There’s a good article at Michael Sutton’s Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to ancient flaws that have [...]
Popularity: 1% [?]
A new Internet Explorer bug was published on Monday. It’s been given a CVE (2006-4446) and affects IE 6.0 SP1. It’s worth considering alternative browsers. Details from bugtraq indicate that it’s a buffer overflow in the DirectAnimation.PathControl COM Object(daxctle.ocx)… could cause DoS and possibly remote code execution.
Popularity: 1% [?]
Popularity: 1% [?]
The Java Runtime Environment from Sun has a vulnerability that’s due in large part to a poor approach to updating it. IF you have not uninstalled previous versions of the JRE on your PC, they are likely still there EVEN after an update AND to make things even worse, a specially designed website could [...]
Popularity: 1% [?]
I’ve got to admit, I hadn’t caught the notice of this until it was at incidents.org. I don’t currently administer sendmail on any machines, but…. Sendmail released version 8.13.8 on August 9th to address several issues (including a DoS vulnerability). It was possible for a specially crafted email to trigger the problem.
Popularity: 1% [...]
Popularity: 1% [?]
There used to be a tool called ethereal and then it changed it’s name to wireshark. Today a number of security vulnerabilities were disclosed. A new version is available and workarounds. Please upgrade if at all possible.
Popularity: 1% [?]
Popularity: 1% [?]
This has been one of the “problem child” patches this time around and it looks as though it’s worse than initially thought. Apparently, instead of “just” crashing IE SP1 when viewing compressed http 1.1 web pages on WinXP SP1 or Windows 2000 SP4…. as stated in Microsoft’s bulletins, this could also lead to a [...]
Popularity: 1% [?]
I’m having to make sure I put the date in the title of these posts now…. over the weekend there were rumors of a new powerpoint vulnerability. Sans had an early notice of some trojan droppers using powerpoint files. And by the 20th (Sunday) it was being called a 0-day. There is [...]
Popularity: 1% [?]
A couple weeks ago the hot story was about the demonstration of a vulnerability in a 3rd party wireless card driver on a Mac. The individuals that demonstrated the vulnerability (in a video taped presentation) also claimed that many wireless drivers were vulnerable to this same flaw and it included the MacBook native drivers [...]
Popularity: 1% [?]
Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS…
“this is a DoS only issue that was not addressed in MS06-040, but [...]
Popularity: 1% [?]
A new version of Ruby on Rails has been released in response to a critical security vulnerability. The link will take you to information at incidents.org. 1.1.5 is the new version and should be compatible with 1.1.4 all previous versions appear to be vulnerable.
Popularity: 1% [?]
Popularity: 1% [?]
Bookmark this site now by pressing Ctrl+D
You are currently browsing the archives for the Security-Vulnerabilities category.
