2014年5月8日木曜日

8日 木曜日、先勝

+ RHSA-2014:0474 Important: struts security update
https://rhn.redhat.com/errata/RHSA-2014-0474.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114

+ RHSA-2014:0475 Important: kernel security and bug fix update
https://rhn.redhat.com/errata/RHSA-2014-0475.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523

+ CESA-2014:0474 Important CentOS 5 struts Update
http://lwn.net/Alerts/597658/

+ Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2136

+ UPDATE: HPSBMU03018 rev.3 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260505-3%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ Check Point response to TCP reassembly vulnerability (CVE-2014-3000; FreeBSD-SA-14:08.tcp)
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100537&src=securityAlerts
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3000

+ Sudo 1.8.10p3 released
http://www.sudo.ws/sudo/stable.html#1.8.10p3

+ Apache Struts CookieInterceptor Bug Lets Remote Users Modify System Information
http://www.securitytracker.com/id/1030204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0116

+ SA58082 Linux Kernel "n_tty_write()" Race Condition Vulnerability
http://secunia.com/advisories/58082/

+ Apple iOS CVE-2014-0164 Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/67263

定期サーバメンテナンスのお知らせ(2014/5/15)
http://app.trendmicro.co.jp/support/news.asp?id=2123

ServerProtect for Linux 3.0 Critical Patch 公開のお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2119

Windows版 Deep Security Relay Critical Patch 公開のお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2118

JVNVU#92280347 Internet Explorer に解放済みメモリ使用 (use-after-free) の脆弱性
http://jvn.jp/vu/JVNVU92280347/

JVNVU#94401838 OpenSSL の heartbeat 拡張に情報漏えいの脆弱性
http://jvn.jp/vu/JVNVU94401838/

VU#902790 Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability
http://www.kb.cert.org/vuls/id/902790

VU#693092 Caldera 9.20 contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/693092

0 件のコメント:

コメントを投稿