Mailing Lists & Feeds
Current Activity Calendar
| May 02, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Cisco Releases Security Advisory to Address Multiple Vulnerabilities in ASA and PIX Appliancesadded May 2, 2007 at 03:59 pm
Cisco has released Security Advisory cisco-sa-20070502-asa to address multiple vulnerabilities in Cisco ASA and PIX appliances. These vulnerabilities include two authentication bypass vulnerabilities affecting the Lightweight Directory Access Protocol (LDAP) authentication system and two denial-of-service (DoS) vulnerabilities affecting Virtual Private Networks (VPNs). Vulnerability Involving Apple QuickTime and Javaadded April 24, 2007 at 04:07 pm | updated May 2, 2007 at 03:32 pmApple has released QuickTime 7.1.6 to address a vulnerability in Apple QuickTime for Java. More information about this vulnerability can be found in Vulnerability Note VU#420668.US-CERT recommends users upgrade to QuickTime 7.1.6 and follow the Securing Your Web Browser document to disable Java. OPeNDAP Releases Update to Address Vulnerability in Network Data Access Protocol Softwareadded April 30, 2007 at 10:06 am
OPeNDAP has released an update to address a vulnerability in Version 3 of the OPeNDAP Network Data Access Protocol software. Cisco Releases Security Advisory to Address Vulnerability in NetFlow Collection Engineadded April 26, 2007 at 10:46 am | updated April 30, 2007 at 10:05 am
Cisco has released Security Advisory cisco-sa-20070425-nfc to address a vulnerability in Cisco NetFlow Collection Engine. Upon installation, default user credentials are created on the system. A remote attacker with knowledge of these hard-coded credentials may be able to gain access to an affected system. Adobe Photoshop Bitmap File Handling Vulnerabilityadded April 26, 2007 at 10:46 am
US-CERT is aware of a possible vulnerability in Adobe Photoshop that may allow an attacker to cause a stack-based buffer overflow. By persuading a user to open a crafted bitmap file (e.g., .BMP, .DIB, .RLE), an attacker may be able to execute arbitrary code on the user's system. Vulnerability in HP-UX Running Sendmailadded April 25, 2007 at 11:15 am | updated April 26, 2007 at 09:39 amUS-CERT is aware of a vulnerability in HP-UX running sendmail that may allow a remote user to cause a denial-of-service condition. New Attack Technique for ARM Architectureadded April 20, 2007 at 12:00 pmUS-CERT is aware of a new attack technique presented at CansecWest and Black Hat Amsterdam. This technique affects devices that use the ARM (including Xscale) architecture, such as routers, wireless access points and mobile phones. The technique demonstrates that a vulnerability that results in a NULL pointer dereference can be used to execute arbitrary code. US-CERT has been working with vendors to inform them of this attack technique and provide mitigation strategies. US-CERT will continue to investigate and provide additional information as it becomes available. |
|||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader