2014年10月17日金曜日

17日 金曜日、友引

+ RHSA-2014:1653 Moderate: openssl security update
https://rhn.redhat.com/errata/RHSA-2014-1653.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

+ RHSA-2014:1655 Moderate: libxml2 security update
https://rhn.redhat.com/errata/RHSA-2014-1655.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660

+ RHSA-2014:1652 Important: openssl security update
https://rhn.redhat.com/errata/RHSA-2014-1652.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567

+ RHSA-2014:1654 Important: rsyslog7 security update
https://rhn.redhat.com/errata/RHSA-2014-1654.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634

+ RHSA-2014:1655 Moderate: libxml2 security update
https://access.redhat.com/errata/RHSA-2014:1655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660

+ RHSA-2014:1652 Important: openssl security update
https://access.redhat.com/errata/RHSA-2014:1652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567

+ CESA-2014:1647 Important CentOS 5 thunderbird Security Update
http://lwn.net/Alerts/616428/

+ UPDATE: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle

+ UPDATE: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport

+ HPSBHF03125 rev.1 - HP Next Generation Firewall (NGFW) running Bash Shell, Remote Code Execution
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04471538-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187

+ HPSBMU03126 rev.1 - HP Operations Manager (formerly OpenView Communications Broker), Remote Cross-site Scripting (XSS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04472444-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2647

+ HPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage (SMH), Remote Cross-Site Request Forgery
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04476799-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7874

+ PHP 5.6.2, 5.5.18, 5.4.34 released
http://php.net/archive/2014.php#id2014-10-16-3
http://php.net/archive/2014.php#id2014-10-16-1
http://php.net/archive/2014.php#id2014-10-16-2

+ Microsoft Bluetooth Personal Area Networking Privilege Escalation
http://cxsecurity.com/issue/WLB-2014100099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4971

+ SA61019 OpenSSL SSL Version 3.0 CBC Cipher Padding Information Disclosure Security Issue
http://secunia.com/advisories/61019/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

+ SA60914 OpenSSL Multiple Vulnerabilities
http://secunia.com/advisories/60914/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568

+ SA60965 Opera Multiple Vulnerabilities
http://secunia.com/advisories/60965/

+ Panasonic Network Camera Recorder CVE-2014-8756 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/70609
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8756

JVNDB-2014-000123 GIGAPOD におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000123.html

JVNDB-2014-000122 Aflax におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000122.html

JVNDB-2014-000121 BirdBlog におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000121.html

JVNVU#98283300 SSLv3 プロトコルに暗号化データを解読される脆弱性(POODLE 攻撃)
http://jvn.jp/vu/JVNVU98283300/

ベネッセHDが情報セキュリティ監視委員会を設置、四半期ごとに監査報告
http://itpro.nikkeibp.co.jp/atcl/news/14/101601467/?ST=security

0 件のコメント:

コメントを投稿