SEARCH
Archive
Cisco Fixes Kerberos Authentication Bypass Bug in ASA Software
Cisco has patched a dangerous flaw in its Adaptive Security Appliance Software that could allow an attacker to bypass authentication when Kerberos is enabled.
Fortinet Products Used Hardcoded Encryption Key
Several Fortinet products had a hardcoded encryption key that could allow for passive monitoring of user traffic.
Open Source Flan Scan Combines Nmap with Vulnerability Scanning
Cloudflare has open sourced Flan Scan, a “lightweight” network vulnerability scanner that it uses in-house to help identify vulnerable services running in its vast network. Early reactions suggest that it shouldn’t be the sole vulnerability management tool being used in the network.
Audit Uncovers Critical Flaw in iTerm2
A Mozilla-funded security audit of the iTerm2 terminal emulator for macOS found a critical remote-code execution bug.
Serious New Bug Emerges in Exim
A newly discovered buffer overflow in the Exim mail server can be used to cause a denial-of-service and possibly remote code execution.