Welcome Guest. | Log In| Register | Membership Benefits
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9

Around The Web

eWEEK
How To Secure Sensitive Data Before A Layoff Occurs
Up-to-date auditing of data is a must, experts say

COMPUTERWORLD NEW ZEALAND
New Zealand Privacy Administrator Calls For DNA Database Oversight
Agency will look to step up security following revelation of data breach

ZDnet
BCS Attempts Cultural Shift In Data Protection
Data protection “code” is aimed at getting public and private sector to take better care of personal information

CIO
T-Mobile Confirms Stolen Data Is Genuine
Company still uncertain whether personal data was compromised

OFFICE OF INADEQUATE SECURITY
Fired Worker Charged In ID Theft, Child Porn
Employee allegedly accessed Gexa database, caused more than $70,000 worth of damage to company

FLORIDA TODAY
Clerks Fired For Snooping On Potential Dates
Fort Myers police department employees allegedly looked up Match.com matches in classified database

ARS TECHNICA
Last.fm, CBS: We Have Not Shared Data With Anyone
Amid allegations of leaks to the RIAA, Last.fm executive says user data could not have been given out without his approval

Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9






Bugs
ENTERPRISE VULNERABILITIES
Vulnerability:legato networker, informix dynamic server
Published:2010-03-05
Severity:High
Description:Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.
Vulnerability:legato networker, informix dynamic server
Published:2010-03-05
Severity:High
Description:Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.
Vulnerability:http server
Published:2010-03-05
Severity:Medium
Description:The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
Vulnerability:kvm
Published:2010-03-05
Severity:Medium
Description:The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, and replacing an instruction in between emulator entry and instruction fetch.
Vulnerability:unified communications manager
Published:2010-03-05
Severity:High
Description:Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985.


Briefing Centers
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)