Hackin9
Drupal Entity API Module Multiple Access Bypass Vulnerabilities
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A smart watch from Samsung Electronics, an Acer smartphone that can shoot 4K video and a Sony one with a 20-megapixel sensor, plus a plethora of tablets and TVs are all expected at this year's IFA consumer electronics show.
 

"Cisco Adaptive Security Appliance (ASA) Software contains a vulnerability that could allow an unauthenticated, remote attacker to fill the connection table in the ASA preventing new connections to be established through the device."[1]
"A vulnerability in the memory management when executing either the show monitor session all or show monitor session command-line interface (CLI) commands on the Cisco Unified Computing System (UCS) 6100 Series Fabric Interconnects could allow an authenticated, local attacker to trigger a memory leak."[2]
"A vulnerability in the Routing Information Protocol (RIP) process of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the RIP process to crash."[3]
"A vulnerability in Web Administrator Interface of Cisco Wireless LAN Controllers (WLC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition."[4]

[1] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463
[2] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3467
[3] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3470
[4] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3474

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

The CD includes some new tools and updated scripts. It is available in two versions, 32-bit and 64-bit. The install.pdf document on how to install and configure the system is located in the rel_note directory.

Version 7.3 contains new tools, GUI and database: gulp, nfsen, SQueRT, ssdeep, PassiveDNS with database, Sagan, nfdump, rrdtool, rsyslog and pf_ring.

This page contains additional information, where to download the ISO and the documentation.

[1] http://handlers.dshield.org/gbruneau/shadow.htm

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Verizon Communications has reached an agreement to buy Vodafone Group's 45 percent stake in its Verizon Wireless subsidiary for US$130 billion.
 
Defense in depth -- the Microsoft way (part 9): erroneous documentation
 
Full Disclosure - Multiple vulnerabilities in five Zoom ADSL Modem/Routers
 
list of vulnerability discovered by RealPentesting
 
[SECURITY] [DSA 2747-1] cacti security update
 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
CourseMill Learning Management System CVE-2013-3603 Unspecified Cross Site Scripting Vulnerability
 
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
 
Django 'is_safe_url()' Function Cross Site Scripting Vulnerability
 
[slackware-security] gnutls (SSA:2013-242-03)
 
Microsoft plans to retire its Masters level certification exams by Oct. 1 this year, generating strong protests on blogs and community forums from IT professionals.
 
Three HTC employees are under investigation in Taiwan for allegedly leaking company secrets and embezzling money from the smartphone maker.
 
Verizon and Vodafone are close to a deal that will see the U.S.-based carrier buy out the U.K. company's stake in Verizon Wireless for US$130 billion, according to press reports.
 
Maybe people are listening to Microsoft's demand that they ditch Windows XP.
 
Cacti 'id' Parameter SQL Injection Vulnerability
 
Cacti Cross Site Scripting and HTML Injection Vulnerabilities
 
Internet Storm Center Infocon Status