2014年7月4日金曜日

4日 金曜日、先勝

+ 2014 年 7 月のマイクロソフト セキュリティ情報事前通知
https://technet.microsoft.com/library/security/ms14-jul

+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

+ HPSBMU03064 rev.1 - HP Universal CMDB, Remote Information Disclosure, Execution of Code
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04357076-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
CVE-2014-2615
CVE-2014-2616
CVE-2014-2617

+ HPSBMU03059 rev.1 - HP SiteScope, Remote Authentication Bypass
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04355129-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
CVE-2014-2614

+ UPDATE: HPSBMU03051 rev.2 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04345210-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ PHP 5.6.0RC2 is available
http://www.php.net/archive/2014.php#id2014-07-03-1

+ PHP 5.4.29 phpinfo() Type Confusion Information Leak Vulnerability
http://cxsecurity.com/issue/WLB-2014070020

+ Android 4.3 KeyStore Stack Buffer Overflow
http://cxsecurity.com/issue/WLB-2014070015
CVE-2014-3100

【複雑化するセキュリティ、あなたに迫る脅威】
第5回 ネット環境やライフスタイルが変化、注目すべき脅威や懸念事項
http://itpro.nikkeibp.co.jp/article/COLUMN/20140620/565689/?ST=security

世界のセキュリティ・ラボから日経コミュニケーション
Dropboxを悪用するUPATREマルウエア
http://itpro.nikkeibp.co.jp/article/COLUMN/20140703/568727/?ST=security

チェックしておきたい脆弱性情報<2014.07.04>
http://itpro.nikkeibp.co.jp/article/COLUMN/20140703/568729/?ST=security

Facebook経由でビットコインを盗むウイルスが拡散中、キヤノンITが注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20140703/568883/?ST=security

[IT Japan 2014]「脅威を検知しなければ守れない」、トレンドマイクロ大三川副社長
http://itpro.nikkeibp.co.jp/article/NEWS/20140703/568829/?ST=security

VU#143740 Netgear GS108PE Prosafe Plus Switch contains hard-coded login credentials
http://www.kb.cert.org/vuls/id/143740

VU#402020 Autodesk VRED contains an unauthenticated remote code execution vulnerability
http://www.kb.cert.org/vuls/id/402020

0 件のコメント:

コメントを投稿