資安新聞及事件週報 2016/11/21 ~ 2016/11/25
**1.重大弱點漏洞:**
Wireshark DTN解析器拒絕服務漏洞(CVE-2016-9375)
https://www.wireshark.org/security/wnpa-sec-2016-62.html
Cisco AsyncOS遠程安全限制繞過漏洞(CVE-2016-6458)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa
Norton 及 Symantec 企業版產品遠端執行程式碼漏洞 CVE-2016-5311
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00
VMware 產品遠端執行程式碼漏洞 CVE-2016-7461
https://www.us-cert.gov/ncas/current-activity/2016/11/14/VMWare-Releases-Security-Updates
思科產品多個漏洞
https://www.auscert.org.au/render.html?it=41102
https://www.auscert.org.au/render.html?it=41118
2016年11月25日 星期五
2016年11月18日 星期五
資安新聞及事件週報 2016/11/14 ~ 2016/11/18
資安新聞及事件週報 2016/11/14 ~ 2016/11/18
**1.重大弱點漏洞:**
Debian Security Update for tar (DSA 3702-1)
http://www.0daybank.org/?p=3234
思科 ASA 遠端執行程式碼漏洞
http://securitytracker.com/id/1037306
CA發佈Unified Infrastructure Management安全更新,該漏洞會導致目錄遍歷
https://ics-cert.us-cert.gov/advisories/ICSA-16-315-01
OpenSSL發佈安全更新,部分漏洞可能導致阻斷服務攻擊
https://www.us-cert.gov/ncas/current-activity/2016/11/10/OpenSSL-Releases-Security-Update
CVE-2016-6313Red Hat Update for libgcrypt (RHSA-2016:2674)
http://www.0daybank.org/?p=3220
Novell Open Enterprise Server安全漏洞(CVE-2016-5763)
http://download.novell.com/Download?buildid=dfqmrymc0Rg~
**1.重大弱點漏洞:**
Debian Security Update for tar (DSA 3702-1)
http://www.0daybank.org/?p=3234
思科 ASA 遠端執行程式碼漏洞
http://securitytracker.com/id/1037306
CA發佈Unified Infrastructure Management安全更新,該漏洞會導致目錄遍歷
https://ics-cert.us-cert.gov/advisories/ICSA-16-315-01
OpenSSL發佈安全更新,部分漏洞可能導致阻斷服務攻擊
https://www.us-cert.gov/ncas/current-activity/2016/11/10/OpenSSL-Releases-Security-Update
CVE-2016-6313Red Hat Update for libgcrypt (RHSA-2016:2674)
http://www.0daybank.org/?p=3220
Novell Open Enterprise Server安全漏洞(CVE-2016-5763)
http://download.novell.com/Download?buildid=dfqmrymc0Rg~
2016年11月11日 星期五
資安新聞及事件週報 2016/11/7 ~ 2016/11/11
資安新聞及事件週報 2016/11/7 ~ 2016/11/11
**1.重大弱點漏洞:**
SAP NetWeaver Application Server Remote User Account Disclosure Vulnerability
http://www.0daybank.org/?p=2965
Red Hat Update for kernel (RHSA-2016:2124) (Dirty Cow)
http://www.0daybank.org/?p=2957
Rowhammer漏洞:PC遭殃後,Android設備也難逃魔掌
http://www.searchsecurity.com.cn/showcontent_94002.htm
ISC發佈BIND安全更新,該漏洞會導致阻斷服務攻擊
https://kb.isc.org/article/AA-01434/0
Cisco Email Security Appliance CVE-2016-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1481
Oracle JDK、Weblogic Server CVE-2016-5556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5556
**1.重大弱點漏洞:**
SAP NetWeaver Application Server Remote User Account Disclosure Vulnerability
http://www.0daybank.org/?p=2965
Red Hat Update for kernel (RHSA-2016:2124) (Dirty Cow)
http://www.0daybank.org/?p=2957
Rowhammer漏洞:PC遭殃後,Android設備也難逃魔掌
http://www.searchsecurity.com.cn/showcontent_94002.htm
ISC發佈BIND安全更新,該漏洞會導致阻斷服務攻擊
https://kb.isc.org/article/AA-01434/0
Cisco Email Security Appliance CVE-2016-1481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1481
Oracle JDK、Weblogic Server CVE-2016-5556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5556
2016年11月4日 星期五
資安新聞及事件週報 2016/10/31 ~ 2016/11/4
資安新聞及事件週報 2016/10/31 ~ 2016/11/4
**1.重大弱點漏洞:**
CVE-2015-0665 Cisco AnyConnect Secure Mobility Client Multiple Security Vulnerabilities
http://www.0daybank.org/?p=2816
ISC BIND 阻斷服務漏洞
http://securitytracker.com/id/1037156
Palo Alto PAN-OS 多個漏洞
http://securitytracker.com/id/1037152
http://securitytracker.com/id/1037153
Oracle WebLogic Commons DiskFileItem Deserialization of Untrusted Data 漏洞
https://www.seebug.org/vuldb/ssvid-92515
**1.重大弱點漏洞:**
CVE-2015-0665 Cisco AnyConnect Secure Mobility Client Multiple Security Vulnerabilities
http://www.0daybank.org/?p=2816
ISC BIND 阻斷服務漏洞
http://securitytracker.com/id/1037156
Palo Alto PAN-OS 多個漏洞
http://securitytracker.com/id/1037152
http://securitytracker.com/id/1037153
Oracle WebLogic Commons DiskFileItem Deserialization of Untrusted Data 漏洞
https://www.seebug.org/vuldb/ssvid-92515
訂閱:
文章 (Atom)