Assorted Links
Published on 2 Aug 2006 · Filed in News · 193 words (estimated 1 minutes to read)I have a variety of links and articles, mostly security related, that aren’t really substantial enough for a full-blown entry, but I wanted to mention them anyway.
-
Vulnerabilities have been uncovered in a variety of Cisco products, ranging from the web interface in their routers to their Call Manager software. In addition, the VPN 3000 series VPN concentrators are open to a denial of service (DoS) attack.
-
There’s some question about the recent MS06-035 patch released by Microsoft and whether it actually patches the vulnerability. The MSRC (Microsoft Security Response Center) blog insists that proof of concept (PoC) code released after MS06-035 exploits a new vulnerability. I’m not sure which is worse–Microsoft failing to properly patch, or that a new vulnerability has been discovered?
-
Apple has released a new security update, fixing a number of vulnerabilities in various components.
-
Supposedly, a Mac OS X laptop will be/was hijacked via Wi-Fi at the Black Hat Conference today. Security researchers are trying to bring attention to security flaws in device drivers, an often-overlooked portion of many operating systems.
UPDATE: Apparently, the Wi-Fi hijacking of an Apple MacBook was indeed demonstrated yesterday; see this updated article.