I have a variety of links and articles, mostly security related, that aren’t really substantial enough for a full-blown entry, but I wanted to mention them anyway.
- Vulnerabilities have been uncovered in a variety of Cisco products, ranging from the web interface in their routers to their Call Manager software. In addition, the VPN 3000 series VPN concentrators are open to a denial of service (DoS) attack.
- There’s some question about the recent MS06-035 patch released by Microsoft and whether it actually patches the vulnerability. The MSRC (Microsoft Security Response Center) blog insists that proof of concept (PoC) code released after MS06-035 exploits a new vulnerability. I’m not sure which is worse—Microsoft failing to properly patch, or that a new vulnerability has been discovered?
- Apple has released a new security update, fixing a number of vulnerabilities in various components.
- Supposedly, a Mac OS X laptop will be/was hijacked via Wi-Fi at the Black Hat Conference today. Security researchers are trying to bring attention to security flaws in device drivers, an often-overlooked portion of many operating systems.
UPDATE: Apparently, the Wi-Fi hijacking of an Apple MacBook was indeed demonstrated yesterday; see this updated article.
No comments
Comments feed for this article
Trackback link
http://blog.scottlowe.org/2006/08/02/assorted-links/trackback/