2014年10月31日金曜日
31日 金曜日、仏滅
+ UPDATE: マイクロソフト セキュリティ アドバイザリ 3009008 SSL 3.0 の脆弱性により、情報漏えいが起こる
https://technet.microsoft.com/ja-jp/library/security/3009008
+ RHSA-2014:1768 Important: php53 security update
https://rhn.redhat.com/errata/RHSA-2014-1768.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
+ RHSA-2014:1767 Important: php security update
https://rhn.redhat.com/errata/RHSA-2014-1767.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
+ RHSA-2014:1764 Moderate: wget security update
https://rhn.redhat.com/errata/RHSA-2014-1764.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
+ RHSA-2014:1764 Moderate: wget security update
https://access.redhat.com/errata/RHSA-2014:1764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
+ RHSA-2014:1767 Important: php security update
https://access.redhat.com/errata/RHSA-2014:1767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
+ HPSBMU03152 rev.1 - HP Operations Orchestration running SSL, Remote Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04486577-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
+ HPSBNS03158 rev.1 - HP NonStop SOAP 4 running OpenSSL, Remote Unauthorized Access or Disclosure of Information
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04489188-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ HPSBPI03147 rev.1 - Certain HP Color LaserJet Printers, Remote Unauthorized Access, Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04483249-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7875
+ HPSBST03157 rev.1 - HP StoreEver ESL E-series Tape Library and HP Virtual Library System (VLS) running Bash Shell, Remote Code Execution
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04488200-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187
+ HPSBUX03162 SSRT101767 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Man-in-the-Middle (MitM) Attack
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04492722-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
+ Linux kernel 3.17.2, 3.16.7, 3.14.23, 3.10.59 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.7
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.23
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.59
+ GCC 4.9.2 release
https://gcc.gnu.org/gcc-4.9/
+ Sudo 1.8.11p2 released
http://www.sudo.ws/sudo/stable.html#1.8.11p2
+ UPDATE JVNVU#97219505 GNU Bash に OS コマンドインジェクションの脆弱性
http://jvn.jp/vu/JVNVU97219505/
+ HP-UX Unspecified Kernel Bug Lets Local Users Deny Service
http://www.securitytracker.com/id/1031139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7877
+ BSD FTP Client HTTP Redirect Flaw Lets Remote Servers Execute Arbitrary Commands on the Target User's System
http://www.securitytracker.com/id/1031136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8517
+ GNU Wget FTP Symlink Arbitrary Filesystem Access
http://cxsecurity.com/issue/WLB-2014100172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
+ SA61196 HP-UX Kernel Denial of Service Vulnerability
http://secunia.com/advisories/61196/
+ SA60802 OpenBSD "sys_execve()" Executable Header Parsing Denial of Service Vulnerability
http://secunia.com/advisories/60802/
世界のセキュリティ・ラボから
アカウント情報を盗む偽Dropboxログインページ
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/102700018/?ST=security
「Tポイント」新規約施行へ、個人情報の第三者提供停止には手続きが必要
http://itpro.nikkeibp.co.jp/atcl/news/14/103001704/?ST=security
SSL 3.0の「POODLE」情報漏洩問題、IEなどが影響緩和策打ち出す
http://itpro.nikkeibp.co.jp/atcl/news/14/103001701/?ST=security
[続報]JALが情報漏洩問題で中間報告、4131件の流出が特定
http://itpro.nikkeibp.co.jp/atcl/news/14/103001695/?ST=security
JVNVU#97177029 drchrono Electronic Health Record (EHR) のウェブアプリケーションに複数の脆弱性
http://jvn.jp/vu/JVNVU97177029/
JVN#55667175 QNAP QTS における OS コマンドインジェクションの脆弱性
http://jvn.jp/jp/JVN55667175/
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿