Information Armor » YaSSL http://www.informationarmor.com Protecting Your Data. A public service from Arizona IT Management LLC Tue, 22 Jun 2010 16:27:09 +0000 en hourly 1 http://wordpress.org/?v=3.0 Vulnerabilities http://www.informationarmor.com/2010/01/29/vulnerabilities/ http://www.informationarmor.com/2010/01/29/vulnerabilities/#comments Fri, 29 Jan 2010 15:21:47 +0000 root http://www.informationarmor.com/?p=59 Cisco disclosed multiple vulnerabilities in their Unified MeetingPlace product. These issues leave the product vulnerable to SQL injection attacks and could allow attackers to bypass authentication. Cisco has released patches to address these issues.
http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml
http://secunia.com/advisories/38259/

The open source library YaSSL was found to have a security vulnerability related to the negotiation of SSL certificates. The possibility of a buffer overflow exists under these conditions. There has been a patch released to address this vulnerability.
http://secunia.com/advisories/38344/
http://osvdb.org/show/osvdb/61956
http://yassl.com/news.html#yassl199

A overflow vulnerability was found in the 1.3.xx Apache open source web server. This issue leaves the server open to remote unauthenticated access and denial of service attacks. Upgrading to version 1.3.42 resolves this issue.
http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html
http://secunia.com/advisories/38319/2/

]]> http://www.informationarmor.com/2010/01/29/vulnerabilities/feed/ 1