+ APSB14-25 Security update available for Adobe Digital Editions
http://helpx.adobe.com/security/products/Digital-Editions/apsb14-25.html
+ UPDATE: TCP Vulnerabilities in Multiple Non-IOS Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios
+ VMSA-2014-0011 VMware vSphere Data Protection product update addresses a critical information disclosure vulnerability.
http://www.vmware.com/security/advisories/VMSA-2014-0011.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4624
+ FreeBSD-SA-14:23.openssl OpenSSL multiple vulnerabilities
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:23.openssl.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
+ FreeBSD-SA-14:22.namei memory leak in sandboxed namei lookup
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3711
+ FreeBSD-SA-14:21.routed routed(8) remote denial of service vulnerability
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3955
+ FreeBSD-SA-14:20.rtsold rtsold(8) remote buffer overflow vulnerability
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3954
+ VMware vSphere Data Protection Discloses Authentication Information to Remote Users
http://www.securitytracker.com/id/1031114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4624
+ Wireshark Multiple Dissector Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1031111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6432
+ SA61674 Yamaha WLX302 Router GNU Bash Multiple Vulnerabilities
http://secunia.com/advisories/61674/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187
JVNDB-2014-000125 Android 版 スマ保における SSL/TLS サーバ証明書の検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000125.html
世界のセキュリティ・ラボから
Shellshock脆弱性の影響、様々なプロトコルに拡大
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/102300016/?ST=security
ITpro Report
[ボットネットと戦う3]「一方的な仮処分」で、ドメイン名を差し押さえる
http://itpro.nikkeibp.co.jp/atcl/column/14/090100053/102100022/?ST=security
富士通SSL、ファイアウォールの設定ファイルを変更管理/構成管理するソフト
http://itpro.nikkeibp.co.jp/atcl/news/14/102301590/?ST=security
NECネッツエスアイ子会社の元経理部員逮捕、8年にわたって18億円着服か
http://itpro.nikkeibp.co.jp/atcl/news/14/102301588/?ST=security
知的財産を失う恐れ、企業も「脅迫ウイルス」に気を付けろ
http://itpro.nikkeibp.co.jp/atcl/news/14/102301583/?ST=security
富士通SSL、メール誤送信防止ソフトで英語画面を利用可能に
http://itpro.nikkeibp.co.jp/atcl/news/14/102301578/?ST=security
JVN#27388160 Android 版 スマ保における SSL/TLS サーバ証明書の検証不備の脆弱性
http://jvn.jp/jp/JVN27388160/
UPDATE: JVNVU#98283300 SSLv3 プロトコルに暗号化データを解読される脆弱性(POODLE 攻撃)
http://jvn.jp/vu/JVNVU98283300/index.html
VU#184540 Incorrect implementation of NAT-PMP in multiple devices
http://www.kb.cert.org/vuls/id/184540
0 件のコメント:
コメントを投稿