:: IT Security Neophyte Investigator's MEMO ::: 10日金曜日、大安

2015年4月10日金曜日

10日金曜日、大安

+ RHSA-2015:0794 Moderate: krb5 security update
https://rhn.redhat.com/errata/RHSA-2015-0794.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422

+ About the security content of Xcode 6.3
https://support.apple.com/ja-jp/HT204663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1149

+ About the security content of Apple TV 7.2
https://support.apple.com/ja-jp/HT204662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1123
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1124

+ About the security content of iOS 8.3
https://support.apple.com/ja-jp/HT204661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1123
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1126

+ About the security content of OS X Yosemite v10.10.3 and Security Update 2015-004
https://support.apple.com/ja-jp/HT204659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4404
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1069

+ About the security content of Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
https://support.apple.com/ja-jp/HT204658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1126

+ CESA-2015:0794 Moderate CentOS 6 krb5 Security Update
http://lwn.net/Alerts/639744/

+ UPDATE: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle

+ UPDATE: Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd

+ UPDATE: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl

+ Linux kernel 3.12.40 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.40

+ Oracle Critical Patch Update Pre-Release Announcement - April 2015
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

+ Sysstat 11.0.4 released (stable version)
http://sebastien.godard.pagesperso-orange.fr/

+ LOCAL: Mac OS X rootpipe Local Privilege Escalation
http://www.exploit-db.com/exploits/36692/

+ MacOSX 10.10.2 Backdoor PoC exploit code for rootpipe
http://cxsecurity.com/issue/WLB-2015040051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1130

PostgreSQL Maestro 15.4 released
http://www.postgresql.org/about/news/1580/

JVNDB-2015-000051 Lhaplus において任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000051.html

JVNDB-2015-000050 Lhaplus におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000050.html

［続報］トランスコスモスでも株主の個人情報漏洩の可能性、最大846人分
http://itpro.nikkeibp.co.jp/atcl/news/15/040901246/?ST=security

［続報］ロート製薬でも株主情報漏洩の疑い、サンリオなどに続き5社目
http://itpro.nikkeibp.co.jp/atcl/news/15/040901245/?ST=security

UPDATE: JVNVU#95877131 OpenSSL に複数の脆弱性
http://jvn.jp/vu/JVNVU95877131/

JVNVU#91828320 複数の Apple 製品の脆弱性に対するアップデート
http://jvn.jp/vu/JVNVU91828320/

JVN#12329472 Lhaplus において任意のコードを実行される脆弱性
http://jvn.jp/jp/JVN12329472/

JVN#02527990 Lhaplus におけるディレクトリトラバーサルの脆弱性
http://jvn.jp/jp/JVN02527990/

REMOTE: Barracuda Firmware <= 5.0.0.012 reporting Post Auth Remote Root
http://www.exploit-db.com/exploits/36690/

:: IT Security Neophyte Investigator's MEMO ::

2015年4月10日金曜日

10日金曜日、大安

0 件のコメント:

コメントを投稿

2015年4月10日金曜日

10日 金曜日、大安

0 件のコメント:

コメントを投稿

10日金曜日、大安