6日 月曜日、赤口

+ UPDATE: APSB16-17 Security update available for the Adobe Connect Add-In for Windows
https://helpx.adobe.com/security/products/connect/apsb16-17.html

+ UPDATE: APSB16-15 Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html

+ UPDATE: Cisco WebEx Meeting Center Site Access Control User Account Enumeration Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc

+ UPDATE: Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode

+ Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957

+ UPDATE: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6

+ Cisco IP 8800 Series Phones btcli Utility Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ipp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1403

+ SA70991 Trend Micro OfficeScan Dirctory Traversal Vulnerability
https://secunia.com/advisories/70991/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1223

+ SA70966 Trend Micro Worry-Free Business Security Directory Traversal and HTTP Header Injection Vulnerabilities
https://secunia.com/advisories/70966/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1224

+ SA70920 NTP Security Bypass and Denial of Service Multiple Vulnerabilities
https://secunia.com/advisories/70920/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957

+ FreeBSD-SA-16:24.ntp Multiple vulnerabilities of ntp
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:24.ntp.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956

+ GCC 5.4 released
https://gcc.gnu.org/gcc-5/changes.html

+ JVNVU#94410990 NTP.org の ntpd にサービス運用妨害 (DoS) など複数の脆弱性
http://jvn.jp/vu/JVNVU94410990/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956

+ Windows 7 firewall bypass PoC
https://cxsecurity.com/issue/WLB-2016060024

10の疑問を試して解明 セキュリティ大実験室
脆弱性を悪用するのは簡単か？
http://itpro.nikkeibp.co.jp/atcl/column/16/052300113/052300010/?ST=security

実践、セキュリティ事故対応
［第9回］内部不正の調査は被疑者の目線で　痕跡を探し本人にもヒアリング
http://itpro.nikkeibp.co.jp/atcl/column/15/110900259/031800009/?ST=security