http://seclists.org/oss-sec/2016/q1/339
Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability (2016/02/10-16)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
Vulnerability Note VU#457759
glibc vulnerable to stack buffer overflow in DNS resolver (2016/02/17)
http://www.kb.cert.org/vuls/id/457759
←2048バイトを超えるDNS answerによるbuffer overflow
Our suggested mitigation is to limit the response (i.e., via DNSMasq or similar programs) sizes accepted by the DNS resolver locally as well as to ensure that DNS queries are sent only to DNS servers which limit the response size for UDP responses with the truncation bit set.Squid Proxy Cache Security Update Advisory SQUID-2016:1 (2016/02/15)
http://www.squid-cache.org/Advisories/SQUID-2016_1.txt
> the bug is exploitable only if Squid is built
> using the --with-openssl option.
No comments:
Post a Comment