SEARCH RESULTS
 
Showing 1-10 of 321 records
 
Expand article

Recent Symantec and IBM vulnerabilities, giblets, banned APIs and the SDL

2008-01-04 23:37:00 by sdl in The Security Development Lifecycle
 
...vulnerabilities in various Symantec email security products. The bugs caught my eye for a number of reasons First and foremost, security bugs in security products are always of great interest and concern to me, because customers use security technology to defend themselves from attack Second, I like to analyze security vulnerabilities in...
 
Tags: linker sdl requirements, sdl requirements, ibm, sdl, requirements, symantec, bugs affect ibm, bugs, sdl refers
 
 
 
 
Expand article

Getting vulnerabilities in the application fixed

2007-10-27 13:20:07 by RaviC in Musings on Information Security
 
...vulnerabilities that is detected in the application Let us accept the fact that developers are mostly busy focusing their time and effort on the functionality of application. Most of the time the software development manager gets away by using the busy excuse. One approach that I suggest you could is to rank the vulnerabilities based on...
 
Tags: vulnerabilities, software development manager, vulnerabilities based, risk acceptance form, risk, severitythreat vulnerabilities, form, form acknowledge, application
 
 
 
 
Expand article

Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more....

2008-01-08 16:42:40 by HASH0x8940138 in Blue Box: The VoIP Security Podcast
 
...vulnerabilities, top 10 lists, VoIP security trends for 2008 and more Welcome to Blue Box: The VoIP Security Podcast #74, a 44-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the show automatically You may also listen...
 
Tags: trends, vulnerabilities, voip security trends, security, trixbox vulnerabilities, voip vulnerabilities, listener comment line, comment line, top
 
 
 
 
Expand article

Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more....

2008-01-08 17:42:39 by Dan York in Blue Box: The VoIP Security Podcast
 
...vulnerabilities, top 10 lists, VoIP security trends for 2008 and more Welcome to Blue Box: The VoIP Security Podcast #74, a 44-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the show automatically You may also listen...
 
Tags: trends, vulnerabilities, voip security trends, security, trixbox vulnerabilities, voip vulnerabilities, listener comment line, comment line, top
 
 
 
 
Expand article

What If All Vulnerabilities Had This Disclosure Timeline?

2008-02-07 02:08:33 by Chris Wysopal in Zero in a bit
 
...vulnerabilities in its shipping products. Still, the first disclosure time line is troubling Gleg knew how to reproduce this problem at least a month before yet they didnt tell the vendor, just their customers. Its unclear what benefit Glegs customers get from the vendor not knowing this information unless they use this information to...
 
Tags: vulnerability finders, vulnerability, vulnerability exists, heap overflow vulnerability, gleg realplayer vulnerability, gleg customer, customer, gleg, exploit code
 
 
 
 
Expand article

Covert channel vulnerabilities in anonymity systems

2007-12-10 10:39:42 by Steven J. Murdoch in Light Blue Touchpaper
 
...vulnerabilities in anonymity systems has now been published The spread of wide-scale Internet surveillance has spurred interest in anonymity systems that protect users privacy by restricting unauthorised access to their identity. This requirement can be considered as a flow control policy in the well established field of multilevel secure...
 
Tags: covert, covert channel vulnerabilities, vulnerabilities, network covert channels, covert channels, channels, covert channel, anonymity systems, systems
 
 
 
 
Expand article

Security World: Top 5 VoIP vulnerabilities in 2007

2007-12-14 01:50:02 by Editor in Help Net Security - News
 
Sipera VIPER Lab revealed the Top 5 VoIP Vulnerabilities in 2007. In assembling this list, the Sipera VIPER team reviewed 2007 vendor and media reports of known vulnerabilities and estimated the impac
 
Tags: vulnerabilities, voip vulnerabilities, sipera viper team, sipera viper lab, media reports, top, impac, list, vendor
 
 
 
 
Expand article

Red Hat Enterprise Linux 4 Passes 1000 Vulnerabilities

2007-10-16 17:23:36 by jrjones in Jeff Jones Security Blog
 
...vulnerabilities is apparently a good thing in the world of Red Hat Truth Well, for those who actively support that theory, I have some fantastic news for them! According to my calculations, in July 2007, the Red Hat Enterprise Linux 4 team fixed their 1000th unique security vulnerability. Now, 164 of these were Low severity and 479 were...
 
Tags: red hat, fixed, software flaws fixed, red hat truth, team fixed, microsoft, security vulnerabilities, team, minor bugs
 
 
 
 
Expand article

Blue Box #70: 2-yr Anniversary show, VoIP security vulnerabilities, Vonage, Comcast, phishing, listener comments and much, much more...

2007-11-07 21:52:53 by HASH0x89e6354 in Blue Box: The VoIP Security Podcast
 
...vulnerabilities, Vonage, Comcast, phishing, listener comments and much, much more Welcome to Blue Box: The VoIP Security Podcast #70, a 51-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 21MB) or subscribe to the RSS feed to download the show automatically You may...
 
Tags: voip security, voip security vulnerabilities, voip security news, voip, voip security podcast, consumer voip, vulnerabilities, sans voip security, sans