2014年7月15日火曜日

15日 火曜日、赤口

+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

+ HPSBHF02913 rev.1 - HP Intelligent Management Center (iMC) and HP Branch Intelligent Management System (BIMS), Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04369484-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2618
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2620
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2622

+ HPSBST03039 rev.1 - HP StoreVirtual 4000 Storage and StoreVirtual VSA, Remote Disclosure of Information, Elevation of Privilege
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04281279-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2606

+ HP StoreVirtual Bugs Let Remote Users Obtain Information and Remote Authenticated Users Gain Elevated Privileges
http://www.securitytracker.com/id/1030567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2606

+ REMOTE: HP Data protector manager 8.10 remote command execution
http://www.exploit-db.com/exploits/34066

【実例で解き明かす、標的型サイバー攻撃の危険度】
刻々と変わる攻撃の手口、存在を隠し目的達成まで執拗に継続
http://itpro.nikkeibp.co.jp/article/COLUMN/20140701/567913/?ST=security

「Windows 8.1 Update」の適用を忘れずに
http://itpro.nikkeibp.co.jp/article/COLUMN/20140711/571045/?ST=security

JVNVU#91389735 Datum Systems の衛星モデムに複数の脆弱性
http://jvn.jp/vu/JVNVU91389735/

VU#204988 Kaseya's agent driver contains NULL pointer dereference
http://www.kb.cert.org/vuls/id/204988

REMOTE: D-Link info.cgi POST Request Buffer Overflow
http://www.exploit-db.com/exploits/34063

REMOTE: D-Link HNAP Request Remote Buffer Overflow
http://www.exploit-db.com/exploits/34064

+ glibc locale issues PoC  FEIN
http://cxsecurity.com/issue/WLB-2014070073

0 件のコメント:

コメントを投稿