+ RHSA-2014:1893 Important: libXfont security update
https://rhn.redhat.com/errata/RHSA-2014-1893.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211
+ Selenium Server 44.0 released
http://docs.seleniumhq.org/download/
+ Selenium: The Internet Explorer Driver Server 2.44.0 released
http://selenium.googlecode.com/git/cpp/iedriverserver/CHANGELOG
+ Selenium Client & WebDriver 2.44.0 released
http://selenium.googlecode.com/git/java/CHANGELOG
+ UPDATE: GNU Bash Environment Variable Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
+ HPSBGN03200 rev.1 - HP Project Portfolio Manager running SSLv3, Remote Disclosure of Information
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04507244&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
+ UPDATE: HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04396638&docLocale=ja_JP
+ Linux kernel 3.17.4, 3.14.25, 3.12.33, 3.10.61, 2.6.32.64 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.25
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.33
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.61
https://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.64
+ Apache Tomcat 6.0.43 Released
http://tomcat.apache.org/download-60.cgi
+ libpng 1.6.15, 1.2.52 released
http://www.libpng.org/pub/png/src/libpng-1.6.15-README.txt
http://www.libpng.org/pub/png/src/libpng-1.2.52-README.txt
+ SA62400 Linux Kernel ARM64 "__clear_user()" Denial of Service Vulnerability
http://secunia.com/advisories/62400/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7843
+ SA59820 phpMyAdmin Script Insertion and Information Disclosure Vulnerabilities
http://secunia.com/advisories/59820/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8959
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8960
+ SA62399 Linux Kernel KVM Nested VMX Emulation Failure Handling Denial of Service Vulnerability
http://secunia.com/advisories/62399/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842
+ SA62390 Linux Kernel "sctp_process_param()" NULL Pointer Dereference Vulnerability
http://secunia.com/advisories/62390/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841
+ DoS/PoC: PHP 5.5.12 Locale::parseLocale Memory Corruption
http://www.exploit-db.com/exploits/35358
+ DoS/PoC: tcpdump 4.6.2 Geonet Decoder Denial of Service
http://www.exploit-db.com/exploits/35359
+ Linux 'less' can probably get you owned
http://cxsecurity.com/issue/WLB-2014110160
+ Firefox 31 Integer Overflow
http://cxsecurity.com/issue/WLB-2014110159
+ Linux kernel LDT handling bugs
http://cxsecurity.com/issue/WLB-2014110158
+ Linux Kernel Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/71253
+ Linux Kernel 'espfix64' Double Fault Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/71252
+ Linux Kernel 'espfix64' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/71250
+ Linux Kernel 'lesspipe' Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/71248
JVNDB-2014-000134 BSD 系 OS におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000134.html
世界のセキュリティ・ラボから
巧妙に複数のサイトになりすますフィッシング手口
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/112000020/?ST=security
モバイルとクラウドにより企業の「壁」が壊された――トレンドマイクロ社長
http://itpro.nikkeibp.co.jp/atcl/news/14/112102002/?ST=security
攻撃よりも「信用」を優先、国内企業を狙う「やり取り型」が新たに5件
http://itpro.nikkeibp.co.jp/atcl/news/14/112102000/?ST=security
米当局、技術サポート詐欺グループを摘発、被害額1.2億ドル
http://itpro.nikkeibp.co.jp/atcl/news/14/112101998/?ST=security
REMOTE: Hikvision DVR RTSP Request Remote Code Execution
http://www.exploit-db.com/exploits/35356
0 件のコメント:
コメントを投稿