2014年4月25日金曜日

25日 金曜日、仏滅

+ RHSA-2014:0429 Moderate: tomcat6 security update
http://rhn.redhat.com/errata/RHSA-2014-0429.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

+ Google Chrome 34.0.1847.131 released
http://googlechromereleases.blogspot.jp/2014/04/stable-channel-update_24.html

+ CESA-2014:0429 Moderate CentOS 6 tomcat6 Update
http://lwn.net/Alerts/595970/

+ UPDATE: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

+ HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04262670-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

+ HPSBHF03006 rev.1 - HP Integrated Lights-Out 2 (iLO 2) Denial of Service
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04244787-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2601

+ HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04262472-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

+ HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04262495-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

+ HPSBST03016 rev.1 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04263038-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

+ Linux kernel 3.12.18 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.18

+ RHSA-2014:0433 Moderate: kernel security, bug fix, and enhancement update
http://rhn.redhat.com/errata/RHSA-2014-0433.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888

+ Apache Struts Bug Lets Remote Users Manipulate the ClassLoader to Execute Arbitrary Code
http://www.securitytracker.com/id/1030152

+ REMOTE: Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support
http://www.exploit-db.com/exploits/32998

+ OpenSSL DTLS Support Information Leak Exploit 2
http://cxsecurity.com/issue/WLB-2014040161

ウイルスバスター コーポレートエディション 10.6 Service Pack 3 Patch1 Critical patch (ビルド 5495) 公開のお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2115

ソフトウェア等の脆弱性関連情報に関する届出状況[2014年第1四半期(1月~3月)]
http://www.ipa.go.jp/security/vuln/report/vuln2014q1.html

Apache Struts最新版に脆弱性対策の漏れ、IPAがWAFやIPSでの対策呼びかけ
http://itpro.nikkeibp.co.jp/article/NEWS/20140424/553126/?ST=security

VU#118748 POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates
http://www.kb.cert.org/vuls/id/118748

REMOTE:  Acunetix 8 build 20120704 - Remote Stack Based Overflow
http://www.exploit-db.com/exploits/32997

0 件のコメント:

コメントを投稿