Security Alerts & News
by Tymoteusz A. Góral

History
#638 Cisco patches Denial-of-Service flaws across three products
Cisco released software updates to address five separate denial of service vulnerabilities, all which the company considers either high or critical severity, across its product line this week.

According to a series of security advisories issued on Wednesday, three of the five vulnerabilities exist in Cisco’s Wireless LAN Controller (WLC) devices, commonly used to manage and secure wireless networks in the enterprise.

The most pressing WLC vulnerability, marked critical, stems from improper handling of HTTP traffic, meaning an attacker could send a request to a device and from there trigger a buffer overflow condition, and subsequently, a denial of service condition.

The issue affects a wide spectrum of Cisco WLC devices, including those running 7.2, 7.3, 7.4 prior to 7.4.140.0(MD), 7.5, 7.6, and 8.0, prior to 8.0.115.0(ED).
Read more
#638 Cisco patches Denial-of-Service flaws across three products
#637 UK intel agencies spy indiscriminately on millions of innocent folks
#636 Adobe patches DOM-XSS flaw in analytics AppMeasurement for Flash library
#635 Opera bundles free, unlimited VPN client into its browser
#634 Test of telephone support services for Windows consumer security software 2016 (PDF)
#633 Sony trots out 2-factor authentication 5 years after breach
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12