iDefense Security Advisory 02.07.08: IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability

 ( 652 days 20 hours ago)

iDefense Security Advisory 02.07.08 Feb 07, 2008 I. BACKGROUND IBM Corp.'s DB2 Universal Database product is a large database server product commonly used for high end databases. For more information, visit the following URL. II. DESCRIPTION ...

Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1

 ( 652 days 20 hours ago)

Luigi Auriemma Application: Ipswitch Instant Messaging Versions: <= 2.0.8.1 Platforms: Windows Bugs: A] pre-auth NULL pointer crash in decryption function B] format string in logging C] arbitrary empty files creation Exploitation: remote A] versus both server and clients B] versus server ...

[ MDVSA-2008:037 ] - Updated libcdio packages fix DoS vulnerability

 ( 652 days 20 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:037 Package : libcdio Date : February 7, 2008 Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0 Problem Description: A stack-based buffer overflow was discovered in libcdio that allowed context-dependent attackers to cause a denial of service (core dump) ...

Fedora 7 Update: tk-8.4.13-7.fc7

 ( 652 days 21 hours ago)

LinuxSecurity.com: Fixed security issue - buffer overflow in gif parsing.

Fedora 8 Update: dovecot 1.0.10-4.fc8

 ( 652 days 21 hours ago)

LinuxSecurity.com: New upstream release, fixing a very minor security issue.

Eliminate SPAM, Gain Productivity

 ( 652 days 22 hours ago)

(Source: MessageLabs) Learn all about the dangers and the costs of spam in all its forms - from stock-touting to spreadsheet. Also, understand the drawbacks of traditional hardware- and software-based defenses - and the unique benefits of MessageLabs multi-layered, managed Anti-Spam solution; as illustrated by a real-world case study where MessageLabs stopped spam cold.

Feds seek 10% hike in IT security spending, as intelligence chief warns of cyberthreats

 ( 652 days 22 hours ago)

The Bush administration's proposed fiscal 2009 budget would increase the U.S. government's information security spending by 10% while allocating just over 10% of the total IT budget to security.

Spammers' bot cracks Microsoft's CAPTCHA

 ( 652 days 22 hours ago)

A security researcher said spammers are using a bot to sidestep barriers that Microsoft has erected to keep scammers from creating massive numbers of accounts on its Live Mail service.

Checkpoint SecuRemote/Secure Client NGX Auto Local Logon Vulnerability

 ( 652 days 23 hours ago)

Bulletin Release 02.06.08 Checkpoint SecuRemote/Secure Client NGX Auto Local Logon Vulnerability (Or, How to Be Bill Gates, if Bill Gates uses a CheckPoint VPN Client) Discovery Date: December 13, 2007 Vendor Release Date: February 6, 2008 Severity: Impersonation of users. What's your VPN protecting? ...

[DSECRG-08-013] Modx 0.9.6.1, 0.9.6.1p1 Multiple Security Vulnerabilities

 ( 652 days 23 hours ago)

Digital Security Research Group [DSecRG] Advisory #DSECRG-08-013 Application: MODx CMS Versions Affected: 0.9.6.1, 0.9.6.1p1 Vendor URL: Bugs: XSS, SiXSS, stored XSS, Change User Password XSRF Vulnerability. Exploits: YES Reported: 11.01.2008 Vendor response: 11.01.2008 Updated Report: 29.01.2008 Vendor response: none Solution: none Date of Public Advisory: 07.02.2008 ...

Re: Logs visualization in WS_FTP Server Manager 6.1.0.0

 ( 652 days 23 hours ago)

Luigi Auriemma wrote: > WSFTP Server Manager (aka WSFTP WebService) is the web administration > interface of the IpSwitch WSFTP server and runs by default on port 80. This also affects the Ipswitch What's Up Gold 11.03 web server.

mini-pub 0.3 multiple vulnerabilities

 ( 652 days 23 hours ago)

mini-pub 0.3 multiple vulnerabilities download author muuratsalo contact muuratsalo[at]gmail.com exploits 1. remote file inclusion ? 2. local file inclusion 3. command execution

[security bulletin] HPSBMA02309 SSRT080013 rev.1 - HP Select Identity Software, Remote Unauthorized Access

 ( 652 days 23 hours ago)

SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01346579 Version: 1 HPSBMA02309 SSRT080013 rev.1 - HP Select Identity Software, Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-02-06 Last Updated: 2008-02-06 ...

Debian: New squid packages fix denial of service

 ( 652 days 23 hours ago)

LinuxSecurity.com: It was discovered that malformed cache update replies against the Squid WWW proxy cache could lead to the exhaustion of system memory, resulting in potential denial of service.

Mandriva: Updated libcdio packages fix DoS vulnerability

 ( 652 days 23 hours ago)

LinuxSecurity.com: Multiple vulnerabilities were discovered in the image decoders of ImageMagick. If a user or automated system were tricked into processing malicious DCM, DIB, XBM, XCF, or XWD images, a remote attacker could execute arbitrary code with user privileges. The updated packages have been patched to correct these issues.

Making Your Business Disaster Ready with Virtual Infrastructure

 ( 653 days 2 hours ago)

(Source: Dell & VMWare) Business continuity and disaster recovery are critical to managing risks in a successful business. Between 60-90% of companies that don't have a proactive disaster recovery plan find themselves out of business within 24 months of experiencing a major disaster. This VMware white paper discusses how to make disaster recovery cost effective with virtual infrastructure.