2016年2月1日月曜日

1日 月曜日、仏滅

+ Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0701

+ Linux kernel 4.4.1, 4.3.5, 4.1.17, 3.14.60, 3.10.96, 2.6.32.70 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.17
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.60
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.96
https://cdn.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.70

+ HS16-004 Multiple Vulnerabilities in Cosminexus
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS16-004/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

+ HS16-003 Multiple Vulnerabilities in Cosminexus
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS16-003/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494

+ HS16-004 Cosminexusにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS16-004/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

+ HS16-003 Cosminexusにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS16-003/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494

+ FreeBSD-SA-16:11.openssl OpenSSL SSLv2 ciphersuite downgrade vulnerability
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:11.openssl.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3197

+ UPDATE: JVNVU#96176042 NTP が DDoS 攻撃の踏み台として使用される問題
http://jvn.jp/vu/JVNVU96176042/

+ UPDATE: JVNVU#91445763 OpenSSL に複数の脆弱性
http://jvn.jp/vu/JVNVU91445763/

+ UPDATE: JVNVU#95877131 OpenSSL に複数の脆弱性
http://jvn.jp/vu/JVNVU95877131/

+ UPDATE: JVNVU#96605606 Network Time Protocol daemon (ntpd) に複数の脆弱性
http://jvn.jp/vu/JVNVU96605606/

+ JVNVU#95668716 OpenSSL の DH プロトコルにおける脆弱性
http://jvn.jp/vu/JVNVU95668716/

+ Linux Kernel Initialization Bug in vivid_fb_ioctl() Lets Local Users View Portions of System Memory on the Target System
http://www.securitytracker.com/id/1034893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7884

+ Linux Kernel Protocol Identifier Bug Lets Local Users Cause Denial of Service Conditions on the Target System
http://www.securitytracker.com/id/1034892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8543

+ libcurl Lets Remote Users Bypass NTLM Proxy Authentication on the Target System
http://www.securitytracker.com/id/1034882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755

+ FreeBSD Linux Support issetugid(2) Error Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1034872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1883

+ nginx DNS Processing Flaws Let Remote Users Deny Service
http://www.securitytracker.com/id/1034869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747

JVNDB-2016-000017 JOB-CUBE におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000017.html

JVNDB-2016-000016 Vine MV におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000016.html

JVNDB-2016-000015 CLUSTERPRO X におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000015.html

反捕鯨DDoS攻撃「キリング・ベイ作戦」への対処呼び掛け、米アカマイ
http://itpro.nikkeibp.co.jp/atcl/news/16/012900304/?ST=security

0 件のコメント:

コメントを投稿