Tagged: browser

TA15-120A: Securing End-to-End Communications 0

TA15-120A: Securing End-to-End Communications

Original release date: April 30, 2015 Systems Affected Networked systems Overview Securing end-to-end communications plays an important role in protecting privacy and preventing some forms of man-in-the-middle (MITM) attacks. Recently, researchers described a MITM attack used to inject code, causing unsecured web browsers around the world to become unwitting participants in a distributed denial-of-service attack.

VU#534407: Barracuda Web Filter insecurely performs SSL inspection 0

VU#534407: Barracuda Web Filter insecurely performs SSL inspection

Vulnerability Note VU#534407 Barracuda Web Filter insecurely performs SSL inspection Original Release date: 28 Apr 2015 | Last revised: 28 Apr 2015 Overview Barracuda Web Filter prior to version 8.1.0.005 does not properly check upstream certificate validity when performing SSL inspection, and delivers one of three default root CA certificates across multiple machines for SSL inspection. Description According to Barracuda Networks , the Barracuda Web Filter is a “comprehensive solution for web security and management” with many features, including the ability to provide “visibility into SSL-encrypted traffic”. This SSL inspection feature of the Barracuda Web Filter is vulnerable to multiple issues

SB15-096: Vulnerability Summary for the Week of March 30, 2015 0

SB15-096: Vulnerability Summary for the Week of March 30, 2015

Original release date: April 06, 2015 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information.