+ RHSA-2015:0090 Critical: glibc security update
https://rhn.redhat.com/errata/RHSA-2015-0090.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
+ RHSA-2015:0087 Important: kernel security and bug fix update
https://rhn.redhat.com/errata/RHSA-2015-0087.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841
+ RHSA-2015:0092 Critical: glibc security update
https://rhn.redhat.com/errata/RHSA-2015-0092.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
+ RHSA-2015:0092 Critical: glibc security update
https://access.redhat.com/errata/RHSA-2015:0092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
+ Opera 27 released
http://www.opera.com/docs/changelogs/unified/2700/
+ APSB15-03 Security updates available for Adobe Flash Player
http://helpx.adobe.com/security/products/flash-player/apsb15-03.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0311
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-031
+ CESA-2015:0085 Important CentOS 6 java-1.6.0-openjdk Security Update
http://lwn.net/Alerts/630782/
+ CESA-2015:0085 Important CentOS 5 java-1.6.0-openjdk Security Update
http://lwn.net/Alerts/630781/
+ CESA-2015:0085 Important CentOS 7 java-1.6.0-openjdk Security Update
http://lwn.net/Alerts/630783/
+ CESA-2015:0074 Important CentOS 7 jasper Security Update
http://lwn.net/Alerts/630665/
+ CESA-2015:0074 Important CentOS 6 jasper Security Update
http://lwn.net/Alerts/630448/
+ UPDATE: Multiple Vulnerabilities in ntpd Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd
+ Linux kernel 3.18.4, 3.14.30, 3.10.66 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.4
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.30
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.66
+ Apache HTTP Server 2.4.12 Released
http://www.apache.org/dist/httpd/Announcement2.4.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
+ Apache Tomcat 8.0.18 Released
http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.18_(markt)
+ Glibc Buffer Overflow in __nss_hostname_digits_dots() Lets Remote and Local Users Execute Arbitrary Code
http://www.securitytracker.com/id/1031639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
+ Adobe Flash Player Double-Free Memory Error Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1031634
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0312
+ MantisBT Bugs Permit Remote Cross-Site Scripting, SQL Injection, and Security Bypass Attacks
http://www.securitytracker.com/id/1031633
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1042
+ REMOTE: D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit
http://www.exploit-db.com/exploits/35917
+ SA62543 Microsoft Windows Flash Two Code Execution Vulnerabilities
http://secunia.com/advisories/62543/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0311
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0312
+ SA62626 MariaDB Multiple Vulnerabilities
http://secunia.com/advisories/62626/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0432
+ SA60686 Opera Multiple Vulnerabilities
http://secunia.com/advisories/60686/
+ glibc gethostbyname buffer overflow (aka GHOST)
http://cxsecurity.com/issue/WLB-2015010140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
+ Android WiFi-Direct Denial of Service
http://cxsecurity.com/issue/WLB-2015010139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0997
+ Apple iOS APPLE-SA-2015-01-27-2 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/72333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4467
+ WebKit CVE-2014-4477 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/72331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4477
+ WebKit CVE-2014-4479 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/72330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4479
+ WebKit CVE-2014-4476 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/72329
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4476
+ Apple Mac OS X Prior to 10.10.2 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/72328
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8816
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8817
+ Multiple Apple Products Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/72327
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4489
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4492
+ GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/72325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
+ Linux Kernel Crypto API CVE-2013-7421 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/72322
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7421
+ Multiple Android Devices CVE-2014-0997 Denial of Service Vulnerability
http://www.securityfocus.com/bid/72311
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0997
JVNDB-2015-000012 複数の ASUS 製無線 LAN ルータにおけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000012.html
JVNDB-2015-000011 複数の ASUS 製無線 LAN ルータにおける OS コマンドインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000011.html
JVN#22440986 アライドテレシス製の複数の製品におけるバッファオーバーフローの脆弱性
http://jvn.jp/jp/JVN22440986/
ヤバイメールの処方箋
(8)困ったときのメールのトラブル回避&バックアップのテクニック
http://itpro.nikkeibp.co.jp/atcl/column/15/011300007/011300009/?ST=security
狙われるWebサイト、改ざんの脅威から守る
第3回 管理者アカウントが危ない
http://itpro.nikkeibp.co.jp/atcl/column/15/011600011/011600003/?ST=security
最新ウイルス解析レポート
第3回:巧妙な隠蔽技法を備えた標的型攻撃用ツール「BKDR_PLUGX」
http://itpro.nikkeibp.co.jp/atcl/column/14/121100126/011600005/?ST=security
世界のセキュリティ・ラボから
個人情報を平文送信するモバイルアプリ
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/012600029/?ST=security
サイボウズの報奨金に半年で158件の報告、2015年は特定攻撃を増額
http://itpro.nikkeibp.co.jp/atcl/news/15/012700309/?ST=security
CSIRTを構築した企業は4割以上、Server 2003の移行が完了しているのは1割
http://itpro.nikkeibp.co.jp/atcl/news/15/012700306/?ST=security
0 件のコメント:
コメントを投稿