:: IT Security Neophyte Investigator's MEMO ::: 22日火曜日、先勝

2014年7月22日火曜日

22日火曜日、先勝

+ RHSA-2014:0907 Important: java-1.6.0-openjdk security and bug fix update
https://rhn.redhat.com/errata/RHSA-2014-0907.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266

+ RHSA-2014:0907 Important: java-1.6.0-openjdk security and bug fix update
https://access.redhat.com/errata/RHSA-2014:0907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266

+ RHSA-2014:0861 Moderate: lzo security update
https://access.redhat.com/errata/RHSA-2014:0861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607

+ RHSA-2014:0741 Critical: firefox security update
https://access.redhat.com/errata/RHSA-2014:0741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538

+ RHSA-2014:0889 Critical: java-1.7.0-openjdk security update
https://access.redhat.com/errata/RHSA-2014:0889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266

+ RHSA-2014:0820 Important: docker security update
https://access.redhat.com/errata/RHSA-2014:0820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3499

+ RHSA-2014:0790 Moderate: dovecot security update
https://access.redhat.com/errata/RHSA-2014:0790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430

+ RHSA-2014:0705 Critical: java-1.7.1-ibm security update
https://access.redhat.com/errata/RHSA-2014:0705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449

+ RHSA-2014:0678 Important: kernel security update
https://access.redhat.com/errata/RHSA-2014:0678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0196

+ RHSA-2014:0867 Moderate: samba security update
https://access.redhat.com/errata/RHSA-2014:0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493

+ RHSA-2014:0702 Moderate: mariadb security update
https://access.redhat.com/errata/RHSA-2014:0702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419

+ RHSA-2014:0786 Important: kernel security, bug fix, and enhancement update
https://access.redhat.com/errata/RHSA-2014:0786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145

+ RHSA-2014:0827 Moderate: tomcat security update
https://access.redhat.com/errata/RHSA-2014:0827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099

+ RHSA-2014:0685 Important: java-1.6.0-openjdk security update
https://access.redhat.com/errata/RHSA-2014:0685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461

+ RHSA-2014:0675 Critical: java-1.7.0-openjdk security update
https://access.redhat.com/errata/RHSA-2014:0675
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2397
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461

+ RHSA-2014:0679 Important: openssl security update
https://access.redhat.com/errata/RHSA-2014:0679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470

+ RHSA-2014:0704 Moderate: qemu-kvm security and bug fix update
https://access.redhat.com/errata/RHSA-2014:0704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894

+ RHSA-2014:0703 Moderate: json-c security update
https://access.redhat.com/errata/RHSA-2014:0703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370

+ RHSA-2014:0687 Moderate: libtasn1 security update
https://access.redhat.com/errata/RHSA-2014:0687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468

+ RHSA-2014:0686 Important: tomcat security update
https://access.redhat.com/errata/RHSA-2014:0686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0186

+ RHSA-2014:0684 Important: gnutls security update
https://access.redhat.com/errata/RHSA-2014:0684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465

+ RHSA-2014:0680 Important: openssl098e security update
https://access.redhat.com/errata/RHSA-2014:0680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224

+ phpMyAdmin 4.0.10.1, 4.1.14.2 and 4.2.6 are released
http://sourceforge.net/p/phpmyadmin/news/2014/07/phpmyadmin-40101-41142-and-426-are-released/

+ PMASA-2014-7 Access for an unprivileged user to MySQL user list.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4987

+ PMASA-2014-6 Multiple XSS in AJAX confirmation messages.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4986

+ PMASA-2014-5 Self-XSS due to unescaped HTML output in database triggers page.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4955

+ PMASA-2014-4 Self-XSS due to unescaped HTML output in database structure page.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4954

+ UPDATE: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ciscosa-20140716-cm

+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

+ CVE-2014-2469 Denial of Service(DoS) vulnerability in Lighttpd
https://blogs.oracle.com/sunsecurity/entry/cve_2014_2469_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2469

+ Multiple vulnerabilities in Lighttpd
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_lighthttpd
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1427

+ CVE-2013-2236 Buffer Errors vulnerability in Quagga
https://blogs.oracle.com/sunsecurity/entry/cve_2013_2236_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236

+ Oracle Critical Patch Update Advisory - July 2014
http://www.oracle.com/technetwork/jp/topics/ojkbcpujul2014-2244696-ja.html

+ Apache httpd 2.4.10 released
http://www.apache.org/dist/httpd/Announcement2.4.html
http://www.apache.org/dist/httpd/CHANGES_2.4.10
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

+ Apache Multiple Flaws Let Remote Users Deny Service or Execute Arbitrary Code
http://www.securitytracker.com/id/1030615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523

+ Linux Kernel Flaw in PPP over L2TP Sockets Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1030610
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943

+ LOCAL: Linux Kernel ptrace/sysret - Local Privilege Escalation
http://www.exploit-db.com/exploits/34134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4699

+ DoS/PoC: Apache 2.4.7 mod_status Scoreboard Handling Race Condition
http://www.exploit-db.com/exploits/34133/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

+ SA60170 Apache HTTP Server Multiple Vulnerabilities
http://secunia.com/advisories/60170/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523

+ SA60071 Linux Kernel PPP Over L2TP Implementation Privilege Escalation Vulnerabilities
http://secunia.com/advisories/60071/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943

+ Apache httpd mod_status Heap Buffer Overflow Remote Code Execution
http://cxsecurity.com/issue/WLB-2014070103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

+ Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/68678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

+ Multiple Microsoft Products Arbitrary Memory Write Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/68764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4971

+ Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/68742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231

JVNDB-2014-000082 FuelPHP において任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000082.html

JVNDB-2014-000081 File Explorer におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000081.html

JVNDB-2014-000080 Meridian におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000080.html

ALSI、セキュリティUSBメモリー作成ソフトをWindows 8.1対応に
http://itpro.nikkeibp.co.jp/atcl/news/14/071800131/?ST=security

MSナデラCEOの言葉が示すベネッセ事件への教訓
http://itpro.nikkeibp.co.jp/atcl/column/14/560135/071800004/?ST=security

VU#875548 MicroPact iComplaints cross-site scripting vulnerability
http://www.kb.cert.org/vuls/id/875548

VU#688812 Huawei E355 contains a stored cross-site scripting vulnerability
http://www.kb.cert.org/vuls/id/688812

REMOTE: IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities
http://www.exploit-db.com/exploits/34132

DoS/PoC: World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow
http://www.exploit-db.com/exploits/34129

:: IT Security Neophyte Investigator's MEMO ::

2014年7月22日火曜日

22日火曜日、先勝

0 件のコメント:

コメントを投稿

2014年7月22日火曜日

22日 火曜日、先勝

0 件のコメント:

コメントを投稿

22日火曜日、先勝