Vulnerabilities

Cisco disclosed multiple vulnerabilities in their Unified MeetingPlace product. These issues leave the product vulnerable to SQL injection attacks and could allow attackers to bypass authentication. Cisco has released patches to address these issues.
http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml
http://secunia.com/advisories/38259/

The open source library YaSSL was found to have a security vulnerability related to the negotiation of SSL certificates. The possibility of a buffer overflow exists under these conditions. There has been a patch released to address this vulnerability.
http://secunia.com/advisories/38344/
http://osvdb.org/show/osvdb/61956
http://yassl.com/news.html#yassl199

A overflow vulnerability was found in the 1.3.xx Apache open source web server. This issue leaves the server open to remote unauthenticated access and denial of service attacks. Upgrading to version 1.3.42 resolves this issue.
http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html
http://secunia.com/advisories/38319/2/



Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Blogplay
Posted on January 29, 2010 at 8:21 AM by root · Permalink
In: Education, Security · Tagged with: , , , , , ,

One Response

Subscribe to comments via RSS

  1. Written by New Vulnerabilities and Fixes | Arizona IT Management
    on January 29, 2010 at 9:46 AM
    Permalink

    [...] are urged to visit http://www.informationarmor.com/2010/01/29/vulnerabilities/ on our sister site, there are some new vulnerabilities and fixes for them. Posted on January [...]

Subscribe to comments via RSS

Leave a Reply

You must be logged in to post a comment.