+ Zabbix 3.2.2, 3.0.6, 2.2.16 released
http://www.zabbix.com/rn3.2.2
http://www.zabbix.com/rn3.0.6
http://www.zabbix.com/rn2.2.16
+ CESA-2016:2850 Important CentOS 6 thunderbird Security Update
https://lwn.net/Alerts/708337/
+ CESA-2016:2872 Moderate CentOS 6 sudo Security Update
https://lwn.net/Alerts/708335/
+ CESA-2016:2850 Important CentOS 5 thunderbird Security Update
https://lwn.net/Alerts/708336/
+ UPDATE: Cisco Email Security Appliance Content Filter Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa
+ UPDATE: Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux
+ UPDATE: Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2
+ Cisco Web Security Appliance Drop Decrypt Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9212
+ Cisco Web Security Appliance HTTP URL Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6469
+ Cisco Firepower Management Center Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-vdc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6471
+ Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ucm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6464
+ Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-pca
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9200
+ Cisco Identity Services Engine Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9214
+ Cisco Identity Services Engine Active Directory Integration Component Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9198
+ Cisco IOS XR Software Default Credentials Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-iosxr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9215
+ Cisco IOS and Cisco IOS XE Software Zone-Based Firewall Feature Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-zbf
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9201
+ Cisco IOS XR Software HTTP 2.0 Request Handling Event Service Daemon Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9205
+ Cisco IOS and IOS XE Software SSH X.509 Authentication Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xe-x509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6474
+ Cisco IOS Frame Forwarding Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6473
+ Cisco Intercloud Fabric Director Static Credentials Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-icf
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9204
+ Cisco Hybrid Media Service Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-hms
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6470
+ Cisco FirePOWER Malware Protection Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fpwr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9209
+ Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9193
+ Cisco FireAMP Connector Endpoint Software Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6449
+ Cisco Expressway Series Software Security Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-expressway
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9207
+ Cisco Email Security Appliance SMTP Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9202
+ Cisco Unified Communications Manager Unified Reporting Upload Tool Directory Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cur
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9210
+ Cisco Unified Communications Manager Administration Page Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cucm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9206
+ Cisco ONS 15454 Series Multiservice Provisioning Platforms TCP Port Management Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cons
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9211
+ Cisco Emergency Responder Directory Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cer1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9208
+ Cisco Emergency Responder Cross-Site Request Forgery Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cer
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6468
+ Cisco IOx Application-Hosting Framework Directory Traversal Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9199
+ Cisco Security Appliances AsyncOS Software Update Server Certificate Validation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asyncos
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1411
+ Cisco ASR 5000 Series IKEv2 Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asr1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9203
+ Cisco ASR 5000 Series IPv6 Packet Processing Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6467
+ Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9192
+ Samba 4.5.2 Available for Download
https://www.samba.org/samba/history/samba-4.5.2.html
+ JVNVU#91242711 BSD libc にバッファオーバーフローの脆弱性
http://jvn.jp/vu/JVNVU91242711/
+ FreeBSD/Apple libc link_ntoa() buffer overflow
https://cxsecurity.com/issue/WLB-2016120046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6559
+ Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) AF_PACKET Race Condition Privilege Escalation
https://cxsecurity.com/issue/WLB-2016120045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655
+ Microsoft Windows 10 x86/x64 WLAN AutoConfig Named Pipe Proof Of Concept
https://cxsecurity.com/issue/WLB-2016120041
+ Microsoft Edge CBase-Scriptable::Private-Query-Interface Memory Corruption
https://cxsecurity.com/issue/WLB-2016120039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3222
+ Microsoft PowerShell XXE Injection
https://cxsecurity.com/issue/WLB-2016120038
+ Sony IPELA ENGINE IP Cameras Backdoor Accounts
https://cxsecurity.com/issue/WLB-2016120036
VU#768331 ForeScout CounterACT SecureConnector agent is vulnerable to privilege escalation
https://www.kb.cert.org/vuls/id/768331
JVNDB-2016-000242 Sleipnir for Mac におけるアドレス表示偽装の脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000242.html
JVNVU#91760870 SunGard eTRAKiT に SQL インジェクションの脆弱性
http://jvn.jp/vu/JVNVU91760870/
JVNVU#99901500 三菱電機 MELSEC-Q シリーズの Ethernet インターフェースモジュールに複数の脆弱性
http://jvn.jp/vu/JVNVU99901500/
JVN#28151745 Sleipnir for Mac におけるアドレス表示偽装の脆弱性
http://jvn.jp/jp/JVN28151745/
JVNVU#96435227 ソニー製の複数のネットワークカメラ製品に脆弱性
http://jvn.jp/vu/JVNVU96435227/
OSSのAPI管理ソフト「Kong」が日本でのサポート開始
http://itpro.nikkeibp.co.jp/atcl/news/16/120703665/?ST=security&itp_list_theme
カスペルスキー、特定環境下でしか動かないマルウエアを報告
http://itpro.nikkeibp.co.jp/atcl/news/16/120703664/?ST=security&itp_list_theme
IBMが「Watsonでサイバー防御」のベータ運用開始、三井住友銀行が参加
http://itpro.nikkeibp.co.jp/atcl/news/16/120703660/?ST=security&itp_list_theme
ソフトバンク、インターネット接続サービスでマルウエアブロッキングを開始
http://itpro.nikkeibp.co.jp/atcl/news/16/120703659/?ST=security&itp_list_theme
三井住友銀行、セキュリティー人材の育成でNECと協業
http://itpro.nikkeibp.co.jp/atcl/news/16/120703657/?ST=security&itp_list_theme
0 件のコメント:
コメントを投稿