:: IT Security Neophyte Investigator's MEMO ::: 17日木曜日、赤口

2015年9月17日木曜日

17日木曜日、赤口

+ About the security content of OS X Server v5.0.3
https://support.apple.com/ja-jp/HT205219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0242
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5911

+ About the security content of iTunes 12.3
https://support.apple.com/ja-jp/HT205221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3744
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3746
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5795
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5816
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5920

+ About the security content of Xcode 7.0
https://support.apple.com/ja-jp/HT205217
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0251

+ About the security content of iOS 9
https://support.apple.com/ja-jp/HT205212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5916
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5912
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5845
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5816
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3951
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8611
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5857
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5765
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5795
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5921
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788

+ CESA-2015:1778 Important CentOS 7 kernel Security Update
http://lwn.net/Alerts/657502/

+ ISC DHCP 4.3.3 released
https://kb.isc.org/article/AA-01297

+ BIND 9.10.3, 9.9.8 released
ftp://ftp.isc.org/isc/bind9/9.10.3/RELEASE-NOTES.bind-9.10.3.html
ftp://ftp.isc.org/isc/bind9/9.9.8/RELEASE-NOTES.bind-9.9.8.html

+ UPDATE: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150710-openssl

+ Cisco TelePresence Server Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6284

+ Multiple Vulnerabilities in Cisco Prime Collaboration Assurance
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-pca
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4306

+ Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-pcp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4307

+ VMSA-2015-0006 VMware vCenter Server updates address a LDAP certificate validation issue
http://www.vmware.com/security/advisories/VMSA-2015-0006.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6932

+ SYM15-009 Security Advisories Relating to Symantec Products - Symantec Web Gateway Security Management Console Multiple Issues
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6548

+ VMware vCenter Server Lets Remote Users Bypass LDAP Certificate Validation to Access Data Transmitted by the Target System
http://www.securitytracker.com/id/1033582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6932

JVNDB-2015-000135 Photon におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000135.html

JVNDB-2015-000134 AI黒白棋におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000134.html

JVNDB-2015-000133 こりトレにおけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000133.html

JVNDB-2015-000132 MEGAPHONE MUSIC におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000132.html

JVNDB-2015-000131 Auction Camera におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000131.html

JVNDB-2015-000130 アプリカンにおけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000130.html

やばいぞ日本、セキュリティ最前線からの警告
やばいぞマネージド・セキュリティ・サービス、安かろう悪かろうを排除する
http://itpro.nikkeibp.co.jp/atcl/column/15/090800214/090800004/?ST=security

UPDATE: JVNVU#99671861 UPnP を実装した複数のルータ製品にセキュリティ機能の実装が不十分な問題
http://jvn.jp/vu/JVNVU99671861/

:: IT Security Neophyte Investigator's MEMO ::

2015年9月17日木曜日

17日木曜日、赤口

0 件のコメント:

コメントを投稿

2015年9月17日木曜日

17日 木曜日、赤口

0 件のコメント:

コメントを投稿

17日木曜日、赤口