2017年5月12日金曜日

12日 金曜日、友引

+ UPDATE: Cisco Integrated Management Controller Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151211-imc

+ UPDATE: Cisco AsyncOS Software for Cisco ESA Filtering Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos

+ PostgreSQL 9.6.3, 9.5.7, 9.4.12, 9.3.17, 9.2.21 Released
https://www.postgresql.org/about/news/1746/
https://www.postgresql.org/docs/9.6/static/release-9-6-3.html
https://www.postgresql.org/docs/9.5/static/release-9-5-7.html
https://www.postgresql.org/docs/9.4/static/release-9-4-12.html
https://www.postgresql.org/docs/9.3/static/release-9-3-17.html
https://www.postgresql.org/docs/9.2/static/release-9-2-21.html
CVE-2017-7484
CVE-2017-7485
CVE-2017-7486

+ Apache Tomcat 8.5.15 Released
http://tomcat.apache.org/tomcat-8.5-doc/changelog.html#Tomcat_8.5.15_(markt)

+ PHP 7.1.5, 7.0.19 Released
http://www.php.net/ChangeLog-7.php#7.1.5
http://www.php.net/ChangeLog-7.php#7.0.19

+ Linux Kernel Thread Keyring Leak in keyctl_set_reqkey_keyring() Lets Local Users Consume Excessive Memory Resources
http://www.securitytracker.com/id/1038471
CVE-2017-7472

+ Microsoft IIS WebDav ScStoragePathFromUrl Overflow
https://cxsecurity.com/issue/WLB-2017050070
CVE-2017-7269

JVNDB-2017-000079 SOY CMS のインストーラにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000079.html

UPDATE: JVNDB-2017-000078 SOY CMS におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000078.html

ニュース解説
知るほどに怖くなる!?Struts2脆弱性のメカニズム
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/051100966/?ST=security&itp_list_theme

ITpro Report
もう始まった!?登録セキスペのオンライン講習受けてみた
http://itpro.nikkeibp.co.jp/atcl/column/14/090100053/051000246/?ST=security&itp_list_theme

SELinux and --no-new-privs and the setpriv command
http://www.linuxsecurity.com/content/view/171442/169/

Kevin Mitnick performs hacking tricks, live on Wall Street
http://www.linuxsecurity.com/content/view/171441/169/

Hacker dumps, magnet links, and you
http://www.linuxsecurity.com/content/view/171440/169/

The NSA Confirms It: Russia Hacked French Election ‘Infrastructure’
http://www.linuxsecurity.com/content/view/171439/169/

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)