+ UPDATE: GNU Bash Environment Variable Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
+ UPDATE: Multiple Vulnerabilities in ntpd Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd
+ HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04537915&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7881
+ UPDATE: HPSBOV03227 rev.2 - HP SSL for OpenVMS, Remote Disclosure of Information, Denial of Service (DoS) and Other Vulnerabilities
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04533567&docLocale=ja_JP
+ Multiple vulnerabilities in NTP
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_ntp
+ Apple OS X Spotlight Mail Preview Function Bypasses Mail Privacy Preferences
http://www.securitytracker.com/id/1031521
+ Linux Kernel x86_64 PIE bypass using VDSO ASLR weakness
http://cxsecurity.com/issue/WLB-2015010050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585
+ OS X 10.9.x - sysmond XPC Privilege Escalation
http://cxsecurity.com/issue/WLB-2015010049
+ OpenSSL 1.0.1j Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2015010048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570
+ PHP 5.6.4 ereg() null pointer deference
http://cxsecurity.com/issue/WLB-2015010045
+ PHP 5.6.4 CORE Uninitialized pointer read
http://cxsecurity.com/issue/WLB-2015010046
+ SA62193 WinSCP OpenSSL Multiple Security Bypass Vulnerabilities
http://secunia.com/advisories/62193/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
+ SA61922 McAfee ePolicy Orchestrator XML External Entities Vulnerability
http://secunia.com/advisories/61922/
+ Linux Kernel 'vdso_addr()' Function Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/71990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585
ByteDesigner version 2.3 is available
http://www.postgresql.org/about/news/1562/
JVNVU#98974537 OpenSSL に複数の脆弱性
http://jvn.jp/vu/JVNVU98974537/
UPDATE: JVNVU#96605606 Network Time Protocol daemon (ntpd) に複数の脆弱性
http://jvn.jp/vu/JVNVU96605606/
UPDATE: JVNVU#91812636 再帰的名前解決を行う DNS リゾルバの実装に名前解決を無限に繰り返す問題
http://jvn.jp/vu/JVNVU91812636/
UPDATE: JVNVU#94007830 ISC BIND 9 に複数の脆弱性
http://jvn.jp/vu/JVNVU94007830/
UPDATE: JVNVU#99291862 複数の NAT-PMP デバイスが WAN 側から操作可能な問題
http://jvn.jp/vu/JVNVU99291862/
4割がネットバンキングで危険に遭遇、進むスマホシフトでセキュリティ確保も急務
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/010900142/?ST=security
10年の歴史に幕、マイクロソフトがパッチの事前通知を終了
http://itpro.nikkeibp.co.jp/atcl/news/15/010900117/?ST=security
TwoFive、DNSへの攻撃を防御するDNSサーバーソフト
http://itpro.nikkeibp.co.jp/atcl/news/15/010900114/?ST=security
ITproまとめ
顔認識
http://itpro.nikkeibp.co.jp/atcl/column/14/494329/010500057/?ST=security
ITproまとめ
WAF
http://itpro.nikkeibp.co.jp/atcl/column/14/494329/010800058/?ST=security
LOCAL: RedStar 3.0 Desktop - Privilege Escalation (Enable sudo)
http://www.exploit-db.com/exploits/35746
LOCAL: RedStar 2.0 Desktop - Privilege Escalation (World-writeable rc.sysinit)
http://www.exploit-db.com/exploits/35748
LOCAL: RedStar 3.0 Desktop - Privilege Escalation (Software Manager - swmng.app)
http://www.exploit-db.com/exploits/35749
0 件のコメント:
コメントを投稿