comp.security.announce
  Home FAQ Contact Sign in
comp.security.announce only
 
Advanced search
May 2008
motuwethfrsasuw
   1234 18
567891011 19
12131415161718 20
19202122232425 21
262728293031  22
2008
 Jan   Feb   Mar   Apr 
 May   Jun   Jul   Aug 
 Sep   Oct   Nov   Dec 
2008 2007 2006  
total
comp.security.announce Profile…
RELATED GROUPS

POPULAR GROUPS

more...
 Up
  US-CERT Technical Cyber Security Alert TA08-150A -- Apple Updates for Multiple Vulnerabilities         


Author: US-CERT
Date: May 29, 2008 13:14

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA08-150A

Apple Updates for Multiple Vulnerabilities

Original release date: May 29, 2008
Last revised: --
Source: US-CERT

Systems Affected

* Mac OS X prior to v10.5.3
* Mac OS X Server prior to v10.4.11

Overview

Apple has released Security Update 2008-003 and OS X version 10.5.3 to
correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X
Server. Attackers could exploit these vulnerabilities to execute
arbitrary code, gain access to sensitive information, or cause a
denial of service.

I. Description
Show full article (3.30Kb)
no comments
  US-CERT Technical Cyber Security Alert -- New US-CERT PGP Key         


Author: US-CERT
Date: May 23, 2008 13:37

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New US-CERT PGP Key

US-CERT has generated a new PGP key. We use this key to sign all
publications, including documents sent to this list. Effective
immediately, this new key is available and will be valid until Thursday,
October 1, 2009. To obtain further information or to download the new
US-CERT publications PGP key, please visit

<http://www.us-cert.gov/pgp/encryptmail.html> or
<https://www.us-cert.gov/pgp/encryptmail.html>

A copy of the new key has also been included at the bottom of this
message and sent to public PGP key servers.

In accordance with good key management practices, we have also generated
a revocation certificate for the existing PGP key. The revocation
certificate for PGP key id 0x0CF3B5CE has also been included below and
sent to the public PGP key servers.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Show full article (5.79Kb)
no comments
  US-CERT Technical Cyber Security Alert TA08-137A -- Debian/Ubuntu OpenSSL Random Number Generator Vulnerability         


Author: US-CERT
Date: May 16, 2008 11:18

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA08-137A

Debian/Ubuntu OpenSSL Random Number Generator Vulnerability

Original release date: May 16, 2008
Last revised: --
Source: US-CERT

Systems Affected

* Debian, Ubuntu, and Debian-based distributions

Overview

A vulnerability in the OpenSSL package included with the Debian
GNU/Linux operating system and its derivatives may cause weak
cryptographic keys to be generated. Any package that uses the affected
version of SSL could be vulnerable.

I. Description
Show full article (4.55Kb)
no comments
  US-CERT Technical Cyber Security Alert TA08-134A -- Microsoft Updates for Multiple Vulnerabilities         


Author: US-CERT
Date: May 13, 2008 12:45

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA08-134A

Microsoft Updates for Multiple Vulnerabilities

Original release date: May 13, 2008
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Office
* Microsoft Jet Database Engine
* Microsoft Windows Live OneCare
* Microsoft Antigen
* Microsoft Windows Defender
* Microsoft Forefront Security

Overview
Show full article (3.77Kb)
no comments