+ VMware Player 6.0.2 released
https://www.vmware.com/support/player60/doc/player-602-release-notes.html
+ UPDATE: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
+ UPDATE: Multiple Vulnerabilities in Cisco ASA Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa
+ HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04255796-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ UPDATE: HPSBMU02995 rev.4 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04236102-4%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ UPDATE: HPSBMU02994 rev.2 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04236062-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ UPDATE: HPSBMU02999 rev.2 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04239374-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ UPDATE: HPSBNS03003 rev.3 - HP NonStop Volume Level Encryption (VLE) running OpenSSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04242672-3%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ Critical Patch Update Advisory - April 2014
http://www.oracle.com/technetwork/jp/topics/security/top-2190049-ja.html
+ Oracle Security Alert for CVE-2014-0160
http://www.oracle.com/technetwork/topics/security/alert-cve-2014-0160-2190703.html
+ UPDATE: VMSA-2014-0004.6 VMware product updates address OpenSSL security vulnerabilities
http://www.vmware.com/security/advisories/VMSA-2014-0004.html
+ VMSA-2014-0003 VMware vSphere Client updates address security vulnerabilities
http://www.vmware.com/security/advisories/VMSA-2014-0003.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1210
+ jetty-hightide 9.1.4, 8.1.15, 7.6.15 released
http://download.eclipse.org/jetty/stable-9/dist/
http://dist.codehaus.org/jetty/jetty-hightide-8.1.15/
http://dist.codehaus.org/jetty/jetty-hightide-7.6.15/
+ VMware Workstation, Fusion, and Player OpenSSL TLS Heartbeat Buffer Overread Lets Remote Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1030125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ Apache Tomcat Native Library OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/57852/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ MySQL Connector/C TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/58008/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ MySQL Connector/ODBC TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/57983/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ MySQL Enterprise Backup TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/57969/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ MySQL Workbench TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/57961/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ Oracle MySQL Enterprise Monitor OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/57851/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ LOCAL: Linux group_info refcounter - Overflow Memory Corruption
http://www.exploit-db.com/exploits/32926
JVNDB-2014-000038 東芝テック製 e-Studio シリーズにおけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000038.html
JVNDB-2014-000040 サイボウズ リモートサービスマネージャーにおけるセッション固定の脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000040.html
JVNDB-2014-000039 サイボウズ リモートサービスマネージャーにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000039.html
JVNDB-2014-000037 AndExplorer におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000037.html
REMOTE: NRPE <= 2.15 - Remote Command Execution
http://www.exploit-db.com/exploits/32925
0 件のコメント:
コメントを投稿