`:n$9$k$J$I$N967b$r2C$($k$3$H$,5
v$5(B
$B$l$F$7$^$&2DG=@-$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

PDJK-support retail version 1.1a $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,(B
$BJs9p$5$l$F$$$^$9!#B>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

27. Randshop Multiple SQL Injection Vulnerabilities
BugTraq ID: 15599
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15599
$BMWLs(B:
Randshop $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP(B
$B$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

Randshop $B$N$9$Y$F$N%P!<%8%g%s$,$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$(B
$B$^$9!#(B

28. KTools Remote Buffer Overflow Vulnerability
BugTraq ID: 15600
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15600
$BMWLs(B:
ktools $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?(B
$B$$$,$"$j$^$9!#(B

$B967b<T$O$3$N%"%W%j%1!<%7%g%s$N8"8B$GG$0U$N%3!<%I$r<B9T$7!"IT@5$J%j%b!
<(B
$B%H%"%/%;%98"8B$r<hF@$9$k2DG=@-$,$"$j$^$9!#(B

ktools 0.3 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

29. FreeWebStat Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 15601
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15601
$BMWLs(B:
FreeWebStat $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$K4XO"$9$kJ#?t$NLdBj$,B8:_(B
$B$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%
:=h(B
$BM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

FreeWebStat 1.0 rev37 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$(B
$B$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

30. Cisco IOS HTTP Service HTML Injection Vulnerability
BugTraq ID: 15602
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15602
$BMWLs(B:
Cisco IOS HTTP $B%5!<%S%9$O(B HTML $B%?%0$rA^F~$5$l$kLdBj$,B8:_$9$k5?$$$,$"$k(B
$B$3$H$,Js9p$5$l$F$$$^$9!#(B

$B967b<T$O!"(B'/level/15/exec/-/buffers/assigned' $B$*$h$S(B
/level/15/exec/-/buffers/all' $B%9%/%j%W%H$r2p$7$F0-0U$N$"$k(B HTML $B$*$h$S%9(B
$B%/%j%W%H%3!<%I$r%5%V%_%C%H$9$k$3$H$,2DG=$G$9!#4IM}<T$,$3$N(B HTTP $B%5!<%S%9(B
$B$NLdBj$N$"$k%9%/%j%W%H$r2p$7$F%a%b%j%P%C%U%!$N%3%s%F%s%D$rI=<($7$h$&$
H$9(B
$B$k$H$-$K!"$3$N%3!<%I$,4IM}<T$N%V%i%&%6$G<B9T$5$l$k2DG=@-$,$"$j$^$9!#
(B

IOS 11.0 $B$+$i(B 12.4 $B$^$G$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H(B
$B$,Js9p$5$l$F$$$^$9!#(BCisco IOS XR $B$O$3$NLdBj$N1F6A$r<u$1$^$;$s!#$3$l$O!"(B
IOS Web $B%$%s%?%U%'!<%9$N%f!<%6$rI8E*$H$7$?(B HTML $B%?%0$rA^F~$9$kLdBj$G$"$k(B
$B$?$a!"$3$N(B HTTP $B%5!<%S%9$,L58z$K@_Dj$5$l$F$$$k%G%P%$%9$O1F6A$r<u$1$^$;$s!#(B

$B$3$N%"%I%P%$%6%j$O(B Cisco $B$K$h$C$F3NG'$5$l$F$$$^$9!#%j%U%!%l%s%9%;%/%7%g(B
$B%s$K$"$k(B Cisco $B$N%;%-%e%j%F%#%"%I%P%$%6%j(B "cisco-sa-20051201-http" $B$r;2(B
$B>H$7$F$/$@$5$$!#(B

31. PHP Web Statistik Content Injection Vulnerabilities
BugTraq ID: 15603
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15603
$BMWLs(B:
PHP Web Statistik $B$O!"%3%s%F%s%D$rCmF~$5$l$kJ#?t$NLdBj$,B8:_$9$k5?$$$,$"(B
$B$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$
K<B(B
$B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#$3$NLdBj$K$h$j(B HTML $B%?%0$rA^F~$5$l$kLdBj$,0z(B
$B$-5/$3$5$l$?$j!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$?$j$9$k2DG=@-$
,$"(B
$B$j$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H$*$h$S(B HTML $B%3!<(B
$B%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$^$?!"$3$l$i$NLdBj$rMxMQ$7$F!"(BCookie
$B$KM3(B
$BMh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#%f!
<%6(B
$B$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k$?$a$K$b$3$NLdBj$rMxMQ$9$k2
DG=(B
$B@-$,$"$j$^$9!#(B

32. Helpdesk Issue Manager Multiple SQL Injection Vulnerabilities
BugTraq ID: 15604
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15604
$BMWLs(B:
Helpdesk Issue Manager $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?(B
$B$$$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

Helpdesk Issue Manager 0.9 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u(B
$B$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B

33. OASYS Lite Search.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 15605
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15605
$BMWLs(B:
OASYS Lite $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B
'search.asp' $B%9%/%j%W%H$,$3$NLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$
"$k(B
$B%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$9$
k2D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b(B
$B$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

OASYS Lite 1.0 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

34. WebCalendar Multiple SQL Injection Vulnerabilities
BugTraq ID: 15606
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15606
$BMWLs(B:
WebCalendar $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

WebCalendar 1.0.1 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$l0JA0$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

35. OKBSYS Lite Search.ASP Cross-Site Scripting Vulnerability
BugTraq ID: 15607
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15607
$BMWLs(B:
OKBSYS Lite $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$O!"%f!<%6$,(B 'search.asp' $B%9%/%j%W%H$KBP$7$F;XDj$7$?F~NOCM$N%5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k(B
$B2DG=@-$,$"$j$^$9!#(B

OKBSYS Lite 1.0 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

36. WebCalendar Export_Handler.PHP File Corruption Vulnerability
BugTraq ID: 15608
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15608
$BMWLs(B:
WebCalendar $B$K$O!"%U%!%$%k$,GK2u$5$l$kLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$N(B
$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$NBEEv@-3NG'$,E,@Z$K<B9T$5$l$J$$$3$H$KM
3Mh(B
$B$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$N%P!<%8%g%s$r<
B9T(B
$B$9$k5?$$$r;}$?$J$$%f!<%6$N8"8B$G%U%!%$%k$rGK2u$9$k2DG=@-$,$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.0.1 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B
$B$=$l0JA0$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

37. GuppY Error.PHP Remote File Include and Command Execution Vulnerability
BugTraq ID: 15609
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15609
$BMWLs(B:
GuppY $B$K$O!"%j%b!<%H$+$i%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#(B

'error.php' $B%9%/%j%W%H$K;XDj$5$l$k%G!<%?$,E,@Z$K%5%K%?%$%:$5$l$J$$$?$a!"(B
$B967b<T$K%j%b!<%H$K%[%9%H$5$l$?%9%/%j%W%H%U%!%$%k$rLdBj$N$"$k%=%U%H%&%
'%"(B
$B$r%[%9%H$9$k(B Web $B%5!<%P$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G<B9T$9$k$3$H$r5v$7(B
$B$F$7$^$$$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N(B PHP $B%3!<%I$r%j%b!<%H$+$i<B9T$9$k2DG=@-$,$"$j$^(B
$B$9!#(B

$B$^$?!"967b<T$OLdBj$N$"$k%5!<%P$G<B9T$5$l$k%9%/%j%W%H$r2p$7$F0-0U$N$"$
k(B
PHP $B%3%^%s%I$rEO$9$3$H$b2DG=$H$J$j!"IT@5%"%/%;%9$r0z$-5/$3$92DG=@-$b$"$j
(B
$B$^$9!#(B

GuppY 4.5.9 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

38. GuppY Multiple Local File Include and Information Disclosure Vulnerabilities
BugTraq ID: 15610
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15610
$BMWLs(B:
GuppY $B$O!"%m!<%+%k$G%U%!%$%k$,%$%s%/%k!<%I$5$l$?$j!">pJs$,3+<($5$l$?$j$9(B

$B$kJ#?t$NLdBj$N1F6A$r<u$1$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W(B
$B%m%;%9$N8"8B$GG$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$
j$^(B
$B$9!#$3$l$K$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$NG$0U$N%U%!%$%k$r(B
Web
$B%5!<%P$N8"8B$GFI$_<h$k2DG=@-$,$"$kE@$K$bN10U$9$Y$-$G$9!#967b<T$O!"%G%
#%l(B
$B%/%H%j;2>H$K4X$9$kJ8;zNs$*$h$S(B NULL $BJ8;z$r;HMQ$7$F!"G$0U$N%U%!%$%k$r3+<((B
$B$9$k$3$H$,2DG=$G$9!#(B

GuppY 4.5.9 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

39. PHP Doc System Local File Include Vulnerability
BugTraq ID: 15611
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15611
$BMWLs(B:
PHP Doc System $B$K$O!"%m!<%+%k$G%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$K$h$j!"%U%!%$%k$,IT@5$KI=<($5$l$?$j!"%m!<%+%k$N(B PHP $B%3!<%I$,IT(B
$B@5$K<B9T$5$l$k2DG=@-$,$"$j$^$9!#(B

PHP Doc System 1.5.1 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3(B
$B$H$,Js9p$5$l$F$$$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$
9!#(B

40. SearchSolutions Multiple Products Cross-Site Scripting Vulnerabilities
BugTraq ID: 15612
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15612
$BMWLs(B:
SearchSolutions SearchFeed$B!"(BRevenuePilot$B!"$*$h$S(B Google API $B$O%/%m%9%5%$(B
$B%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$
,;X(B
$BDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$i$NLdBj$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`(B
$B<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

41. Microsoft Windows SynAttackProtect Predictable Hash Remote Denial of Service Vulnerability
BugTraq ID: 15613
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15613
$BMWLs(B:
Microsoft Windows $B$K$O!"%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$O!"(B'SynAttackProtect' $B$N%O%C%7%e%F!<%V%k4IM}$rC4$&4X?t$K$*$1$k(B
$B@_7W>e$NITHw$KM3Mh$7$^$9!#(BTCP/IP $B%9%?%C%/$K$h$j;HMQ$5$l$k$3$NLdBj$N$"$k(B
$B4X?t$K$h$jM=B,2DG=$J%O%C%7%e$,:n@.$5$l$k$?$a!"F10l$N%O%C%7%eCM$,4XO"I
U$1(B
$B$i$l$?BgNL$N(B SYN $B%Q%1%C%H$r967b<T$,Aw?.$9$k$3$H$r5v$7$F$7$^$&$3$H$,%l%]!<(B
$B%H$K$h$j<(:6$5$l$F$$$^$9!#(B

$B967b$,@.8y$9$k$H!"8!:w$N<B9T$K$*$$$F%k%C%/%"%C%W%"%k%4%j%:%`$,6K$a$FI
T8z(B
$BN($H$J$k$?$a!"7k2L$H$7$F%5!<%S%9ITG=>uBV$K4Y$k>l9g$,$"$j$^$9!#(B

42. Gallery Multiple Input Validation Vulnerabilities
BugTraq ID: 15614
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15614
$BMWLs(B:
Gallery $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$kLdBj$H>pJs$,3+<($5(B
$B$l$kLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~N
OCM(B
$B$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%
f!<(B
$B%6$N%V%i%&%6$G!"LdBj$N$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$
N%9(B
$B%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$k(B
$BG'>ZMQ>pJs$N@`<h$J$I$N967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

$B967b<T$O>pJs$,3+<($5$l$kLdBj$rMxMQ$7$F!"LdBj$N$"$k(B Web $B%5!<%P%"%W%j%1!<(B
$B%7%g%s$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G'>ZMQ>pJs$*$h$S$9$Y$F$N%3%s%F%
s%D(B
$B$r3+<($9$k2DG=@-$,$"$j$^$9!#%5%$%H$N4IM}<T$O!"$3$N7g4Y$rMxMQ$5$l$J$$$
h$&(B
$B$K$9$k$?$a$K$3$N%b%8%e!<%k$rL58z2=$9$k$3$H$,$G$-$kE@$KN10U$9$Y$-$G$9!
#(B

$B99$J$k>\:Y$ODs6!$5$l$F$$$^$;$s!#(B

$B%Y%s%@$O!"%P!<%8%g%s(B 2.0.2 $B$G$3$NLdBj$r2r7h$7$F$$$^$9!#(B

43. Sun Java Runtime Environment Multiple Privilege Escalation Vulnerabilities
BugTraq ID: 15615
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-28
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15615
$BMWLs(B:
Sun JRE $B$K$O$5$^$6$^$J8"8B>:3J$,0z$-5/$3$5$l$k5?$$$,$"$j$^$9!#(B

$B$3$l$i$NLdBj$O!"%j%b!<%H$N(B Java $B%"%W%j%1!<%7%g%s$,1F6A$r<u$1$k%f!<%6$N%;(B
$B%-%e%j%F%#%3%s%F%-%9%HFb$G%m!<%+%k%U%!%$%k$KBP$9$kFI$_<h$j(B/$B=q$-
9~$_$r9T(B
$B$&!"$"$k$$$OG$0U$N%"%W%j%1!<%7%g%s$r<B9T$9$k$3$H$r5v$7$F$7$^$&2DG=@-$
,$"(B
$B$j$^$9!#(B

$B$3$l0J>e$N>\:Y>pJs$O8=;~E@$G$O8x3+$5$l$F$$$^$;$s!#>\:Y>pJs$,8x3+$5$l<
!Bh!"(B
$B$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

44. Panda Software Antivirus Library ZOO Archive Heap Overflow Vulnerability
BugTraq ID: 15616
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15616
$BMWLs(B:
Panda Software $B%"%s%A%&%$%k%9@=IJ$K$O%R!<%WNN0h$G%*!<%P!<%U%m!<$,H/@8$9(B
$B$k5?$$$,$"$j$^$9!#%"%s%A%&%$%k%9%i%$%V%i%j$,(B ZOO $B%"!<%+%$%V%U%!%$%k$r2r(B
$BE`$9$k$H$-$K$3$NLdBj$,H/@8$7$^$9!#(B

$B$3$NLdBj$NMxMQ$,@.8y$9$k$H!"LdBj$N$"$k%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#%
3%s(B
$B%F%-%9%HFb$GG$0U$N%3!<%I$,<B9T$5$l$F$7$^$$$^$9!#$3$NLdBj$O!"%5%]!<%H$
5$l(B
$B$F$$$k%W%i%C%H%U%)!<%`>e$N%G%9%/%H%C%W!"%2!<%H%&%'%$!"$*$h$S%5!<%P8~$
1$N(B
$B%"%s%A%&%$%k%9%"%W%j%1!<%7%g%s$K1F6A$r5Z$\$92DG=@-$,$"$j$^$9!#B?$/$N%
5!<(B
$B%I%Q!<%F%#@=$N%"%W%j%1!<%7%g%s$,LdBj$N$"$k%i%$%V%i%j$r;HMQ$7$F$$$k2DG
=@-(B
$B$,$"$j!"$3$NLdBj$N1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#LdBj$N$"$k@=IJ$NJq3gE
*$J(B
$B%j%9%H$K$D$$$F$O8=;~E@$G$OMxMQ2DG=$H$J$C$F$$$^$;$s!#(B

45. ASP-Rider Default.ASP SQL Injection Vulnerability
BugTraq ID: 15617
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15617
$BMWLs(B:
ASP-Rider $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?(B
$B%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

46. Cisco Security Agent Unspecified Local Privilege Escalation Vulnerability
BugTraq ID: 15618
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15618
$BMWLs(B:
Cisco Security Agent $B$K$O%m!<%+%k$G8"8B>:3J$,0z$-5/$3$5$l$kL$FCDj$NLdBj(B
$B$,B8:_$9$k5?$$$,$"$j$^$9!#(BMicrosoft Windows $B%W%i%C%H%U%)!<%`>e$GLdBj$N$"(B
$B$k%P!<%8%g%s$N(B Cisco Security Agent $B$r<B9T$7$F$$$k>l9g$N$_!"$3$NLdBj$N1F(B
$B6A$r<u$1$^$9!#(B

$B$3$NLdBj$K$D$$$F$N>\:Y$O!"8=;~E@$G$O8xI=$5$l$F$$$^$;$s!#99$J$k>\:Y$,8
x3+(B
$B$5$l<!Bh!"$3$N(B BID $B$O99?7$5$l$kM=Dj$G$9!#(B

$B$3$NLdBj$K$h$j!"%m!<%+%k$N967b<T$,LdBj$N$"$k%=%U%H%&%'%"$r<B9T$7$F$$$
k%3(B
$B%s%T%e!<%?$G(B SYSTEM $B8"8B$r<hF@$9$k$3$H$,5v$5$l$F$7$^$$$^$9!#(B

47. QNX Phgrafx Local Buffer Overflow Vulnerability
BugTraq ID: 15619
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15619
$BMWLs(B:
QNX Phgrafx $B$K$O!"%m!<%+%k$G$N967b$K$h$j%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k(B
$B5?$$$,$"$j$^$9!#(B

$BLdBj$N$"$k%f!<%F%#%j%F%#$K(B setuid-superuser $B8"8B$,IUM?$5$l$F$*$j!"967b$K(B
$B@.8y$9$k$H4IM}<T8"8B$GG$0U$N%^%7%s%3!<%I$r<B9T$9$k$3$H$,5v$5$l$F$7$^$
&$3(B
$B$H$,Js9p$5$l$F$$$^$9!#(B

QNX 6.3.0 $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#$=$NB>(B
$B$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

48. Kadu Remote Denial of Service Vulnerability
BugTraq ID: 15620
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15620
$BMWLs(B:
Kadu $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#
(B

$B%/%i%$%"%s%H$,(B Gadu-Gadu $B%5!<%P$+$i$N0U?^E*$K:n@.$5$l$?%a%C%;!<%8$r=hM}(B
$B$9$k:]$K$3$NLdBj$,H/@8$9$k$3$H$,Js9p$5$l$F$$$^$9!#(B

Kadu 0.4.2 $B$*$h$S(B 0.5.0pre. $B$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5(B
$B$l$^$7$?!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

49. PHP Upload Center Index.PHP Directory Traversal Vulnerability
BugTraq ID: 15621
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15621
$BMWLs(B:
PHP Upload Center $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$
l$J(B
$B$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"(BWeb $B%5!<%P%W%m%;%9$N8"8B$r;HMQ$7!"LdBj$N$"$k(B
$B%3%s%T%e!<%?$GG$0U$N%j%b!<%H(B $B%U%!%$%k$rFI$_=P$92DG=@-$,$"$j$^$9!#$3$l$K(B
$B$h$j!"IT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

50. Fantastic Scripts Fantastic News News.PHP SQL Injection Vulnerability
BugTraq ID: 15622
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15622
$BMWLs(B:
Fantastic News $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

Fantastic News 2.1.1 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

51. Xaraya Directory Traversal Vulnerability
BugTraq ID: 15623
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15623
$BMWLs(B:
Xaraya $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^$9!#(B

'index.php' $B%9%/%j%W%H$N(B 'module' $B%Q%i%a!<%?$r2p$7$F%G%#%l%/%H%j;2>HJ8;z(B
$BNs$r;XDj$7$F!"(BWeb $B%5!<%P$NG$0U$N>l=j$K%U%!%$%k$rCV$/$3$H$,2DG=$G$"$k$3$H(B
$B$,Js9p$5$l$F$$$^$9!#(B

$B967b<T$,0-0U$"$k%9%/%j%W%H%U%!%$%k$r(B Web $B%5!<%P$KCV$-!"$3$l$r<B9T$9$k$3(B
$B$H$,2DG=$G$"$k>l9g!"$3$NLdBj$O%j%b!<%H$+$i%3%s%T%e!<%?$KBP$9$k4m81$r>
7$/(B
$B2DG=@-$,$"$j$^$9!#%G!<%?$NGK2u$d%5!<%S%9ITG=>uBV$K4Y$i$;$k$J$I$N$[$+$
N96(B
$B7b$b2DG=$H$J$j$^$9!#(B

Xaraya 1.0.0 RC4 $B0JA0$K$*$$$F$3$NLdBj$N1F6A$r<u$1$^$9!#(B

52. DotClear Unspecified Trackback Vulnerability
BugTraq ID: 15624
$B%j%b!<%H$+$i$N:F8=@-(B: $BITL@(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15624
$BMWLs(B:
DotClear $B$K$O!"%H%i%C%/%P%C%/$K4X$9$kL$FCDj$N%;%-%e%j%F%#>e$NLdBj$,B8:_(B
$B$9$k5?$$$,$"$j$^$9!#(B

$B$3$l0J>e$N>\:Y$O8x3+$5$l$F$$$^$;$s!#>\:Y$,8x3+$5$l<!Bh!"$3$N(B BID $B$O99?7(B
$B$5$l$kM=Dj$G$9!#(B

DotClear 1.2.1 $B$K$*$$$F$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#%Y(B
$B%s%@$O$3$NLdBj$r2r>C$9$k%P!<%8%g%s(B 1.2.2 $B$r%j%j!<%9$7$F$$$^$9!#(B

53. Linux Kernel PTraced Child Auto-Reap Local Denial of Service Vulnerability
BugTraq ID: 15625
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15625
$BMWLs(B:
Linux Kernel $B$K$O!"%m!<%+%k$G%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#(B

ptrace $B$5$l$F$$$k>l9g$K%+!<%M%k$OITE,@Z$K%W%m%;%9$r<+F0E*$K<}=8$9$k$?$a!"(B

$BIT@5$J%]%$%s%?$H$J$jF@$^$9!#$3$N%]%$%s%?$KBP$7$F$5$i$KA`:n$,9T$o$l$k$
H%+!<(B
$B%M%k$,%/%i%C%7%e$9$k7k2L$H$J$j$^$9!#(B

$B$3$NLdBj$O!"%m!<%+%k%f!<%6$,%+!<%M%k$r%/%i%C%7%e$5$;!"@55,%f!<%6$X$N9
9$J(B
$B$k%5!<%S%9$N5qH]$r>7$/$3$H$r5v$7$F$7$^$$$^$9!#(B

Linux Kernel 2.6.15 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#(B

54. PHP Upload Center Directory Traversal Vulnerability
BugTraq ID: 15626
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15626
$BMWLs(B:
PHP Upload Center $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^(B
$B$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"@x:_E*$K=EMW$J>pJs$r4^$`%U%!%$%
k$r(B
$B3+<($9$k2DG=@-$,$"$j$^$9!#$3$NJ}K!$G<hF@$5$l$?>pJs$O!"$3$N%=%U%H%&%'%
"$*(B
$B$h$S%[%9%H%3%s%T%e!<%?$KBP$7$F99$J$k967b$r;n$_$k$?$a$N<j=u$1$H$7$F;HM
Q$5(B
$B$l$k2DG=@-$,$"$j$^$9!#(B

$B8=;~E@$G$O!"(BPHP Upload Center $B$N$9$Y$F$N%P!<%8%g%s$,LdBj$N1F6A$r<u$1$k$H(B
$B9M$($i$l$^$9!#(B

55. Linux Kernel Time_Out_Leases PrintK Local Denial of Service Vulnerability
BugTraq ID: 15627
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15627
$BMWLs(B:
Linux Kernel $B$K$O!"%m!<%+%k$G%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$O!"B??t$N%U%!%$%k%m%C%/$N%j!<%9$r<hF@$7%+!<%M%k%m%0%a%b%j$r2
aEY(B
$B$K>CHq$9$k$3$H$K$h$j0z$-5/$3$5$l$^$9!#%j!<%9$,%?%$%`%"%&%H$9$k$H!"%$%
Y%s(B
$B%H$,%m%0$5$l!"%+!<%M%k%a%b%j$,>CHq$5$l$^$9!#(B

$B$3$NLdBj$K$h$j!"%m!<%+%k$N967b<T$K$h$C$F%+!<%M%k%a%b%j$,2a>j$K>CHq$5$
l!"(B
$B7k2L$H$7$F%a%b%jITB-$N>uBV$H$J$j!"@55,%f!<%6$X$N%5!<%S%95qH]$r>7$/$3$
H$,(B
$B5v$5$l$F$7$^$$$^$9!#(B

Linux Kernel 2.6.15-rc3 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1(B
$B$^$9!#(B

56. DMANews Multiple SQL Injection Vulnerabilities
BugTraq ID: 15628
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15628
$BMWLs(B:
DMANews $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP(B
$B$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 0.904 $B$*$h$S(B 0.910 $B$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g(B
$B%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

57. Perl Perl_sv_vcatpvfn Format String Integer Wrap Vulnerability
BugTraq ID: 15629
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15629
$BMWLs(B:
Perl $B$K$O!"%U%)!<%^%C%H%9%H%j%s%0$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B

$BBj$O!";XDj$5$l$?%U%)!<%^%C%H$KJQ49$7$F=PNO$r9T$&4X?t$G=q<0;XDj;R$,%W%
m%0(B
$B%i%_%s%08@8l$K$h$jE,@Z$K=hM}$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"G$0U$N%W%m%;%9%a%b%j$K=q$-9~$_!"(BPerl $B$N%$%s(B
$B%?!<%W%j%?%W%m%;%9$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G%3!<%I<B9T$r0z$-5/$3$
92D(B
$BG=@-$,$"$j$^$9!#$3$l$K$h$j%j%b!<%H$+$iIT@5%"%/%;%9$,0z$-5/$3$5$l$k2DG
=@-(B
$B$,$"$j$^$9!#(B

$B3+H/<T$O!"(BPerl $B$K$*$1$k;XDj$5$l$?%U%)!<%^%C%H$KJQ49$7$F=PNO$r9T$&4X?t$,(B
C $B%i%$%V%i%j$N%P!<%8%g%s$HF1$8$h$&$K%;%-%e%j%F%#967b$r<u$1$k2DG=@-$,$"$
k(B
$B$b$N$H$7$F07$&I,MW$,$"$j!"=q<0;XDj;R$N0z?t$KEO$9$9$Y$F$N%G!<%?$r%5%K%
?%$(B
$B%:$9$kI,MW$,$"$j$^$9!#(B

$B%;%-%e%j%F%#>eITE,@Z$JJ}K!$G;XDj$5$l$?%U%)!<%^%C%H$KJQ49$7$F=PNO$r9T$
&4X(B
$B?t$r;HMQ$7$F$$$k$9$Y$F$N%"%W%j%1!<%7%g%s$,$3$NLdBj$N1F6A$r<u$1$k$H9M$
($i(B
$B$l$^$9!#(B

58. DRZES HMS Register_domain.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 15630
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15630
$BMWLs(B:
DRZES HMS $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$
$$3(B
$B$H$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdBj$N$
"(B
$B$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9T$
9$k(B
$B2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N96(B
$B7b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

DRZES HMS 3.2 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s(B
$B$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

59. Entergal MX Multiple SQL Injection Vulnerabilities
BugTraq ID: 15631
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15631
$BMWLs(B:
Entergal MX $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 2.0 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A(B
$B$r<u$1$k2DG=@-$,$"$j$^$9!#(B

60. BosDates Multiple SQL Injection Vulnerabilities
BugTraq ID: 15632
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15632
$BMWLs(B:
BosDates $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3(B
$B$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$KBP(B
$B$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 4.0 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A(B
$B$r<u$1$k2DG=@-$,$"$j$^$9!#(B

61. Post Affiliate Pro Index.PHP SQL Injection Vulnerability
BugTraq ID: 15633
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15633
$BMWLs(B:
Post Affiliate Pro $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 2.0.4 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F(B
$B6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

62. GhostScripter Amazon Shop Search.PHP SQL Injection Vulnerability
BugTraq ID: 15634
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15634
$BMWLs(B:
GhostScripter Amazon Shop $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,(B
$B$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"(B
$BF~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 5.0.0 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F(B
$B6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

63. KBase Express Multiple SQL Injection Vulnerabilities
BugTraq ID: 15635
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15635
$BMWLs(B:
KBase Express $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.0.0 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F(B
$B6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

64. ltwCalendar Calendar.PHP SQL Injection Vulnerability
BugTraq ID: 15636
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15636
$BMWLs(B:
ltwCalendar $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$N(B
$BLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K(B
$B%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 4.1.3 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F(B
$B6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

65. Orca Knowledgebase Knowledgebase.PHP SQL Injection Vulnerability
BugTraq ID: 15637
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15637
$BMWLs(B:
Orca Knowledgebase $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 2.1b $B$K$*$$$FLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r(B
$B<u$1$k2DG=@-$,$"$j$^$9!#(B

66. Orca Blog Blog.PHP SQL Injection Vulnerability
BugTraq ID: 15638
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15638
$BMWLs(B:
Orca Blog $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?(B
$B%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.3b $B$K$*$$$FLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r(B
$B<u$1$k2DG=@-$,$"$j$^$9!#(B

67. Orca Ringmaker Ringmaker.PHP SQL Injection Vulnerability
BugTraq ID: 15639
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15639
$BMWLs(B:
Orca Ringmaker $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 2.3c $B$K$*$$$FLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r(B
$B<u$1$k2DG=@-$,$"$j$^$9!#(B

68. FAQ System Multiple SQL Injection Vulnerabilities
BugTraq ID: 15640
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15640
$BMWLs(B:
FAQ System $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.1 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A(B
$B$r<u$1$k2DG=@-$,$"$j$^$9!#(B

69. Survey System Survey.PHP SQL Injection Vulnerability
BugTraq ID: 15641
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15641
$BMWLs(B:
Survey System $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.1 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A(B
$B$r<u$1$k2DG=@-$,$"$j$^$9!#(B

70. Linux Kernel PTrace CLONE_THREAD Local Denial of Service Vulnerability
BugTraq ID: 15642
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15642
$BMWLs(B:
Linux Kernel $B$K$O!"%m!<%+%k$G%5!<%S%9ITG=>uBV$K4Y$kLdBj$,B8:_$9$k5?$$$,(B
$B$"$j$^$9!#(B

'CLONE_THREAD' $B0z?t$,4XO"IU$1$i$l$F$$$k(B 'clone' $B%7%9%F%`%3!<%k$r2p$7$F%W(B
$B%m%;%9$,:n@.$5$l$?%$%s%9%?%s%9$,(B ptrace $B$5$l$k>l9g!"%+!<%M%k$O;XDj$5$l$?(B
$B%W%m%;%9$r%H%l!<%9$7$F$$$J$$$3$H$r@5$7$/3NG'$7$^$;$s!#(B

$B$3$NLdBj$O!"%m!<%+%k%f!<%6$,%+!<%M%k$r%/%i%C%7%e$5$;!"@55,%f!<%6$X$N9
9$J(B
$B$k%5!<%S%9$N5qH]$r>7$/$3$H$r5v$7$F$7$^$$$^$9!#(B

Linux Kernel 2.6.14.2 $B$h$jA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$^(B
$B$9!#(B

71. N-13 News SQL Injection Vulnerability
BugTraq ID: 15643
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15643
$BMWLs(B:
N-13 News $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B8=;~E@$G$O!"(BN -13 $B$N$9$Y$F$N%P!<%8%g%s$,LdBj$N1F6A$r<u$1$k$3$H$,9M$($i$l(B
$B$^$9!#(B

72. DRZES HMS Multiple SQL Injection Vulnerabilities
BugTraq ID: 15644
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15644
$BMWLs(B:
DRZES HMS $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

DRZES HMS 3.2 $B0JA0$,$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9$,!"$3$l(B
$B0JA0$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

73. NuFW Malformed Packet Remote Denial Of Service Vulnerability
BugTraq ID: 15645
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15645
$BMWLs(B:
NuFW $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k2DG=@-$,$"$j$^(B

$B$9!#$3$NLdBj$O!"G'>Z$5$l$F$$$k%f!<%6$+$iAw?.$5$l$?0U?^E*$K:n@.$5$l$?%
M%C(B
$B%H%o!<%/%Q%1%C%H$,E,@Z$K=hM}$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B$3$NLdBj$K$h$j!"(B'nuauth' $B%"%W%j%1!<%7%g%s$,%/%i%C%7%e$7!"8eB3$N%f!<%6$X(B
$B$N%5!<%S%95qH]$r>7$/2DG=@-$,$"$j$^$9!#(B

NuFW 1.0.16 $B$h$jA0$N%P!<%8%g%s$H3+H/HG(B 1.1 $B$,$3$NLdBj$N1F6A$r<u$1$^$9!#(B

74. pcAnywhere Authentication Denial of Service Vulnerability
BugTraq ID: 15646
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-29
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15646
$BMWLs(B:
Symantec pcAnywhere $B$K$O%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k5?$$$,$"$j$^$9!#(B
$B$3$N7g4Y$OG'>Z$NA0$K0z$-5/$3$5$l$k$?$a!"$3$NLdBj$OM-8z$JG'>ZMQ>pJs$N$
J$$(B
$B%j%b!<%H$N967b<T$K$h$jMxMQ$5$l$k2DG=@-$,$"$j$^$9!#$3$NLdBj$K$h$j%5!<%
S%9(B
$BITG=>uBV$K4Y$i$5$l$k$3$H$,3NG'$5$l$F$$$^$9!#%5%]!<%H%P!<%8%g%s(B 11.0.1 $B$*(B
$B$h$S(B 11.5.1 $B$,$3$NLdBj$N1F6A$r<u$1$k$3$H$,3NG'$5$l$F$$$^$9!#0JA0$N%P!<%8%g(B
$B%s$K$bLdBj$,B8:_$7!"%f!<%6$O:G?7$N%5%]!<%H%P!<%8%g%s$K%"%C%W%0%l!<%I$
9$k(B
$B$h$&$K4+9p$5$l$F$$$^$9!#(B

$B%Q%C%A$,8x3+$5$l$F$$$^$9!#(B

75. Apple Mac OS X Security Update 2005-009 Multiple Vulnerabilities
BugTraq ID: 15647
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15647
$BMWLs(B:
Mac OS X $B$K$*$1$k%m!<%+%k$*$h$S%j%b!<%H$GMxMQ2DG=$JJ#?t$NLdBj$r2r7h$9$k(B
$B$?$a$K!"(BApple $B$O(B Security Update 2005-008 $B$r%j%j!<%9$7$^$7$?!#(B

$B$3$N%;%-%e%j%F%#%"%C%W%G!<%H$G$O!"0J2<$NLdBj$,2r7h$5$l$^$7$?!#(B

Apache2 $B$K$*$$$FFCDj$N@_Dj$G%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$(B
$B$,$"$kLdBj(B

apache_mod_ssl $B$K$*$$$FG'>Z$,2sHr$5$l$k5?$$$,$"$kLdBj(B

CoreFoundation $B$K$*$$$F!"%5!<%S%9ITG=>uBV$K4Y$k!"$"$k$$$OG$0U$N%3!<%I$,(B
$B<B9T$5$l$k5?$$$,$"$kLdBj(B

curl $B$K$*$$$F(B NTLM $BG'>Z$G0-0U$N$"$k(B HTTP $B%5!<%P$K@\B3$9$k$H$-$KG$0U$N%3!<(B
$B%I$,<B9T$5$l$k5?$$$,$"$kLdBj(B

iodbcadmintool $B$K$*$$$F%m!<%+%k$G8"8B>:3J$,0z$-5/$3$5$l$k5?$$$,$"$kLdBj(B

OpenSSL $B$K$*$$$F(B SSLv2 $B%W%m%H%3%k$r6/@)E*$K;HMQ$5$l$kLdBj(B

passwordserver $B$K$*$$$F%m!<%+%k%f!<%6$,8"8B$r>:3J$5$;$k$3$H$,5v$5$l$F$7(B
$B$^$&2DG=@-$,$"$kLdBj(B

Safari $B$K$*$$$F@55,I=8=$r=hM}$9$k$H$-$KG$0U$N%3!<%I$,<B9T$5$l$k5?$$$,$"(B
$B$kLdBj(B

Safari $B$K$*$$$F;XDj$N%@%&%s%m!<%I%G%#%l%/%H%j0J30$N>l=j$K%U%!%$%k$,%@%&(B
$B%s%m!<%I$5$l$F$7$^$&$3$H$r5v$9%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$
$$,(B
$B$"$kLdBj(B

Safari $B$K$*$$$F(B JavaScript $B%@%$%"%m%0%\%C%/%9$G%f!<%6$rOG$o$9>pJs$rI=<((B
$B$9$k$3$H$r5v$7$F$7$^$&5?$$$,$"$kLdBj(B

Safari $B$K$*$$$F(B WebKit $B%Y!<%9$N%"%W%j%1!<%7%g%s$,;HMQ$5$l$F$$$k(B Web $B%5%$(B
$B%H$K%"%/%;%9$9$k$H$-$K!"%j%b!<%H$+$i%3!<%I$,<B9T$5$l$kLdBj(B

sudo $B$K$*$$$FFCDj$N@_Dj$G%m!<%+%k$G8"8B>:3J$,0z$-5/$3$5$l$k5?$$$,$"$kLd(B

$BBj(B

syslog $B$K$*$$$F%7%9%F%`%m%0%(%s%H%j$,56Au$5$l$k2DG=@-$,$"$kLdBj(B

$B$3$l$i$NLdBj$O!"99$KJ,@O$5$l<!Bh8DJL$N(B BID $B$KJ,3d$5$l$kM=Dj$G$9!#(B

76. CenterICQ Malformed Packet Handling Remote Denial of Service Vulnerability
BugTraq ID: 15649
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15649
$BMWLs(B:
CenterICQ $B$K$O!"%j%b!<%H$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j(B
$B$^$9!#(B

$B%/%i%$%"%s%H$,%$%s%?!<%M%C%H$KD>@\@\B3$7$F$$$k%3%s%T%e!<%?>e$G<B9T$7$
F$*(B
$B$j!"(BICQ $B%a%C%;!<%8$N<u?.%]!<%H$G0U?^E*$K:n@.$5$l$?%Q%1%C%H$r=hM}$9$k$H$-(B
$B$K$3$NLdBj$,H/@8$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%/%i%$%"%s%H$,%/%i%C%7%e$9$k2DG=@-$,$"$j$^$9!#(B

77. SocketKB Index.PHP SQL Injection Vulnerability
BugTraq ID: 15650
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15650
$BMWLs(B:
SocketKB $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?(B
$B%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

78. PHPAlbum Local File Include Vulnerability
BugTraq ID: 15651
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15651
$BMWLs(B:
PHPAlbum $B$K$O!"%m!<%+%k$G%U%!%$%k$,%$%s%/%k!<%I$5$l$k5?$$$,$"$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$G(B Web $B%5!<%P%W%m%;(B
$B%9$N8"8B$r;HMQ$7!"G$0U$N%5!<%P%5%$%I%9%/%j%W%H%3!<%I$r<B9T$9$k2DG=@-$
,$"(B
$B$j$^$9!#(B

$B$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%3%s%T%e!<%?>e$NG$0U$N%U%!%$%k$r(B Web $B%5!<(B
$B%P$N8"8B$GFI$_<h$k2DG=@-$,$"$kE@$K$bN10U$9$Y$-$G$9!#(B

PHPAlbum 0.2.3 $B0JA0$N%P!<%8%g%s$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js(B
$B9p$5$l$F$$$^$9!#(B

79. Softbiz B2B Trading Marketplace Multiple SQL Injection Vulnerabilities
BugTraq ID: 15652
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15652
$BMWLs(B:
Softbiz B2B Trading Marketplace $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8(B
$B:_$9$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G(B
$B;HMQ$9$kA0$K!"F~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM
3Mh(B
$B$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.1 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

80. Softbiz FAQ Multiple SQL Injection Vulnerabilities
BugTraq ID: 15653
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15653
$BMWLs(B:
Softbiz FAQ $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.1 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

81. Atlantis Knowledge Base Search.PHP SQL Injection Vulnerability
BugTraq ID: 15654
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15654
$BMWLs(B:
Atlantis Knowledge $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^(B
$B$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 3.0 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

82. FAQRing Answer.PHP SQL Injection Vulnerability
BugTraq ID: 15655
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15655
$BMWLs(B:
FAQRing $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$(B
$B%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 3.0 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

83. WSN Knowledge Base Multiple SQL Injection Vulnerabilities
BugTraq ID: 15656
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15656
$BMWLs(B:
WSN Knowledge Base $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,(B
$B$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"(B
$BF~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.2.0 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$(B
$B$^$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

84. O-Kiraku Nikki Nikki.PHP SQL Injection Vulnerability
BugTraq ID: 15657
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15657
$BMWLs(B:
O-Kiraku Nikki $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N(B
$B%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.3 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

85. 88Scripts Event Calendar Index.PHP SQL Injection Vulnerability
BugTraq ID: 15658
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15658
$BMWLs(B:
88Scripts Event Calendar $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,(B
$B$"$j$^$9!#$3$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"(B
$BF~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 2.0 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^(B
$B$9!#$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

86. Instant Photo Gallery Multiple SQL Injection Vulnerabilities
BugTraq ID: 15659
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15659
$BMWLs(B:
Instant Photo Gallery $B$K$O!"(BSQL$B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$(B
$B$,$"$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0(B
$B$K!"F~NOCM$KBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!
#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B v1 $B0JA0$K$*$$$F!"$3$NLdBj$N1F6A$r<u$1$k$3$H$,Js9p$5$l$F$$$^$9!#(B
$B$=$NB>$N%P!<%8%g%s$b1F6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

87. Microsoft Internet Explorer CSS Import Cross-Domain Restriction Bypass Vulnerability
BugTraq ID: 15660
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15660
$BMWLs(B:
Microsoft Internet Explorer $B$K$O!"%/%m%9%I%a%$%s%;%-%e%j%F%#%b%G%k$r?/32(B
$B$9$k$3$H$r5v$7$F$7$^$&5?$$$,$"$j$^$9!#(B

CSS $B%U%!%$%k$r@5$7$/2r<a$;$:!"M-8z$J(B CSS $B%U%!%$%k$G$O$J$$%U%!%$%k$r%$%s(B
$B%]!<%H$7$F$7$^$&$?$a$K$3$NLdBj$,0z$-5/$3$5$l$^$9!#(B

$B$3$NLdBj$K$h$j967b<T$,(B CSS $B%U%!%$%k$H$7$FITE,@Z$K%$%s%]!<%H$5$l$?%j%b!<(B
$B%H%5%$%H$N(B HTML $B$*$h$S%9%/%j%W%H%3!<%I$r3+<($9$k$3$H$r5v$7$F$7$^$$$^$9!#(B
$B$3$N%5%$%H$O$3$NLdBj$,MxMQ$5$l$k%5%$%H$H$OJL$N%I%a%$%s$KB8:_$9$k2DG=@
-$,(B
$B$"$j$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F=EMW$J>pJs$r<hF@$7!"99$J$k967b$KMxMQ$9$k2DG
=@-(B
$B$,$"$j$^$9!#(B

88. Tradesoft CMS Multiple SQL Injection Vulnerabilities
BugTraq ID: 15661
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15661
$BMWLs(B:
Tradesoft CMS $B$O!"(BSQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B
$B$3$l$i$NLdBj$O!"%f!<%6$K$h$kF~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$K(B
$BBP$9$k%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

89. WebCalendar Multiple SQL Injection Vulnerabilities
BugTraq ID: 15662
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15662
$BMWLs(B:
WebCalendar $B$K$O(B SQL $B9=J8$rCmF~2DG=$JJ#?t$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

$B$3$NLdBj$K$h$j!"%j%b!<%H$N967b<T$,%G!<%?%Y!<%9%/%(%j$K0-0U$"$kF~NOCM$
rEO(B
$B$7!"%/%(%j$NO@M}9=B$$rA`:n$9$k$J$I$N967b$,5v$5$l$F$7$^$&2DG=@-$,$"$j$
^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

$B%P!<%8%g%s(B 1.0.1 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F(B
$B6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

90. Drupal Image Upload HTML Injection Vulnerability
BugTraq ID: 15663
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15663
$BMWLs(B:
Drupal $B$K$O!"(BHTML $B%?%0$rA^F~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O!"%f!<%6$,;XDj$7$?F~NOCM$rF0E*$K@8@.$7$?%3%s%F%s%D$G;HMQ$9$kA0$K!"F
~NO(B
$BCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b<T$,Ds6!$7$?(B HTML $B$d%9%/%j%W%H%3!<%I$OLdBj$N$"$k(B Web $B%5%$%H$N%;%-%e(B
$B%j%F%#%3%s%F%-%9%HFb$G<B9T$5$l$k2DG=@-$,$"$j!"$3$l$K$h$j(BCookie $B$KM3Mh$9(B
$B$kG'>ZMQ>pJs$N@`<h$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$O$3$
NLd(B
$BBj$rMxMQ$7$F!"%f!<%6$KBP$9$k%5%$%H$N%l%s%@%j%s%0J}K!$r@)8f$9$k2DG=@-$
b$"(B
$B$j$^$9!#$=$NB>$N967b$,0z$-5/$3$5$l$k2DG=@-$b$"$j$^$9!#(B

$B$3$NLdBj$O!"(BWeb $B%V%i%&%6$K(B Microsoft Internet Explorer $B$r;HMQ$9$k$H$-$K(B
$B8B$jH/@8$7$^$9!#(B

91. Citrix Multiple Applications Login Form Cross-Site Scripting Vulnerability
BugTraq ID: 15664
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15664
$BMWLs(B:
Citrix MetaFrame Secure Access Manager $B$*$h$S(B Citrix NFuse Elite $B$K$O!"(B
$B%/%m%9%5%$%H%9%/%j%W%F%#%s%0967b$r<u$1$k5?$$$,$"$j$^$9!#$3$l$i$NLdBj$
O!"(B
$B%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$
7$^(B
$B$9!#(B

$B967b<T$O$3$l$i$NLdBj$rMxMQ$7$F!"5?$$$r;}$?$J$$%f!<%6$N%V%i%&%6$G!"LdB
j$N(B
$B$"$k%5%$%H$N%;%-%e%j%F%#%3%s%F%-%9%HFb$G!"G$0U$N%9%/%j%W%H%3!<%I$r<B9
T$9(B
$B$k2DG=@-$,$"$j$^$9!#$3$l$K$h$j!"(BCookie $B$KM3Mh$9$kG'>ZMQ>pJs$N@`<h$J$I$N(B
$B967b$,0z$-5/$3$5$l$k2DG=@-$,$"$j$^$9!#(B

92. Lore Article.PHP SQL Injection Vulnerability
BugTraq ID: 15665
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15665
$BMWLs(B:
Lore $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj$O!"(B
$B%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?%$%:=h(B
$BM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

93. Astaro Security Linux ISAKMP IKE Traffic Denial of Service Vulnerability
BugTraq ID: 15666
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15666
$BMWLs(B:
Astaro Security Linux $B$O!"0U?^E*$K:n@.$5$l$?(B IKE $B%H%i%U%#%C%/$r=hM}$9$k(B
$B:]$K%5!<%S%9ITG=>uBV$K4Y$k5?$$$,$"$j$^$9!#(B

$B0U?^E*$K:n@.$5$l$?%Z%$%m!<%I$,4XO"IU$1$i$l$?%Q%1%C%H$,(B IKE $B8r49$N:]$KAw(B
$B?.$5$l$k$H%G!<%b%s$,%/%i%C%7%e$7$F$3$NLdBj$,H/@8$9$k$H?dB,$5$l$^$9!#
(B

94. DotClear Session.PHP SQL Injection Vulnerability
BugTraq ID: 15667
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15667
$BMWLs(B:
DotClear $B$K$O!"(BSQL $B9=J8$rCmF~2DG=$JLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$r(B SQL $B%/%(%j$G;HMQ$9$kA0$K!"F~NOCM$N%5%K%?(B
$B%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

$B967b$,@.8y$9$k$H!"%"%W%j%1!<%7%g%s$KBP$9$k6<0R$,>7$+$l$?$j!"%G!<%?$,3
+<((B
$B$5$l$?$jA`:n$5$l$?$j$9$k2DG=@-$,$"$j$^$9!#$^$?!"967b<T$,%P%C%/%(%s%I%
G!<(B
$B%?%Y!<%9$N<BAu$NLdBj$rMxMQ$9$k$3$H$,5v$5$l$F$7$^$&2DG=@-$b$"$j$^$9!#
(B

95. Avaya TN2602AP IP Media Resource 320 Remote Denial of Service Vulnerability
BugTraq ID: 15668
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-11-30
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15668
$BMWLs(B:
Avaya TN2602AP IP Media Resource 320 $B$K$O!"%j%b!<%H$+$i%5!<%S%9ITG=>uBV(B
$B$K4Y$k5?$$$,$"$j$^$9!#(B

$B967b$,@.8y$9$k$H!"%a%b%j%j!<%/$,0z$-5/$3$5$l%/%i%C%7%e$9$k$?$a$K%5!<%
S%9(B
$BITG=>uBV$K4Y$k2DG=@-$,$"$j$^$9!#(B

Avaya TN2602AP IP Media Resource 320 $B$N(B vintage 9 $B%U%!!<%`%&%'%"$h$jA0$N(B
$B%P!<%8%g%s$,$3$NLdBj$N1F6A$r<u$1$^$9!#(B

96. FastJar Archive Extraction Directory Traversal Vulnerability
BugTraq ID: 15669
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15669
$BMWLs(B:
FastJar $B$K$O!"%G%#%l%/%H%j%H%i%P!<%5%k967b$r<u$1$k5?$$$,$"$j$^$9!#$3$NLd(B
$BBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$
KM3(B
$BMh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F!"LdBj$N$"$k%"%W%j%1!<%7%g%s$r;HMQ$9$k%f!<%
6$N(B
$B%;%-%e%j%F%#%3%s%F%-%9%HFb$GG$0U$N%U%!%$%k$r>e=q$-$9$k$3$H$,2DG=$G$9!
#>e(B
$B=q$-$5$l$k%U%!%$%k$K$h$C$F$O!"%7%9%F%`%/%i%C%7%e$dIT@5%"%/%;%9$,$,0z$
-5/(B
$B$3$5$l$k2DG=@-$,$"$j$^$9!#$=$NB>$N967b$r<u$1$k2DG=@-$b$"$j$^$9!#(B

97. Microsoft Windows CreateRemoteThread Local Denial of Service Vulnerability
BugTraq ID: 15671
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15671
$BMWLs(B:
Microsoft Windows$B$K$O!"%m!<%+%k$+$i$N967b$K$h$j%5!<%S%9ITG=>uBV$K4Y$k5?(B
$B$$$,$"$j$^$9!#$3$NLdBj$rMxMQ$9$k967b<T$O!"%7%9%F%`A4BN$r%5!<%S%9ITG=>
uBV(B
$B$K4Y$i$;$k!"$"$k$$$OG$0U$N%W%m%;%9$r=*N;$9$k2DG=@-$,$"$j$^$9!#(B

$B%W%m%;%9$,(B 'CreateRemoteThread' $B4X?t$r8F$S=P$7$F$3$NLdBj$r0z$-5/$3$9$3$H(B
$B$,2DG=$G$"$k$3$H$,Js9p$5$l$F$$$^$9!#(B

$B$3$N967b$O%m!<%+%k$N8"8B$N$J$$%f!<%6$K$h$j<B9T$5$l$k$3$H$,Js9p$5$l$^$
7$?!#(B

98. MXChange Multiple Unspecified Input Validation Vulnerabilities
BugTraq ID: 15672
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15672
$BMWLs(B:
MXChange $B$K$O!"F~NOCM$NBEEv@-3NG'$K4XO"$9$kJ#?t$NLdBj$,B8:_$9$k5?$$$,$"(B
$B$j$^$9!#$3$l$i$NLdBj$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$
K<B(B
$B9T$5$l$J$$$3$H$KM3Mh$7$^$9!#(B

MXChange $B$K$O!"%/%m%9%5%$%H%9%/%j%W%F%#%s%0$NLdBj$*$h$S(B SQL $B9=J8$rCmF~2D(B
$BG=$JL$FCDj$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#(B

99. WebCalendar Layers_Toggle.PHP HTTP Response Splitting Vulnerability
BugTraq ID: 15673
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15673
$BMWLs(B:
WebCalendar $B$K$O!"(BHTTP $B1~EzJ,3d$NLdBj$,B8:_$9$k5?$$$,$"$j$^$9!#$3$NLdBj(B
$B$O!"%f!<%6$,;XDj$7$?F~NOCM$N%5%K%?%$%:=hM}$,E,@Z$K<B9T$5$l$J$$$3$H$KM
3Mh(B
$B$7$^$9!#(B

$B%j%b!<%H$N967b<T$O$3$NLdBj$rMxMQ$7$F!"%G!<%?$N2~$6$s!"%-%c%C%7%e1x@w$
d56$C(B
$B$?%3%s%F%s%D$rI=<($5$;$k2DG=@-$,$"$j$^$9!#$3$NLdBj$O!"%/%i%$%"%s%H%f!
<%6(B
$B$r$"$?$+$b0BA4$G$"$k$H8m2r$5$;$k$h$&$K;E8~$1$k$5$^$6$^$J967b$KMxMQ$5$
l$k(B
$B2DG=@-$,$"$j$^$9!#(B

WebCalendar 1.01 $B$K$*$$$F!"LdBj$N1F6A$r<u$1$^$9!#$=$NB>$N%P!<%8%g%s$b1F(B
$B6A$r<u$1$k2DG=@-$,$"$j$^$9!#(B

100. Drupal View User Profile Authorization Bypass Vulnerability
BugTraq ID: 15674
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2005-12-01
$B4XO"$9$k(B URL: http://www.securityfocus.com/bid/15674
$BMWLs(B:
Drupal $B$K$O!"G'>Z$,2sHr$5$l$kLdBj$,B8:_$7$^$9!#$3$NLdBj$O!"%"%W%j%1!<%7%g(B

$B%s$,(B PHP5 $B$N85$G<B9T$7$F$$$k>l9g$NL$FCDj$N%(%i!<$KM3Mh$7$^$9!#(B

$B967b<T$O$3$NLdBj$rMxMQ$7$F8"8B$r2sHr$7!"%f!<%6%W%m%U%!%$%k$K%"%/%;%9$
9$k(B
$B2DG=@-$,$"$j!"7k2L$H$7$F>pJs$,O31L$9$k2DG=@-$,$"$j$^$9!#(B

III.SECURITYFOCUS NEWS ARTICLES
--------------------------------
1. Federal flaw database commits to grading system
$BCx<T(B: Robert Lemos
National Vulnerability Database $B$G$O!"(BCommon Vulnerability Seoring
System (CVSS) $B$rF3F~$7!"8x3+$5$l$F$$$k(B 13,000 $B0J>e$N7g4Y$K$D$$$F?<9oEY$N(B
$B%i%s%-%s%0$r$D$1$F$$$^$9!#(B

http://www.securityfocus.com/news/11360

2. Mac OS X security under scrutiny
$BCx<T(B: Robert Lemos
$B%;%-%e%j%F%#7g4Y$NH/8+<T$d%O%C%+!<$O(B Apple $B<R$N@vN}$5$l$?%*%Z%l!<%F%#%s(B
$B%0%7%9%F%`$,$*5$$KF~$j$G$9$,!":G6a$N%;%-%e%j%F%#LdBj$K$O6K$a$F4m81$J$
b$N(B
$B$,$"$k$H;XE&$7$F$$$k?M$b$$$^$9!#(B

http://www.securityfocus.com/news/11359

3. Texas puts Sony BMG in its sights
$BCx<T(B: Robert Lemos
$B99?7(B: $B%F%-%5%9=#$N8!;vAmD9$O!"%F%-%5%9=#$,(B Sony BMG $B$rF1<R$N%3%T!<KI;_5;(B
$B=Q$,!VIT@5$J%9%Q%$%&%'%"!W$G$"$k$H$7$FDsAJ$7$?$3$H$rH/I=$7$^$7$?!#(B
EFF $B$O(B
$BF1F|9pAJ$rDs=P$7$F$$$^$9!#(B

http://www.securityfocus.com/news/11358

4. Sony BMG's copy-protection problems grow
$BCx<T(B: Robert Lemos
$B8&5f<T$?$A$,(B Sony BMG $B$N%3%T!<KI;_%=%U%H%&%'%"$K$OB?$/$N%;%-%e%j%F%#>e$N(B
$BLdBj$,B8:_$9$k$3$H$rH/8+$7!"J#?t$N5D0w$,%G%8%?%k%a%G%#%"$X$N2aEY$N@)L
s$K(B
$B$D$$$FHsFq$7$F$$$kCf!"(BSony BMG $B$OE9J^$+$i(B CD $B$r2s<}$7!"2~A1$5$l$?=|5n%D!<(B
$B%k$r8x3+$7!">CHq<T$,%G%#%9%/$rJVIJ$9$k5!2q$rDs6!$7$F$$$^$9!#(B

http://www.securityfocus.com/news/11357

5. Skype under scrutiny for bugs
$BCx<T(B: John Leyden
$B9-$/;HMQ$5$l$F$$$k(B VoIP $B%3%_%e%K%1!<%7%g%s%=%U%H%&%'%"$G$"$k(B Skype $B$K4X(B
$BO"$9$k:G6a$N(B 2 $B7o$N?<9o$J%;%-%e%j%F%#>e$NLdBj$O!"%Y%s%@$K$H$C$F:G0-$N%?(B
$B%$%_%s%0$G5/$3$j$^$7$?!#(B

http://www.securityfocus.com/news/11354

6. Say hello to the Skype Trojan
$BCx<T(B: John Leyden
$B%&%$%k%9:n@.<T$O!"?M5$$N9b$$(B VoIP $B%=%U%H%&%'%"$G$"$k(B Skype $B$N:G?7%P!<%8%g(B
$B%s$K8+$;$+$1$??7$?$J%H%m%$$NLZGO$r;HMQ$7$F!"(BSkype $B%f!<%6$rI8E*$K$7$F$$$^(B
$B$9!#(B

http://www.securityfocus.com/news/11348

7. Shared music abuse bug hits iTunes
$BCx<T(B: John Leyden
$B%;%-%e%j%F%#8&5f<T$O!"?M5$$N9b$$(B Apple $B$N(B iTunes $B%W%m%0%i%`$GLdBj$rH/8+(B
$B$7$^$7$?!#$3$NLdBj$O!"6&M-$N2;3Z$r%@%&%s%m!<%I$9$k%$%s%?%U%'!<%9$G<B9
T$5(B
$B$l$k2DG=@-$,$"$j$^$9!#(B

http://www.securityfocus.com/news/11347

8. US cybersecurity all at sea
$BCx<T(B: John Leyden
$B9qEZ0BA4J]>c>J$K$h$k%"%a%j%+9qFb$N%5%$%P!<%;%-%e%j%F%#%j%9%/$N4IM}$OI
T==(B
$BJ,$G$"$k!"$H@h$NJF9qBgE}NN>pJs%;%-%e%j%F%#C4Ev8\Ld$OH/8@$7$F$$$^$9!#
(B

http://www.securityfocus.com/news/11345

--
$BK]Lu(B: LAC $BK]Lu%A!<%`(B
$B4F=$(B: $B>.3^8691M:(B (OGASAWARA Tsuneo)
LAC Co., Ltd.
http://www.lac.co.jp/index.html
0?l *?H?÷
?]0?Y10 +0 *?H?÷
?
û0?0?k9ÊT?þP"2þ2ÙÛû?0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
180518235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
?÷Îv\«??Ü?o49]?>kr,áÇ¢{@)¹x?ºLÅ£j^?n{ãòAf¾û®¢Î?ó¢4?´²¶$òåÕàÈåbm?{Ë¾»?|WÊð7©¯?î¾(?Ù&v ÍÄNð®Õ¾¯WjÐ BBBô
Ì¥x??&8?G0?0?kLÇêª?>qÓ?ø=:???0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
280801235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?ªÐº¾-¸?ÔÊÒ¼v1Ê?Ø??V¼ÙooR6nuV
UÓßC?!e?~½!Þk2??4?A5ë?ë?ÝªY?Sm?Oíåâ*ZÁ¹Ä¦ÏÈEë¦]??>ðd$v¥Í«o¶Ø{Qa
n¦?Èâ·å4ÜA?ê @¾s?=kçu0
*?H?÷
©OÃ
Çg¾,ËÙ¨Í-uç~?;rë~ë\- ?Ökm`|å®Å#\JÐ¯±]óÇ¶
Ûà?
Ý¼Çv?µÝOÃ?u¸ÀæÉ[k¥¸?Ü¬¤ÝríN¡÷O¼ÓêÈdt{Â?A?esXñ?<j±?ÉÄ?¼ÏEmEân"?þ¼1\
èòÙ0?¶0? %îs<û ?U??{?í¿0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 1 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
020404000000Z
070403235959Z0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0?0
*?H?÷
0?¼+þîO×ùútüoÃøÊ?(v'È4 Ëªr-Éö?~?hòKïÉÿo½?îÓ??ÿ¨þîhU°¼ð°óåNhfisµ:V÷^uæo;êâd'\`?ÝÛ+·¼¶ª¡$)¯t¦?¯GöÕK~,e3îÛ¥<
KCp?ÙÙÂ??Äø(£¤0¡0Uÿ0ÿ0FU ?0=0;`?H?øE0,0*+https://www.verisign.co.jp/rpa0U
ÿ0 `?H?øB0 U0¤010UC1C2-1-40
*?H?÷
\?Ïh??¿ÏÓ_n²N>?Qs?e¢w ~ü v1?ÿîv4YVÊæGèãTÓÈ?Î?«bMo]?¸¢±?_K??Çó[m³#ÕcÑU*¿þ·ÄUò´o:?¿ê§q^/=¯?
?òt)ÿÌõ
?¬ÕÕ?ô÷7ªÔ?pd{0?10?? d2?7Åw?É??¹?b?ñ0
*?H?÷
0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CA0
050331000000Z
060331235959Z0ü10U
VeriSign Japan K.K.10UISP Service CA1503U,Terms of use at www.verisign.co.jp/rpa (c)011806U/Service Name - 5BF88D474BD2A6D3E7E073163F0C4D1210UHitachijoho10UTsuneo Ogasawara1!0 *?H?÷
t.ogaswr (at) lac.co (dot) jp0 [email concealed]?0
*?H?÷
0?¿*E´\2ÅÍóDíÐÏÇ~?+Ü=Ù&-u4)~è§ÊÇ2ÉnAàÙWÍØoÓÐûÊfÚq³.?³¥Hë¼ÀÚ×?!0¯6iÚ??±?rÙDÏdA[?Ùî?´q\~ãè?ú¨
Ä»ù?oÊi1¶+_ãr?#??>¥þ?IÁeA£ä0á0 U00EU >0<0:
`?H?øE0,0*+https://www.verisign.co.jp/rpa0U 0
`?H?øB?0ZUS0Q0O M K?Ihttp://onsitecrl.verisign.co.jp/VeriSi
gnJapanKKISPServiceCA/LatestCRL.crl0
`?H?øE ÿ0
*?H?÷
TMÎ¤©ýäøpßËµ"òÎ©,ÍË¶Q??`puÏ?¥?F?ÿ¬ãÅz?¸íñ²Oð)ô2ð$³q?âüý |øu
ßx©?Ì0³Jçjñ^9?^ p('?öC¦^ã=?øîÍ?&´ª.àTaxz4ÓÄÇ«<v?òY³QúÄ1?90?50Þ0É10U
VeriSign Japan K.K.10UVeriSign Trust Network1=0;U4Terms of use at https://www.verisign.co.jp/rpa (c)02100.U'Class 1 OnSite Individual Subscriber CA10UISP Service CAd2?7Åw?É??¹?b?ñ0 + ±0 *?H?÷
1 *?H?÷
0 *?H?÷
1
060310082300Z0# *?H?÷
1ðõGõ®Ø(Ú\êy ÞÁ¶M0R *?H?÷
1E0C0
*?H?÷
0*?H?÷
?0+0
*?H?÷
@0
*?H?÷
(0
*?H?÷
??³?|PÓÅFÆøçiÔ;*ÊÑâÂ??ñðgÔ-/£ÒÖ£éÛ¦TB3¦|¦µ?³?'3gv?u½Äñ?Âµ\Ç(wnéZØ]ìK©KÇÓ?0Q4;?W6â B?`ðÜi1á>na¡©¢Üy#G!.1fP1~.

[ reply ]