+ UPDATE: マイクロソフト セキュリティ アドバイザリ (2755801) Internet Explorer 上の Adobe Flash Player の脆弱性に対応する更新プログラム
https://technet.microsoft.com/ja-jp/library/security/2755801
+ RHSA-2014:1293 Critical: bash security update
https://rhn.redhat.com/errata/RHSA-2014-1293.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
+ RHSA-2014:1293 Critical: bash security update
https://access.redhat.com/errata/RHSA-2014:1293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
+ RHSA-2014:1292 Moderate: haproxy security update
https://access.redhat.com/errata/RHSA-2014:1292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6269
+ Mozilla Firefox 32.0.3 released
https://www.mozilla.org/en-US/firefox/32.0.3/releasenotes/
+ Mozilla Thunderbird 31.1.2 released
https://www.mozilla.org/en-US/thunderbird/31.1.2/releasenotes/
+ MFSA 2014-73 RSA Signature Forgery in NSS
https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568
+ CESA-2014:1293 Critical CentOS 7 bash Security Update
http://lwn.net/Alerts/612980/
+ CESA-2014:1293 Critical CentOS 6 bash Security Update
http://lwn.net/Alerts/612981/
+ CESA-2014:1293 Critical CentOS 5 bash Security Update
http://lwn.net/Alerts/612979/
+ CESA-2014:1292 Moderate CentOS 7 haproxy Security Update
http://lwn.net/Alerts/612982/
+ Cisco IOS Software Network Address Translation Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3361
+ Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3360
+ Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3357
+ Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3359
+ Cisco IOS Software Metadata Vulnerabilities
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3356
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3355
+ Cisco IOS Software RSVP Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3354
+ UPDATE: HPSBMU03086 rev.3 - HP Operations Agent for Linux including Glance, Local Elevation of Privilege
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04394554-3%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ UPDATE: HPSBMU03094 rev.2 - HP Connect-IT, running OpenSSL, Remote Disclosure of Information or Unauthorized Access
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04401666-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04451722-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ UPDATE: HPSBST03000 rev.5 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-5%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ HPSBST03103 rev.1 - HP Storage EVA Command View Suite running OpenSSL, Remote Unauthorized Access, Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04425253-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ MySQL 5.7.5 released
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-5.html
+ VU#772676 Mozilla Network Security Services (NSS) fails to properly verify RSA signatures
http://www.kb.cert.org/vuls/id/772676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568
+ Network Security Services (NSS) ASN.1 Parsing Flaw Lets Remote Users Forge Certificates
http://www.securitytracker.com/id/1030899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568
+ SA61323 Yokogawa CENTUM Series / Exaopc Batch Management File Disclosure and Manipulation Vulnerability
http://secunia.com/advisories/61323/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5208
+ GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/70103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
+ Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
http://www.securityfocus.com/bid/70116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568
+ Linux Kernel CVE-2014-3631 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/70095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3631
緊急地震速報を装った迷惑メールが出回る、気象庁が注意を呼びかけ
http://itpro.nikkeibp.co.jp/atcl/news/14/092501055/?ST=security
【Apple IDの「困った!」にお答えします】
【第3回】Apple IDをもっと便利に、賢く使うワザ
http://itpro.nikkeibp.co.jp/atcl/column/14/091800071/091800003/?ST=security
JVNVU#96848844 FortiGate および FortiWiFi アプライアンスに複数の脆弱性
http://jvn.jp/vu/JVNVU96848844/
UPDATE: JVNVU#93614707 OpenSSL クライアントにナルポインタ参照の脆弱性
http://jvn.jp/vu/JVNVU93614707/index.html
REMOTE: EMC AlphaStor Device Manager Opcode 0x75 Command Injection
http://www.exploit-db.com/exploits/34756
REMOTE: Advantech WebAccess dvs.ocx GetColor Buffer Overflow
http://www.exploit-db.com/exploits/34757
DoS/PoC: WS10 Data Server SCADA Exploit Overflow PoC
http://www.exploit-db.com/exploits/34752
0 件のコメント:
コメントを投稿