Tag Archives: Vulnerability

OpenSSL Released a fix to four vulnerabilities

openssl

OpenSSL have an update for the encryption package, the new version comes to fix four security vulnerabilities including a high severity vulnerability that allows attacker to perform a denial of service attack on vulnerable servers.this bug can be exploited by parsing

Shellshock DHCP client exploitation

Vulnerabilities

Over this week the infosec community are busy in testing the bash shellshock vulnerability. Geoff Walton a senior security consultant for TrustedSec have posted the way to exploit the bash bug in the DHCP protocol. the DHCP is widely used in most

Heartbleed Critical Vulnerability in OpenSSL

Heartbleed

The security community is actively discussing over this week the openssl vulnerability that allows attacker to exploit the Heartbeat TLS and receive 64KB in the RAM memory. The attack can be repeated continuously to get sensitive information from end users

Microsoft to release 4 patches in January

Patch Windows

Microsoft have released the first advance notification for this year with only 4 security bulletins. there is no critical security bulletin but we have one important which is a remote code execution vulnerability.   Windows operating systems, Office and Dynamics

Oracle plans to fix 40 holes in Java

Oracle is planning Critical security patch update for the Java SE that are going to be released on Tuesday, June 18, 2013. This Critical Patch Update is a collection of patches for multiple security vulnerabilities in Oracle Java SE. This

Study: after one month 93% of users still vulnerable to Java attacks

Websense have released a new report about users and their practices in patching Java vulnerabilities. Having the latest update for your web browser and applying OS patches will not make users safe from Java attacks as Oracle Java needs to be updated

Microsoft patches IE Pwn2Own bug

Microsoft announced as part of the traditional Patch Tuesday that it will release nine security bulletins. Two of them are considered critical and the first one is issued to fix vulnerabilities revealed at the last Pwn2Own hacking contest. Multiple browsers