+233-2990093-27/29

Security Advisories

The Shellshock Bug

Shellshock Shellshock, the newly discovered vulnerability that allows attackers to inject code into the affected systems, puts your machines at a serious risk for malicious attacks. Systems Affected · GNU Bash through 4.3. · Linux and Mac OS X systems, on which Bash is part of the base operating system. · Any BSD or UNIX […]

Read More


Vulnerabilities in Adobe Reader and Acrobat

Vulnerabilities in Adobe Reader and Acrobat Date of First Release: 19-05-2014 Date of Last Release: 19-05-2014 Source: Adobe, Common Vulnerabilities Exposures (CVE) System Affected: 1. Adobe Reader XI (11.0.06) and earlier 11.x versions for Windows and Macintosh 2. Adobe Reader X (10.1.9) and earlier 10.x versions for Windows and Macintosh 3. Adobe Acrobat XI (11.0.06) […]

Read More


Juniper ScreenOS Vulnerability

Juniper Screenos is vulnerable to a Denial of Service (DoS) from malformed SSL packets Date of First Release: 19-05-2014 Date of Last Release: 19-05-2014 Source: Juniper System Affected: Juniper ScreenOS 6.3 Overview: Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS […]

Read More


OpenSSL Vulnerability by Man in The Middle (MITM) attack

OpenSSL Vulnerability by Man in The Middle (MITM) attack Date of First Release: 09-06-2014 Source: US-CERT, OpenSSL OS Affected: Fedora Project, FreeBSD Project, Debian GNU/Linux, OpenSSL, Red Hat, Inc., Ubuntu. Overview: A carefully crafted handshake can be used by an attackers to force the use of weak keying material in OpenSSL SSL/TLS clients and servers. […]

Read More


FrontAccounting Multiple SQL injection vulnerabilities

FrontAccounting Multiple SQL injection vulnerabilities Date of First Release: 05-06-2014 Source: US-CERT/NIST Systems Affected: FrontAccounting version below 2.3.21. Description: Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21. Allow remote attackers to execute arbitrary SQL commands on the FrontAccounting database. Impact: The vulnerability could allow: • unauthorized disclosure of information • unauthorized modification and • […]

Read More


Multiple TOMCAT vulnerabilities

Multiple TOMCAT vulnerabilities Date of First Release: 31-05-2014 Source: US-CERT/NIST Systems Affected: 1: Tomcat before version 6.0.40 2: Tomcat 7.x before 7.0.54 3: Tomcat 8.x before 8.0.6 Description: java/org/apache/catalina/servlets/DefaultServlet.java does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a carefully crafted web application. Impact: The […]

Read More