July 28th, 2011 
Mourad Ben Lakhoua New vulnerability have been discovered in Wireshark 1.6.1 that affects IKEv1 protocol function proto_tree_add_item() this bug allow to conduct a denial of service attack. This is not the first vulnerability that has been discovered lately in wireshark as in the 18th of April Paul Makowski working for SEI/CERT discovered vulnerability allows a remote user that [...]
July 9th, 2011 Mourad Ben Lakhoua Microsoft about to release new patches for different windows operating systems, severity of these updates classified between important to critical for Windows XP, Windows Vista, Windows 7, Windows Server 2003, Windows Server 2008, and Microsoft Visio 2003. Organizations always focus on their business in the local activities and most of them not aware that if [...]
June 11th, 2011 Mourad Ben Lakhoua Microsoft has issued a Security Bulletin Advance Notification indicating that its June release will contain 16 bulletins. Nine of the bulletins will have the severity rating of critical. The notification states that these critical bulletins are for Microsoft Windows, Microsoft .NET framework, Microsoft Silverlight, Microsoft Forefront Threat Management Gateway, and Internet Explorer. The remaining 7 [...]
Posted in Software Security, Vulnerabilities 
Tags: Vulnerabilities & attacks, Vulnerability 
85 Comments » June 3rd, 2011 Mourad Ben Lakhoua Cisco has released security advisories for four products to address multiple vulnerabilities. These products include Cisco Unified IP phones, Cisco Network Registrar, Cisco AnyConnect Secure Mobility Client, and Cisco Media Experience. Exploitation of the vulnerabilities may allow an attacker to execute arbitrary code, operate with escalated privileges, or gain administrative access. Multiple Vulnerabilities in Cisco Unified [...]
April 8th, 2011 Mourad Ben Lakhoua Next week Microsoft is planning a new Massive Patch Tuesday with about 17 bulletins covers 64 vulnerabilities in Windows Operating System and Components , Microsoft office , Internet Explorer, Visual Studio, .NET Framework and GDI+. 9 of the 17 bulletins are critical and 8 are important , we are expecting that Microsoft going to fix [...]
April 7th, 2011 Mourad Ben Lakhoua New vulnerability has been discovered in the open source Internet Systems Consortium DHCP server. This vulnerability allows a remote attacker to execute a malicious code on victim’s computer. All versions prior to 3.1-ESV-R1, 4.1-ESV-R2 and 4.2.1-P1 are affected by this bug as they do not strip or escape certain shell meta-characters in responses from the [...]
March 14th, 2011 Mourad Ben Lakhoua Microsoft is investigating new public reports of vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities. MHTML, or Mime HTML, is a standard [...]
