Vulnerability Alerts

CERT/CC

US-CERT Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits. Cyber Security Alerts are released in conjunction with Technical Cyber Security Alerts when there is an issue that affects the general public. Cyber Security Alerts outline the steps and actions that non-technical home and corporate computer users can take to protect themselves from attack.

More threats from CERT/CC

• SA07-226A: Microsoft Updates for Multiple Vulnerabilities

  Microsoft Updates for Multiple Vulnerabilities.

• SA07-199A: Mozilla Updates for Multiple Vulnerabilities

  Mozilla Updates for Multiple Vulnerabilities.

• SA07-193A: Apple Releases Security Updates for QuickTime

  Apple Releases Security Updates for QuickTime.

SANS

SANS Internet Storm Center - Cooperative Cyber Security Monitor.

More threats from SANS

• Infocon: green

  Packet Sniffing.

• Packet Sniffing, (Fri, Aug 31st)

  Packet Sniffing Many of our readers routinely ask us what ways they can capture packets to send (more).

• Blacklisting Bad Apples (no not the i kind), (Fri, Aug 31st)

  We regularly have readers inquire about recommendations for filtering bad IPs, networks, or in the w (more).

Security Focus

SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

More threats from Security Focus

• Vuln: Gurur Haber Uyeler2.PHP SQL Injection Vulnerability

  Gurur Haber Uyeler2PHP SQL Injection Vulnerability.

• Vuln: ClamAV Multiple Remote Denial of Service Vulnerabilities

  ClamAV Multiple Remote Denial of Service Vulnerabilities.

• Vuln: Asterisk SIP Dialog History Resource Exhaustion Remote Denial of Service Vulnerability

Microsoft

Microsoft Security Bulletins.

More threats from Microsoft

• MS07-050 - Critical: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)

  Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. more

• MS07-049 - Important: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)

  Bulletin Severity Rating:Important - This important security update resolves one privately reported vulnerability This is an elevation of privilege vulnerability. more

• MS07-048 - Important: Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)

  Bulletin Severity Rating:Important - This important security update resolves two privately reported vulnerabilities in addition to other vulnerabilities identified during the course of the investigation These vulnerabilities could allow an anonymous remote attacker to run code with the priv.