2015年2月23日月曜日

23日 月曜日、大安

+ UPDATE: APSB15-04 Security updates available for Adobe Flash Player
https://helpx.adobe.com/content/help/en/security/products/flash-player/apsb15-04.html

+ phpMyAdmin 4.3.10 released
http://sourceforge.net/p/phpmyadmin/news/2015/02/phpmyadmin-4310-release-notes/

+ CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash
https://kb.isc.org/article/AA-01235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349

+ UPDATE: GNU glibc gethostbyname Function Buffer Overflow Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost

+ Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0618

+ HPSBMU03261 rev.1 - HP Systems Insight Manager running OpenSSL on Linux and Windows, Remote Disclosure of Information
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04571454&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139

+ HPSBMU03260 rev.1 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Disclosure of Information
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04571379&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139

+ HPSBPV03266 rev.1 - Certain HP Networking and H3C Switches and Routers running NTP, Remote Execution of Code, Disclosure of Information, and Denial of Service (DoS)
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04574882&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295

+ HPSBUX03240 SSRT101872 rev.1 - HP-UX Running NTP, Remote Execution of Code, Denial of Service (DoS), or Other Vulnerabilties
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04554677&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9297

+ Linux kernel 3.12.38, 3.2.67 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.38
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.67

+ JVNDB-2015-000022 AL-Mail32 におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000022.html

+ JVNDB-2015-000021 AL-Mail32 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000021.html

+ JVNDB-2015-000020 AL-Mail32 におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000020.html

+ SA62993 Linux Kernel AMD CPU Core Denial of Service Vulnerability
http://secunia.com/advisories/62993/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885

JVNDB-2015-000019 Squid における HTTP ヘッダインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000019.html

世界のセキュリティ・ラボから
BMW、リモートのドアロック解除を許す脆弱性を修正
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/022000032/?ST=security

チェックしておきたい脆弱性情報<2015.02.23>
http://itpro.nikkeibp.co.jp/atcl/column/14/268561/022000043/?ST=security

ITproまとめ
Superfish
http://itpro.nikkeibp.co.jp/atcl/column/14/494329/022000074/?ST=security

あなたは大丈夫?「Superfish」の確認と対策を急げ
http://itpro.nikkeibp.co.jp/atcl/news/15/022000632/?ST=security

「回収はしない」「自分で削除を」、Superfishセキュリティ問題でレノボ日本法人
http://itpro.nikkeibp.co.jp/atcl/news/15/022000629/?ST=security

マカフィー、中小企業向けにセキュリティスイートを用意
http://itpro.nikkeibp.co.jp/atcl/news/15/022000628/?ST=security

東陽テクニカ、Android/iOS上で動作するホスト型IPSを発売
http://itpro.nikkeibp.co.jp/atcl/news/15/022000626/?ST=security

SSL通信を盗聴される恐れ、ノートPCに潜む「Superfish」の正体
http://itpro.nikkeibp.co.jp/atcl/news/15/022000625/?ST=security

0 件のコメント:

コメントを投稿