+ RHSA-2014:0026 Critical: java-1.7.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2014-0026.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
+ APSB14-02 Security updates available for Adobe Flash Player
http://helpx.adobe.com/security/products/flash-player/apsb14-02.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0492
+ CESA-2014:0026 Critical CentOS 6 java-1.7.0-openjdk Update
http://lwn.net/Alerts/580547/
+ CESA-2014:0027 Important CentOS 5 java-1.7.0-openjdk Update
http://lwn.net/Alerts/580548/
+ Multiple Vulnerabilities in Cisco Secure Access Control System
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140115-csacs
+ HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04084148-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211
+ Linux kernel 3.10.27, 3.4.77 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.27
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.77
+ CVE-2009-0179 Denial of Service(DoS) vulnerability in Libmikmod
https://blogs.oracle.com/sunsecurity/entry/cve_2009_0179_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0179
+ Multiple Buffer Errors vulnerability in LibProxy
https://blogs.oracle.com/sunsecurity/entry/multiple_buffer_errors_vulnerability_in1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4505
+ CVE-2013-4232 Resource Management Errors vulnerability in LibTIFF
https://blogs.oracle.com/sunsecurity/entry/cve_2013_4232_resource_management
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232
+ CVE-2013-4231 Buffer overflow vulnerability in LibTIFF
https://blogs.oracle.com/sunsecurity/entry/cve_2013_4231_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231
+ CVE-2013-4123 Input Validation vulnerability in Squid
https://blogs.oracle.com/sunsecurity/entry/cve_2013_4123_input_validation
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4123
+ Multiple vulnerabilities in Kerberos
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_kerberos1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418
+ Multiple vulnerabilities in Ruby
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_ruby1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363
+ CVE-2012-0870 Buffer overflow vulnerability in Samba
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0870_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
+ CVE-2013-4475 Access control vulnerability in Samba
https://blogs.oracle.com/sunsecurity/entry/cve_2013_4475_access_control
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
+ CVE-2012-6139 Denial of Service (DoS) vulnerability in LibXSLT
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5581_denial_of1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139
+ Multiple vulnerabilities in libxslt
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libxslt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2893
+ CVE-2011-3970 Denial of Service (DoS) vulnerability in libxslt
https://blogs.oracle.com/sunsecurity/entry/cve_2011_3970_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970
+ Oracle Critical Patch Update Advisory - January 2014
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
+ UPDATE: Microsoft Security Advisory (2916652) Improperly Issued Digital Certificates Could Allow Spoofing
http://technet.microsoft.com/en-us/security/advisory/2916652
+ UPDATE: Microsoft Security Advisory (2914486) Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege
http://technet.microsoft.com/en-us/security/advisory/2914486
+ UPDATE: Microsoft Security Advisory (2755801) Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
http://technet.microsoft.com/en-us/security/advisory/2755801
+ 2014 年 1 月のセキュリティ情報
http://technet.microsoft.com/ja-jp/security/bulletin/ms14-jan
+ MS14-001 - 重要 Microsoft Word および Office Web Apps の脆弱性により、リモートでコードが実行される (2916605)
https://technet.microsoft.com/ja-jp/security/bulletin/ms14-001
+ MS14-002 - 重要 Windows カーネルの脆弱性により、特権が昇格される (2914368)
https://technet.microsoft.com/ja-jp/security/bulletin/ms14-002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5065
+ MS14-003 - 重要 Windows カーネルモード ドライバーの脆弱性により、特権が昇格される (2913602)
https://technet.microsoft.com/ja-jp/security/bulletin/ms14-003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0262
+ MS14-004 - 重要 Microsoft Dynamics AX の脆弱性により、サービス拒否が起こる (2880826)
https://technet.microsoft.com/ja-jp/security/bulletin/ms14-004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0261
+ UPDATE: マイクロソフト セキュリティ アドバイザリ (2914486) Microsoft Windows カーネルの脆弱性により、特権が昇格される
http://technet.microsoft.com/ja-jp/security/advisory/2914486
+ UPDATE: マイクロソフト セキュリティ アドバイザリ (2755801) Internet Explorer 上の Adobe Flash Player の脆弱性に対応する更新プログラム
http://technet.microsoft.com/ja-jp/security/advisory/2755801
+ RHSA-2014:0027 Important: java-1.7.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2014-0027.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
+ Java SE 7u51 released
http://www.oracle.com/technetwork/java/javase/7u51-relnotes-2085002.html
+ FreeBSD-SA-14:04.bind BIND remote denial of service vulnerability
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:04.bind.asc
+ FreeBSD-SA-14:03.openssl OpenSSL multiple vulnerabilities
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:03.openssl.asc
+ FreeBSD-SA-14:02.ntpd ntpd distributed reflection Denial of Service vulnerability
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc
+ FreeBSD-SA-14:01.bsnmpd bsnmpd remote denial of service vulnerability
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:01.bsnmpd.asc
+ Sudo 1.8.9p4 released
http://www.sudo.ws/sudo/stable.html#1.8.9p4
+ Linux Kernel AMD restore_fpu_checking() Bug Lets Local Users Deny Service or Potentially Obtain Root Privileges
http://www.securitytracker.com/id/1029592
+ ISC BIND 9.8/9.9 Remote DoS
http://cxsecurity.com/issue/WLB-2014010090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
+ Linux Kernel missing CPU-state sanitation DOS / privilege escalation
http://cxsecurity.com/issue/WLB-2014010073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1438
+ SA56282 Linux Kernel "ieee80211_radiotap_iterator_init()" Denial of Service Vulnerability
http://secunia.com/advisories/56282/
+ Linux Kernel 'hamradio/yam.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/64954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1446
+ Linux Kernel 'wanxl.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/64953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1445
+ Linux Kernel 'farsync.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/64952
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1444
+ Linux Kernel 'ieee80211_radiotap_iterator_init()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/64800
Anti-Spoofing might be enforced incorrectly in specific scenarios on R75.47 Security Gateway
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk98087&src=securityAlerts
[更新]ウイルス検索エンジン VSAPI 9.750 公開のお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2006
Calendar of release dates for forthcoming versions of Sophos Anti-Virus
http://www.sophos.com/en-us/support/knowledgebase/120189.aspx
オールインワンのバックアップアプライアンスだからこそ重宝がられている
シマンテック セールスエンジニアリング本部 GBソリューションSE部
プリンシパルセールスエンジニア 伊吹山 正郁氏
http://itpro.nikkeibp.co.jp/article/Interview/20140115/529762/?ST=security
パロアルトがマルウエア検知サンドボックスを強化、実行形式だけでなくオフィス文書も検査
http://itpro.nikkeibp.co.jp/article/NEWS/20140115/529885/?ST=security
縁マーケティング研究所、擬似マルウエア作成ツールや標的型メール訓練の実施手順をキット化
http://itpro.nikkeibp.co.jp/article/NEWS/20140114/529686/?ST=security
Baidu IME(バイドゥ IME)
http://itpro.nikkeibp.co.jp/article/COLUMN/20140114/529645/?ST=security
JVNVU#96176042 NTP が DDoS 攻撃の踏み台として使用される問題
http://jvn.jp/cert/JVNVU96176042/index.html
REMOTE: SoapUI 4.6.3 - Remote Code Execution
http://www.exploit-db.com/exploits/30908
REMOTE: SerComm Device Remote Code Execution
http://www.exploit-db.com/exploits/30915
0 件のコメント:
コメントを投稿