| |
 |
 |
 |
|
|
|
|
Date: 28 January 2011
Click here for printable version
As January draws to a close, I hope you all enjoyed your Australia Day holiday on Wednesday and celebrated it in true patriotic style!
There have been a number of notable vulnerabilities, updates and patches this week including:
- First up, a vulnerability was found in RSA's Key Manager, specifically in its C Client, which could allow the product to suffer from SQL Injection attacks.
- On Wednesday Cisco released a bulletin detailing a number of vulnerabilities in the Cisco Content Services Gateway. One of these vulnerabilities could allow unauthorised access to sites that would otherwise be denied by restriction policies, and two other vulnerabilities could cause a denial of service preventing traffic from passing through the device.
- Debian released a bulletin correcting numerous vulnerabilities in OpenOffice.org affecting all platforms that could be exploited through maliciously crafted XML, RTF and TGA files to cause numerous impacts including code execution and denial of service.
- Zero Day Initiative released a bulletin regarding a particularly nasty issue with Novell GroupWise Internet Agent which could potentially allow for an administrator or root compromise of an affected system.
- And finally, Symantec released a bulletin regarding an issue with the Intel Alert Management System as used by Symantec Antivirus Corporate Edition, Symantec System Center and Symantec Quarantine Server. This issue, a result of a failure to properly handle user input from Intel's Alert management System could allow for code execution on affected systems. [5]
Enjoy your weekend!
Jonathan
|
|
|
|
 |
|
 |
|
|