+ RHSA-2014:1724 Important: kernel security and bug fix update
https://access.redhat.com/errata/RHSA-2014:1724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3611
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077
+ Mozilla Firefox 33.0.2 released
https://www.mozilla.org/en-US/firefox/33.0.2/releasenotes/
+ nginx 1.7.7 released
http://nginx.org/
+ UPDATE: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
+ UPDATE: Apache HTTPd Range Header Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110830-apache
+ HPSBHF03153 rev.1 - HP TippingPoint Next Generation Firewall (NGFW) Local Security Manager (LSM) running SSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04486578-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
+ HPSBST03160 rev.1 - HP XP Command View Advanced Edition running Apache Struts, Remote Execution of Arbitrary Code
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04473828-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114
+ HPSBUX03159 SSRT101785 rev.2 - HP-UX kernel, Local Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04491186-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7877
+ VU#685996 GNU Wget creates arbitrary symbolic links during recursive FTP download
http://www.kb.cert.org/vuls/id/685996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
+ wget Default FTP Retrieval Method Lets Remote Users Create Arbitrary Files and Directories
http://www.securitytracker.com/id/1031121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
+ LOCAL: Windows TrackPopupMenu Win32k NULL Pointer Dereference
http://www.exploit-db.com/exploits/35101
+ MacOS X 10.10 & FreeBSD10 ftp Remote Comand Execution
http://cxsecurity.com/issue/WLB-2014100174
+ GNU Wget FTP Symlink Arbitrary Filesystem Access
http://cxsecurity.com/issue/WLB-2014100172
+ Windows TrackPopupMenu Win32k NULL Pointer Dereference
http://cxsecurity.com/issue/WLB-2014100171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4113
+ Apple iOS 8.0.2 Denial Of Service
http://cxsecurity.com/issue/WLB-2014100170
+ Google Youtube Filter Bypass / Cross Site Scripting
http://cxsecurity.com/issue/WLB-2014100168
+ GNU Wget CVE-2014-4877 Symlink Vulnerability
http://www.securityfocus.com/bid/70751
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
+ Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
http://www.securityfocus.com/bid/70766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687
POWA 1.2 is out !
http://www.postgresql.org/about/news/1551/
JVNDB-2014-000126 QNAP QTS に OS コマンドインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000126.html
UPDATE: JVNVU#98283300 SSLv3 プロトコルに暗号化データを解読される脆弱性(POODLE 攻撃)
http://jvn.jp/vu/JVNVU98283300/
世界のセキュリティ・ラボから
ドバイ警察が顔認識捜査にGoogle Glassを導入
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/102700017/?ST=security
EMCジャパン、企業内セキュリティセンター運用向けサービス提供
http://itpro.nikkeibp.co.jp/atcl/news/14/102801656/?ST=security
LCOAL: Filemaker Pro 13.03 & Advanced 12.04 - Login Bypass and Privilege Escalation
http://www.exploit-db.com/exploits/35077
0 件のコメント:
コメントを投稿