Information Armor » cisco http://www.informationarmor.com Protecting Your Data. A public service from Arizona IT Management LLC Tue, 22 Jun 2010 16:27:09 +0000 en hourly 1 http://wordpress.org/?v=3.0 IBM, Google Chrome, & Cisco http://www.informationarmor.com/2010/02/12/ibm-google-chrome-cisco/ http://www.informationarmor.com/2010/02/12/ibm-google-chrome-cisco/#comments Fri, 12 Feb 2010 16:23:02 +0000 root http://www.informationarmor.com/?p=72 New IBM X-Force Blog Entry
A new blog posting has been published on the IBM X-Force site. It covers Tom Cross’s BlackHat presentation on security weaknesses in Lawful Intercept, including the audio and video from the conference.
http://blogs.iss.net/archive/bhdc2010.html

Google Chrome vulnerabilities
Google released a new version of its Chrome browser addressing 6 security related issues. These issues are related to DNS, authentication and a possible overflow condition. The version (4.0.249.89) is available for download from Google.
http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html
http://sites.google.com/a/chromium.org/dev/Home/chromium-security

Cisco IronPort Issues
There have been multiple reports of vulnerabilities in Cisco’s IronPort product. These issues could lead to information disclosure and code injection. Cisco has released patches for these issues which can be downloaded from their support site.
http://www.cisco.com/warp/public/707/cisco-sa-20100210-ironport.shtml

]]> http://www.informationarmor.com/2010/02/12/ibm-google-chrome-cisco/feed/ 0 Vulnerabilities http://www.informationarmor.com/2010/01/29/vulnerabilities/ http://www.informationarmor.com/2010/01/29/vulnerabilities/#comments Fri, 29 Jan 2010 15:21:47 +0000 root http://www.informationarmor.com/?p=59 Cisco disclosed multiple vulnerabilities in their Unified MeetingPlace product. These issues leave the product vulnerable to SQL injection attacks and could allow attackers to bypass authentication. Cisco has released patches to address these issues.
http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml
http://secunia.com/advisories/38259/

The open source library YaSSL was found to have a security vulnerability related to the negotiation of SSL certificates. The possibility of a buffer overflow exists under these conditions. There has been a patch released to address this vulnerability.
http://secunia.com/advisories/38344/
http://osvdb.org/show/osvdb/61956
http://yassl.com/news.html#yassl199

A overflow vulnerability was found in the 1.3.xx Apache open source web server. This issue leaves the server open to remote unauthenticated access and denial of service attacks. Upgrading to version 1.3.42 resolves this issue.
http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html
http://secunia.com/advisories/38319/2/

]]> http://www.informationarmor.com/2010/01/29/vulnerabilities/feed/ 1