+ Mozilla Firefox 55.0.2 released
https://www.mozilla.org/en-US/firefox/55.0.2/releasenotes/
+ CESA-2017:2478 Critical CentOS 6 httpd Security Update
https://lwn.net/Alerts/731144/
+ CESA-2017:2456 Critical CentOS 6 firefox Security Update
https://lwn.net/Alerts/731143/
+ CESA-2017:2424 Critical CentOS 6 java-1.7.0-openjdk Security Update
https://lwn.net/Alerts/731145/
+ Cisco Virtual Network Function Element Manager Arbitrary Command Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-em
CVE-2017-6710
+ Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic2
CVE-2017-6768
+ Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic1
CVE-2017-6767
+ Cisco TelePresence Video Communication Server Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-vcs
CVE-2017-6790
+ Cisco Ultra Services Platform Deployment Configuration Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usp
CVE-2017-6778
+ Cisco Ultra Services Framework AutoVNF Configuration Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usf
CVE-2017-6771
+ Cisco Unified Communications Manager Horizontal Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-ucm
CVE-2017-6785
+ Cisco StarOS for ASR 5000 Series Routers Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros3
CVE-2017-6775
+ Cisco StarOS for ASR 5000 Series Routers FTP Configuration File Modification Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros2
CVE-2017-6774
+ Cisco StarOS for ASR 5000 Series Routers Command-Line Interface Security Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros1
CVE-2017-6773
+ Cisco Elastic Services Controller Sensitive Log Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc4
CVE-2017-6786
+ Cisco Elastic Services Controller Configuration Parameters Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc3
CVE-2017-6777
+ Cisco Elastic Services Controller Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc2
CVE-2017-6776
+ Cisco Elastic Services Controller Configuration Files Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1
CVE-2017-6772
+ Cisco Security Appliances SNMP Polling Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa
CVE-2017-6783
+ Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-crr
CVE-2017-6784
+ Cisco Policy Suite Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cps
CVE-2017-6781
+ Cisco Prime Infrastructure HTML Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cpi
CVE-2017-6782
+ Cisco AnyConnect WebLaunch Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-caw
CVE-2017-6788
+ Linux kernel 4.12.8, 4.9.44, 4.4.83, 3.18.66 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.8
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.44
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.83
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.66
+ Apple iOS 10.3 - UI SMS Access Permission Vulnerability *video
https://cxsecurity.com/issue/WLB-2017080096
+ Microsoft Resnet - DNS Configuration Web Vulnerability
https://cxsecurity.com/issue/WLB-2017080097
+ FreeBSD Jails Shared Memory Handling Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/100349
Windows Defender ATP でステルス性の高いクロスプロセス インジェクション手法を検出する: プロセス ハロウイングと AtomBombing
https://blogs.technet.microsoft.com/jpsecurity/2017/08/16/detecting-stealthier-cross-process-injection-techniques-with-windows-defender-atp-process-hollowing-and-atom-bombing/
夏休みスペシャル 2017
ITスキルが上がるゲーム4選、セキュリティからWeb制作まで
http://itpro.nikkeibp.co.jp/atcl/column/17/080300327/080900010/?ST=security&itp_list_theme
Take Part in a Study to Help Improve Onion Services
http://www.linuxsecurity.com/content/view/175485/169/
Google awards student $10k for discovery of App Engine data leak flaw
http://www.linuxsecurity.com/content/view/175484/169/
Top 10 Enterprise Encryption Products
http://www.linuxsecurity.com/content/view/175483/169/
0 件のコメント:
コメントを投稿