2014年8月18日月曜日

18日 月曜日、大安

+ RHSA-2014:1052 Moderate: openssl security update
https://access.redhat.com/errata/RHSA-2014:1052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511

+ RHSA-2014:1031 Important: 389-ds-base security update
https://access.redhat.com/errata/RHSA-2014:1031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3562

+ phpMyAdmin 4.0.10.2, 4.1.14.3 and 4.2.7.1 released
http://sourceforge.net/p/phpmyadmin/news/2014/08/phpmyadmin-40102-41143-and-4271-are-released/

+ PMASA-2014-9 XSS in view operations page.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5274

+ PMASA-2014-8 Multiple XSS vulnerabilities in browse table, ENUM editor, monitor, query charts and table relations pages
http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5273

+ UPDATE: Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140806-energywise
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3327

+ HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04404655-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510

+ HPSBUX03093 SSRT101009 rev.1 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04401461-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124

+ PHP 5.6.0RC4 is available
http://php.net/archive/2014.php#id2014-08-14-2

+ Microsoft Outlook.com Android App Does Not Properly Validate SSL Certificates
http://www.securitytracker.com/id/1030733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5239

JVNDB-2014-000096 Shutter におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000096.html

JVNDB-2014-000095 Shutter における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000095.html

多様化する「DDoS攻撃」、国内のホームルーターも踏み台に
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/072800020/?ST=security

0 件のコメント:

コメントを投稿