JVN: SolarWinds N-able N-central にドメイン管理パスワードを復号するためのパラメータがハードコードされている問題

SolarWinds N-able が提供する N-central は、エージェントベースの企業向け管理ソリューションです。N-central のウェブインターフェースには暗号化に用いられる複数のパラメータがハードコードされているため、これらのパラメータを組み合わせることで、パスワードの解読が可能です。

JVN: Adobe Flash Player および Microsoft Windows の脆弱性

Adobe Flash Player および Microsoft Windows において最近公表されている脆弱性を組み合わせると、SYSTEM 権限で任意のコードを実行することが可能です。攻撃者は常に、インターネットに面している一般的なソフトウェアの新たな脆弱性を探しています。また攻撃者はこうしたソフトウェアのうち、アップデートが十分でないものも標的としていますので、回避策やその他の防衛手段を実施することが重要です。

PHP 7.0.0 Beta 1 Released

The PHP development team announces the immediate availability of
PHP 7.0.0 Beta 1. This is the third pre-release of the new PHP 7
major series. All users of PHP are encouraged to test this version carefully,
and report any bugs and incompatibilities in the bug tracking system.

THIS IS A DEVELOPMENT PREVIEW – DO NOT USE IT IN PRODUCTION!

Beta 1 marks the feature complete phase. From now on, fundamental
changes are not to be expected. What’s more, this release brings
over 200 commits with about 25 reported bug fixes, as well as security,
stability and other improvements. However it was delayed to catch up with
the latest OpenSSL release issued on July 9th.

PHP 7.0.0 comes with new version of the Zend Engine with features such as (incomplete list):

  • Improved performance: PHP 7 is up to twice as fast as PHP 5.6
  • Consistent 64-bit support
  • Many fatal errors are now Exceptions
  • Removal of old and unsupported SAPIs and extensions
  • The null coalescing operator (??)
  • Combined comparison Operator (<=>)
  • Return Type Declarations
  • Scalar Type Declarations
  • Anonymous Classes

For more information on the new features and other changes, you can read the
NEWS file, or the
UPGRADING file
for a complete list of upgrading notes. These files can also be found in the release archive.

For source downloads of PHP 7.0.0 Beta 1 please visit
the download page, Windows source and binaries
can be found on windows.php.net/qa/.

The next release will be Beta 2, which is to be released on the 23rd of July. You can also
read the full list of planned releases on our wiki.

Thank you for helping us make PHP better.