Cisco Security Advisory – A vulnerability in the HTTP framework of Cisco Small Business SPA300 Series IP Phones, Cisco Small Business SPA500 Series IP Phones, and Cisco SPA51x IP Phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of malformed HTTP traffic. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. An exploit could allow the attacker to deny service continually by sending crafted HTTP requests to a phone, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
Monthly Archives: August 2016
Cisco Security Advisory 20160831-meetings-player
Cisco Security Advisory – A vulnerability in Cisco WebEx Player could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper handling of user-supplied files. An attacker could exploit this vulnerability by persuading a user to open a malicious file using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the system with the privileges of the user. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
Bugtraq: [security bulletin] HPSBGN03637 rev.1 – HP Operations Manager for Unix, Solaris, and Linux, Remote Cross-Site Scripting (XSS)
[security bulletin] HPSBGN03637 rev.1 – HP Operations Manager for Unix, Solaris, and Linux, Remote Cross-Site Scripting (XSS)
Bugtraq: Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution
Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution
Bugtraq: Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability
Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability
Bugtraq: Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability
Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability
RHSA-2016:1781-1: Moderate: rh-postgresql94-postgresql security update
Red Hat Enterprise Linux: An update for rh-postgresql94-postgresql is now available for Red Hat Software
Collections.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-5423, CVE-2016-5424
RHBA-2016:1784-1: Red Hat JBoss Operations Network Agent RPM 3.3 (update 07) EAP 6
Red Hat Enterprise Linux: Updated jboss-on-agent packages that fix several bugs and add various
enhancements are now available.
RHBA-2016:1782-1: kernel bug fix update
Red Hat Enterprise Linux: Updated kernel packages that fix one bug are now available for Red Hat
Enterprise Linux 5.
Como o Avast detecta novos malwares?
O Laboratório de Ameaças da Avast utiliza a CyberCapture para detectar ameaças desconhecidas
O nosso Laboratório de Ameaças da Avast está no coração da nossa capacidade de proteger as pessoas contra malwares. Entre 600.000 e 1 milhão de arquivos são enviados pelo sistema de detecção todos os dias. Quase a metade deles são arquivos desconhecidos. Isto significa que em algum lugar do mundo alguém foi alvo de cibercriminosos. Os analistas do Laboratório de Ameaças da Avast como Michal Salat, que aparece na foto acima, trabalha para bloquear estes ataques.