2016年6月21日火曜日

21日 火曜日、先負











+ Cisco Integrated Services Routers OpenSSH TCP Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-isr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6289

+ Cisco IOS XE Software SNMP Subsystem Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-iosxe
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1428

+ Cisco 8800 Series IP Phone Directory Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ip-phone
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1434

+ Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1435

+ UPDATE: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6

+ Linux kernel 3.12.61 released
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.61

+ UPDATE: Oracle Solaris Third Party Bulletin - April 2016
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

+ SA71257 Apache Struts Multiple Vulnerabilities
https://secunia.com/advisories/71257/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4465

+ JVNDB-2016-000110 Apache Struts において任意のコードを実行可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000110.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4438

+ JVNDB-2016-000114 Apache Struts におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000114.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4465

+ JVNDB-2016-000113 Apache Strutsにおける入力値検証の回避の脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000113.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4431

+ JVNDB-2016-000112 Apache Strutsの Getter メソッドにおける検証回避の脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000112.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4433

+ JVNDB-2016-000111 Apache Strutsにおけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000111.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4430

VU#143335 mDNSResponder contains multiple memory-based vulnerabilities
https://www.kb.cert.org/vuls/id/143335

UPDATE: JVN#75813272 バッファロー製の複数の無線 LAN ルータにおける情報漏えいの脆弱性
http://jvn.jp/jp/JVN75813272/index.html

UPDATE: JVN#81698369 バッファロー製の複数の無線 LAN ルータにおけるディレクトリトラバーサルの脆弱性
http://jvn.jp/jp/JVN81698369/index.html

0 件のコメント:

コメントを投稿