SSL v3 Rumoured Vulnerability

According to The Register, a serious vulnerability in SSL v3 will be disclosed tomorrow on October 15th. Some people are recommending disabling SSL v3 in various daemons until further notice. We will update our blog once the vulnerability is released tomorrow. We urge everyone to stay alert and be ready to patch whatever necessary.

Read more ...

Security Update Issued for Xen Hypervisor

An update for Xen was just released to address a vulnerability where a buggy or malicious HVM guest can crash the host or read data relating to other guests or the hypervisor itself.


source:hostingseclist

Bash Latest Patch / Status Update

According to a Google Security Researcher who was able to defeat all of the current patches and make the vulnerability easier to exploit, they are now recommending the following unofficial patch until it is pushed upstream:

Further Information:


source: hostingseclist

Bash Security Update(s) Issued

We have been made aware of a serious security vulnerability in Bash that affects multiple operating systems and applications.

Read more ...

Exim – Math Comparison Functions Local Command Execution

Exim contains a flaw in the expansion of arguments to math comparison functions, which can result in the values being doubled.

The end result is that an attacker can perform a local command execution if they are able to perform a look-up using Exim against files that they can edit. In some cases, such as Exim being bundled with cPanel, the local command execution can actually lead to a root compromise as the Exim look-up is being done by the root user.

Read more ...

Powered by Spearhead Software Labs Joomla Facebook Like Button

RSS Feed

Woktron Live Chat