Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names. This week, Google and Red Hat researchers disclosed a serious vulnerability in this common library, which could allow remote attackers to execute code on your Linux … [Read more...]
WatchGuard posts maintenance releases for e-Series and XTM 21/22/23 appliances.
WatchGuard has posted Fireware XTM OS 11.3.7 for e-Series and 11.6.7 for XTM 21/22/23 appliances. Along with providing significant bug fixes, these releases enable Commtouch as the anti spam solution provider. Both releases also include a fix for the buffer overflow vulnerability reported last week at WatchGuard Security Center. The Release Notes provide a complete list of all … [Read more...]
WatchGuard's XTM 11.8 Software Fixes Buffer Overflow & XSS Vulnerabilities
Overall Severity: High Summary: These vulnerabilities affect: WatchGuard WSM and Fireware XTM 11.7.4 and earlier How an attacker exploits them: Either by enticing an XTM administrator into clicking a specially crafted link or by visiting the appliance's web management UI with a malicious cookie Impact: In the worst case, an attacker can execute code on the XTM … [Read more...]
Trio of Windows Bulletins Correct Moderate Vulnerabilities
Severity: Medium Summary: These vulnerabilities affect: All current versions of Windows or components often packaged with it (like the .NET Framework) How an attacker exploits them: Multiple vectors of attack, including sending specially crafted network traffic or running malicious programs locally Impact: Varies, ranging from a remote Denial of Service (DoS) attack to … [Read more...]
Windows Updates Fix a Wide Range of Security Vulnerabilities
Severity: High Summary: These vulnerabilities affect: All current versions of Windows and some of the components that ship with it (such as DirectShow and the .NET Framework) How an attacker exploits them: Multiple vectors of attack, including sending specially crafted packets, luring users to view malicious media or email, and so on Impact: In the worst case, an attacker … [Read more...]