Category: Security Advisories
03/04/10
12:45:05 am, by Zach Brewer, 110 words
Categories: Security Advisories, General Security, Cisco Security
Cisco Unified Communication Manager (Former Call Manager) Denial of Service - cisco-sa-20100303-cucm
Denial of Service (DoS) vulnerabilitieshave been identified in Cisco Unified Communication Manager (formerly known as Cisco CallManager). Exploitation is accomplished with either malformed CTI Manager Messagages, malformed SIP Message Vulnerabilities, a… more »
03/02/10
Don't touch that! It's Hot! - Or, your F1 Key is the enemy.
Microsoft issued a security advisory (981169) on March 1, 2010 which impacts supported versions of Windows 2000, 2003, and XP using Internet Explorer. This is related to how VBScript interacts with windows help files when using IE. If exploited, a malici… more »
ShmooCon 2010: Closing the TLS Authentication Gap Thoughts (Or Why Coordinating Disclosure of a Protocol-Level, Multi-Vendor Vulnerability is Like Herding Cats)
If you attended ShmooCon 2010, you likely witnessed and/or experienced:2 feet of snow falling in 24 hoursA hotel roof collapse (ok, so it was a single section of glass from the atrium)Snowball fights and snowball induced tree avalanchesSledding… more »
02/18/10
08:42:53 am, by Zach Brewer, 126 words
Categories: Cisco Security Agent, Security Advisories, Cisco Security
Multiple CSA 5.1, 5.2, and 6.0 Vulnerabilities
Multiple CSA vulnerabilities were disclosed yesterday by Cisco PSIRT including: CSA 6.0 directory traversal vulnerability CSA 5.2 Denial of Service (DoS)vulnerabilityCSA MC directory traversal and SQL injection vulnerabilitiesCSA 5.2 Agent for… more »
01/15/10
IE 0-day Used in Attack on Google and Other Companies
Details about the targeted attack on Google (and 34 other firms) now include the use of an IE 0-day (CVE-2010-0249) in addition to known Acrobat vulnerabilities. Microsoft has released a related advisory and public exploit code is now available. This exp… more »
XML Feeds©2010 by Priveon, Inc.