2014年4月11日金曜日

11日 金曜日、友引

+ CESA-2014:0383 Moderate CentOS 6 samba4 Update
http://lwn.net/Alerts/594269/

+ UPDATE: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

+ Oracle Critical Patch Update Pre-Release Announcement - April 2014
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

+ VU#882841 Microsoft Office file format converter memory corruption vulnerability
http://www.kb.cert.org/vuls/id/882841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1757

+ REMOTE: Heartbleed OpenSSL Information Leak Exploit
http://www.exploit-db.com/exploits/32791

+ LOCAL: MS14-017 Microsoft Word RTF Object Confusion
http://www.exploit-db.com/exploits/32793

+ OpenSSL information leak client/server exploit
http://cxsecurity.com/issue/WLB-2014040061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

+ SA57788 Juniper JunOS J-Web System Monitoring Script Insertion Vulnerability
http://secunia.com/advisories/57788/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2711

+ SA57790 Juniper JunOS J-Web Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/57790/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2712

+ SA57794 Juniper JunOS MX-Series Routers IP Packet Handling Denial of Service Vulnerability
http://secunia.com/advisories/57794/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2713

+ SA57819 Juniper JunOS IGMP Packet Processing Denial of Service Vulnerability
http://secunia.com/advisories/57819/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0614

+ SA57835 Juniper JunOS SRX-Series Service Gateways flowd Denial of Service Vulnerability
http://secunia.com/advisories/57835/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2714

+ SA57849 McAfee SIEM OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/57849/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

+ SA57772 Juniper Multiple Products OpenSSL TLS/DTLS Heartbeat Information Disclosure Vulnerabilities
http://secunia.com/advisories/57772/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

+ SA57801 Wireshark Libpcap CAP Files Parsing Memory Corruption Vulnerability
http://secunia.com/advisories/57801/

+ Wireshark 'CAP' File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/66755

Advisory: Critical vulnerability found in OpenSSL affecting Sophos products
http://www.sophos.com/en-us/support/knowledgebase/120854.aspx

ウイルスバスター モバイル(iOS) バージョン1.0.1303リリースのお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2110

ウイルスバスター モバイル バージョン5.0.0.1225リリースのお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2109

Postgres Open 2014 - Opens the Call for Papers
http://www.postgresql.org/about/news/1512/

法人向けネットバンキングでも不正送金、シマンテックが注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20140410/549842/?ST=security

UPDATE: JVNVU#94401838 OpenSSL の heartbeat 拡張に情報漏えいの脆弱性
http://jvn.jp/vu/JVNVU94401838/index.html

REMOTE: Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution
http://www.exploit-db.com/exploits/32789

REMOTE: Vtiger Install Unauthenticated Remote Command Execution
http://www.exploit-db.com/exploits/32794

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)