:: IT Security Neophyte Investigator's MEMO ::: 30日月曜日、先負

2017年1月30日月曜日

30日月曜日、先負

+ CESA-2017:0190 Critical CentOS 5 firefox Security Update
https://lwn.net/Alerts/712781/

+ CESA-2017:0183 Moderate CentOS 6 squid34 Security Update
https://lwn.net/Alerts/712784/

+ CESA-2017:0184 Important CentOS 6 mysql Security Update
https://lwn.net/Alerts/712782/

+ CESA-2017:0190 Critical CentOS 7 firefox Security Update
https://lwn.net/Alerts/712779/

+ CESA-2017:0190 Critical CentOS 6 firefox Security Update
https://lwn.net/Alerts/712780/

+ CESA-2017:0182 Moderate CentOS 7 squid Security Update
https://lwn.net/Alerts/712783/

+ squid 3.5.24 released
http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.24-RELEASENOTES.html

+ UPDATE: Cisco WebEx Browser Extension Remote Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex

+ VU#909240 Cisco WebEx web browser extension allows arbitrary code execution
https://www.kb.cert.org/vuls/id/909240
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3823

+ OpenSSL 1.1.0d, 1.0.2k released
https://www.openssl.org/

+ Forthcoming OpenSSL releases
https://mta.openssl.org/pipermail/openssl-announce/2017-January/000091.html

+ SA75060 Linux Kernel Color Map Information Disclosure Vulnerabilities
https://secunia.com/advisories/75060/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8405

+ hitachi-sec-2017-101 Multiple Vulnerabilities in Cosminexus
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-101/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3289

+ hitachi-sec-2017-101 Cosminexusにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-101/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3289

+ JVNVU#92830136 OpenSSL に複数の脆弱性
http://jvn.jp/vu/JVNVU92830136/

+ macOS 10.12.1 / iOS kernel 'IOService::matchPassive' Use-After-Free
https://cxsecurity.com/issue/WLB-2017010225

+ macOS 10.12.1 / iOS kernel 'host_self_trap' Use-After-Free
https://cxsecurity.com/issue/WLB-2017010224

+ macOS 10.12.1 / iOS 10.2 kernel Userspace Pointer Memory Corruption
https://cxsecurity.com/issue/WLB-2017010223

+ OpenSSH 6.8-6.9 local privilege escalation
https://cxsecurity.com/issue/WLB-2017010222

+ OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/95814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732

+ OpenSSL CVE-2017-3730 NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/95812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3730

+ OpenSSL CVE-2017-3731 Denial of Service Vulnerability
http://www.securityfocus.com/bid/95813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731

pgBadger v9.1 has been released
https://www.postgresql.org/about/news/1730/

JVNDB-2017-000014 CubeCart におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000014.html

「日本企業の45％がEUデータ保護規則を理解せず」、米ブランコ・テクノロジー
http://itpro.nikkeibp.co.jp/atcl/news/17/012700273/?ST=security&itp_list_theme

:: IT Security Neophyte Investigator's MEMO ::

2017年1月30日月曜日

30日月曜日、先負

0 件のコメント:

コメントを投稿

2017年1月30日月曜日

30日 月曜日、先負

0 件のコメント:

コメントを投稿

30日月曜日、先負