Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Microsoft December 2013 patches (CERT-EU Security Advisory 2013-0098)

Microsoft has released December 2013 patches.
Auteur: Cert EU

VMware Products Increased privileges - Existing account [1] (CERT-EU Security Advisory 2013-0097)

VMware Workstation, Fusion, ESXi and ESX patches address a vulnerability in the LGTOSYNC.SYS driver which could result in a privilege escalation on older Windows-based Guest Operating Systems.
Auteur: Cert EU

Cisco ASA Malformed DNS Reply Denial of Service Vulnerability [1] (CERT-EU Security Advisory 2013-0096)

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the reload of an affected system.
Auteur: Cert EU

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2013-095)

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal.
Auteur: Cert EU

Microsoft Advance Security Updates (CERT-EU Security Advisory 2013-094)

Microsoft has published an advanced for a number of new security updates which will be released on December 13, 2013.
Auteur: Cert EU

Microsoft Windows local privilege escalation zero-day bypassing Adobe Reader sandbox in the wild (CERT-EU Security Advisory 2013-093)

A new Windows local privilege escalation vulnerability has been identified in the wild [1].
Auteur: Cert EU

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2013-092)

Adobe has released security updates for Adobe Flash Player 11.9.900.117 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.310 and earlier versions for Linux.
Auteur: Cert EU

Hotfix available for ColdFusion (CERT-EU Security Advisory 2013-091)

Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and Linux.
Auteur: Cert EU

Microsoft Security Updates (CERT-EU Security Advisory 2013-090)

Microsoft has published on a number of new security updates which has been released on November 13, 2013.
Auteur: Cert EU

Microsoft Security Advisory [1] (CERT-EU Security Advisory 2013-0089)

Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync.
Auteur: Cert EU

Cisco IOS XE: Denial of service - Remote/unauthenticated [1] (CERT-EU Security Advisory 2013-0088)

Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities
Auteur: Cert EU

Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products [1] (CERT-EU Security Advisory 2013-0087)

Multiple Cisco products include an implementation of Apache Struts 2 component that is affected by a remote command execution vulnerability.
Auteur: Cert EU

Several Vulnerabilities and Security Notices in multiple Cisco products (CERT-EU Security Advisory 2013-0086)

A vulnerability in the fabric interconnect of Cisco Unified Computing System could allow an authenticated, local attacker to cause a denial of service (DoS) condition.
Auteur: Cert EU

RSA Authentication Agent: Reduced security [1] (CERT-EU Security Advisory 2013-0085)

In certain circumstances, RSA Authentication Agent for Web for IIS protection can be bypassed due to a fail open flaw in the agent.
Auteur: Cert EU

Several Vulnerabilities in Linux kernel [1] (CERT-EU Security Advisory 2013-0084)

* It was found that the fix for CVE-2012-3552 released via RHSA-2012 ... * An information leak flaw was found in the way Linux kernel's device mapper subsystem,... * A format string flaw was found in the b43_do_request_fw() function in the Linux...
Auteur: Cert EU

Vulnerability in python-crypto (CERT-EU Security Advisory 2013-0083)

A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto.
Auteur: Cert EU

Multiple Vulnerabilities in MySQL 5.1 on Debian (CERT-EU Security Advisory 2013-0082)

This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html [1] [2]
Auteur: Cert EU

Several Vulnerabilities in RedHat (CERT-EU Security Advisory 2013-0081)

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Auteur: Cert EU

Several Vulnerabilities and Security Notices in multiple Cisco products (CERT-EU Security Advisory 2013-0080)

Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities
Auteur: Cert EU

Several Vulnerabilities in multiple VMware products (CERT-EU Security Advisory 2013-0079)

VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities. [1] [2] [3]
Auteur: Cert EU

Cisco Catalyst 6500 Series Switches & Cisco 7600 Series Routers: Multiple vulnerabilities [1] (CERT-EU Security Advisory 2013-0078)

Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by two vulnerabilities.
Auteur: Cert EU

JBoss Middleware security update [1] (CERT-EU Security Advisory 2013-0077)

An update for the commons-fileupload component that fixes one security issue is now available from the Red Hat Customer Portal for Red Hat JBoss BRMS 5.3.1; and Red Hat JBoss Portal 4.3 CP07, 5.2.2 and 6.0.0.
Auteur: Cert EU

Title: Oracle Critical Patch Update Advisory (CERT-EU Security Advisory 2013-0076)

The Oracle Critical Patch Update for October 2013 [1] were released.
Auteur: Cert EU

Apache Execute arbitrary code/commands - Remote/unauthenticated [1] (CERT-EU Security Advisory 2013-0075)

Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input.
Auteur: Cert EU

Security Advisory for Adobe Reader and Acrobat [1] (CERT-EU Security Advisory 2013-0074)

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.04) for Windows.
Auteur: Cert EU
First1804180518061807180818091810181118121813Last

Événements SSI