1. Cisco Releases Advisory for Cisco PIX and ASA
(News/CERT)

...d to address multiple vulnerabilities in Cisco ASA and PIX. These vulnerabilities may allow an attacker to bypass authentication mechanisms or cause a denial-of-service condition.US-CERT encourages us...

2. Multiple Web Browsers Affected by Clickjacking
(News/CERT)

...ur Web Browser document to help mitigate some of the risks. Website developers may want to incorporate additional authentication techniques, such as capchas, out-of-band email verification, or other m...

3. VMware Releases Security Advisory VMSA-0008-0015
(News/CERT)

...ity in "openwsman". This vulnerability is due to several buffer overflow conditions in the handling of HTTP basic authentication headers. Exploitation of this vulnerability may allow a remote, unauthe...

4. SSH Key-based Attacks
(News/CERT)

...s are fully patched. If a compromise is confirmed, US-CERT recommends the following actions:Disable key-based SSH authentication on the affected systems, where possible. Perform an audit of all SSH ke...

5. SSH Key-based Attacks
(News/CERT)

...s are fully patched. If a compromise is confirmed, US-CERT recommends the following actions:Disable key-based SSH authentication on the affected systems, where possible. Perform an audit of all SSH ke...

6. Microsoft Internet Explorer 6 Cross-Domain Vulnerability
(News/CERT)

... allow an attacker to take a variety of actions, including stealing cookies, hijacking a web session, or stealing authentication credentials. At this time, Internet Explorer 7 does not appear to be af...

7. SNMPv3 Authentication Bypass Vulnerability
(News/CERT)

...f SNMPv3. This vulnerability is due to an error in the way the authenticator field handles shortened hash message authentication code (HMAC). Exploitation of this vulnerability may allow an attacker t...

8. Cisco Unified Communication Disaster Recovery Framework Vulnerability
(News/CERT)

...s a vulnerability in the Unified Communication Disaster Recovery Framework. This vulnerability is due to improper authentication of requests received over the network. This vulnerability may allow a r...

9. Apple Security Updates
(News/CERT)

...ities may allow an attacker to do the following:Execute arbitrary code Cause a denial-of-service condition Bypass authentication Elevate privileges Obtain sensitive information Cause untrusted certifi...

10. GE Fanuc Product Vulnerabilities
(News/CERT)

...rtal allows arbitrary file upload and execution (KB12460) GE Fanuc Proficy Real-Time Information Portal transmits authentication credentials in plain text (KB12459) Buffer Overflow Allows Remote Code ...

11. Apple Releases Security Updates to Address Multiple Vulnerabilities
(News/CERT)

...itrary code execution, denial of service, information disclosure, cross-site scripting, privilege escalation, and authentication bypass.More information regarding the vulnerabilities and remediation i...