2014年6月30日月曜日
31日 月曜日、先負
+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
+ HPSBMU03061 rev.1 - HP Release Control, Disclosure of Privileged Information and Elevation of Privilege
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04352674-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2613
+ HPSBMU03057 rev.1 - HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04349897-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
+ HPSBMU03056 rev.1 - HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04349789-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
+ Linux kernel 3.15.2 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2
+ FreeBSD-9.3 RC2 released
http://www.freebsd.org/news/newsflash.html#event20140628:01
+ PHP 5.5.14 is released
http://www.php.net/archive/2014.php#id2014-06-27-1
+ Linux Kernel aio_read_events_ring() Bugs Let Local Users Obtain Kernel Memory
http://www.securitytracker.com/id/1030479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0206
+ Linux Kernel Floppy Driver Bugs Let Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1030474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738
+ SA59560 Linux Kernel "__do_follow_link()" Denial of Service Vulnerability
http://secunia.com/advisories/59560/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0203
+ SA59575 PHP Multiple Vulnerabilities
http://secunia.com/advisories/59575/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
+ SA58128 Trend Micro Multiple Products OpenSSL SSL/TLS Handshakes Security Issue
http://secunia.com/advisories/58128/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ SA58385 Trend Micro Deep Security OpenSSL SSL/TLS Handshakes Security Issue
http://secunia.com/advisories/58385/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ SA59383 Trend Micro ServerProtect for Linux OpenSSL SSL/TLS Handshakes Security Issue
http://secunia.com/advisories/59383/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ Linux Kernel sctp sk_ack_backlog wrap-around problem
http://cxsecurity.com/issue/WLB-2014060154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667
+ MS13-097 Registry Symlink IE Sandbox Escape
http://cxsecurity.com/issue/WLB-2014060150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5045
+ MS14-009 .NET Deployment Service IE Sandbox Escape
http://cxsecurity.com/issue/WLB-2014060152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0257
+ Linux Kernel 'sctp_association_free()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/68224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667
複雑化するセキュリティ、あなたに迫る脅威
http://itpro.nikkeibp.co.jp/article/COLUMN/20140620/565684/?ST=security
【複雑化するセキュリティ、あなたに迫る脅威】
第1回 攻撃対象は家電や社内機器も、根本的な対策の見直しが必須に
http://itpro.nikkeibp.co.jp/article/COLUMN/20140620/565685/?ST=security
「スカパー!」が顧客管理システム障害で全手続きを停止、個人情報漏洩も
http://itpro.nikkeibp.co.jp/article/NEWS/20140627/567324/?ST=security
Google I/Oの陰で忘れてはいけない「忘れられる権利」
http://itpro.nikkeibp.co.jp/article/COLUMN/20140627/567142/?ST=security
ITproまとめ日経コンピュータ
リスト型アカウントハッキング
http://itpro.nikkeibp.co.jp/article/COLUMN/20140625/566582/?ST=security
REMOTE: chkrootkit 0.49 - Local Root Vulnerability
http://www.exploit-db.com/exploits/33899
REMOTE: check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit
http://www.exploit-db.com/exploits/33904
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿