ソフト名:pyftpd 0.8.4.6
回避策:アップデートにて対応
脆弱性:不適正なデフォルト資格証明, 不正アクセス
ソース:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585776
http://packages.debian.org/stable/net/pyftpd
http://www.securityfocus.com/bid/40839
危険性:Medium Risk
2010-05-28
Cisco Network Building Mediator
ソフト名:Cisco Network Building Mediator 1.5/2.2/3.0
回避策:cisco-sa-20100526-mediatorにて対応
脆弱性:不適正なデフォルト資格証明, 権限の昇格, デバイスのリロード,セキュリティの強度不足, 機密情報の奪取
ソース:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
http://www.securityfocus.com/bid/40380
http://www.securityfocus.com/bid/40382
http://www.securityfocus.com/bid/40384
http://www.securityfocus.com/bid/40385
http://www.securityfocus.com/bid/40386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0600
http://secunia.com/advisories/39904
CVE:CVE-2010-0595, CVE-2010-0597, CVE-2010-0598, CVE-2010-0599, CVE-2010-0600
危険性:High Risk
回避策:cisco-sa-20100526-mediatorにて対応
脆弱性:不適正なデフォルト資格証明, 権限の昇格, デバイスのリロード,セキュリティの強度不足, 機密情報の奪取
ソース:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
http://www.securityfocus.com/bid/40380
http://www.securityfocus.com/bid/40382
http://www.securityfocus.com/bid/40384
http://www.securityfocus.com/bid/40385
http://www.securityfocus.com/bid/40386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0600
http://secunia.com/advisories/39904
CVE:CVE-2010-0595, CVE-2010-0597, CVE-2010-0598, CVE-2010-0599, CVE-2010-0600
危険性:High Risk
Cisco Network Building Mediator
ソフト名:Cisco Network Building Mediator 1.5/2.2/3.0
回避策:cisco-sa-20100526-mediatorにて対応
脆弱性:不適正なデフォルト資格証明, 権限の昇格, デバイスのリロード,セキュリティの強度不足, 機密情報の奪取
ソース:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
http://www.securityfocus.com/bid/40380
http://www.securityfocus.com/bid/40382
http://www.securityfocus.com/bid/40384
http://www.securityfocus.com/bid/40385
http://www.securityfocus.com/bid/40386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0600
http://secunia.com/advisories/39904
CVE:CVE-2010-0595, CVE-2010-0597, CVE-2010-0598, CVE-2010-0599, CVE-2010-0600
危険性:High Risk
回避策:cisco-sa-20100526-mediatorにて対応
脆弱性:不適正なデフォルト資格証明, 権限の昇格, デバイスのリロード,セキュリティの強度不足, 機密情報の奪取
ソース:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
http://www.securityfocus.com/bid/40380
http://www.securityfocus.com/bid/40382
http://www.securityfocus.com/bid/40384
http://www.securityfocus.com/bid/40385
http://www.securityfocus.com/bid/40386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0600
http://secunia.com/advisories/39904
CVE:CVE-2010-0595, CVE-2010-0597, CVE-2010-0598, CVE-2010-0599, CVE-2010-0600
危険性:High Risk
2010-05-25
3Com Intelligent Management Center (IMC)
ソフト名:3Com Intelligent Management Center (IMC) 3.3 SP1 R2 606/3.3.9 R2 606 29
回避策:アップデートにて対応
脆弱性:XSS, 認証資格情報の奪取, 機密情報の奪取, 不適正なデフォルト資格証明, ディレクトリトラバーサル
ソース:http://www.3com.com/products/en_US/detail.jsp?sku=3CR15800&tab=features&pathtype=purchase
http://www.exploit-db.com/exploits/12679
http://www.exploit-db.com/exploits/12680
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-01
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-02
http://www.securityfocus.com/bid/40298
http://secunia.com/advisories/39891
危険性:High Risk
回避策:アップデートにて対応
脆弱性:XSS, 認証資格情報の奪取, 機密情報の奪取, 不適正なデフォルト資格証明, ディレクトリトラバーサル
ソース:http://www.3com.com/products/en_US/detail.jsp?sku=3CR15800&tab=features&pathtype=purchase
http://www.exploit-db.com/exploits/12679
http://www.exploit-db.com/exploits/12680
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-01
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-02
http://www.securityfocus.com/bid/40298
http://secunia.com/advisories/39891
危険性:High Risk
登録:
投稿 (Atom)
