2020年8月17日月曜日

17日 月曜日、先負

+ Windows DNSキャッシュリゾルバーサービスの脆弱性情報が公開されました(CVE-2020-1584)
https://jprs.jp/tech/security/2020-08-14-windowsdnsrslvr.html
CVE-2020-1584

+ Wireshark 3.2.6, 3.0.13, 2.6.19 released
https://www.wireshark.org/docs/relnotes/wireshark-3.2.6.html
https://www.wireshark.org/docs/relnotes/wireshark-3.0.13.html
https://www.wireshark.org/docs/relnotes/wireshark-2.6.19.html

+ PostgreSQL 12.4, 11.9, 10.14, 9.6.19, 9.5.23 released
https://www.postgresql.org/docs/12/release-12-4.html
https://www.postgresql.org/docs/11/release-11-9.html
https://www.postgresql.org/docs/10/release-10-14.html
https://www.postgresql.org/docs/9.6/release-9-6-19.html
CVE-2020-14349
CVE-2020-14350

https://www.postgresql.org/docs/9.5/release-9-5-23.html

+ Samba 4.12.6 Available for Download
https://www.samba.org/samba/history/samba-4.12.6.html

+ 13 August 2020 - Security Advice: Announcing CVE-2019-0230 (Possible RCE) and CVE-2019-0233 (DoS) security issues
https://struts.apache.org/announce.html#a20200813
CVE-2019-0230
CVE-2019-0233

+ S2-059 Forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
https://cwiki.apache.org/confluence/display/WW/S2-059
CVE-2019-0230

+ S2-060 Access permission override causing a Denial of Service when performing a file upload
https://cwiki.apache.org/confluence/display/WW/S2-060
CVE-2019-0233

+ Struts 2の脆弱性情報(Important: CVE-2019-0230, Moderate: CVE-2019-0233)
https://security.sios.com/vulnerability/struts-security-vulnerability-20200814.html
CVE-2019-0230, CVE-2019-0233

+ Apache Struts 2 の脆弱性 (S2-059、S2-060) に関する注意喚起
https://www.jpcert.or.jp/at/2020/at200034.html
CVE-2019-0230, CVE-2019-0233

不正アクセスで漏洩なら要通知 個人情報管理、法改正で負担増
https://xtech.nikkei.com/atcl/nxt/mag/nc/18/092400133/080700030/?ST=nxt_thmit_security

10年前から変わらぬ出会い系詐欺の手口、「3億円あげる」にだまされる訳とは
https://xtech.nikkei.com/atcl/nxt/column/18/00676/080400055/?ST=nxt_thmit_security

他社への不正アクセスが原因でメールを盗聴される、巧妙な手口の全容
https://xtech.nikkei.com/atcl/nxt/column/18/00001/04398/?ST=nxt_thmit_security

0 件のコメント:

コメントを投稿