2014年6月24日火曜日

24日 火曜日、先勝









+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

+ HPSBMU03051 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04345210-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470

+ Multiple vulnerabilities in OpenSSL
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl3
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450

+ CVE-2013-1620 Lucky Thirteen vulnerability in NSS
https://blogs.oracle.com/sunsecurity/entry/cve_2013_1620_lucky_thirteen
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1620

+ CVE-2014-0224 Cryptographic Issues vulnerability in OpenSSL
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224

+ CVE-2014-0224 Cryptographic Issues vulnerability in WAN Boot
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224

+ Samba 4.1.9, 4.0.19 and 3.6.24 Security Releases Available for Download
http://www.samba.org/samba/history/samba-4.1.9.html

+ Samba smbd and nmbd Processing Flaws Let Remote Users Deny Service
http://www.securitytracker.com/id/1030455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493

+ SA59433 Samba Denial of Service Vulnerabilities
http://secunia.com/advisories/59433/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493

+ Linux Kernel 3.15.1 mm/shmem.c denial of service
http://cxsecurity.com/issue/WLB-2014060099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171

+ Linux kernel 2.6.32 local denial of service
http://cxsecurity.com/issue/WLB-2014060126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0203

+ Samba CVE-2014-3493 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/68150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493

Bucardo 5 released
http://www.postgresql.org/about/news/1529/

【企業内のネット接続機器、不適切な情報公開とその対策】
第2回 検索サービスSHODANを使うと何が見えるのか
http://itpro.nikkeibp.co.jp/article/COLUMN/20140610/562887/?ST=security

はてなに約160万回の不正ログイン試行、Amazonギフト券交換3件は阻止
http://itpro.nikkeibp.co.jp/article/NEWS/20140623/566043/?ST=security

UPDATE: JVN#61247051 OpenSSL における Change Cipher Spec メッセージの処理に脆弱性
http://jvn.jp/jp/JVN61247051/index.html

VU#849500 SpamTitan contains a reflected cross-site scripting (XSS) vulnerability
http://www.kb.cert.org/vuls/id/849500

0 件のコメント:

コメントを投稿