Hi all,

This week we saw a number of interesting vulnerabilities come up, including one relating to a remote root shell vulnerability on HP Storage arrays.

We also saw a remote root vulnerability alert for Cisco IP Video Phone E20. Cisco has advised administrators to manually reset these passwords by using the system's command line.

Oracle has released their quarterly salvo of 78 patches for several products including MySQL database, Solaris operating system and even one or two for the Oracle DBMS. These patches cover a range of vulnerabilities from information disclosure to administrative compromise. Administrators are advised to apply these patches as soon as possible.

Several vulnerabilities were patched in PHP 5.1. While none of the vulnerabilities were high severity they contain several denial of service vulnerabilities which may be used by attackers to slow affected systems to a crawl.

Finally, next week we will be moving to a bigger boat. Despite our best efforts there may be some small disruptions to our service during this move.

Have a good weekend,

Angus