The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Cisco has released a security advisory to address a vulnerability in Cisco Identity Services Engine. Exploitation of this vulnerability may allow a remote attacker to gain complete administrative control of the device.
US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20110920 and apply any necessary updates or workarounds to help mitigate the risks.
Oracle has released a security alert to address a vulnerability in Apache HTTPD. This vulnerability affects:
- Oracle Fusion Middleware 11g Release 1, versions 18.104.22.168.0, 22.214.171.124.0, 126.96.36.199.0
- Oracle Application Server 10g Release 3, version 10.1.3.5.0
- Oracle Application Server 10g Release 2, version 10.1.2.3.0
Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Oracle Security Alert for CVE-2011-3192 and apply any necessary updates to help mitigate the risks. Additional information can be found in Vulnerability Note VU#405811
Google has released Chrome 14.0.835.163 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 14.0.835.163.