Site Archives Buffer Overflow
Does Vista Have a New Vulnerability?
There have been reports of a new vulnerability in Microsoft Vista that would allow a local user to run code as System, which is an even higher privilege level than Administrator. However, the user would have to be an Administrator to exploit the vulnerability, and the practical differences between Administrator and System are minimal. So really, there is not much of a reason to be concerned. If you see reports for an iphlpapi.dll Local Kernel Buffer Overflow, a Vista TCP/IP stack buffer overflow or a CreateIpForwardEntry2 this is the issue being referenced. There is no need to panic. In fact, Microsoft is not releasing an out-of-band patch for this issue, so they don’t believe it’s that critical. Phion AG, the researcher group who found the vulnerability, has released a patch of its own, but we do not recommend you install it at this time.
Backup Exec Multiple Vulnerabilities
GSA Reference Number: AD081120-01
Simply Put: Symantec Backup Exec versions 11.x and 12.x are vulnerable to a denial of service attack and an authentication bypass attack. These vulnerabilities, if exploited together, can lead to a remote code exploit. Both issues affect the Backup Exec Remote Agent.
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.
Monthly Archives
Find posts by the month they were written.
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007