Category: General Security
04/14/10
Apache.Org Compromise
On 04/05/2010, Apache's issue tracker for projects was compromised via an XSS attack. The attackers used a simple URL redirect service appended to a new issue to grab administrator session credentials and ultimately download hashed copies of JIRA, Bugzi… more »
03/16/10
Interesting Data Leakage Statistics and Visibility
A recent article published by Trustwave on CSOonline.com provides some interesting statistics regarding Data Leakage from corporate environments. Based upon research of 200 actual investigations it becomes fairly clear that Data Leakage is both a very re… more »
03/12/10
CVE-2010-0624: Heap-Based Overflow in GNU Tar and GNU Cpio
GNU Tar and GNU Cpio are used for managing archives on many *nix distributions (note: most BSD distributions including MacOSX use bsdtar). Both GNU TAR and GNU Cpio are capable of using the RMT protocol - a protocol used for accessing tape devices on re… more »
03/08/10
Trend Micro Core Protection Module support for Mac released by BigFix
The Core Protection Module (CPM) solution from BigFix brings the Anti-Virus/Anti-Malware features of Trend Micro's Office Scan product under the management of BigFix. This allows the administrator to manage software deployments, patch deployments, softwa… more »
03/04/10
12:45:05 am, by Zach Brewer, 110 words
Categories: Security Advisories, General Security, Cisco Security
Cisco Unified Communication Manager (Former Call Manager) Denial of Service - cisco-sa-20100303-cucm
Denial of Service (DoS) vulnerabilitieshave been identified in Cisco Unified Communication Manager (formerly known as Cisco CallManager). Exploitation is accomplished with either malformed CTI Manager Messagages, malformed SIP Message Vulnerabilities, a… more »
XML Feeds©2010 by Priveon, Inc.