Symantec preps to acquire Vontu, a data leakage prevention specialist
October 15, 2007
Symantec is all set to acquire data leakage prevention (DLP) software maker Vontu, with a formal announcement expected in the coming week. An excerpt from InfoWorld: DLP has become an increasingly popular sector in the larger IT security market as companies of all sizes look for…
Security news roundup: October 13, 2007
October 14, 2007
Here is a collection of recent news stories posted on TechRepublic’s IT Security blog, which cover vulnabilities found and patched in Asterix, CA’s BrightStor ARCserve Backup and the DHCP server in openBSD as well as news of Oracle’s quarterly mega-patch this coming Tuesday. OpenBSD DHCP vulnerability fixed…
OpenBSD DHCP vulnerability fixed
October 13, 2007
A vulnerability in the OpenBSD’s DHCP has been patched. This vulnerability could allow attackers on the local network to successfully launch a Denial-of-Service attack. Though unlikely, Core Security - who reported the vulnerability, warns that the possibility of arbitrary code execution stemming from this vulnerability should…
Oracle to release mega-patch fixing 51 security holes on Tuesday
October 13, 2007
Oracle is to release updates on Tuesday (October 16) that patches 51 security vulnerabilities across hundreds of products. The list of next weeks’ updates are as follows (Excerpt from ZDNet): Oracle Database is affected by 27 vulnerabilities. Five of these vulnerabilities may be remotely exploitable…
New release of Asterix addresses vulnerabilities in voicemail module
October 13, 2007
Digium, the developers of Asterix, have released a new version of the telephone system software which remedies two vulnerabilities in the voicemail system which could lead to a DoS (Denial of Service) or a remote compromise. According to Secunia: The vulnerability is caused due to…
Security news roundup: October 12, 2007
October 13, 2007
Here is a collection of recent news stories posted on TechRepublic’s IT Security blog, which cover a highly critical flaw involving the popular FCKEditor text editing component, security updates for Adobe’s GoLive 9 and Illustrator CS3, a new post 1.1.1 image processing vulnerability, and a vulnerability in TikiWiki. …
Men imprisoned for pornographic spam
October 12, 2007
AP - Two men who sent millions of unsolicited pornographic e-mails have been sentenced to more than five years in federal prison as part of the first prosecution under a federal anti-spam law, U.S. Department of Justice officials said Friday.
TikiWiki vulnerability reported
October 12, 2007
A “highly critical” vulnerability has been reported in the popular TikiWiki software. It can be exploited by malicious parties to compromise vulnerable systems. Excerpt from Secunia: Input passed via the “f” parameter to tiki-graph_formula.php is not properly verified before being used to execute PHP functions….
Security updates released for Adobe GoLive 9 and Illustrator CS3
October 12, 2007
Adobe has released updates for critical vulnerabilities found in in GoLive 9 and Illustrator CS3. An attacker who successfully exploits these could take control of the affected system. Excerpt from heise Security: According to Adobe, opening a crafted bmp, dib, png or rle file…
Highly critical FCKEditor vulnerability reported
October 12, 2007
A “highly critical” vulnerability of the popular Web-based FCKEditor has been reported on Secunia. It can potentially be exploited by malicious parties to compromise a vulnerable system. Excerpt from the advisory: The vulnerability is caused due to an error in the handling of file uploads…
