Tagged: feeds

Cisco EnergyWise Module Vulnerability 0

Cisco EnergyWise Module Vulnerability

Original release date: August 06, 2014 Cisco has released an advisory to address a vulnerability in the EnergyWise module of Cisco IOS and Cisco IOS XE Software. Exploitation of the vulnerability could allow an unauthenticated, remote attacker to cause a Denial of Service condition on the affected system

CPNI Releases Paper on Improving Defenses Against Targeted Attack 0

CPNI Releases Paper on Improving Defenses Against Targeted Attack

Original release date: July 22, 2014 The United Kingdom’s Centre for the Protection of National Infrastructure (CPNI) has released a report on its “Improving Defenses Against Targeted Attack” (iDATA) cyber research program. The report contains descriptions and outcomes from a number of projects aimed at addressing threats posed by nation states and state-sponsored actors. CPNI is the government authority for providing protective security advice to businesses and organizations across the UK’s national infrastructure

Vulnerabilities in LZO and LZ4 compression libraries 0

Vulnerabilities in LZO and LZ4 compression libraries

Original release date: July 21, 2014 Recently disclosed vulnerabilities in the LZO and LZ4 compression libraries could allow remote code execution under certain circumstances. While these libraries are used by a large number of platforms and applications, not all programs may be vulnerable to exploitation.  US-CERT recommends that all developers who either implement or import the LZO or LZ4 libraries into their software check for susceptibility to CVE-2014-4608 , CVE-2014-4715 , and CVE-2014-4611 . Users and administrators should apply software security updates as they become available

Cisco Addresses Wireless Residential Gateway Vulnerability 0

Cisco Addresses Wireless Residential Gateway Vulnerability

Original release date: July 16, 2014 Cisco has released an advisory to address a vulnerability in the web server used in multiple Wireless Residential Gateway products that could allow an unauthenticated, remote attacker to crash the web server and execute arbitrary code with elevated privileges. Cisco products affected by this vulnerability include: Cisco DPC3212 VoIP Cable Modem Cisco DPC3825 8×4 DOCSIS 3.0 Wireless Residential Gateway Cisco EPC3212 VoIP Cable Modem Cisco EPC3825 8×4 DOCSIS 3.0 Wireless Residential Gateway Cisco Model DPC3010 DOCSIS 3.0 8×4 Cable Modem Cisco Model DPC3925 8×4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA Cisco Model DPQ3925 8×4 DOCSIS 3.0 Wireless Residential Gateway with EDVA Cisco Model EPC3010 DOCSIS 3.0 Cable Modem Cisco Model EPC3925 8×4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA Users and administrators are encouraged to review the Cisco Advisory and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy

Oracle Releases July 2014 Security Advisory 0

Oracle Releases July 2014 Security Advisory

Original release date: July 15, 2014 Oracle has released its Critical Patch Update for July 2014 to address 113 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 29 for Oracle Fusion Middleware 7 for Oracle Hyperion 1 for Oracle Enterprise Manager Grid Control 5 for the Oracle E-Business Suite 3 for Oracle Supply Chain Products Suite 5 for Oracle PeopleSoft Products 6 for Oracle Siebel CRM 1 for Oracle Communications Applications 3 for Oracle Retail Applications 20 for Oracle Java SE 3 for Oracle and Sun Systems Products Suite 15 for Oracle Virtualization 10 for Oracle MySQL US-CERT encourages users and administrators to review the Oracle July 2014 Critical Patch Update and apply the necessary updates.