NVD

CVE-2015-0776

June 12, 2015 007admin

telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566.

NVD

CVE-2015-4182

June 12, 2015 007admin

The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087.

ESET

Snapchat bolsters security with optional Two-factor authentication

June 12, 2015 007admin

Snapchat has added an option for two-factor authentication in its latest update, followed in the footsteps of Apple, Twitter and Facebook.

The post Snapchat bolsters security with optional Two-factor authentication appeared first on We Live Security.

Security

Cisco Patches IPv6 Vulnerability in Carrier-Grade Router System

June 12, 2015 007admin

Cisco patched a denial of service vulnerability in its IOS XR software used in carrier-grade routers.

Security

FreeBSD Security Advisory – OpenSSL

June 12, 2015 007admin

FreeBSD Security Advisory – A vulnerability in the TLS protocol would allow a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is also known as Logjam. When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field. When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. Various other issues have also been addressed.

Security