Cisco's Small Security Hole
Grok Headline matches for Cisco's Small Security Hole
How Good Is Cisco's Security Planning?
How Good Is Cisco's Security Planning?
05/17/2004 04:21 PMIn the ongoing (and somewhat silly) debate between open source
advocates and proprietary software advocates, both sides like to brag
that their method is better for security. Proprietary software
advocates point out that by hiding the source code it's much harder
for anyone to determine vulnerabilities, and allows the owner of the
software to patch them quickly. Open source supporters contend the
opposite is true. If the code is open, then
everyone knows
what's available so the natural security of the program needs to be
top notch. If it's not, lots of people can contribute to a fix
quickly. Well, that debate has become a bit more interesting now that
everyone is scurrying around talking about how
Cisco's IOS source code was swiped last week and people
are wondering what sort of vulnerabilities will be turned up and
exploited. Eric Raymond (whose beliefs supporting open source are
well known) makes the very reasonable point that anyone developing
proprietary software really
ought
to design it as if the source were open - in order to deal with
exactly these situations. If Cisco had open sourced their IOS in the
first place, the argument goes, people wouldn't be worried about
vulnerabilities right now. That does leave out the other side of the
story, but it is true that anyone developing software believing they
can be lax on security because their source code is closed is living
in a dream world. Not to say that Cisco's IOS isn't secure - but now
lots of people need to worry about it.
MS Security Hole In VPC
MS Security Hole In VPC
02/11/2004 10:58 AMZA Security Hole
ZA Security Hole
04/15/2004 06:20 PMDamjan Kreft (Apr 14 2004)
New Security Hole In Mac OS X
New Security Hole In Mac OS X
12/02/2003 12:40 AMRe: ZA Security Hole
Re: ZA Security Hole
04/16/2004 02:25 PMHugo van der Kooij (Apr 15 2004)
Hole in Polo security
Hole in Polo security
04/15/2005 11:10 PMTechWorld Apr 16 2005 3:42AM GMT
New Security Hole Found in OS X
New Security Hole Found in OS X
05/18/2004 03:05 PMA newly discovered flaw in the Mac OS X operating system raises fresh
doubts about the security of the platform.
PHP Plugs Security Hole
PHP Plugs Security Hole
02/18/2003 01:14 PMPHP Version 4.3.1 is released to fix a serious security vulnerability
that could lead to arbitrary code execution by intruders.
PHP falls down security hole
PHP falls down security hole
04/19/2005 12:16 PMServers running PHP are vulnerable to a number of serious security
exploits, including some that could allow an attacker to execute
malicious code, as well as denial-of-service exploits, according to
the PHP Group.
Security Hole in IE 5.0 Discovered
Security Hole in IE 5.0 Discovered
08/01/2004 12:25 AMG4 Tech TV Aug 1 2004 5:08AM GMT
Notes and Tips: PNG Security Hole
Notes and Tips: PNG Security Hole
08/06/2004 10:00 AMSecurity bugs in the libpng library open the possibility of remote
attack and takeover of Mac OS X.
Apple reveals security hole
Apple reveals security hole
05/22/2004 08:15 AMCNN May 22 2004 12:08PM GMT
Notes and Tips: Security Hole
Notes and Tips: Security Hole
05/20/2004 10:03 AMWe haven't gotten any help yet from Apple, but we have a few more
"third-party" tips for managing this major vulnerability.
X marks the Linux security hole
X marks the Linux security hole
01/06/2005 12:03 PMMac OS fix fails to plug security hole
Mac OS fix fails to plug security hole
05/25/2004 04:33 PMYahoo Plugs PNG Security Hole
Yahoo Plugs PNG Security Hole
08/13/2004 09:17 PMThe company releases an updated version of its Yahoo Messenger client
for Windows to fix security issues uncovered earlier in the advanced
graphics format.
Yahoo Patches IM Security Hole
Yahoo Patches IM Security Hole
12/05/2003 10:11 AMPC Magazine Dec 5 2003 9:31AM ET
Security Hole in Windows 2000
Security Hole in Windows 2000
03/19/2003 10:43 PMMicrosoft found out about a security flaw in it's Windows 2000 server
software when a clients server was breached. Goes...
Yahoo plugs IM security hole
Yahoo plugs IM security hole
12/05/2003 04:21 PMThe Web giant issues an update to its instant-messaging software in
order to address a security flaw found in the application earlier this
week.
AIM Beta Fixes Security Hole
AIM Beta Fixes Security Hole
08/10/2004 08:02 PMAOL releases a test version of AIM 5.9 that addresses a remote-attack
security vulnerability affecting the "Away" feature in its instant
messaging client.
Apple Patches Security Hole in Mac OS X
Apple Patches Security Hole in Mac OS X
05/23/2004 12:20 PMThe company has released an update to Mac OS X patching a security
hole that potentially allowed malicious code to be run via a Web page.
Gosling: Huge security hole in .Net
Gosling: Huge security hole in .Net
02/05/2005 09:11 PMZDNet Feb 4 2005 7:47PM GMT
FTC probes PetCo.com security hole
FTC probes PetCo.com security hole
12/07/2003 06:27 PMDog's dinner
Apple Patches Mac OS X Security Hole
Apple Patches Mac OS X Security Hole
12/23/2003 04:35 PMExtreme Tech Dec 23 2003 3:10PM ET
Other News: Security Hole Story
Other News: Security Hole Story
05/21/2004 10:07 AMThe Mac enthusiast who reported the Mac OS X security hole to Apple
back in February feels bad about it.
Horrible Apple OS Security Hole
Horrible Apple OS Security Hole
05/18/2004 10:13 AMThere are widespread reports of a terrible security problem in Apple's Mac OS X. Be
extremely careful in surfing until Apple fixes this. If you
use Safari, you can help yourself (unclear whether this is a total
fix) by opening Preferences and unchecking the "Open 'safe' files
after downloading" option.
Find a Moz security hole, earn $500
Find a Moz security hole, earn $500
08/03/2004 06:59 AMThe Mozilla Foundation is administering a program that will pay a
bounty of $500 for any "critical" security bugs discovered in Moz.
What constitutes critical will be judged by the Mozilla Foundation
staff. Linux software developer Linspire and Mark entrepreneur
Shuttleworth have issued seed funding to support the initiative, to be
supplemented by donations from Mozilla supporters. The first $5,000 in
community contributions will be matched dollar-for-dollar by
Shuttleworth.
Lin
k
New Linux Security Hole Found
New Linux Security Hole Found
06/14/2004 07:31 PMA young programmer found a new way to crash most Linux 2.4 or 2.6
distributions running on an x86 architecture, but a fix is being
distributed.
Cisco warns of IP PBX security hole
Cisco warns of IP PBX security hole
01/24/2004 12:09 AMCisco this week released a security bulletin warning of a
vulnerability in its IP telephony software running on IBM server
hardware.
Brief: Security firm finds a hole in Sun
ONE
Brief: Security firm finds a hole in Sun
ONE
03/14/2003 06:18 PMA patch has been released to fix the flaw in Version 6.5 of Sun's ONE
Application Server, and work-arounds are available for Version 6.0.
Polo plugs security hole
Polo plugs security hole
04/18/2005 11:16 PMBlog: Polo Ralph Lauren said on Friday that it has fixed a
computer-security problem that may have exposed customers' credit card
numbers...
Firefox Plugs GIF Security Hole
Firefox Plugs GIF Security Hole
03/23/2005 04:43 PMThe Mozilla Foundation patches its upstart Web browser to correct a
GIF-processing flaw that causes a buffer overflow.
Mozilla Patches Security Hole
Mozilla Patches Security Hole
07/09/2004 06:14 PMMozilla security hole uncovered
Mozilla security hole uncovered
07/09/2004 08:10 AMZDNet Jul 9 2004 12:33PM GMT
Security hole found in Linux
Security hole found in Linux
03/19/2003 10:26 PM"there is a fairly serious security hole
that you should patch"
"there is a fairly serious security hole
that you should patch"
07/09/2004 08:21 AMGoogle Toolbar Security Hole
Google Toolbar Security Hole
08/09/2002 01:56 PMGreyMagic has discovered a series of security exploits in the Google
Toolbar. The Register has a summary of them. For their part, Google
has released an updated version that will be automatically distributed
to users of the toolbar. You're safe if you're running version 1.1.59
or higher. You can check what version you have by going to the Google
menu and selecting "About Google Toolbar...". If you're running 1.1.58
or earlier, visit the toolbar website to upgrade....
AOL IM 'Away' Message Security Hole
Found
AOL IM 'Away' Message Security Hole
Found
08/10/2004 08:31 AMVote Tabulator Security Hole Exposed
Vote Tabulator Security Hole Exposed
08/30/2004 07:16 PMGrok Description matches for Cisco's Small Security Hole
GrokA matches for Cisco's Small Security Hole
Cisco Introduces the Cisco XR 12000
Series Routers for IP Next-Generation
Networks; Cisco IOS XR Delivers High
Cisco Introduces the Cisco XR 12000
Series Routers for IP Next-Generation
Networks; Cisco IOS XR Delivers High
04/18/2005 04:25 AMBusiness Wire UK Apr 18 2005 8:14AM GMT
BugTraq: Cisco Security Advisory: Cisco
Telnet Denial of Service Vulnerability
BugTraq: Cisco Security Advisory: Cisco
Telnet Denial of Service Vulnerability
08/27/2004 09:27 PMSecurityFocus Aug 28 2004 1:24AM GMT
BugTraq: Cisco Security Advisory: Cisco
CatOS Telnet, HTTP and SSH Vulnerability
BugTraq: Cisco Security Advisory: Cisco
CatOS Telnet, HTTP and SSH Vulnerability
06/09/2004 08:53 PMSecurityFocus Jun 10 2004 0:39AM GMT
UPDATE: Cisco Security Notice:
Dictionary Attack on Cisco LEAP
Vulnerability
UPDATE: Cisco Security Notice:
Dictionary Attack on Cisco LEAP
Vulnerability
04/12/2004 04:55 PMCisco Systems Product Security Incident Response Team (Apr 12 2004)
BugTraq: Cisco Security Advisory: TCP
Vulnerabilities in Multiple IOS Based
Cisco Products
BugTraq: Cisco Security Advisory: TCP
Vulnerabilities in Multiple IOS Based
Cisco Products
04/20/2004 11:35 PMSecurityFocus Apr 21 2004 3:48AM GMT
Cisco Security Advisory: Cisco VPN 3000
Concentrator Vulnerable to Crafted SSL
Attack
Cisco Security Advisory: Cisco VPN 3000
Concentrator Vulnerable to Crafted SSL
Attack
03/30/2005 02:01 PMCisco Systems Product Security Incident Response Team (Mar 30 2005)
BugTraq: Cisco Security Advisory: Cisco
IOS Malformed OSPF Packet Causes Reload
BugTraq: Cisco Security Advisory: Cisco
IOS Malformed OSPF Packet Causes Reload
08/18/2004 12:47 PMSecurityFocus Aug 18 2004 5:41PM GMT
Cisco Security Advisory: SNMP trap
Reveals WEP Key in Cisco Aironet AP
Cisco Security Advisory: SNMP trap
Reveals WEP Key in Cisco Aironet AP
12/02/2003 02:40 PMCisco Systems Product Security Incident Response Team (Dec 02 2003)
Cisco Security Advisory: TCP
Vulnerabilities in Multiple
Non-IOS-Based Cisco Products
Cisco Security Advisory: TCP
Vulnerabilities in Multiple
Non-IOS-Based Cisco Products
04/20/2004 07:40 PMCisco Systems Product Security Incident Response Team (Apr 20 2004)
Cisco Security Advisory: TCP
Vulnerabilities in Multiple IOS Based
Cisco Products
Cisco Security Advisory: TCP
Vulnerabilities in Multiple IOS Based
Cisco Products
04/20/2004 08:47 PMCisco Systems Product Security Incident Response Team (Apr 20 2004)
Cisco Security Advisory: Vulnerabilities
in Cisco IOS Secure Shell Server
Cisco Security Advisory: Vulnerabilities
in Cisco IOS Secure Shell Server
04/06/2005 05:45 PMPosted by Cisco Systems Product Security Incident Response Team, Apr
06 2005
Cisco Security Advisory: Cisco Telnet
Denial of Service Vulnerability
Cisco Security Advisory: Cisco Telnet
Denial of Service Vulnerability
08/27/2004 05:51 PMCisco Systems Product Security Incident Response Team (Aug 27 2004)
BugTraq: Cisco Security Advisory: Cisco
IOS Malformed BGP packet causes reload
BugTraq: Cisco Security Advisory: Cisco
IOS Malformed BGP packet causes reload
06/16/2004 09:31 PMSecurityFocus Jun 17 2004 1:23AM GMT
Cisco Security Advisory: Cisco IOS
Malformed OSPF Packet Causes Reload
Cisco Security Advisory: Cisco IOS
Malformed OSPF Packet Causes Reload
08/19/2004 06:37 PMCisco Systems Product Security Incident Response Team (Aug 18 2004)
Cisco Security Advisory: Cisco CatOS
Telnet, HTTP and SSH Vulnerability
Cisco Security Advisory: Cisco CatOS
Telnet, HTTP and SSH Vulnerability
06/09/2004 04:00 PMCisco Systems Product Security Incident Response Team (Jun 09 2004)
Cisco Security Advisory: Cisco Personal
Assistant User Password Bypass
Vulnerability
Cisco Security Advisory: Cisco Personal
Assistant User Password Bypass
Vulnerability
01/08/2004 08:28 PMCisco Systems Product Security Incident Response Team (Jan 08 2004)
Cisco Security Notice: Cisco IPsec VPN
Implementation Group Password Usage
Vulnerability
Cisco Security Notice: Cisco IPsec VPN
Implementation Group Password Usage
Vulnerability
04/15/2004 06:20 PMCisco Systems Product Security Incident Response Team (Apr 15 2004)
BugTraq: UPDATE: Cisco Security Notice:
Dictionary Attack on Cisco LEAP
Vulnerability
BugTraq: UPDATE: Cisco Security Notice:
Dictionary Attack on Cisco LEAP
Vulnerability
04/12/2004 06:12 PMSecurityFocus Apr 12 2004 9:16PM GMT
Cisco Security Advisory: Cisco
Collaboration Server Vulnerability
Cisco Security Advisory: Cisco
Collaboration Server Vulnerability
06/30/2004 04:29 PMCisco Systems Product Security Incident Response Team (Jun 30 2004)
Cisco rules out security risk : Cisco
Systems Inc. has said that the
publication of some
Cisco rules out security risk : Cisco
Systems Inc. has said that the
publication of some
05/22/2004 09:58 AMNDTV May 22 2004 1:11PM GMT
Cisco Security Advisory: Cisco IOS
Malformed BGP packet causes reload
Cisco Security Advisory: Cisco IOS
Malformed BGP packet causes reload
06/16/2004 04:30 PMCisco Systems Product Security Incident Response Team (Jun 16 2004)
Cisco Wi-Fi access point flaw lets
snoopers in
Cisco Wi-Fi access point flaw lets
snoopers in
12/04/2003 08:28 AMZDNet UK Dec 4 2003 7:36AM ET
Cisco Security Advisory: Cisco FWSM
Vulnerabilities
Cisco Security Advisory: Cisco FWSM
Vulnerabilities
12/15/2003 02:04 PMCisco Systems Product Security Incident Response Team (Dec 15 2003)
Cisco cites security flaws
Cisco cites security flaws
12/19/2004 03:03 PMZDNet Dec 17 2004 6:33PM GMT
Cisco Patches IOS Security Flaws
Cisco Patches IOS Security Flaws
04/11/2005 07:37 PMThe most serious vulnerability could allow malicious hackers to access
network resources.
Cisco Security Advisory: Cisco PIX
Vulnerabilities
Cisco Security Advisory: Cisco PIX
Vulnerabilities
12/15/2003 02:04 PMCisco Systems Product Security Incident Response Team (Dec 15 2003)
Cisco Warns of Voice Product Security
Flaws
Cisco Warns of Voice Product Security
Flaws
01/22/2004 12:53 PMA repair script is released to fix a security flaw that leaves TCP and
UDP ports open to malicious attack.
Cisco Says Code Theft Does Not Increase
Internet Security Risk
Cisco Says Code Theft Does Not Increase
Internet Security Risk
05/21/2004 06:59 PMRed Nova May 21 2004 10:44PM GMT
Theft of Cisco source code stirs fears
of security threat
Theft of Cisco source code stirs fears
of security threat
05/21/2004 05:17 PMUsers and security analysts this week expressed concern about the
security threat posed to corporate networks by the recent theft of
operating system source code from Cisco.
Cisco Security Advisory: Cisco ONS
15327, ONS 15454, ONS 15454 SDH, and ONS
15600 Vulnerabilities
Cisco Security Advisory: Cisco ONS
15327, ONS 15454, ONS 15454 SDH, and ONS
15600 Vulnerabilities
02/19/2004 04:48 PMCisco Systems Product Security Incident Response Team (Feb 19 2004)
Cisco's Small Security Hole
