SECURITY ADVISORIES

Cisco SNMP Remote Code Execution Vulnerabilities (CERT-EU Security Advisory 2017-015) External link

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.

  Friday, June 30, 2017 2:32:00 PM CEST

Petya-Like Malware Campaign (CERT-EU Security Advisory 2017-014) External link

A large malware campaign broke out on Tuesday, 27/06/2017 and was widely reported in the news. The malware used -- which appears to be similar to Petya -- has been augmented with efficient local network spreading mechanisms, which resulted in a very rapid infection rate inside affected organizations. The local propagation is apparently achieved by a combination of the use of EternalBlue (the same exploit as the one used by WannaCry earlier), EternalRomance, and WMIC/psexec propagation vector using credentials harvested with a code similar to Mimikatz. First analysis points to at least one likely infection vector being associated with software update systems for a Ukrainian tax accounting package called MeDoc. However, as among the impacted organizations there were those that did not use the software, it is likely that other infection vectors are also used.

  Wednesday, June 28, 2017 11:34:00 AM CEST

Privileges Escalation Vulnerabilities in Unix Operating Systems (CERT-EU Security Advisory 2017-013) External link

On 19th of June 2017, Qualys Research Team published a blog post and a security advisory about vulnerabilities in the memory management of several UNIX operating systems. These vulnerabilities can lead to privilege escalation on these systems, by corrupting memory and executing arbitrary code. They named the bug Stack Clash as it exploits flaws in the way these operating system are handling the stack in memory.

  Tuesday, June 20, 2017 3:40:00 PM CEST

UPDATE! WannaCry Ransomware Campaign Exploiting SMB Vulnerability (CERT-EU Security Advisory 2017-012) External link

A large ransomware campaign has been observed since Friday, May 12th, 2017. The payload delivered is a variant of ransomware malware called WannaCry. It appears to infect computers through a recent SMB vulnerability in Microsoft Windows operating system (CVE-2017-0145).

  Monday, May 22, 2017 3:46:00 PM CEST

UPDATE Critical Cisco CMP Remote Code Execution Vulnerability (CERT-EU Security Advisory 2017-006) External link

Cisco security researchers found a vulnerability in the Cluster Management Protocol (CMP) code in Cisco IOS and Cisco IOS XE software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. Cisco has now released a software fix for this vulnerability.

  Tuesday, March 21, 2017 11:44:00 AM CET

Critical Microsoft Scripting Engine Memory Corruption Vulnerability (CERT-EU Security Advisory 2017-011) External link

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file leading to memory corruption. An attacker who successfully exploits this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

  Wednesday, May 10, 2017 12:20:00 PM CEST

UPDATE Critical Privileges Escalation Vulnerability in Intel AMT Service (CERT-EU Security Advisory 2017-010) External link

On 1st of May 2017, Intel reported that there is "an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small BusinessTechnology that can allow an unprivileged attacker to gain control of the manageability features provided by these products". Once exploited,it allows for DMA access to the system, which means that the attacker can arbitrarily read and write to memory on the system.

  Tuesday, May 2, 2017 4:58:00 PM CEST

UPDATE Critical zero-day vulnerability in Microsoft Office actively exploited (CERT-EU Security Advisory 2017-009) External link

A vulnerability in Microsoft Office is actively exploited to distribute Dridex banking Trojan.

  Wednesday, April 12, 2017 10:37:00 AM CEST

Broadcom Critical Wi-Fi SoC Vulnerability in iOS and Android (CERT-EU Security Advisory 2017-008) External link

The vulnerability resides in a widely used Wi-Fi chipset manufactured by Broadcom and used in both iOS and Android devices. An attacker within range may be able to execute arbitrary code on the Wi-Fi chip. Google Project Zero researcher Gal Beniamini, who discovered the flaw said it allowed the execution of malicious code by Wi-Fi proximity alone, requiring no user interaction [1].

  Friday, April 7, 2017 9:02:00 AM CEST

UPDATE Critical Vulnerabilities in VMWare ESXi, Workstation, and Fusion (CERT-EU Security Advisory 2017-007) External link

VMWare released an advisory for VMWare ESXi, Workstation, and Fusion products [1]. The advisory addresses critical and moderate security issues that may allow a guest system to execute code on the host system (CVE-2017-4902, CVE-2017-4903, and CVE-2017-4904).

  Wednesday, March 29, 2017 3:16:00 PM CEST

Critical Apache Struts 2 Framework Vulnerability (CERT-EU Security Advisory 2017-005) External link

Remote code execution is possible via Apache Struts 2 framework, when performing file upload based on Jakarta multipart parser. There are already several exploits in the wild (CVE-2017-5638).

  Thursday, March 9, 2017 2:30:00 PM CET

Arbitrary Code Execution in Internet Explorer and Edge (CERT-EU Security Advisory 2017-004) External link

A high-severity vulnerability in Microsoft's Edge and Internet Explorer browsers allows attackers to execute malicious code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code (CVE-2017-0037).

  Tuesday, February 28, 2017 2:11:00 PM CET

CISCO Smart Install Protocol Issues (CERT-EU Security Advisory 2017-003) External link

It has been reported that there exists a way to misuse the Cisco Smart Install protocol messages. The misuse is directed towards Smart Install Clients allowing an unauthenticated remote attacker to change the startup configuration, load alternative IOS versions, and execute commands on affected devices. Cisco does not consider this issue a vulnerability. However, since Cisco Smart Install is enabled by default in a big number of modern switches and routers, CERT-EU considers this protocol abuse a potentially serious threat.

  Wednesday, February 22, 2017 3:28:00 PM CET

Ticketbleed Vulnerability Affecting F5 BIG-IP (CERT-EU Security Advisory 2017-002) External link

A vulnerability called Ticketbleed in F5 BIG-IP devices (CVE-2016-9244) could allow an unauthenticated, remote attacker to obtain sensitive information from memory if the non-default Session Tickets option is enabled for a Client SSL profile.

  Thursday, February 9, 2017 4:39:00 PM CET

UPDATE CISCO WebEx Browser Extension Remote Code Execution Vulnerability (CERT-EU Security Advisory 2017-001) External link

A vulnerability in CISCO WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the browser on the affected system. This vulnerability concerns browser extensions for CISCO WebEx Meetings Server and CISCO WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows with Google Chrome, Mozilla Firefox, and Internet Explorer.

  Tuesday, January 24, 2017 3:13:00 PM CET

UPDATE Critical Firefox Vulnerability (CERT-EU Security Advisory 2016-142) External link

On 29th of November 2016, a JavaScript code exploiting a vulnerability in Firefox has been discovered. The exploit took advantage of a bug in Firefox to allow the attacker to execute arbitrary code on the targeted system by having the victim load a web page containing malicious JavaScript and SVG code [5].

  Thursday, December 1, 2016 4:00:00 PM CET

Black Nurse ICMP DOS attacks (CERT-EU Security Advisory 2016-141) External link

TDC-SOC-CERT the CERT from TDC A/S, a Danish telecommunications company, observed and started analyzing a number of denial of service attacks (DOS) based on the ICMP protocol.

  Monday, November 14, 2016 5:11:00 PM CET

URGENT - 0 day Adobe Flash vulnerability (CERT-EU Security Advisory 2016-140) External link

"Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.These updates address a critical vulnerability that could potentially allow an attacker to take control of the affected system."

  Thursday, October 27, 2016 10:32:00 AM CEST

Linux Kernel vulnerability "Dirty COW" (CERT-EU Security Advisory 2016-139) External link

It has been reported a serious vulnerability that has been present for nine years in a section of the Linux kernel, which is most probably part of all the distributions of this OS.

  Monday, October 24, 2016 11:40:00 AM CEST

IKEv1 vulnerability in CISCO devices (CERT-EU Security Advisory 2016-138). External link

The advisory recommends integrity checks and provides detection guidance for the IKEv1 vulnerabilities discovered by CISCO in its devices.

  Monday, September 26, 2016 9:38:00 AM CEST

Critical Adobe Flash Player vulnerabilities (APSB16-29) (CERT-EU Security Advisory 2016-137) External link

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS to address multiple critical vulnerabilities.

  Thursday, September 15, 2016 4:08:00 PM CEST

Pegasus Spyware targeting iOS devices CERT-EU Security Advisory 2016-136 - Updated External link

Three critical zero-day vulnerabilities were discovered, impacting Apple iOS and OS X devices. This advisory presents recommendations for end-users and Mobile Device Management administrators.

  Wednesday, August 31, 2016 3:14:00 PM CEST

Leak of hacking tools targeting Fortinet devices CERT-EU Security Advisory 2016-135 External link

On 13th of august, a previously unknown group called "Shadow Brokers" publicly released a large number of hacking tools they claimed were used by the "Equation Group". The targeted devices include Fortinet devices. This advisory presents risk mitigation recommendations.

  Tuesday, August 30, 2016 4:21:00 PM CEST

Leak of hacking tools targeting CISCO firewalls CERT-EU Security Advisory 2016-133 External link

On 13th of august, a previously unknown group called "Shadow Brokers" publicly released a large number of hacking tools they claimed were used by the "Equation Group". The targeted devices include CISCO Adaptive Security Appliance (ASA) and PIX firewalls. This advisory presents risk mitigation recommendations.

  Tuesday, August 23, 2016 12:11:00 PM CEST

SMB bug allows to leak user login and NTLMv2 hashes [CERT-EU Security Advisory 2016-132] External link

The Server Message Block (SMB) protocol is a network protocol allowing files and printers sharing over different networks (TCP/IP included).

  Thursday, August 4, 2016 1:28:00 PM CEST

HTTPoxy - CGI "HTTP_PROXY" variable name clash (CERT-EU Security Advisory 2016-130) External link

Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTP_PROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle (MITM) attacks on internal subrequests or to direct the server to initiate connections to arbitrary hosts [1].

  Wednesday, July 20, 2016 3:45:00 PM CEST

Drupal RESTful Web Services Module Remote Code Execution Vulnerability (CERT-EU Security Advisory 2016-129) External link

The RESTful Web Services module for Drupal is prone to a remote code-execution vulnerability; fixes are available.

  Friday, July 15, 2016 2:42:00 PM CEST

Drupal Webform Multiple File Upload Module Remote Code Execution Vulnerability (CERT-EU Security Advisory 2016-128) External link

The Webform Multiple File Upload module for Drupal is prone to a remote code-execution vulnerability; fixes are available.

  Thursday, July 14, 2016 2:38:00 PM CEST

Drupal Coder Module Remote Code Execution Vulnerability (CERT-EU Security Advisory 2016-127) External link

The Coder module for Drupal is prone to a remote code-execution vulnerability; fixes are available.

  Thursday, July 14, 2016 2:37:00 PM CEST

Critical Adobe Flash bug (CVE-2016-4171) (CERT-EU Security Advisory 2016-126) External link

A critical vulnerability (CVE-2016-4171) exists in Adobe Flash Player 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. An exploit for CVE-2016-4171 exists in the wild, and is being used in limited, targeted attacks [1].

  Monday, June 20, 2016 3:06:00 PM CEST

Critical vulnerability in Adobe Flash Player (CVE-2016-4117) (CERT-EU Security Advisory 2016-125) External link

A critical vulnerability (CVE-2016-4117) exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system [1].

  Tuesday, May 17, 2016 10:28:00 AM CEST

Critical vulnerability in ImageMagick allowing remote code execution (CERT-EU Security Advisory 2016-124) External link

On May 3rd, 2016, security researchers reported several bugs in ImageMagick [1], a package commonly used by web services to process images. [2][3]

  Wednesday, May 4, 2016 2:41:00 PM CEST

Badlock Bug in Windows and Samba (CERT-EU Security Advisory 2016-123) External link

On April 12th, 2016 Badlock, a crucial security bug in Windows and Samba was disclosed.

  Wednesday, April 13, 2016 2:18:00 PM CEST

Cisco - Denial of Service Vulnerabilities (CERT-EU Security Advisory 2016-122) External link

The March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication includes six Cisco Security Advisories that describe vulnerabilities in Cisco IOS Software.

  Wednesday, April 13, 2016 2:15:00 PM CEST

UPDATE Remote Code Execution in all git versions (client + server) < 2.7.1 (CERT-EU Security Advisory 2016-121) External link

Version: 17/03/2016 Corrigendum initial publication typos A vulnerability in Git allows a perpetrator to execute code remotely while cloning or pushing repository with large filenames or a large number of nested trees..

  Thursday, March 17, 2016 12:37:00 PM CET

Remote Code Execution in all git versions (client+server)<2.7.1 (CERT-EU Security Advisory 2016-120) External link

A vulnerability in Git allows a perpetrator to execute code remotely while cloning or pushing repository with large filenames or a large number of nested trees..

  Wednesday, March 16, 2016 4:17:00 PM CET

CISCO CVE-2016-1329 (CERT-EU Security Advisory 2016-119) External link

A vulnerability in Cisco NX-OS Software allows a perpetrator to connect to the device with administrative privileges.

  Tuesday, March 15, 2016 9:38:00 AM CET

DROWN Attack (CERT-EU Security Advisory 2016-118) External link

A vulnerability in SSLv2 can lead to a compromise the cryptographic scheme of safe transactions over Internet. The attack that exploits the vulnerability is called "DROWN". The attacker can easily interfere between client and server and monitor the transaction or even alter it. In other words, the vulnerability allows successful Man-In-the-Middle attacks.

  Wednesday, March 2, 2016 10:13:00 AM CET

Palo Alto critical bugs (CERT-EU Security Advisory 2016-117) External link

Palo Alto Networks has revealed four new vulnerabilities

  Wednesday, March 2, 2016 10:11:00 AM CET

Vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) (CERT-EU Security Advisory 2016-116) External link

The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited.

  Thursday, February 25, 2016 4:15:00 PM CET

UPDATE CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow (CERT-EU Security Advisory 2016-115) External link

Updated: CentOS has released updates to vulnerability remedy. F5 has published information about products affected products.

  Wednesday, February 17, 2016 2:52:00 PM CET

CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow (CERT-EU Security Advisory 2016-114) External link

Vulnerability in glibc allows unauthenticated attacker to remotely exploit and cause: - Denial-of-Service (DoS) - Remote code execution (administrator / root privileges) - Remote code execution (User)

  Wednesday, February 17, 2016 1:19:00 PM CET

CISCO IKE v1 and v2 Vulnerability (CERT-EU Security Advisory 2016-113) External link

A vulnerability in the Internet Key Exchange .v1 and .v2 of CISCO ASA software can be exploited causing DOS or even remote code execution.

  Thursday, February 11, 2016 3:59:00 PM CET

Vulnerability in Java installers (CERT-EU Security Advisory 2016-84) External link

A user can be tricked into downloading files before installing Java 6, 7 or 8 resulting to a full compromise of his system.

  Thursday, February 11, 2016 3:28:00 PM CET

SSH Login vulnerability on multiple Fortinet products (CERT-EU Security Advisory 2016-62) - UPDATED External link

The FortiOS SSH has a login vulnerability. Remote console access to vulnerable devices with "Administrative Access" enabled for S= SH is possible.

  Tuesday, January 26, 2016 3:45:00 PM CET

OpenSSH roaming feature vulnerabilities (CERT-EU Security Advisory 2016-50) External link

Since version 5.4 (released on March 8, 2010), the OpenSSH client supports an undocumented feature called roaming: if the connection to an SSH server breaks unexpectedly, and if the server supports roaming as well, the client is able to reconnect to the server and resume the suspended SSH session. [1]

  Tuesday, January 19, 2016 10:21:00 AM CET

FortiOS login vulnerability (CERT-EU Security Advisory 2016-45) External link

The FortiOS SSH has a login vulnerability. Remote console access to vulnerable devices with "Administrative Access" enabled for S= SH is possible. A Pyhton script was released that can be used to exploit the vulnerability.

  Tuesday, January 19, 2016 10:19:00 AM CET

JUNIPER multiple Security issues with ScreenOS (CVE-2015-7755) [CERT-EU Security Advisory 2015-825] External link

During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections.

  Friday, December 18, 2015 11:38:00 AM CET

Remote code execution vulnerability in jar analysis (CERT-EU Security Advisory 2015-824) External link

Tavis Ormandy and Natalie Silvanovich of Google Project Zero discovered a critical vulnerability in Fireeye devices. As a result, an attacker can send an email to a user or alternatively get them to click a link and completely compromise one of the most privileged machines on the network. This allows exfiltration of confidential data, tampering with traffic, lateral movement around networks and even self-propagating internet worms.

  Wednesday, December 16, 2015 5:44:00 PM CET

Crypto implementation flaws in Pacom GMS System (CERT-EU Security Advisory 2015-761) External link

The Pacom 1000 implementation have several serious implementation flaws in cryptography mechanisms. The flaws that were found can bypass the security of any unpatched installation. The issue could affect the Psysical Security entities of a constituent depending on the infrastructure.

  Tuesday, January 19, 2016 10:15:00 AM CET

Vulnerable Dell Self-Signed Root certificates (CERT-EU Security Advisory 2015-750) External link

Some Dell laptops and desktops come with a pre-installed self-signed root certificate under the name of eDellRoot and in some occasions have also an installed another self-signed root certificate under the name of DSDTestProvider. This is a potential security vulnerability that makes it easy for attackers to hijack Internet connections and masquerade as trusted websites. That security vulnerability compromises the security of encrypted HTTPS connections.

  Tuesday, November 24, 2015 4:11:00 PM CET

Logjam Attack (CERT-EU Security Advisory 2015-325) External link

Last days was published a new vulnerability related to TSL/SSL protocol called Logjam attack. This vulnerability allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography (which is an old working mode, still there to support legacy system enforcing former US cryptography exportation restrictions).

  Tuesday, June 9, 2015 3:50:00 PM CEST

Microsoft Security Bulletin MS14-068 - Critical Vulnerability in Kerberos Could Allow Elevation of Privileges (MS KB 3011780) - (CERT-EU Security Advisory 2014-253) External link

The vulnerability in Microsoft Windows Kerberos KDC could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account.

  Thursday, November 20, 2014 10:18:00 AM CET

Malware distribution to German-speaking users (CERT-EU Security Advisory 2014-249) External link

CERT-EU has identified a malware distribution and fraud campaign with focus on german-speaking users.

  Thursday, November 20, 2014 10:15:00 AM CET

IMPORTANT: Critical Vulnerability in Schannel Could Allow Remote Code Execution (KB2992611) CVE-2014-6321 - (CERT-EU Security Advisory 2014-248) External link

A privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows has been found.

  Thursday, November 20, 2014 10:11:00 AM CET

NEW SSLv3 Padding Oracle On Downgraded Legacy Encryption attack (CERT-EU Security Advisory 2014-169) External link

The SSL protocol 3.0, as used in OpenSSL and other products, uses non-deterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain clear text data via a padding-oracle attack, aka the "POODLE" issue.

  Thursday, November 20, 2014 10:09:00 AM CET

New: BadUSB (CERT-EU Security Advisory 2014-138) External link

BadUSB is a dangerous USB security flaw that allows attackers to turn a simple USB device into a keyboard, which can then be used to type malicious commands into the victim's computer.

  Thursday, November 20, 2014 10:07:00 AM CET

BASH Vulnerability (CERT-EU Security Advisory 2014-137) External link

GNU BASH is prone to remote code execution vulnerability. Vulnerable GNU BASH versions processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code.

  Thursday, November 20, 2014 10:05:00 AM CET

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products [1] (CERT-EU Security Advisory 2014-054) External link

Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code, create a denial of service (DoS) condition, or perform a man-in-the-middle attack.

  Wednesday, June 11, 2014 10:06:00 AM CEST

Multiple Vulnerabilities in OpenSSL [1] (CERT-EU Security Advisory 2014-053) External link

Several vulnerabilities have been discovered in OpenSSL library.

  Wednesday, June 11, 2014 10:04:00 AM CEST

GnuTLS Hello Vulnerability (CERT-EU Security Advisory 2014-052) External link

This vulnerability affects the client side of the GnuTLS library. A server that sends a specially crafted Server Hello could corrupt the memory of a requesting client.

  Thursday, June 5, 2014 9:09:00 AM CEST

Cisco RADIUS DoS [1] (CERT-EU Security Advisory 2014-051) External link

Cisco Identity Services Engine Software (ISE) is an authentication, authorization, and accounting application.

  Friday, May 23, 2014 1:57:00 PM CEST

Microsoft Internet Explorer 8 Remote Code Execution [1] (CERT-EU Security Advisory 2014-050) External link

Internet Explorer 8 is prone to a remote code-execution vulnerability due to a use-after-free condition.

  Friday, May 23, 2014 1:55:00 PM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2014-049) External link

Microsoft has published on a number of new security updates which has been released on May 08, 2014.

  Friday, May 16, 2014 11:08:00 AM CEST

Security updates available for Adobe Reader and Acrobat (CERT-EU Security Advisory 2014-048) External link

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.06) and earlier versions for Windows and Macintosh.

  Friday, May 16, 2014 11:06:00 AM CEST

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-047) External link

Adobe has released security updates for Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.356 and earlier versions for Linux.

  Friday, May 16, 2014 11:05:00 AM CEST

BIND nameservers security update[1] (CERT-EU Security Advisory 2014-046) External link

A defect in the pre-fetch feature (which is enabled by default) can cause BIND 9.10.0 to terminate with a "REQUIRE" assertion failure if it processes queries whose answers have particular attributes.

  Thursday, May 15, 2014 3:08:00 PM CEST

FreeBSD Security Advisory (CERT-EU Security Advisory 2014-045) External link

hen network packets making up a TCP stream (``TCP segments'') are received out-of-sequence, they are maintained in a reassembly queue by the destination system until they can be re-ordered and re-assembled.

  Thursday, May 15, 2014 3:07:00 PM CEST

Citrix NetScaler Application Delivery Security Update [1] (CERT-EU Security Advisory 2014-044) External link

A number of security vulnerabilities have been identified in the management component of the Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway products.

  Thursday, May 15, 2014 3:04:00 PM CEST

Oracle Critical Patch Update Advisory (CERT-EU Security Advisory 2014-043) External link

The Oracle Critical Patch Update for April 2014 [1] were released.

  Thursday, May 8, 2014 4:31:00 PM CEST

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-042) External link

Adobe has released security updates for Adobe Flash Player 13.0.0.182 and earlier versions for Windows, Adobe Flash Player 13.0.0.201 and earlier versions for Macintosh and Adobe Flash Player 11.2.202.350 and earlier versions for Linux.

  Tuesday, April 29, 2014 4:12:00 PM CEST

UPDATE Vulnerability in Internet Explorer Could Allow Remote Code Execution (CERT-EU Security Advisory 2014-041) External link

UPDATE: Microsoft has issued a cumulative security update for Internet Explorer (no 2965111) resolving the publicly disclosed vulnerability (CVE-2014-1776 [1]) as well as other eight privately reported vulnerabilities in IE [2].

  Monday, May 12, 2014 4:28:00 PM CEST

VMware Security Advisories (VMSA-2014-0004.6) CERT-EU Security Advisory 2014-040 External link

VMware product updates address OpenSSL security vulnerabilities.

  Wednesday, April 23, 2014 4:20:00 PM CEST

VMware Security Advisories (VMSA-2014-0003) (CERT-EU Security Advisory 2014-039) External link

VMware vSphere Client updates address security vulnerabilities

  Wednesday, April 23, 2014 4:19:00 PM CEST

Oracle Critical Patch Update Advisory of April 2014 (CERT-EU Security Advisory 2014-038) External link

Oracle Critical Patch Update Advisory of April 2014 contains 104 new security fixes across the product families.

  Wednesday, April 23, 2014 4:17:00 PM CEST

Apache Tomcat Update (CERT-EU Security Advisory 2014-037) External link

It was possible to craft a malformed Content-Type header for a multipart request that caused Apache Tomcat to enter an infinite loop. A malicious user could, therefore, craft a malformed request that triggered a denial of service.

  Thursday, April 10, 2014 10:56:00 AM CEST

Microsoft Security Updates (EU Security Advisory 2014-036) External link

Microsoft has published on a number of new security updates which has been released on April 08, 2014.

  Wednesday, April 9, 2014 3:23:00 PM CEST

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-035) External link

Adobe has released security updates for Adobe Flash Player 12.0.0.77 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.346 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest versions.

  Wednesday, April 9, 2014 3:16:00 PM CEST

UPDATE OpenSSL CRITICAL vulnerability (CERT-EU Security Advisory 2014-034) External link

OpenSSL library is vulnerable to a memory leakage. Both servers and clients are affected. It can lead to a leak of the content of the memory allowing access to private keys, credentials, or any other confidential data . There are already some proofs of concept of this vulnerability available in the wild exploiting servers and clients.

  Friday, April 11, 2014 9:57:00 AM CEST

UPDATE OpenSSL CRITICAL vulnerability (CERT-EU Security Advisory 2014-034) External link

OpenSSL software is vulnerable to memory leakage to the connected client or server. It could lead to a leak of the content of the memory; allowing access to private keys (PKI/x509 certificates private key) or any confidential data in the memory like credentials. We could locate some prove of concepts of this vulnerability on Internet.

  Wednesday, April 9, 2014 3:14:00 PM CEST

OpenSSL CRITICAL vulnerability Reference (CERT-EU Security Advisory 2014-034) External link

OpenSSL software is vulnerable to memory leakage to the connected client or server. It could lead to a leak of the content of the memory; allowing access to private keys (PKI/x509 certificates private key) or any confidential data in the memory like credentials. We could locate some prove of concepts of this vulnerability on Internet.

  Wednesday, April 9, 2014 3:02:00 PM CEST

Multiple vulnerabilities in Cisco IOS (CERT-EU Security Advisory 2014-033) External link

Cisco released its semiannual Cisco IOS Software Security Advisory Bundled Publication on March 26, 2014.

  Friday, April 4, 2014 2:47:00 PM CEST

Vulnerability in Microsoft Word could allow remote code execution (CERT-EU Security Advisory 2014-032) External link

There is a vulnerability affecting multiple versions of Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

  Thursday, March 27, 2014 2:37:00 PM CET

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-031) External link

Adobe has released security updates for Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.341 and earlier versions for Linux. [1]

  Thursday, March 13, 2014 4:19:00 PM CET

Multiple vulnerabilities in Microsoft products (CERT-EU Security Advisory 2014-030) External link

Microsoft released five bulletins [1] to address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight.

  Thursday, March 13, 2014 4:16:00 PM CET

Snake Campaign and Cyber Espionage Toolkit [1] (CERT-EU Security Advisory 2014-029) External link

BAE Systems have recently published a report on so called Snake Campaign and Cyber Espionage Toolkit [1].

  Thursday, March 13, 2014 4:10:00 PM CET

Cisco Small Business Router Password Disclosure Vulnerability [1] (CERT-EU Security Advisory 2014-028) External link

A vulnerability in the web management interface of the Cisco RV110W Wireless-N VPN Firewall, the Cisco RV215W Wireless-N VPN Router, and the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain administrative-level access to the web management interface of the affected device.

  Tuesday, March 11, 2014 11:24:00 AM CET

Multiple Vulnerabilities in Cisco Wireless LAN Controllers [1] (CERT-EU Security Advisory 2014-027) External link

The Cisco Wireless LAN Controller (WLC) product family is affected by the following vulnerabilities

  Tuesday, March 11, 2014 11:21:00 AM CET

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2014-026) External link

An update for Red Hat JBoss Enterprise Application Platform 6.2.1 is now available from the Red Hat Customer Portal.

  Tuesday, March 11, 2014 11:19:00 AM CET

SSL/TSL implementation security Issues [1] (CERT-EU Security Advisory 2014-025) External link

Recently have been published a couple of bugs in ssl/tsl protocol from Apple [1] and GNU [2].

  Tuesday, March 11, 2014 11:18:00 AM CET

SOHO routers vulnerabilities leading to man-in-the-middle attack [1] (CERT-EU Security Advisory 2014-024) External link

Different vulnerabilities and default configuration in several brands of SOHO routers allowed dns misconfiguration in hundreds of thousands of devices.

  Tuesday, March 11, 2014 11:17:00 AM CET

Cisco Prime Infrastructure Command Execution Vulnerability [1] (CERT-EU Security Advisory 2014-023) External link

A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges.

  Tuesday, March 11, 2014 11:16:00 AM CET

SSL Vulnerability in iOS and OS X [1] (CERT-EU Security Advisory 2014-022) External link

Due to a flaw in authentication logic on iOS and OS X platforms, an attacker can bypass SSL/TLS verification routines upon the initial connection handshake.

  Wednesday, February 26, 2014 11:40:00 AM CET

Microsoft Security Advisory [1] (CERT-EU Security Advisory 2014-021) External link

Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 10.

  Monday, February 24, 2014 3:11:00 PM CET

Microsoft Security Advisory related to Adobe Flash Player [1] (CERT-EU Security Advisory 2014-020) External link

Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1.

  Monday, February 24, 2014 3:09:00 PM CET

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-019) External link

Adobe has released security updates for Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 and earlier versions for Linux.

  Monday, February 24, 2014 3:07:00 PM CET

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2014-018) External link

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes three security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal.

  Friday, February 21, 2014 2:38:00 PM CET

Title: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability [1] (CERT-EU Security Advisory 2014-017) External link

Cisco Firewall Services Module (FWSM) Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected system.

  Friday, February 21, 2014 2:09:00 PM CET

Multiple Vulnerabilities in Cisco IPS Software [1] (CERT-EU Security Advisory 2014-016) External link

Cisco Intrusion Prevention System (IPS) Software is affected by the following vulnerabilities

  Friday, February 21, 2014 2:07:00 PM CET

Cisco UCS Director Default Credentials Vulnerability [1] (CERT-EU Security Advisory 2014-015) External link

A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to gain root-level access to an affected device.

  Friday, February 21, 2014 2:04:00 PM CET

Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905 [1] (CERT-EU Security Advisory 2014-014) External link

A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to gain root-level access to an affected device.

  Friday, February 21, 2014 2:01:00 PM CET

Man-in-the-Middle Attack Against Email Synchronization (CERT-EU Security Advisory 2014-013) External link

The attack consists in spoofing a SSID of a WiFi network to which devices try to connect (most devices actively advertise SSIDs of all networks known to them). Once a device connects to such network and tries to synchronize e-mails, a malicious server inside the spoofed network may potentially be able to access the email credentials. In case the SSL is used, a such server may try to impersonate the target email server and perform the SSL handshake, if the device is set to accept self-signed certificates.

  Friday, February 21, 2014 1:59:00 PM CET

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-012) External link

Adobe has released security updates for Adobe Flash Player 12.0.0.43 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.335 and earlier versions for Linux. These updates address a critical vulnerability that could potentially allow an attacker to remotely take control of the affected system.

  Friday, February 14, 2014 12:12:00 PM CET

Security update available for Adobe Shockwave Player (CERT-EU Security Advisory 2014-011) External link

Adobe has released a security update for Adobe Shockwave Player 12.0.7.148 and earlier versions on the Windows and Macintosh operating systems. This update addresses critical vulnerabilities that could potentially allow an attacker to remotely take control of the affected system.

  Friday, February 14, 2014 12:09:00 PM CET

Critical Vulnerability in MediaWiki Platform (CERT-EU Security Advisory 2014-010) External link

Researchers have discovered a critical vulnerability in the popular MediaWiki Web platform, which is used to run Wikipedia and tens of thousands of other wiki sites around the world. This vulnerability allows an attacker to perform remote code execution

  Wednesday, February 5, 2014 9:25:00 AM CET

Microsoft Security Updates (CERT-EU Security Advisory 2014-009) External link

Microsoft has published on a number of new security updates. This advisory is intended to help you plan for the deployment of these security updates more effectively.

  Friday, February 14, 2014 12:06:00 PM CET

UPDATED Bios update for Hewlett Packard server products (CERT-EU Security Advisory 2014-008) External link

There is a Bios update for HP Proliant G7 server.

  Wednesday, February 26, 2014 11:52:00 AM CET

Denial of Service on Bind BIND nameservers (CERT-EU Security Advisory 2014-007) External link

Because of a defect in handling queries for NSEC3-signed zones, BIND can crash with an "INSIST" failure in name.c when processing queries possessing certain properties. By exploiting this defect an attacker deliberately constructing a query with the right properties could achieve denial of service against an authoritative nameserver serving NSEC3-signed zones.

  Thursday, January 23, 2014 3:04:00 PM CET

VMware multiple vulnerabilities (CERT-EU Security Advisory 2014-006) External link

VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues: VMware ESXi and ESX NFC NULL pointer dereference (CVE-2014-1207).

  Thursday, January 23, 2014 3:03:00 PM CET

Multiple Bugfixes in PHP (CERT-EU Security Advisory 2014-005) External link

The PHP development team announces the immediate availability of PHP 5.5.8. About 15 bugs were fixed. The PHP development team announces the immediate availability of PHP 5.4.20. About 30 bugs were fixed.

  Thursday, January 23, 2014 3:00:00 PM CET

Multiple Vulnerabilities in Cisco Secure Access Control System (CERT-EU Security Advisory 2014-004) External link

Cisco Secure Access Control System (ACS) is affected by the following vulnerabilities: -Cisco Secure ACS RMI Privilege Escalation Vulernability -Cisco Secure ACS RMI Unauthenticated User Access Vulnerability -Cisco Secure ACS Operating System Command Injection Vulnerability

  Thursday, January 23, 2014 2:57:00 PM CET

Oracle Critical Patch Update Advisory of January 2014 (CERT-EU Security Advisory 2014-003) External link

Oracle Critical Patch Update Advisory of January 2014 contains 144 new security fixes across the product families.

  Tuesday, January 21, 2014 3:03:00 PM CET

Multiple Microsoft vulnerabilities (CERT-EU Security Advisory 2014-002) External link

The vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Word or other affected Microsoft Office software. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [1]

  Tuesday, January 21, 2014 3:01:00 PM CET

Multiple Adobe vulnerabilities (CERT-EU Security Advisory 2014-001) External link

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh.

  Tuesday, January 21, 2014 2:59:00 PM CET

Cisco ASA Denial of service (CERT-EU Security Advisory 2013-0100) External link

A vulnerability in the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to become unresponsive to management session requests via SSH, Telnet, HTTP, and HTTPS.

  Wednesday, December 11, 2013 4:22:00 PM CET

WMware ESX multiple vulnerabilities (CERT-EU Security Advisory 2013-0099) External link

VMware has updated several third party libraries in ESX that address multiple security vulnerabilities.

  Wednesday, December 11, 2013 4:20:00 PM CET

Microsoft December 2013 patches (CERT-EU Security Advisory 2013-0098) External link

Microsoft has released December 2013 patches.

  Wednesday, December 11, 2013 4:19:00 PM CET

VMware Products Increased privileges - Existing account [1] (CERT-EU Security Advisory 2013-0097) External link

VMware Workstation, Fusion, ESXi and ESX patches address a vulnerability in the LGTOSYNC.SYS driver which could result in a privilege escalation on older Windows-based Guest Operating Systems.

  Monday, December 9, 2013 4:46:00 PM CET

Cisco ASA Malformed DNS Reply Denial of Service Vulnerability [1] (CERT-EU Security Advisory 2013-0096) External link

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the reload of an affected system.

  Monday, December 9, 2013 2:57:00 PM CET

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2013-095) External link

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal.

  Monday, December 9, 2013 2:55:00 PM CET

Microsoft Advance Security Updates (CERT-EU Security Advisory 2013-094) External link

Microsoft has published an advanced for a number of new security updates which will be released on December 13, 2013.

  Monday, December 9, 2013 2:54:00 PM CET

Microsoft Windows local privilege escalation zero-day bypassing Adobe Reader sandbox in the wild (CERT-EU Security Advisory 2013-093) External link

A new Windows local privilege escalation vulnerability has been identified in the wild [1].

  Monday, December 9, 2013 2:52:00 PM CET

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2013-092) External link

Adobe has released security updates for Adobe Flash Player 11.9.900.117 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.310 and earlier versions for Linux.

  Tuesday, November 19, 2013 10:48:00 AM CET

Hotfix available for ColdFusion (CERT-EU Security Advisory 2013-091) External link

Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and Linux.

  Tuesday, November 19, 2013 10:45:00 AM CET

Microsoft Security Updates (CERT-EU Security Advisory 2013-090) External link

Microsoft has published on a number of new security updates which has been released on November 13, 2013.

  Tuesday, November 19, 2013 10:33:00 AM CET

Microsoft Security Advisory [1] (CERT-EU Security Advisory 2013-0089) External link

Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync.

  Wednesday, November 6, 2013 1:53:00 PM CET

Cisco IOS XE: Denial of service - Remote/unauthenticated [1] (CERT-EU Security Advisory 2013-0088) External link

Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities

  Wednesday, November 6, 2013 1:52:00 PM CET

Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products [1] (CERT-EU Security Advisory 2013-0087) External link

Multiple Cisco products include an implementation of Apache Struts 2 component that is affected by a remote command execution vulnerability.

  Wednesday, November 6, 2013 1:50:00 PM CET

Several Vulnerabilities and Security Notices in multiple Cisco products (CERT-EU Security Advisory 2013-0086) External link

A vulnerability in the fabric interconnect of Cisco Unified Computing System could allow an authenticated, local attacker to cause a denial of service (DoS) condition.

  Friday, October 25, 2013 11:26:00 AM CEST

RSA Authentication Agent: Reduced security [1] (CERT-EU Security Advisory 2013-0085) External link

In certain circumstances, RSA Authentication Agent for Web for IIS protection can be bypassed due to a fail open flaw in the agent.

  Friday, October 25, 2013 11:24:00 AM CEST

Several Vulnerabilities in Linux kernel [1] (CERT-EU Security Advisory 2013-0084) External link

* It was found that the fix for CVE-2012-3552 released via RHSA-2012 ... * An information leak flaw was found in the way Linux kernel's device mapper subsystem,... * A format string flaw was found in the b43_do_request_fw() function in the Linux kernel's b43 driver implementation....

  Friday, October 25, 2013 11:23:00 AM CEST

Vulnerability in python-crypto (CERT-EU Security Advisory 2013-0083) External link

A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto.

  Monday, October 21, 2013 4:07:00 PM CEST

Multiple Vulnerabilities in MySQL 5.1 on Debian (CERT-EU Security Advisory 2013-0082) External link

This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html [1] [2]

  Monday, October 21, 2013 4:06:00 PM CEST

Several Vulnerabilities in RedHat (CERT-EU Security Advisory 2013-0081) External link

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

  Monday, October 21, 2013 4:05:00 PM CEST

Several Vulnerabilities and Security Notices in multiple Cisco products (CERT-EU Security Advisory 2013-0080) External link

Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities

  Monday, October 21, 2013 4:04:00 PM CEST

Several Vulnerabilities in multiple VMware products (CERT-EU Security Advisory 2013-0079) External link

VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities. [1] [2] [3]

  Monday, October 21, 2013 4:03:00 PM CEST

Cisco Catalyst 6500 Series Switches & Cisco 7600 Series Routers: Multiple vulnerabilities [1] (CERT-EU Security Advisory 2013-0078) External link

Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by two vulnerabilities.

  Monday, October 21, 2013 4:01:00 PM CEST

JBoss Middleware security update [1] (CERT-EU Security Advisory 2013-0077) External link

An update for the commons-fileupload component that fixes one security issue is now available from the Red Hat Customer Portal for Red Hat JBoss BRMS 5.3.1; and Red Hat JBoss Portal 4.3 CP07, 5.2.2 and 6.0.0.

  Monday, October 21, 2013 4:00:00 PM CEST

Title: Oracle Critical Patch Update Advisory (CERT-EU Security Advisory 2013-0076) External link

The Oracle Critical Patch Update for October 2013 [1] were released.

  Monday, October 21, 2013 3:59:00 PM CEST

Apache Execute arbitrary code/commands - Remote/unauthenticated [1] (CERT-EU Security Advisory 2013-0075) External link

Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input.

  Monday, October 21, 2013 3:57:00 PM CEST

Security Advisory for Adobe Reader and Acrobat [1] (CERT-EU Security Advisory 2013-0074) External link

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.04) for Windows.

  Thursday, October 10, 2013 3:44:00 PM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2013-073) External link

Microsoft has published on a number of new security updates which has been released on October 09, 2013.

  Thursday, October 10, 2013 3:43:00 PM CEST

Cisco IOS XR Software Memory Exhaustion Vulnerability [1] (CERT-EU Security Advisory 2013-0072) External link

Cisco IOS XR Software version 4.3.1 contains a vulnerability that could result in complete packet memory exhaustion.

  Thursday, October 10, 2013 3:38:00 PM CEST

Several Vulnerabilities in Mozilla Firefox prior to 24 (CERT-EU Security Advisory 2013-0071) External link

Several Critical, High and Moderate vulnerabilities have been fixed in Mozilla Firefox 24. [1]

  Thursday, September 26, 2013 4:47:00 PM CEST

Multiple Bugfixes in PHP (CERT-EU Security Advisory 2013-0070) External link

The PHP development team announces the immediate availability of PHP 5.5.4. This release fixes several bugs against PHP 5.5.3. [1]

  Thursday, September 26, 2013 4:46:00 PM CEST

Microsoft Alert Vulnerability in Internet Explorer Could Allow Remote Code Execution [1] (CERT-EU Security Advisory 2013-0069) External link

Microsoft is investigating public reports of a vulnerability in all supported versions of Internet Explorer.

  Thursday, September 26, 2013 4:44:00 PM CEST

VMware Workstation host privilege escalation vulnerability in Linux Version [1](CERT-EU Security Advisory 2013-0068) External link

VMware Workstation and VMware Player address a vulnerability in the vmware-mount component which could result in a privilege escalation on linux-based host machines.

  Thursday, September 26, 2013 4:43:00 PM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2013-067) External link

This bulletin summary lists 3 critical (MS13-059, MS13-060, MS13-061) and 5 important (MS13-062, MS13-063, MS13-064, MS13-065, MS13-066) Microsoft security bulletins released for August 2013 [1].

  Tuesday, August 20, 2013 3:07:00 PM CEST

Microsoft Security Updates - Advance Notification (CERT-EU Security Advisory 2013-0066) External link

Microsoft has published a number of new security updates which are planned for release on August 13, 2013.

  Friday, August 9, 2013 1:51:00 PM CEST

JBoss SOA Platform 5.3.1 security update [1] (CERT-EU Security Advisory 2013-0065) External link

Red Hat JBoss SOA Platform 5.3.1 roll up patch 3, which fixes three security issues and various bugs, is now available from the Red Hat Customer Portal.

  Friday, August 9, 2013 1:50:00 PM CEST

Apache Struts Security Update [3] (CERT-EU Security Advisory 2013-0064) External link

A couple of vulnerabilities have that have been detected in Struts framework allow arbitrary code execution and open redirections.

  Friday, August 9, 2013 1:48:00 PM CEST

OSPF LSA Manipulation Vulnerability in Multiple Cisco Products (CERT-EU Security Advisory 2013-0063) External link

Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database.

  Friday, August 9, 2013 1:10:00 PM CEST

Cisco WAAS Central Manager Remote Code Execution Vulnerability (CERT-EU Security Advisory 2013-0062) External link

Cisco Wide Area Application Services (WAAS) when configured as Central Manager (CM), contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the affected system.

  Friday, August 9, 2013 1:08:00 PM CEST

Authenticated Command Injection Vulnerability in Multiple Cisco Content Network and Video Delivery Products (CERT-EU Security Advisory 2013-0061) External link

Multiple Cisco content network and video delivery products contain a vulnerability when they are configured to run in central management mode.

  Friday, August 9, 2013 1:06:00 PM CEST

VMware ESX and ESXi updates to third party libraries (CERT-EU Security Advisory 2013-0060) External link

VMware has updated several third party libraries in ESX and ESXi to address multiple security vulnerabilities.

  Friday, August 9, 2013 1:04:00 PM CEST

Apache Security Update (CERT-EU Security Advisory 2013-0059) External link

The Apache Software Foundation and the Apache HTTP Server Project have released a new version of Apache Httpd server which solves several vulnerabilities.

  Friday, August 9, 2013 1:02:00 PM CEST

Oracle Critical Patch Update Advisory (CERT-EU Security Advisory 2013-0058) External link

The Oracle Critical Patch Update for July 2013 [1] were released. Oracle strongly recommends applying the patches as soon as possible.

  Friday, August 9, 2013 1:01:00 PM CEST

Adobe Flash Player Security Update (CERT-EU Security Advisory 2013-0057) External link

Adobe has released security updates for Adobe Flash Player 11.7.700.224 and earlier versions for Windows, Adobe Flash Player 11.7.700.225 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.291 and earlier versions for Linux, Adobe Flash Player 11.1.115.63 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.59 and earlier versions for Android 3.x and 2.x.

  Friday, August 9, 2013 12:57:00 PM CEST

Apache Tomcat Security Update (CERT-EU Security Advisory 2013-0056) External link

FORM authentication associates the most recent request requiring authentication with the current session.

  Monday, June 24, 2013 4:33:00 PM CEST

Microsoft recent news related to security issues and tools [1] (CERT-EU Security Advisory 2013-0055) External link

Microsoft has publish some information in its security blog that can be of CERT-EU constituency interest [1].

  Friday, June 21, 2013 3:02:00 PM CEST

Cisco ASA Software Vulnerability [1] (CERT-EU Security Advisory 2013-0054) External link

A vulnerability on Cisco ASA could cause a reload of the affected device.

  Friday, June 21, 2013 3:01:00 PM CEST

Oracle Java SE Critical Patch Update - June 2013 (CERT-EU Security Advisory 2013-053) External link

The Oracle Java SE Critical Patch Update [1] for June 2013 were released on.

  Friday, June 21, 2013 2:59:00 PM CEST

VMware vCenter Chargeback Manager Remote Code Execution [1] (CERT-EU Security Advisory 2013-0052) External link

The vCenter Chargeback Manager contains a critical vulnerability that allows for remote code execution.

  Wednesday, June 19, 2013 4:43:00 PM CEST

Security updates available for Adobe Flash Player [1] (CERT-EU Security Advisory 2013-051) External link

Adobe has released security updates for Adobe Flash Player 11.7.700.202 and earlier versions for Windows, Adobe Flash Player 11.7.700.203 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.285 and earlier versions for Linux, Adobe Flash Player 11.1.115.58 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.54 and earlier versions for Android 3.x and 2.x.

  Friday, June 14, 2013 3:20:00 PM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2013-050) External link

Microsoft has published on a number of new security updates which has been released on June 11, 2013.

  Friday, June 14, 2013 3:17:00 PM CEST

Denial of Service on Bind BIND nameservers [1] (CERT-EU Security Advisory 2013-0049) External link

A defect exists which allows an attacker to crash a BIND 9 recursive resolver with a RUNTIME_CHECK error in resolver.c.

  Friday, June 7, 2013 9:09:00 AM CEST

Linux kernel Vulnerabilities (CERT-EU Security Advisory 2013-0048) External link

A recently-discovered vulnerability in the Linux kernel allows a local user to escalate their privilege level and gain root access.

  Wednesday, May 22, 2013 4:12:00 PM CEST

Microsoft Internet Explorer Security Advisory [1] (CERT-EU Security Advisory 2013-0047) External link

This security update resolves one publicly disclosed vulnerability in Internet Explorer.

  Wednesday, May 22, 2013 4:10:00 PM CEST

Security updates available for Adobe Reader and Acrobat [1] (CERT-EU Security Advisory 2013-0046) External link

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.02) and earlier versions for Windows and Macintosh, and Adobe Reader 9.5.4 and earlier 9.x versions for Linux.

  Tuesday, May 21, 2013 4:40:00 PM CEST

Security updates available for Adobe Flash Player [1] (CERT-EU Security Advisory 2013-0045) External link

Adobe has released security updates for Adobe Flash Player 11.7.700.169 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.280 and earlier versions for Linux, Adobe Flash Player 11.1.115.54 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.50 and earlier versions for Android 3.x and 2.x.

  Tuesday, May 21, 2013 4:37:00 PM CEST

Hotfix available for ColdFusion [1] (CERT-EU Security Advisory 2013-0044) External link

Adobe has released a security hotfix for ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX.

  Tuesday, May 21, 2013 4:33:00 PM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2013-0043) External link

This bulletin summary lists security bulletins released for May 2013.

  Friday, May 17, 2013 3:49:00 PM CEST

Microsoft Internet Explorer 8 Security Advisory (CERT-EU Security Advisory 2013-0042) External link

Microsoft is investigating public reports of a vulnerability in Internet Explorer 8 [1]. Microsoft is aware of attacks that attempt to exploit this vulnerability.

  Tuesday, May 7, 2013 10:54:00 AM CEST

Cisco ASA Software Vulnerability (CERT-EU Security Advisory 2013-0041) External link

Cisco ASA has several vulnerabilities related with VPN software.

  Friday, April 26, 2013 4:12:00 PM CEST

Linux kernel Local Vulnerabilities (CERT-EU Security Advisory 2013-0040) External link

Linux kernel has several vulneravilities that can cause a denial of service or escalate privileges.

  Friday, April 26, 2013 4:11:00 PM CEST

Oracle Critical Patch Update - April 2013 (CERT-EU Security Advisory 2013-0039) External link

The Critical Patch Update for April 2013 [2] and The Oracle Java SE Critical Patch Update [3] for April 2013 were released on. Oracle strongly recommends applying the patches as soon as possible. Please note that Sun products are included in this Critical Patch Update.

  Wednesday, April 24, 2013 10:02:00 AM CEST

Hotfix available for ColdFusion [1] (CERT-EU Security Advisory 2013-0038) External link

Adobe has released a security hotfix for ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX.

  Wednesday, April 24, 2013 10:01:00 AM CEST

Security updates available for Adobe Flash Player [1] (CERT-EU Security Advisory 2013-0037) External link

Adobe has released security updates for Adobe Flash Player 11.6.602.180 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.275 and earlier versions for Linux, Adobe Flash Player 11.1.115.48 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.44 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

  Wednesday, April 24, 2013 9:59:00 AM CEST

Cisco Network Admission Control Manager SQL Injection Vulnerability [1] (CERT-EU Security Advisory 2013-0036) External link

Cisco Network Admission Control (NAC) Manager contains a vulnerability that could allow an unauthenticated remote attacker to execute arbitrary code and take full control of the vulnerable system.

  Wednesday, April 24, 2013 9:56:00 AM CEST

Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers [1] (CERT-EU Security Advisory 2013-0035) External link

Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities: Cisco IOS XE Software IPv6 Multicast Traffic Denial of Service Vulnerability Cisco IOS XE Software MVPNv6 Traffic Denial of Service Vulnerability Cisco IOS XE Software L2TP Traffic Denial of Service Vulnerability Cisco IOS XE Software Bridge Domain Interface Denial of Service Vulnerability Cisco IOS XE Software SIP Traffic Denial of Service Vulnerability

  Wednesday, April 24, 2013 9:55:00 AM CEST

VMware ESX Execute arbitrary code/commands [1] (CERT-EU Security Advisory 2013-0034) External link

VMware ESXi security updates for third party library.

  Tuesday, April 9, 2013 9:40:00 AM CEST

Denial of Service on Bind BIND nameservers [1] (CERT-EU Security Advisory 2013-0033) External link

A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns.

  Tuesday, April 9, 2013 2:23:00 PM CEST

Linux kernel stack corruption Vulnerability [1] (CERT-EU Security Advisory 2013-0032) External link

A race conditon in ptrace can lead to kernel stack corruption and arbitrary kernel-mode code execution.

  Tuesday, April 9, 2013 9:36:00 AM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2013-0031) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which has been released on March 12, 2013.

  Wednesday, March 13, 2013 4:28:00 PM CET

Microsoft Security Updates - Advance Notification (CERT-EU Security Advisory 2013-0030) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on March 12, 2013.

  Monday, March 11, 2013 3:03:00 PM CET

Oracle Java JRE y JDK Security Alert (CERT-EU Security Advisory 2013-0029) External link

This Security Alert addresses security issues affecting Java running in web browsers. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications. They also do not affect Oracle server-based software.

  Friday, March 8, 2013 2:30:00 PM CET

VMware vCenter Server, ESX and ESXi: Multiple vulnerabilities (CERT-EU Security Advisory 2013-0028) External link

VMware has updated VMware vCenter Server, ESXi and ESX to address a vulnerability in the Network File Copy (NFC) Protocol. This update also addresses multiple security vulnerabilities in third party libraries used by VirtualCenter, ESX and ESXi.

  Thursday, February 28, 2013 10:34:00 AM CET

Linux kernel Local Privilege Escalation Vulnerability (CERT-EU Security Advisory 2013-0027) External link

Linux kernel is prone to a local privilege-escalation vulnerability because it fails to adequately bounds-check user-supplied input.

  Thursday, February 28, 2013 10:31:00 AM CET

New Apache HTTP server version corrects some vulnerabilities (CERT-EU Security Advisory 2013-0026) External link

The Apache Software Foundation has released a new version the Apache HTTP server that fixes some vulnerabilities.

  Thursday, February 28, 2013 10:29:00 AM CET

Security Updates Available for Adobe Flash Player (CERT-EU Security Advisory 2013-0025) External link

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

  Thursday, February 28, 2013 10:26:00 AM CET

Updated Release of the February 2013 Oracle Java SE Critical Patch Update (CERT-EU Security Advisory 2013-0024) External link

This Critical Patch Update includes all fixes provided in the Oracle Java SE Critical Patch Update February 2013 (CERT-EU Security Advisory 2013-0019), plus an additional five fixes which had been previously planned for delivery. This distribution therefore completes the content for all originally planned fixes to be included in the Java SE Critical Patch Update for February 2013. Note also that Oracle has scheduled a Java SE Critical Patch Update for April 16, 2013, in addition to those previously scheduled in June and October of 2013 and in January of 2014. This additional distribution will be used to further accelerate Java security fixes to Java users.

  Friday, February 22, 2013 3:44:00 PM CET

JBoss Enterprise Application Platform 5.2.0 security update (CERT-EU Security Advisory 2013-0023) External link

Updated JBoss Enterprise Application Platform 5.2.0 packages that fix two security issues.

  Wednesday, February 20, 2013 2:33:00 PM CET

JBoss Enterprise Application Platform 4.3.0 security update (CERT-EU Security Advisory 2013-0022) External link

Updated JBoss Enterprise Application Platform 4.3.0 packages that fix two security issues.

  Wednesday, February 20, 2013 2:28:00 PM CET

Security Advisory for Adobe Reader and Acrobat (CERT-EU Security Advisory 2013-0021) External link

Adobe has identified two critical vulnerabilities affecting Adobe Reader and Acrobat for Windows and Macintosh.

  Tuesday, February 19, 2013 12:01:00 PM CET

Microsoft Security Updates (CERT-EU Security Advisory 2013-0020) External link

ERT-EU has received advance notification from Microsoft on a number of new security updates which has been released on February 12, 2013.

  Tuesday, February 19, 2013 11:59:00 AM CET

Oracle Java SE Critical Patch Update Advisory - February 2013 (CERT-EU Security Advisory 2013-0019) External link

The original Critical Patch Update for Java SE - February 2013 was scheduled to be released on February 19th, but Oracle decided to accelerate the release of this Critical Patch Update because active exploitation of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers, was addressed with this Critical Patch Update.

  Monday, February 11, 2013 1:50:00 PM CET

Microsoft Security Updates - Advance Notification (CERT-EU Security Advisory 2013-0018) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on February 12, 2013.

  Monday, February 11, 2013 1:47:00 PM CET

VMware security updates for vSphere (CERT-EU Security Advisory 2013-0017) External link

VMware vSphere security updates for the authentication service and third party libraries.

  Tuesday, February 5, 2013 2:25:00 PM CET

JBoss Enterprise Web Platform 5.2.0 security update (CERT-EU Security Advisory 2013-0016) External link

Updated JBoss Enterprise Web Platform 5.2.0 that fix one security issue.

  Tuesday, February 5, 2013 2:24:00 PM CET

JBoss Enterprise Application Platform 5.2.0 security update (CERT-EU Security Advisory 2013-0015) External link

Updated JBoss Enterprise Application Platform 5.2.0 that fix one security issue.

  Tuesday, February 5, 2013 2:18:00 PM CET

JBoss Enterprise Web Platform 5.2.0 update (CERT-EU Security Advisory 2013-0014) External link

JBoss Enterprise Web Platform 5.2.0, which fixes multiple security issues, various bugs, and adds several enhancements, is now available from the Red Hat Customer Portal.

  Wednesday, January 30, 2013 11:32:00 AM CET

Oracle Critical Patch Update - Junuary 2013 (CERT-EU Security Advisory 2013-0013) External link

The Critical Patch Update for Junuary 2013 [1] were released. Oracle strongly recommends applying the patches as soon as possible. Please note that Sun products are included in this Critical Patch Update. Be aware that Sun and MySQL patches have also been included in this realised. The Critical Patch Update Advisory [2] is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents. Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information. And the information concerning the fixed vulnerabilities [3].

  Thursday, January 24, 2013 4:58:00 PM CET

UPDATED - Oracle Java 0-day Vulnerability Exploited in the Wild (CERT-EU Security Advisory 2013-0012) External link

This Security Alert addresses security issues CVE-2013-0422 (US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability) and another vulnerability possibly related to "permissions of certain Java classes," as exploited in the wild in January 2013, and as demonstrated by Blackhole and Nuclear Pack, affecting Java running in web browsers.

  Thursday, January 17, 2013 10:26:00 AM CET

UPDATED - Microsoft Internet Explorer Security Advisory (CERT-EU Security Advisory 2013-0002) External link

Microsoft is investigating public reports of vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8. Internet Explorer 9 and Internet Explorer 10 are not affected by the vulnerability. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability through Internet Explorer 8. Applying the Microsoft Fix it solution, "MSHTML Shim Workaround," prevents the exploitation of this issue.

  Thursday, January 17, 2013 10:24:00 AM CET

Cisco Prime LAN Management Solution Command Execution Vulnerability [1] (CERT-EU Security Advisory 2013-0011) External link

Cisco Prime LAN Management Solution (LMS) Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the root user. The vulnerability is due to improper validation of authentication and authorization commands sent to certain TCP ports. An attacker could exploit this vulnerability by connecting to the affected system and sending arbitrary commands.

  Tuesday, January 15, 2013 10:35:00 AM CET

Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability [1] (CERT-EU Security Advisory 2013-0010) External link

Cisco Unified IP Phones 7900 Series versions 9.3(1)SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges.

  Tuesday, January 15, 2013 10:34:00 AM CET

Several vulnerabilities in Firefox, Thunderbird and Seamonkey (CERT-EU Security Advisory 2013-0009) External link

Mozilla developers identified and fixed several vulnerabilities [1-20]

  Thursday, January 10, 2013 11:13:00 AM CET

Security updates for Adobe Reader and Acrobat [1] (CERT-EU Security Advisory 2013-0008) External link

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.0) and earlier versions for Windows and Macintosh, and Adobe Reader 9.5.1 and earlier 9.x versions for Linux. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. CVE numbers: CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616, CVE-2013-0617, CVE-2013-0618, CVE-2013-0619, CVE-2013-0620, CVE-2013-0621, CVE-2013-0622, CVE-2013-0623, CVE-2013-0624, CVE-2013-0626, CVE-2013-0627

  Thursday, January 10, 2013 11:12:00 AM CET

Security Updates Available for Adobe Flash Player [1] (CERT-EU Security Advisory 2013-0007) External link

Adobe has released security updates for Adobe Flash Player 11.5.502.135 and earlier versions for Windows, Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.258 and earlier versions for Linux, Adobe Flash Player 11.1.115.34 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x. These updates address a vulnerability that could cause a crash and potentially allow an attacker to take control of the affected system.

  Thursday, January 10, 2013 11:11:00 AM CET

Multiple Vulnerabilities in Adobe ColdFusion [1] (CERT-EU Security Advisory 2013-0006) External link

Adobe has identified three vulnerabilities affecting ColdFusion for Windows, Macintosh and UNIX: CVE-2013-0625 affects ColdFusion 10, 9.0.2, 9.0.1 and 9.0, and could permit an unauthorized user to remotely circumvent authentication controls, potentially allowing the attacker to take control of the affected server. CVE-2013-0629 affects ColdFusion 10, 9.0.2, 9.0.1 and 9.0, and could permit an unauthorized user access to restricted directories. CVE-2013-0631 affects ColdFusion 9.0.2, 9.0.1 and 9.0, and could result in information disclosure from a compromised server.

  Thursday, January 10, 2013 11:09:00 AM CET

VMware security updates for vCSA and ESXi [1] (CERT-EU Security Advisory 2013-0005 External link

VMware has updated vCenter Server Appliance (vCSA) and ESX to address multiple security vulnerabilities.

  Thursday, January 10, 2013 11:06:00 AM CET

Microsoft Security Updates (CERT-EU Security Advisory 2013-0004) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 8 January 2013.

  Thursday, January 10, 2013 11:08:00 AM CET

Microsoft Security Updates - Advance Notification (CERT-EU Security Advisory 2013-0003) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on January 08, 2013. This advisory is intended to help you plan for the deployment of these security updates more effectively. Please note that the list of affected software shown below is an abstract. The January 2013 Advance Notification Summary page is now live at http://technet.microsoft.com/security/bulletin/ms13-jan.

  Monday, January 7, 2013 3:39:00 PM CET

Fraudulent certificates issued by Trusted CA impact on Microsoft products and other Browser products (CERT-EU Security Advisory 2013-0001) External link

CERT-EU has been made aware of a security issue related to certificates issued by TURKTRUST Inc. TURKTRUST Inc is certificate provider which CA is included in several trusted CA databases used by products like browsers. Consequently, fraudulent certificates can be issued and be used to impersonate server and sites. A fraudulent certificate has been identified to impersonate *.google.com. [1]

  Monday, January 7, 2013 3:36:00 PM CET

Microsoft Security Update (CERT-EU Security Advisory 2012-0150) External link

CERT-EU has received notification from Microsoft on an update KB2753842 to resolve an issue with OpenType fonts not properly rendering after the original update was installed. Customers who have successfully installed the original KB2753842 update still need to install the rereleased update.

  Friday, January 4, 2013 9:49:00 AM CET

JBoss Enterprise SOA Platform 5.3.0 update [1] (CERT-EU Security Advisory 2012-0149) External link

JBoss Enterprise SOA Platform 5.3.0 roll up patch 2, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal.

  Friday, January 4, 2013 9:48:00 AM CET

JBoss Enterprise Application Platform 6.0.1 update for RHEL 5 and RHEL 6 [1] (CERT-EU Security Advisory 2012-0148) External link

Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact.

  Friday, January 4, 2013 9:45:00 AM CET

JBoss Enterprise BRMS Platform 5.3.1 update (CERT-EU Security Advisory 2012-0147) External link

JBoss Enterprise BRMS Platform 5.3.1, which fixes one security issue, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal.

  Wednesday, December 19, 2012 4:51:00 PM CET

JBoss Enterprise BRMS Platform 5.3.0 security update (CERT-EU Security Advisory 2012-0145) External link

An update for JBoss Enterprise BRMS Platform 5.3.0 that fixes one security issue is now available from the Red Hat Customer Portal.

  Monday, December 17, 2012 9:36:00 AM CET

VMware View Server directory traversal (CERT-EU Security Advisory 2012-0144) External link

VMware View releases address a critical directory traversal vulnerability in the View Connection Server and View Security Server.

  Monday, December 17, 2012 9:34:00 AM CET

Adobe Hotfix available for ColdFusion 10 and earlier (CERT-EU Security Advisory 2012-0143) External link

Adobe has released a security hotfix for ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. This hotfix resolves a vulnerability which could result in a sandbox permissions violation in a shared hosting environment. Adobe recommends users update their product installation using the instructions provided below.

  Friday, December 14, 2012 9:59:00 AM CET

Security Updates Available for Adobe Flash Player (CERT-EU Security Advisory 2012-0142) External link

Adobe has released security updates for Adobe Flash Player 11.5.502.110 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.251 and earlier versions for Linux, Adobe Flash Player 11.1.115.27 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.24 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

  Friday, December 14, 2012 9:40:00 AM CET

Microsoft Security Updates (CERT-EU Security Advisory 2012-0141) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 12 December 2012.

  Friday, December 14, 2012 9:38:00 AM CET

Microsoft Security Updates - Advance Notification (CERT-EU Security Advisory 2012-0140) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on December 11, 2012.

  Monday, December 10, 2012 11:52:00 AM CET

Denial of Service on Bind BIND nameservers using DNS64 (CERT-EU Security Advisory 2012-0139) External link

A nameserver can be crashed with a require assertion failure if a client sends a crafted query which can be resulted in a DoS.

  Thursday, December 6, 2012 10:14:00 AM CET

Samsung and some Dell printers, Remote Disclosure of Information. (CERT-EU security Advisory 2012-0138) External link

Samsung printers and some Dell printers manufactured for Samsung contain and snmp account that could be used to get privileged access to the devices.

  Thursday, December 6, 2012 10:06:00 AM CET

PHP 5.4.9 and PHP 5.3.19 released, multiple vulnerabilities fixed [1] (CERT-EU Security Advisory 2012-0137) External link

The PHP development team announces the immediate availability of PHP 5.4.9 and PHP 5.3.19. These releases fix over 15 bugs. All users of PHP are encouraged to upgrade to PHP 5.4.9, or at least 5.3.19.

  Friday, November 23, 2012 2:18:00 PM CET

Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability [1] (CERT-EU Security Advisory 2012-0136) External link

Cisco Secure Access Control System (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication service offered by the affected product. CVE-2012-5424 CVSS Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

  Thursday, November 22, 2012 2:10:00 PM CET

Cisco IronPort Appliances Sophos Anti-Virus Vulnerabilities [1] (CERT-EU Security Advisory 2012-0135) External link

Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Web Security Appliances (WSA) include versions of Sophos Anti-Virus that contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to gain control of the system, escalate privileges, or cause a denial-of-service (DoS) condition. CVSS Base Score: 9.7 (AV:N/AC:L/Au:N/C:C/I:C/A:P) [4]

  Thursday, November 22, 2012 2:09:00 PM CET

Multiple vulnerabilities in Mozilla products (CERT-EU Security Advisory 2012-0134) External link

Several vulnerabilities have been detected in Mozilla products. Some of the ones reported below might already have been covered by previous CERT-EU advisories, but are mentioned for the sake of completeness. CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218, CVE-2012-4210, CVE-2012-4209, CVE-2012-5837, CVE-2012-4207, CVE-2012-5841, CVE-2012-4208, CVE-2012-4206, CVE-2012-4205, CVE-2012-4204, CVE-2012-4203, CVE-2012-5836, CVE-2012-4201, CVE-2012-4202, CVE-2012-5843, CVE-2012-5842

  Thursday, November 22, 2012 2:08:00 PM CET

Apache Tomcat Denial of Service & DIGEST authentication weaknesses (CERT-EU Security Advisory 2012-0133) External link

The Apache Tomcat security team issued new releases for Apache Tomcat to fix two security issues: Denial of Service for Tomcat 6.x and DIGEST authentication weaknesses for Tomcat 7.x and 5.5.x. CVE numbers: CVE-2012-2733, CVE-2012-3439

  Thursday, November 22, 2012 2:06:00 PM CET

HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information [1] (CERT-EU Security Advisory 2012-0132) External link

A potential security vulnerability has been identified with HP Integrated Lights-Out iLO3 and iLO4. The vulnerability could be remotely exploited resulting in a disclosure of information. CVE number: CVE-2012-3271 CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

  Tuesday, November 20, 2012 4:41:00 PM CET

Security Updates Available for Adobe Flash Player [1] ( CERT-EU Security Advisory 2012-0130) External link

Adobe has released security updates for Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.243 and earlier versions for Linux, Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. These updates address critical vulnerabilities in the software. CVE numbers: CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280

  Monday, November 19, 2012 2:52:00 PM CET

Hotfix available for ColdFusion 10 for Windows [1] (CERT-EU Security Advisory 2012-0131) External link

Adobe has released a security hotfix for ColdFusion 10 Update 1 and above for Windows. This hotfix resolves a vulnerability affecting ColdFusion on Windows Internet Information Services (IIS), which could result in a Denial of Service condition. Adobe recommends users update their product installation using the instructions provided in the "Solution" section below. CVE number: CVE-2012-5674

  Tuesday, November 20, 2012 4:39:00 PM CET

VMware security updates for vSphere API and ESX Service Console (CERT-EU Security Advisory 2012-0129) External link

VMware has updated the vSphere API to address a denial of service vulnerability in ESX and ESXi. VMware has also updated the ESX Service Console to include several open source security updates. CVE-2012-5703, CVE-2012-1033, CVE-2012-1667, CVE-2012-3817, CVE-2011-4940, CVE-2011-4944, CVE-2012-1150, CVE-2012-0876, CVE-2012-1148, CVE-2012-0441

  Monday, November 19, 2012 2:51:00 PM CET

VMware Hosted Products and OVF Tool address security issues (ERT-EU Security Advisory 2012-0128) External link

VMware Hosted products and OVFTool patches address several security issues. CVE-2012-5458, CVE-2012-5459 and CVE-2012-3569

  Monday, November 19, 2012 2:48:00 PM CET

VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates (CERT-EU Security Advisory 2012-0127) External link

VMware has provided an upgrade path for vCenter Operations and CapacityIQ and an update for Movie Decoder. These updates address multiple security vulnerabilities. CVE-2012-4897, CVE-2012-5050, CVE-2012-5051

  Monday, November 19, 2012 2:46:00 PM CET

VMware vSphere and vCOps updates to third party libraries (CERT-EU Security Advisory 2012-0126) External link

VMware has updated several third party libraries in vSphere and vcOps to address multiple security vulnerabilities. CVE-2010-4180, CVE-2010-4252, CVE-2011-0014, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0050 CVE-2012-2110 CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-4110, CVE-2011-1020, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2012-0207, CVE-2011-2699, CVE-2012-1583 CVE-2010-2761, CVE-2010-4410, CVE-2011-3597 CVE-2012-0841 CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, CVE-2012-0864 CVE-2011-4128, CVE-2012-1569, CVE-2012-1573 CVE-2012-0060, CVE-2012-0061, CVE-2012-0815 CVE-2012-0393.

  Friday, November 16, 2012 12:46:00 PM CET

Microsoft Security Updates (CERT-EU Security Advisory 2012-0125) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on November 13, 2012. This advisory is intended to help you plan for the deployment of these security updates more effectively. Please note that the list of affected software shown below is an abstract. The full list of affected components can be found in [1]. Microsof's security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's web-based security content, the information in Microsoft's web-based security content is authoritative.

  Friday, November 16, 2012 10:48:00 AM CET

Multiple Updates on JBOSS Products [1] (CERT-EU Security Advisory 2012-0123) External link

1) An update for the JBoss Web Services component in JBoss Enterprise SOA Platform 5.3.0 that fixes one security issue is now available from the Red Hat Customer Portal. [1]

  Wednesday, October 17, 2012 10:19:00 AM CEST

Oracle Critical Patch Update - October 2012 [1] (CERT-EU Security Advisory 2012-0124) External link

The Critical Patch Update for October 2012 [2] and The Oracle Java SE Critical Patch Update [3] for October 2012 were released. Oracle strongly recommends applying the patches as soon as possible. Please note that Sun products are included in this Critical Patch Update.

  Wednesday, October 17, 2012 3:13:00 PM CEST

Denial of Service on Bind [1] (CERT-EU Security Advisory 2012-0122) External link

A nameserver can be locked up if it can be induced to load a specially crafted combination of resource records.

  Tuesday, October 16, 2012 3:40:00 PM CEST

Multiple Updates Available for CISCO Products [1,2,3] (CERT-EU Security Advisory 2012-0121) External link

CISCO has published multiple updates on their products that fix several vulnerabilities

  Wednesday, October 17, 2012 9:22:00 AM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2012-0120) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the October 09, 2012.

  Wednesday, October 10, 2012 4:49:00 PM CEST

Security Updates Available for Adobe Flash Player (CERT-EU Security Advisory 2012-0119) External link

Adobe has released security updates for Adobe Flash Player 11.4.402.278 and earlier versions for Windows, Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.238 and earlier for versions for Linux, Adobe Flash Player 11.1.115.17 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.16 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

  Wednesday, October 10, 2012 11:00:00 AM CEST

Revocation of Adobe Code Signing Certificate (CERT-EU Security Advisory 2012-0118) External link

Adobe is investigating what appears to be the misuse of an Adobe code signing certificate. Adobe has revoked the certificate on October 4 for all software code signed after July 10, 2012 (00:00 GMT). Adobe has issued updates signed using a new digital certificate for all affected products.

  Wednesday, October 10, 2012 10:57:00 AM CEST

JBoss Enterprise Data Services Platform 5.3.0 update (CERT-EU Security Advisory 2012-0117) External link

JBoss Enterprise Data Services Platform 5.3.0 roll up patch 1, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal.

  Wednesday, September 26, 2012 11:03:00 AM CEST

JBoss Enterprise SOA Platform 4.2.0.CP05 and 4.3.0.CP05 update (CERT-EU Security Advisory 2012-0116) External link

An update for JBoss Enterprise SOA Platform 4.2.0.CP05 and 4.3.0.CP05 that fixes one security issue is now available from the Red Hat Customer Portal.

  Wednesday, September 26, 2012 11:01:00 AM CEST

Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (CERT-EU Security Advisory 2012-0115) External link

Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows 8 and Windows Server 2012. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10.

  Wednesday, September 26, 2012 10:59:00 AM CEST

UPDATED - Internet Explorer Zero-Day Exploits Available - MS12-063 (CERT-EU Security Advisory 2012-0114) External link

There appears to have been an exploit detected that affects fully patched versions of Microsoft Internet Explorer versions 6 through 9, and allows downloading and running arbitrary executables.

  Wednesday, September 26, 2012 10:57:00 AM CEST

Security update available for Bind 9 (CERT-EU Security Advisor 2012-0113) External link

If a record with RDATA in excess of 65535 bytes is loaded into a nameserver, a subsequent query for that record will cause named to exit with an assertion failure.

  Monday, September 17, 2012 11:50:00 AM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2012-0112) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 12 September 2012.

  Thursday, September 13, 2012 4:51:00 PM CEST

Microsoft Security Updates - Advance Notification (CERT-EU Security Advisory 2012-0111) External link

ERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on September 11, 2012.

  Monday, September 10, 2012 10:25:00 AM CEST

UPDATED - Oracle Java Runtime Environment Remote Code Execution Vulnerability. Fix is available from Oracle (CERT-EU Security Advisory 2012-0110) External link

Oracle Java Runtime Environment (JRE) is prone to a remote code execution vulnerability.

  Friday, August 31, 2012 2:40:00 PM CEST

Apache 'mod-rpaf' Module Denial of Service Vulnerability (CERT-EU Security Advisory 2012-0109) External link

The Apache 'mod-rpaf' module is prone to a denial-of-service vulnerability.

  Thursday, August 23, 2012 11:45:00 AM CEST

Security update available for Adobe Flash Player (CERT-EU Security Advisory 2012-0108) External link

Adobe has released security updates for Adobe Flash Player 11.3.300.271 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.11 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.10 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

  Thursday, August 23, 2012 11:36:00 AM CEST

Microsoft Excel 'MergeCells' Record Heap Overflow Remote Code Execution Vulnerability (CERT-EU Security Advisory 2012-0107) External link

Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel ('.xls') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploits will result in denial-of-service conditions.

  Thursday, August 23, 2012 11:31:00 AM CEST

UPDATED - Microsoft Security Advisory 2737111 Released on July 24, 2012 (CERT-EU Security Advisory 2012-0087) External link

Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution.

  Thursday, August 23, 2012 11:27:00 AM CEST

Microsoft has released Security Advisory 2743314 - Unencapsulated MS-CHAP v2 Could Allow Information Disclosure (CERT-EU Security Advisory 2012-0106 ) External link

Microsoft is aware that detailed exploit code has been published for known weaknesses in the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2). The MS-CHAP v2 protocol is widely used as an authentication method in Point-to-Point Tunneling Protocol (PPTP)-based VPNs.

  Tuesday, August 21, 2012 3:48:00 PM CEST

Cisco IOS XR Software Route Processor DoS Vulnerability (CERT-EU Security Advisory 2012-0105) External link

Cisco IOS XR Software is prone to a denial-of-service vulnerability.An attacker can exploit this issue to cause the route processor on an affected device to stop transmitting packets from the route processor CPU to the fabric, resulting in a denial-of-service condition.To exploit this issue, attackers can use readily available network utilities.

  Friday, August 17, 2012 3:42:00 PM CEST

Multiple Cisco Nexus Devices Remote Denial of Service Vulnerability (CERT-EU Security Advisory 2012-0104) External link

Multiple Cisco Nexus devices are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the device to crash, denying service to legitimate users.

  Friday, August 17, 2012 3:39:00 PM CEST

CSRF vulnerability in JMX console as shipped with JBoss EAP 5.1.1 (CERT-EU Security Advisory 2012-0103) External link

The JMX console as shipped with JBoss EAP 5.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. This vulnerability allows an attacker to invoke operations on mbeans via the JMX console.

  Friday, August 17, 2012 3:37:00 PM CEST

IBM WebSphere MQ File Transfer Edition Web Gateway insufficient access control (CERT-EU Security Advisory 2012-0102) External link

When using the web gateway, an authenticated user is able to access other users' files without further access control if the URL of the file is known. The URL for a file contains non guessable elements.

  Friday, August 17, 2012 3:34:00 PM CEST

Security update available for Adobe Shockwave Player (CERT-EU Security Advisory 2012-0101) External link

Adobe has released an update for Adobe Shockwave Player 11.6.5.635 and earlier versions on the Windows and Macintosh operating systems. This update addresses vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.6.5.635 and earlier versions update to Adobe Shockwave Player 11.6.6.636 using the instructions provided in the "Solution" section below.

  Friday, August 17, 2012 9:19:00 AM CEST

Security update available for Adobe Flash Player (CERT-EU Security Advisory 2012-0100) External link

Adobe has released security updates for Adobe Flash Player 11.3.300.270 and earlier versions for Windows, Macintosh and Linux. These updates address a vulnerability (CVE-2012-1535) that could cause the application to crash and potentially allow an attacker to take control of the affected system.

  Friday, August 17, 2012 9:16:00 AM CEST

Security update available for Adobe Reader and Acrobat (CERT-EU Security Advisory 2012-0099) External link

Adobe has released security updates for Adobe Reader and Acrobat X (10.1.3) and earlier versions for Windows and Macintosh. These updates address vulnerabilities in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system.

  Friday, August 17, 2012 9:12:00 AM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2012-0098) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 14 August 2012.

  Friday, August 17, 2012 9:06:00 AM CEST

JBoss Enterprise SOA Platform 5.3.0 security update (CERT-EU Security Advisory 2012-0097) External link

An update for the JMX Console in JBoss Enterprise SOA Platform 5.3.0 that fixes one security issue is now available from the Red Hat Customer Portal.

  Monday, August 13, 2012 4:35:00 PM CEST

Oracle Security Alert for CVE-2012-3132 (CERT-EU Security Advisory 2012-0096) External link

This security alert addresses the security issue CVE-2012-3132, the Privilege Escalation vulnerability in the Oracle Database Server that was recently disclosed at the Black Hat USA 2012 Briefings held in July 2012 involving INDEXTYPE CTXSYS.CONTEXT.

  Monday, August 13, 2012 4:33:00 PM CEST

Microsoft Security Updates - Advance Notification (CERT-EU Security Advisory 2012-0095) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on August 14, 2012.

  Friday, August 10, 2012 2:36:00 PM CEST

Linux kernel netfilter: null pointer dereference in nf_ct_frag6_reasm (CERT-EU Security Advisory 2012-0094) External link

The Linux kernel is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause a kernel crash, denying service to legitimate users.

  Thursday, August 9, 2012 11:11:00 AM CEST

Cisco IOS SSH2 Sessions Remote Denial of Service Vulnerability (CERT-EU Security Advisory 2012-0093) External link

Cisco IOS is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to crash the affected device, denying service to legitimate users.

  Thursday, August 9, 2012 11:07:00 AM CEST

Cisco ASA 5500 Series Denial of Service Vulnerability (CERT-EU Security Advisory 2012-0092) External link

The Cisco Adaptive Security Appliance (ASA) 5500 Series is prone to a remote denial-of-service vulnerability. Successful exploits may allow an attacker to cause excessive memory consumption, resulting in a denial-of-service condition.

  Thursday, August 9, 2012 11:05:00 AM CEST

Microsoft Internet Explorer Col Element Remote Code Execution Vulnerability (CERT-EU Security Advisory 2012-0091) External link

Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

  Monday, August 6, 2012 2:45:00 PM CEST

Denial of Service vulnerability in ISC BIND (CERT-EU Security Advisory 2012-0090) External link

Some versions of ISC BIND 9, when DNSSEC validation is enabled, do not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.

  Thursday, August 2, 2012 2:20:00 PM CEST

Jbossas security update (CERT-EU Security Advisory 2012-0089) External link

An update for JBoss Enterprise Portal Platform 4.3 CP07 that fixes one security issue is now available from the Red Hat Customer Portal. All users of JBoss Enterprise Portal Platform 4.3 CP07 as provided from the Red Hat Customer Portal are advised to install this update.

  Thursday, July 26, 2012 9:59:00 AM CEST

Multiple vulnerabilities fixed in php(CERT-EU Security Advisory 2012-0088) External link

Multiple vulnerabilities has been discovered and corrected in php. Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service. The updated packages have been upgraded to the 5.3.15 version which is not vulnerable to these issues.

  Thursday, July 26, 2012 9:56:00 AM CEST

Linux kernel insufficient data_len validation in sock_alloc_send_pskb (CERT-EU Security Advisory 2012-0086) External link

Data_len paremeter of sock_alloc_send_pskb() function is not validated before setting frags of allocated skb, which can lead to heap overflow CVE-2012-2136 CVSS v2 Base Score:6.2 (MEDIUM) (AV:L/AC:H/Au:N/C:C/I:C/A:C).

  Thursday, July 19, 2012 9:20:00 AM CEST

Pre-Release Announcement - Oracle Critical Patch Update - 17 July 2012 (CERT-EU Security Advisory 2012-0085) External link

Several vulnerabilities addressed in this Critical Patch Update affect multiple products. Each vulnerability is identified by a CVE# which is a unique identifier for vulnerability. The highest CVSS 2.0 Base Score for vulnerabilities in this Critical Patch Update is 10.0 for Oracle JRockit of Oracle Fusion Middleware.

  Tuesday, July 17, 2012 3:34:00 PM CEST

VMware ESXi update to third party library ( CERT-EU Security Advisory 2012-0084) External link

VMware ESXi update addresses several security issues related to third party component libxml2.

  Monday, July 16, 2012 11:55:00 AM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2012-0083 ) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 10 July 2012. This advisory is intended to help you plan for the deployment of these security updates more effectively.

  Wednesday, July 11, 2012 3:21:00 PM CEST

JBOSS security updates (CERT-EU Security Advisory 2012-0082) External link

Updated resteasy packages that fix one security issue are now available for several JBOSS products

  Monday, July 9, 2012 5:23:00 PM CEST

Linux kernel epoll can leak file descriptors when returning -ELOOP (CERT-EU Security Advisory 2012-0081) External link

Linux Kernel is vulnerable to a denial of service, caused by an error related to adding epoll file descriptors in each other in circle.

  Friday, July 6, 2012 3:41:00 PM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2012-0080) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on 10 July 2012.

  Friday, July 6, 2012 3:39:00 PM CEST

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 (CERT-EU Security Advisory 2012-0079) External link

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries

  Tuesday, July 3, 2012 2:47:00 PM CEST

Multiple Buffer Overflow Vulnerabilities in the Cisco WebEx Player (CERT-EU Security Advisory 2012-0078) External link

The Cisco WebEx Recording Format (WRF) player contains four buffer overflow vulnerabilities and the Cisco Advanced Recording Format (ARF) player contains one buffer overflow vulnerability. In some cases,exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user.

  Monday, July 2, 2012 10:32:00 AM CEST

Linux kernel security flaw in the NFSv4 implementation(CERT-EU Security Advisory 2012-0077) External link

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

  Friday, June 22, 2012 3:49:00 PM CEST

Public exploit code for Internet Explorer is now widely available (CERT-EU Security Advisory 2012-0076) External link

The vulnerability which was patched in MS12-037 as part of the June edition of Microsoft's Patch Tuesday is being exploited in the wild.

  Friday, June 22, 2012 3:46:00 PM CEST

VMware Workstation, Player, Fusion, ESXi and ESX patches address security issues (CERT-EU Security Advisory 2012-0075) External link

VMware products allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file.

  Friday, June 22, 2012 2:55:00 PM CEST

Jboss Security Update - JNDI: unauthenticated remote write access is permitted by default (CERT-EU Security Advisory 2012-0074) External link

An update that fixes one security issue is now available from the Red Hat Customer Portal.The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating,is available from the CVE link in the References section.

  Friday, June 22, 2012 2:12:00 PM CEST

DNSChanger malware - decommissioning of temporary DNS servers on the 9 July 2012 (CERT-EU Security Advisory 2012-0016 - Update 2) External link

NEW!!! CERT-EU has recently received several alerts about connections from IP addresses within our constituency to the rogue DNS Servers listed below. It was later confirmed that, while some of these connections were genuine, other connections were in fact spoofed.

  Wednesday, June 20, 2012 4:05:00 PM CEST

Oracle Java SE Critical Patch Update Advisory - June 2012(CERT-EU Security Advisory 2012-0073) External link

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes.

  Wednesday, June 13, 2012 4:52:00 PM CEST

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2012-0072) External link

Adobe released security updates for Adobe Flash Player. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

  Monday, June 11, 2012 4:56:00 PM CEST

NSChanger malware - decommissioning of temporary DNS servers on the 9 July 2012 (CERT-EU Security Advisory 2012-0016 - Update) External link

CERT-EU has been made aware of an action taken by FBI to eradicate the DNSChanger malware [1,4]. A list of rogue DNS servers has been published and can be used to identify infected PCs in your network, see "What can you do" section below.

  Monday, June 11, 2012 10:53:00 AM CEST

Microsoft Security Updates (CERT-EU Security Advisory 2012-0071) External link

CERT-EU has received advance notification from Microsoft on a number of new security updates which are planned for release on 12 June 2012.

  Friday, June 8, 2012 4:36:00 PM CEST

Linkedin password hash database leaked (CERT-EU Security Advisory 2012-0070) External link

Linkedin confirmed[1] that a file containing around 65 million of (unsalted) SHA1 password hashes connected to a Linkedin accounts have been publicly posted.

  Thursday, June 7, 2012 11:49:00 AM CEST

Several vulnerabilities in Firefox, Thunderbird and Seamonkey (CERT-EU Security Advisory 2012-0069) External link

The most severe vulnerability (Priority: urgent; Severity: urgent; classification done by Redhat) allows a remote attacker to run code in the security context of a user of Firefox, Thunderbird or Seamonkey, when they open a malicious website or email.

  Thursday, June 7, 2012 11:46:00 AM CEST

Denial of Service vulnerability in ISC BIND (CERT-EU Security Advisory 2012-0068) External link

CVE-2012-1667: Handling of zero length rdata can cause named to terminate unexpectedly CVSS Score: 8.5 HIGH[2] CVSS Equation: (AV:N/AC:L/Au:N/C:P/I:N/A:C) A problem in BIND was uncovered while testing with experimental DNS record types. It is possible to add records to BIND with null (zero length) rdata fields.

  Wednesday, June 6, 2012 2:15:00 PM CEST

Vulnerability in Microsoft Certificate Authority(CERT-EU Security Advisory 2012-0067) External link

Microsoft is aware of active attacks using unauthorized digital certificates derived from a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

  Monday, June 4, 2012 2:20:00 PM CEST

Symantec Endpoint Protection Multiple Issues (CERT-EU Security Advisory 2012-0066) External link

Symantec was notified of a vulnerable service running on the Symantec Endpoint Protection 12.1 management console. Successful access to this service can potentially allow an unauthorized remote attacker to launch a two-stage exploit attempt against the targeted server.

  Wednesday, May 23, 2012 2:40:00 PM CEST

Multiple issues in Linux Kernel (CERT-EU Security Advisory 2012-0065) External link

Multiple issues in Linux Kernel include multiple buffer overflows in the hfsplus filesystem implementation, problems with handling the use of file system capabilities by the cap_bprm_set_creds function in security/commoncap.c, and the KVM implementation makes a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.

  Tuesday, May 22, 2012 9:56:00 AM CEST

OpenSSL Security Advisory - Invalid TLS/DTLS record attack(CERT-EU Security Advisory 2012-0064) External link

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and DTLS can be exploited in a denial of service attack or arbitrary code execution on both clients and servers.[1,3]

  Wednesday, May 16, 2012 10:19:00 AM CEST

Multiple vulnerabilities in Adobe Shockwave Player (CERT-EU Security Advisory 2012-0063) External link

Adobe released a security update for Adobe Shockwave Player 11.6.4.634 and earlier versions for Windows and Macintosh. This update addresses vulnerabilities (memory corruption) that could allow an attacker who successfully exploits these vulnerabilities to run malicious code on the affected system allowing unauthorized disclosure of information, unauthorized modification or disruption of service.

  Thursday, May 10, 2012 3:24:00 PM CEST

Microsft Security Updates (CERT-EU Security Advisory 2012-0062) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 8 May 2012.

  Thursday, May 10, 2012 3:21:00 PM CEST

Remote code-execution vulnerability in Adobe Flash Player (CERT-EU Security Advisory 2012-0061) External link

Adobe released security updates for Adobe Flash Player. These updates address an object confusion vulnerability (CVE-2012-0779)[2] that could cause the application to crash and potentially allow an attacker to take control of the affected system.

  Monday, May 7, 2012 10:49:00 AM CEST

PHP Remote-Code Execution Vulnerability in Certain CGI-based Setups [1,2] (CERT-EU Security Advisory 2012-0060) External link

There is a vulnerability in certain CGI-based setups that has gone unnoticed for at least 8 years (!) [1,2]. Some systems support a method for supplying an array of strings to the CGI script. This is only used in the case of an 'indexed' query.

  Friday, May 4, 2012 11:18:00 AM CEST

Unpatched vulnerability in TNS Listener service on Oracle-UPDATED (CERT-EU Security Advisory 2012-0058) External link

The bug, which Oracle reported as fixed in the most recent Critical Patch Update [2,5], is only fixed in upcoming versions of the database, not in currently shipping releases, and there is publicly available proof-of-concept exploit code circulating [3,4].

  Wednesday, May 2, 2012 2:19:00 PM CEST

Vulnerability in the Oracle Grid Engine component of Oracle Sun Products Suite (CERT-EU Security Advisory 2012-0059) External link

Two critical vulnerabilities have been identified in the Oracle Grid Engine component of Oracle Sun Products Suite

  Monday, April 30, 2012 2:13:00 PM CEST

VMware ESX updates to ESX Service Console (CERT-EU Security Advisory 2012-0057) External link

======= VMware has released a patch to the ESX Service Console Operating System (COS) kernel which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. The list of CVEs patched includes: CVE-2011-3191, CVE-2011-4348, CVE-2012-0028 CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, and CVE-2011-3919. CVSS v2 Base Score for these vulnerabilities vary from 4.3 to 7.1 (from MEDIUM to HIGH)

  Friday, April 27, 2012 2:54:00 PM CEST

OpenSSL Security Advisory - ASN1 BIO vulnerability (CERT-EU Security Advisory 2012-0056) External link

A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio. Incorrect integer conversions in OpenSSL can result in memory corruption.

  Friday, April 20, 2012 4:59:00 PM CEST

Oracle Critical Patch Update - April 2012 (CERT-EU Security Advisory 2012-0055) External link

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update. Thus, prior Critical Patch Update Advisories should be reviewed for information regarding earlier accumulated security fixes. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.

  Wednesday, April 18, 2012 2:11:00 PM CEST

Privilege escalation vulnerability in VMWare products (CERT-EU Security Advisory 2012-0054) External link

VMware has release a patch to fix a privilege escalation issue in the hosted products and ESXi/ESX. The vulnerability may lead to unauthorised access in the targeted Virtual Machines (guest) or cause a denial of service.

  Friday, April 13, 2012 3:07:00 PM CEST

Remote code execution in Samba(CERT-EU Security Advisory 2012-0053) External link

Samba versions 3.6.3 and all versions previous to this are affected by a vulnerability that allows remote code execution as the "root" user from an anonymous connection.

  Thursday, April 12, 2012 11:49:00 AM CEST

Multiple vulnerabilities in Adobe Reader and Acrobat (CERT-EU Security Advisory 2012-0052) External link

Adobe has released a patch for several vulnerabilities found in the Adobe Reader and Acrobat product. These vulnerabilities may lead to unauthorised access to the targeted system or cause a denial of service (memory corruption). The vendor has assessed these vulnerabilities as CRITICAL.

  Wednesday, April 11, 2012 3:02:00 PM CEST

Microsft Security Updates (CERT-EU Security Advisory 2012-0051) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 10 April 2012.

  Wednesday, April 11, 2012 2:52:00 PM CEST

Buffer Overflow Vulnerabilities in the Cisco WebEx Player (CERT-EU Security Advisory 2012-0050) External link

The Cisco WebEx Recording Format (WRF) player contains three buffer overflow vulnerabilities. Successful exploitation of the vulnerabilities could cause the Cisco WRF player application to crash and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the WRF player application.

  Tuesday, April 10, 2012 2:58:00 PM CEST

Title: JBoss Enterprise BRMS Platform 5.2.0 update (CERT-EU Security Advisory 2012-0049) External link

JBoss Enterprise BRMS Platform 5.2.0 roll up patch 1, which fixes two security issues, various bugs:

  Wednesday, April 4, 2012 5:07:00 PM CEST

Memory corruption vulnerability in libpng (CERT-EU Security Advisory 2012-0048) External link

libpng through 1.5.9, 1.4.10, 1.2.48, and 1.0.58 are vulnerable to memory corruption that can lead to remote arbitrary code execution and denial of service. This vulnerability impacts Linux, Windows and Mac OS platforms.

  Tuesday, April 3, 2012 10:15:00 AM CEST

Multiple vulnerabilities in VMWare ESX [1](CERT-EU Security Advisory 2012-0047) External link

VMware ESXi and ESX address several security issues: - - VMware ROM Overwrite Privilege Escalation - - ESX third party update for Service Console kernel - - ESX third party update for Service Console krb5 RPM These vulnerabilities may lead to unauthorised access to the targeted Virtual Machines or cause a denial of service.

  Monday, April 2, 2012 11:57:00 AM CEST

Multiple vulnerabilities in Adobe Flash Player (CERT-EU Security Advisory 2012-0046) External link

Adobe has released a patch for two vulnerabilities found in the Flash Player product. This update resolves: - - a memory corruption vulnerability related to URL security domain checking that could lead to code execution (ActiveX, Windows 7 or Vista only) (CVE-2012-0772). - - a memory corruption vulnerability in the NetStream class that could lead to code execution (CVE-2012-0773).

  Friday, March 30, 2012 9:37:00 AM CEST

JBOSS Security Updates (CERT-EU Security Advisory 2012-0045) External link

An update for JBoss Operations Network 2.4.2 that fixes one security issue is now available from the Red Hat Customer Portal.

  Friday, March 23, 2012 11:40:00 AM CET

Multiple vulnerabilities in Mozilla Thunderbird and Firefox (CERT-EU Security Advisory 2012-0044) External link

Several vulnerabilities have been detected in Mozilla products; some of these have been covered by previous CERT-EU advisories already, but are mentioned here again for the sake of completeness.

  Friday, March 23, 2012 11:38:00 AM CET

VMware issues Security Advisories & Certifications (Reference: CERT-EU Security Advisory 2012-0043) External link

VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues.

  Wednesday, March 21, 2012 10:04:00 AM CET

VMware View privilege escalation and cross-site scripting (Reference: CERT-EU Security Advisory 2012-0042) External link

a. VMware Virtual Desktop Display Driver Privilege Escalation. Exploitation of these issues may lead to local privilege escalation on View virtual desktops. b. View Manager Portal Cross-site Scripting. The attacker can trigger this vulnerability by supplying a crafted URL to the victim and convincing them to click on the link.

  Wednesday, March 21, 2012 10:02:00 AM CET

Multiple Vulnerabilities in Cisco ASA 5500 S and Cisco Catalyst 6500 (CERT-EU Security Advisory 2012-0041) External link

The Cisco AnyConnect ActiveX control contains a buffer overflow vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

  Monday, March 19, 2012 1:31:00 PM CET

Denial of Service Vulnerability in Cisco Firewall (CERT-EU Security Advisory 2012-0040) External link

When multicast routing is enabled, these devices allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367.

  Monday, March 19, 2012 1:24:00 PM CET

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module (CERT-EU Security Advisory 2012-0039) External link

These issues allow remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441.

  Monday, March 19, 2012 1:19:00 PM CET

Mozilla Firefox/Thunderbird/Seamonkey are prone to a Memory Corruption Vulnerability (CERT-EU Security Advisory 2012-0038) External link

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Multiple unspecified vulnerabilities in the browser engine allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

  Monday, March 19, 2012 1:17:00 PM CET

MMozilla Firefox/Thunderbird/SeaMonkey are prone to an Information Disclosure Vulnerability (CERT-EU Security Advisory 2012-0037) External link

An attacker can exploit this issue to disclose certain data from the user's memory. Information obtained may aid in further attacks.

  Monday, March 19, 2012 1:15:00 PM CET

Microsoft Security Updates (CERT-EU Security Advisory 2012-0036) External link

CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 13 March 2012.

  Monday, March 19, 2012 1:13:00 PM CET

JBOSS Security Updates (CERT-EU Security Advisory 2012-0035) External link

JBoss Enterprise SOA Platform 5.2.0 roll up patch 1, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal.

  Thursday, March 15, 2012 10:00:00 AM CET

OpenSSL Security Update (CERT-EU Security Advisory 2012-0034) External link

OpenSSL has issued a security update for the CMS and S/MIME Bleichenbacher attack (CVE-2012-0884).

  Thursday, March 15, 2012 9:59:00 AM CET

VMware ESXi and ESX updates to third party libraries and ESX Service Console (CERT-EU Security Advisory 2012-0033) External link

VMware VirtualCenter Update 6b and ESX 3.5 patch update JRE.

  Monday, March 12, 2012 3:36:00 PM CET

VMware vCenter Chargeback Manager Information Leak and Denial of Service (CERT-EU Security Advisory 2012-0032) External link

The vCenter Chargeback Manager contains a vulnerability that allows information leakage and denial-of-service.

  Monday, March 12, 2012 3:33:00 PM CET

Adobe Flash Player - Multiple Vulnarabilities (CERT-EU Security Advisory 2012-0019:Update 1) External link

Critical vulnerabilities have been identified in Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x.

  Thursday, March 8, 2012 10:23:00 AM CET

RSA SecurID Software Token Converter buffer overflow vulnerability (CERT-EU Security Advisory 2012-0031) External link

CVE-2012-0397 Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.[1][2]

  Thursday, March 8, 2012 10:13:00 AM CET

Vulnerabilities in Adobe Flash Player (CERT-EU Security Advisory 2012-0030) External link

CVE-2012-0768 and CVE-2012-0769. This vulnerability is currently undergoing analysis and not all information is available. Adobe has rated this incident as Priority 2 Critical.

  Tuesday, March 6, 2012 12:46:00 PM CET

Kelihos Botnet is Back and Active (CERT-EU Security Advisory 2012-0029) External link

In September 2011, Microsoft announced the takedown of the Kelihos botnet [1]. In the beginning of 2012, Kaspersky found a new version of Kelihos in the wild [2]. Kelihos (also know as Hlux) is a Spambot with the capability to steal credentials from the victims computer and drop additional malware. While the old version used the second level domain cz.cc for it’s distribution and to control the botnet, the new version takes advantage of TLD .eu in combination with Fast Flux techniques [3]. More detailed analysis may be found in [3].

  Monday, March 5, 2012 4:13:00 PM CET

Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities (CERT-EU Security Advisory 2012-0028) External link

CVSS Base Scores CVE-2012-0330: Error while processing malformed SIP message CVSS v2 Base Score: 7.8 (HIGH) (AV:N/AC:L/Au:N/C:N/I:N/A:C) [3])

  Friday, March 2, 2012 4:54:00 PM CET

Multiple Vulnerabilities in Cisco Unity Connection (CERT-EU Security Advisory 2012-0027) External link

CVSS Base Scores CVE-2012-0366: Privilege Escalation Vulnerability CVSS v2 Base Score: 9.0 (CRITICAL) (AV:N/AC:L/Au:S/C:C/I:C/A:C) [3])

  Friday, March 2, 2012 4:51:00 PM CET

Unified Communications Manager Skinny Client Control Protocol Vulnerabilities (CERT-EU Security Advisory 2012-0026) External link

CVSS Base Scores CVE-2011-4486: SCCP Registration may Cause Reload CVSS v2 Base Score: 7.8 (HIGH) (AV:N/AC:L/Au:N/C:N/I:N/A:C) [3])

  Friday, March 2, 2012 4:49:00 PM CET

Multiple Vulnerabilities in Cisco Wireless LAN Controllers (CERT-EU Security Advisory 2012-0025) External link

CVSS Base Scores CVE-2012-0368: HTTP Denial of Service Vulnerability CVSS v2 Base Score: 7.8 (HIGH) (AV:N/AC:L/Au:N/C:N/I:N/A:C) [3])

  Friday, March 2, 2012 4:27:00 PM CET

Cisco Cius Denial of Service Vulnerability (CERT-EU Security Advisory 2012-0024) External link

Cisco Cius Software contains a denial of service vulnerability that could cause the device to stop responding (DoS).

  Friday, March 2, 2012 4:25:00 PM CET

Remote code execution vulnerability in smbd ( CERT-EU Security Advisory 2012-0023) External link

An input validation flaw in Samba could allow a remote attacker to execute arbitrary code with the privileges of the Samba server (root). CVE-2012-0870

  Friday, March 2, 2012 4:18:00 PM CET

Cisco Small Business SRP 500 Series Multiple Vulnerabilities ( CERT-EU Security Advisory 2012-0022) External link

Several vulnerabilities have been fixed in Cisco Small Business (SRP 500) Series Services Ready Platforms.

  Friday, March 2, 2012 4:14:00 PM CET

Linux Kernel NFS Implementation. Local Denial of Service Vulnerability (CERT-EU Security Advisory 2012-0021) External link

The NFS implementation in the Linux kernel is prone to a local denial-of-service vulnerability due to null-pointer dereference error. CVE-2011-4325

  Friday, March 2, 2012 4:00:00 PM CET

Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability (CERT-EU Security Advisory 2012-0020) External link

Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet.

  Thursday, February 16, 2012 4:57:00 PM CET

Adobe Flash Player - Multiple Vulnarabilities (CERT-EU Security Advisory 2012-0019) External link

Critical vulnerabilities have been identified in Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x.

  Thursday, February 16, 2012 4:50:00 PM CET

Oracle Java SE Critical Patch Update (CERT-EU Security Advisory 2012-0018) External link

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update. Thus, prior Critical Patch Update Advisories should be reviewed for information regarding earlier accumulated security fixes. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 14 new security fixes across Java SE products.

  Thursday, February 16, 2012 2:43:00 PM CET

Adobe Shockwave Player - remote code execution vulnerability (CERT-EU Security Advisory 2012-0017) External link

Adobe reported vulnerabilities in their Shockwave Players that could allow an attacker to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.6.3.633 and earlier versions to update to Adobe Shockwave Player 11.6.4.634.

  Wednesday, February 15, 2012 4:31:00 PM CET

DNSChanger malware - decommissioning of temporary DNS servers on the 8 of March 2012 (CERT-EU Security Advisory 2012-0016) External link

CERT-EU has been made aware of an action taken by FBI to eradicate the DNSChanger malware [1,4]. A list of rogue DNS servers has been published and can be used to identify infected PCs in your network, see "What can you do" section below.

  Wednesday, February 15, 2012 4:16:00 PM CET

PHP5 Arbitrary Remote Code Execution Vulnerability (CERT-EU Security Advisory 2012-0015) External link

The PHP development team announced the immediate availability of PHP 5.3.10. This release delivers a critical security fix. This release fixes the arbitrary remote code execution vulnerability CVE-2012-0830.

  Monday, February 6, 2012 3:00:00 PM CET

Multiple vulnerabilities in JBoss Operations Network (CERT-EU Security Advisory 2012-0014) External link

Red Hat has released fixes to JBoss Operations Network (JBoss ON), a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

  Monday, February 6, 2012 2:25:00 PM CET

CERT-EU Security Advisory 2012-0013 Denial of Service Vulnerability in Oracle WebLogic Server, Application Server (OC4J) and iPlanet Web Server (CERT-EU Security Advisory 2012-0013) External link

Oracle has released a security advisory about a denial of service vulnerability in Oracle WebLogic Server, Oracle Application Server (OC4J) and Oracle iPlanet Web Server due to hashing collisions. No authentication is required to exploit this vulnerability, so it may be exploited over a network without the need for a username and password. A remote user can exploit this vulnerability to affect the system availability.

  Thursday, February 2, 2012 3:15:00 PM CET

Multiple vulnerabilities in JBoss Web server (CERT-EU Security Advisory 2012-0012) External link

Red Hat has released fixes to JBoss Communications Platform and JBoss Web, the web container of JBoss Enterprise Application Platform. These vulnerabilities can allow remote attackers to access sensitive information or cause a denial of service.

  Thursday, February 2, 2012 8:32:00 AM CET

Multiple vulnerabilities in Apache HTTP server (CERT-EU Security Advisory 2012-0011) External link

The Apache Software Foundation has released a new version the Apache HTTP server that fixes multiple vulnerabilities. These vulnerabilities can allow remote attackers to access sensitive information, cause a denial of service or allow local users to escalate privileges.

  Wednesday, February 1, 2012 1:59:00 PM CET

Multiple vulnerabilities in VMware ESXi and ESX (CERT-EU Security Advisory 2012-0010) External link

VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues

  Wednesday, February 1, 2012 1:54:00 PM CET

Sudo format string vulnerability (CERT-EU Security Advisory 2012-0009) External link

A flaw exists in the debugging code in sudo versions 1.8.0 through 1.8.3p1 that can be used to crash sudo or potentially allow an unauthorized user to elevate privileges to root.

  Wednesday, February 1, 2012 10:31:00 AM CET

Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability (CERT-EU Security Advisory 2012-0008) External link

Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges

  Monday, January 30, 2012 8:39:00 AM CET

Vulnerability in OpenSSL in DTLS applications (CERT-EU Security Advisory 2012-0006) External link

OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108.

  Tuesday, January 24, 2012 4:59:00 PM CET

Vulnerabilities in Cisco IP Video Phone E20 and Digital Media Manager (CERT-EU Security Advisory 2012-0005) External link

Cisco IP Video Phone E20 Default Root Account Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device.

  Friday, January 20, 2012 2:39:00 PM CET

Remote Security Vulnerability in Oracle Sun Solaris (CERT-EU Security Advisory 2012-0004) External link

Oracle Sun Solaris is prone to a remote security vulnerability. Fixes are available.

  Friday, January 20, 2012 2:16:00 PM CET

Multiple vulnerabilities in Apache Tomcat (CERT-EU Security Advisory 2012-0003) External link

The Apache Tomcat security team disclosed two vulnerabilities in their product. Fixes are available. The vulnerabilities allow unauthorized disclosure of information and disruption of service.

  Friday, January 20, 2012 1:57:00 PM CET

Multiple vulnerabilities in OpenSSL (CERT-EU Security Advisory 2012-0002) External link

The OpenSSL project disclosed various vulnerabilities in their product.

  Tuesday, January 17, 2012 3:35:00 PM CET

Security updates available for Adobe Reader and Acrobat (CERT-EU Security Advisory 2012-0001). External link

These updates address critical vulnerabilities (CVE-2011-2462, CVE-2011-4369, CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373) in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. These updates include fixes for CVE-2011-2462 and CVE-2011-4369, previously addressed in Adobe Reader and Acrobat 9.x for Windows as referenced in Security Bulletin APSB11-30.

  Tuesday, January 17, 2012 10:59:00 AM CET

Multiple vulnerabilities in .NET Framework including critical Elevation of Privilege flaw (CERT-EU Security Advisory 2011-0033) External link

Microsoft has released an out-of-band security update [1] that resolves one publicly disclosed vulnerability [2] and three privately reported vulnerabilities in Microsoft .NET Framework.

  Monday, January 23, 2012 3:23:00 PM CET

Multiple vulnerabilities on Mozilla Firefox / Thunderbird / SeaMonkey (CERT-EU Security Advisory 2011-0032) External link

Multiple vulnerabilities have been found in Mozilla Firefox / Thunderbird. A fix is available.

  Wednesday, December 21, 2011 9:28:00 PM CET

Multiple vulnerabilities on JBoss Enterprise Portal Platform (CERT-EU Security Advisory 2011-0031) External link

Multiple vulnerabilities have been found in JBoss Enterprise Portal Platform. A patch is available.

  Wednesday, December 21, 2011 9:24:00 PM CET

RSA SecurID Software Token DLL Loading Arbitrary Code Execution (CERT-EU Security Advisory 2011-0030) External link

RSA SecurID Software Token is prone to a vulnerability that lets attackers execute arbitrary code. This vulnerability may be exploited to load arbitrary libraries by tricking a user into opening a Software Token file located on a compromised or malicious share.

  Wednesday, December 21, 2011 9:21:00 PM CET

Mozilla Firefox/Thunderbird/SeaMonkey information disclosure vulnerability (Security Advisory 2011-0028) External link

Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 are prone to an information disclosure vulnerability, exploitable by a remote attacker to obtain information from the browser history.[1] Updated versions are available.[3]

  Wednesday, December 14, 2011 11:29:00 AM CET

Unspecified vulnerability in Adobe Flash Player 11.1.102.55 (Security Advisory 2011-0027) External link

Adobe Flash Player 11.1.102.55 on Windows and Mac OS X is prone to remote attacks by execution of arbitrary code via a crafted SWF file.

  Wednesday, December 14, 2011 11:27:00 AM CET

Adobe Acrobat and Reader U3D Memory Corruption Vulnerability (Security Advisory 2011-0026) External link

Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability.

  Tuesday, January 24, 2012 9:39:00 AM CET

JBoss Application Server Administrative Console Cross-Site Scripting (Security Advisory 2011-0025) External link

JBoss Application Server console is prone to a cross-site scripting vulnerability while handling DOM objects; fixes are available.

  Monday, December 5, 2011 5:48:00 PM CET

JBoss AS Administration Cross Site Request Forgery Vulnerability (Security Advisory 2011-0024) External link

JBoss AS is prone to a cross-site request-forgery vulnerability; fixes are available.

  Monday, December 5, 2011 5:47:00 PM CET

HP Printers and Digital Senders Remote Security Bypass Vulnerability (Security Advisory 2011-0023) External link

HP Printers and Digital Senders are prone to a security-bypass vulnerability leading to the installation of a malicious firmware

  Friday, December 2, 2011 3:22:00 PM CET

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability (CERT-EU Security Advisory 2011-0022) External link

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability Apache HTTP Server is prone to a security-bypass vulnerability.

  Friday, November 25, 2011 2:42:00 PM CET

Multiple Linux Kernel Vulnerabilities (CERT-EU Security Advisory 2011-0021) External link

Linux kernel is prone to multiple 'hardlink' stack-based buffer-overflow vulnerabilities and multiple integer-overflow vulnerabilities because of a failure to properly bounds check user-supplied input. Specifically, hardlink fails to properly handle deeply nested directories.

  Friday, November 25, 2011 2:41:00 PM CET

IBM Lotus Mobile Connect - Cross Site Scripting Vulnerability 9 (CERT-EU Security Advisory 2011-0020) External link

IBM Lotus Mobile Connect is prone to a cross-site scripting vulnerability. Fixes are available. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

  Wednesday, November 23, 2011 5:58:00 PM CET

Linux Kernel - Remote Denial of Service Vulnerability (CERT-EU Security Advisory 2011-0019) External link

The Linux kernel is prone to a remote denial-of-service vulnerability. Specifically, this issue occurs when using certain network drivers for handling VLAN 0 frames with the priority tag set. Attackers can remotely exploit this issue by sending specially crafted packets to the affected computer. An attacker can exploit this issue to cause the kernel to crash, denying service to legitimate users.

  Wednesday, November 23, 2011 5:57:00 PM CET

Linux Kernel - Remote Denial of Service Vulnerability (CERT-EU Security Advisory 2011-0018) External link

The Linux kernel is prone to a remote denial-of-service vulnerability. To exploit this issue, attackers can use readily available network utilities.

  Wednesday, November 23, 2011 5:56:00 PM CET

Microsoft Windows Kernel Remote Code Execution Vulnerability (CERT-EU Security Advisory 2011-0017) External link

Microsoft Windows is prone to a remote code-execution vulnerability. A commercial exploit is available for CORE IMPACT; urgency raised.

  Wednesday, November 23, 2011 5:55:00 PM CET

Oracle Java Remote Java Runtime Environment (CERT-EU Security Advisory 2011-0016) External link

Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. A commercial exploit is available through VUPEN Security; urgency raised.

  Wednesday, November 23, 2011 5:41:00 PM CET

ISC BIND 9 Recursive Queries Remote DoS (CERT-EU Security Advisory 2011-0015) External link

ISC BIND is prone to a remote denial-of-service vulnerability

  Wednesday, November 23, 2011 5:37:00 PM CET

Adobe Acrobat and Reader - Multiple Vulnarabilities (CERT-EU Security Advisory 2011-0014) External link

Critical vulnerabilities have been identified in Adobe Acrobat and Reader.

  Wednesday, November 23, 2011 5:34:00 PM CET

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability (CERT-EU Security Advisory 2011-0013) External link

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability (CERT-EU Security Advisory 2011-0013)

  Wednesday, November 23, 2011 5:10:00 PM CET

Adobe Flash Player - Multiple Vulnerabilities (CERT-EU Security Advisory 2011-0012) External link

Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android. [1]

  Friday, November 11, 2011 6:09:00 PM CET

Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass (CERT-EU Security Advisory 2011-0011) External link

Mozilla Firefox and Thunderbird are prone to a security-bypass vulnerability [1]. This issue occurs because installed add-ons fail to properly use 'XPCNativeWrappers' in the 'loadSubScript()' function.

  Friday, November 11, 2011 6:01:00 PM CET

Mozilla Firefox and Thunderbird Shift-JIS Encoding HTML Injection Vulnerability (CERT-EU Security Advisory 2011-0010) External link

Mozilla Firefox and Thunderbird are prone to an HTML-injection vulnerability CVE-2011-3648(Candidate) Exploits are available. Fixes are available.

  Thursday, November 10, 2011 4:04:00 PM CET

Multiple vulnerabilities on Adobe Shockwave Player (CERT-EU Security Advisory 2011-0009) External link

Adobe Shockwave Player is prone to several memory corruption vulnerabilities [1] leading to arbitrary code execution.

  Wednesday, November 9, 2011 4:59:00 PM CET

Oracle Database Server PITRIG_DROPMETADATA Remote Buffer Overflow Vulnerability (CERT-EU Security Advisory 2011-0008) External link

Oracle is prone to a buffer-overflow discovered in 2007 which remains unpatched [1][2]. An exploit code has become available [3] which raises the criticality of the advisory.

  Wednesday, November 9, 2011 4:58:00 PM CET

Potential DoS threat against SSL/TLS servers (CERT-EU Security Advisory 2011-0007) External link

A hacker group has released a tool [1] that can perform denial of service attacks against SSL based servers. The released tool exploits a flaw in the SSL secure renegotiation feature. The attack requires very low resources at the client side, a single PC with a DSL connection might be enough to take all resources of an average SSL server. It will require more resources (about 20 laptops) to take the resources of larger server farms. This makes the threat more important than standard DoS attempts through resource exhaustion.

  Wednesday, November 9, 2011 4:54:00 PM CET

Vulnerability on Apache HTTP server with mod_proxy exposes internal networks (CERT-EU Security Advisory 2011-0006) External link

A vulnerability [1] has been released on the Apache HTTP server in reverse-proxy mode. The vulnerability impacts httpd 1.3 all versions and httpd 2.x all versions using the mod_proxy with certain configuration of RewriteRule or ProxyPassMatch. See [1] http://seclists.org/fulldisclosure/2011/Oct/232 for further details.

  Wednesday, October 12, 2011 8:55:00 AM CEST

Background information about the recent "BEAST attack on SSL / TLS" (CERT-EU Security Advisory 2011-0005) External link

Two security researchers demonstrated[1] an attack against encrypted SSL and TLS "cookies", which sometimes store credentials (for example, Google or Facebook) to keep a user logged in. The attack received a lot of media attention. This advisory aims at explaining what a potential attacker would need to do for a successful attack, and what can/must be done to mitigate it. Click for further details.

  Thursday, September 29, 2011 4:59:00 PM CEST

Adobe emergency patch for multiple Flash Player vulnerabilities (CERT-EU Security Advisory 2011-0004) External link

Adobe announced[1] the availability of a patch for multiple critical vulnerabilities found in Flash Player. Click for further details.

  Thursday, September 29, 2011 4:57:00 PM CEST

Oracle emergency patch for Apache HTTPD DoS vulnerability (CERT-EU Security Advisory 2011-0003) External link

Oracle announced[1] the availability of a patch for a denial of service vulnerability in Apache HTTPD. Click for further details.

  Thursday, September 29, 2011 4:56:00 PM CEST

Info

This website is managed by CERT-EU. Find out more about us.

 

 

For questions or comments, please contact us at:

email: cert-eu@ec.europa.eu

PGP Fingerprint:  D894 7318 0495 62AB 9DE8 41DC B3F8 FCC1 B607 5AB8

Emergency phone: +3222990005

 

 

Tools

Load latest edition

Wednesday, September 20, 2017

3:53:00 AM CEST

EMM for iPadEMM for Android

Edition

Tuesday, August 30, 2016 4:24:00 PM CEST

Edition: 1

Select another edition

< Prev   1  

Contents