2014年11月18日火曜日

18日 火曜日、仏滅

+ RHSA-2014:1859 Important: mysql55-mysql security update
https://rhn.redhat.com/errata/RHSA-2014-1859.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559

+ RHSA-2014:1861 Important: mariadb security update
https://access.redhat.com/errata/RHSA-2014:1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559

+ UPDATE: JVNVU#96617862 Microsoft Windows OLE ライブラリに任意のコード実行が可能な脆弱性
http://jvn.jp/vu/JVNVU96617862/index.html

+ UPDATE: JVNVU#99732679 Microsoft Secure Channel (Schannel) に任意のコード実行が可能な脆弱性
http://jvn.jp/vu/JVNVU99732679/index.html

+ Cisco IOS DLSw Processing Flaw Lets Remote Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1031220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7992

+ Cisco Aironet EAP Processing Error Lets Remote Users Deny Service
http://www.securitytracker.com/id/1031219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7998

+ Cisco Aironet DHCP Lease Renewal Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1031218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7997

+ REMOTE: .NET Remoting Services Remote Command Execution
http://www.exploit-db.com/exploits/35280

+ DoS/PoC: Safari 8.0 / OS X 10.10 - Crash PoC
http://www.exploit-db.com/exploits/35279

+ Linux user namespaces can bypass group-based restrictions
http://cxsecurity.com/issue/WLB-2014110113

+ Safari 8.0 / OS X 10.10 Crash PoC
http://cxsecurity.com/issue/WLB-2014110112

+ .NET Remoting Services Remote Command Execution
http://cxsecurity.com/issue/WLB-2014110111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1806

+ SA61495 Linux Kernel "ext4_file_write_iter()" Denial of Service Vulnerability
http://secunia.com/advisories/61495/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8086

+ SA62269 Cybozu Dezie / Mailwise Buffer Overflow Vulnerability
http://secunia.com/advisories/62269/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5314

+ SA62248 Cybozu Office / Mailwise Buffer Overflow Vulnerability
http://secunia.com/advisories/62248/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5314

+ Apple iOS CVE-2013-4457 Security Bypass Vulnerability
http://www.securityfocus.com/bid/71143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4457

+ Apple iOS Lock Screen CVE-2014-4463 Security Bypass Vulnerability
http://www.securityfocus.com/bid/71141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4463

+ Apple iOS and TV CVE-2014-4455 Local Code Execution Vulnerability
http://www.securityfocus.com/bid/71140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4455

+ Apple Mac OS X CVE-2014-4458 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/71139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4458

+ Apple iOS Lock Screen CVE-2014-4451 Security Bypass Vulnerability
http://www.securityfocus.com/bid/71138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4451

+ Apple iOS and TV CVE-2014-4461 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/71136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4461

+ Apple Mac OS X and iOS Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/71135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4453

NECと北陸先端大、セキュリティ教育プログラムを共同開発へ
http://itpro.nikkeibp.co.jp/atcl/news/14/111701940/?ST=security

アシストがログ分析システムを強化、マルウエア通信先リストを提供
http://itpro.nikkeibp.co.jp/atcl/news/14/111701931/?ST=security

セキュリティフライデー、Windowsネット可視化ツール新版「VISUACT3」を発表
http://itpro.nikkeibp.co.jp/atcl/news/14/111701929/?ST=security

ITpro NOW
SDNがセキュリティ機能と協調した時代背景
http://itpro.nikkeibp.co.jp/atcl/column/14/560135/111700087/?ST=security

0 件のコメント:

コメントを投稿