+ phpMyAdmin 4.0.10.9, 4.2.13.2 and 4.3.11.1 are released
http://sourceforge.net/p/phpmyadmin/news/2015/03/phpmyadmin-40109-42132-and-43111-are-released/
+ PMASA-2015-1 Risk of BREACH attack due to reflected parameter
http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php
+ Wireshark 1.12.4 released
https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html
+ wnpa-sec-2015-06 ATN-CPDLC dissector crash
https://www.wireshark.org/security/wnpa-sec-2015-06.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2187
+ wnpa-sec-2015-07 The WCP dissector could crash
https://www.wireshark.org/security/wnpa-sec-2015-07.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2188
+ wnpa-sec-2015-08 The pcapng file parser could crash
https://www.wireshark.org/security/wnpa-sec-2015-08.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2189
+ wnpa-sec-2015-09 The LLDP dissector could crash
https://www.wireshark.org/security/wnpa-sec-2015-09.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2190
+ wnpa-sec-2015-10 The TNEF dissector could go into an infinite loop. Discovered by Vlad Tsyrklevich
https://www.wireshark.org/security/wnpa-sec-2015-10.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2191
+ wnpa-sec-2015-11 The SCSI OSD dissector could go into an infinite loop. Discovered by Vlad Tsyrklevich
https://www.wireshark.org/security/wnpa-sec-2015-11.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2192
+ UPDATE: Multiple Vulnerabilities in ntpd Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd
+ Check Point response to TLS FREAK Attack (CVE-2015-0204)
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk105062&src=securityAlerts
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
+ Citrix Security Advisory for RSA Export Key ‘FREAK’ Vulnerability
http://support.citrix.com/article/CTX200491
+ Courier-IMAP 4.16.0 released
http://www.courier-mta.org/download.html
+ Symantec NetBackup OpsCenter for Linux/Unix Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1031831
+ Apple OS X TLS Export Cipher Bug Lets Remote Users Downgrade Session Security
http://www.securitytracker.com/id/1031830
+ Apple iOS TLS Export Cipher Bug Lets Remote Users Downgrade Session Security
http://www.securitytracker.com/id/1031829
+ REMOTE: Symantec Web Gateway 5 restore.php Post Authentication Command Injection
http://www.exploit-db.com/exploits/36263
+ REMOTE: Seagate Business NAS Unauthenticated Remote Command Execution
http://www.exploit-db.com/exploits/36264
+ DoS/PoC: Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC
http://www.exploit-db.com/exploits/36266
+ DoS/PoC: Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
http://www.exploit-db.com/exploits/36267
+ DoS/PoC: Linux Kernel Associative Array Garbage Collection - Crash PoC
http://www.exploit-db.com/exploits/36268
+ SSL/TLS Vulnerability Explained
http://cxsecurity.com/issue/WLB-2015030024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
+ PostgreSQL password hashing
http://cxsecurity.com/issue/WLB-2015030023
Fujitsu Develops Column-Oriented Data-Processing Engine that accelerates analytic processing more than fifty-fold on a single server with PostgreSQL open-source database
http://www.postgresql.org/about/news/1573/
Meet the PostgresDAC v3.0.0
http://www.postgresql.org/about/news/1574/
JVNDB-2015-000036 まろやかリレー小説におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000036.html
JVNDB-2015-000035 まろやかイメージアルバムにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000035.html
JVNDB-2015-000034 まろやか一言ボードにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000034.html
世界のセキュリティ・ラボから
人間ファイアウォールを通過するソーシャルエンジニアリング
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/030200034/?ST=security
サイバー攻撃防止へ官民情報共有、日米欧それぞれの悩み
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/030300185/?ST=security
「あなたのiPhoneが見つかりました!」、ロック解除を狙うフィッシング
http://itpro.nikkeibp.co.jp/atcl/news/15/030400797/?ST=security
中国、米大統領のテロ対策法批判に反論
http://itpro.nikkeibp.co.jp/atcl/news/15/030400782/?ST=security
0 件のコメント:
コメントを投稿