2016年2月2日火曜日

2日 火曜日、大安

+ CESA-2016:0083 Important CentOS 7 qemu-kvm Security Update
http://lwn.net/Alerts/674220/

+ CESA-2016:0082 Important CentOS 6 qemu-kvm Security Update
http://lwn.net/Alerts/674219/

+ Cisco Application Policy Infrastructure Controller Enterprise Module Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1305

+ UPDATE: Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl

+ Cisco Fog Director Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1306

+ UPDATE: JVNVU#95668716 OpenSSL の DH プロトコルにおける脆弱性
http://jvn.jp/vu/JVNVU95668716/

+ UPDATE: JVNVU#96264182 ISC BIND 9 に複数のサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/vu/JVNVU96264182/index.html

+ MacOS X 10.11 Kernel IOAccelDisplayPipeUserClient2 Use-After-Free
https://cxsecurity.com/issue/WLB-2016020012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7047

+ MacOS X 10.11 IOBluetoothHCIUserClient Arbitrary Kernel Code
https://cxsecurity.com/issue/WLB-2016020011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7108

+ MacOS X 10.11 IOBluetoothHCIPacketLogUserClient Memory Corruption
https://cxsecurity.com/issue/WLB-2016020010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7047

+ MacOS X 10.11 Kernel - IOAccelMemoryInfoUserClient Use-After-Free
https://cxsecurity.com/issue/WLB-2016020009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7047

+ MacOS X 10.11 Kernel - no-more-senders Use-After-Free
https://cxsecurity.com/issue/WLB-2016020008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7047

VU#972224 Huawei Mobile WiFi E5151 and E5186 routers use insufficiently random values for DNS queries
https://www.kb.cert.org/vuls/id/972224

遠隔操作にDNS通信を使うマルウエアが上陸、ラックが注意喚起
http://itpro.nikkeibp.co.jp/atcl/news/16/020100322/?ST=security

IIJ、標的型対策サンドボックスをメール/Web両面でクラウド提供
http://itpro.nikkeibp.co.jp/atcl/news/16/020100319/?ST=security

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)