Information Security

Windows Security

Syndicate content
Pipes Output
Updated: 1 hour 4 min ago

PHP Fixes Several Bugs in Version 5.4 and 5.5, (Fri, Sep 19th)

Fri, 09/19/2014 - 18:41

PHP announced the released of version 5.5.17 and 5.4.33. Ten bugs were fixed in version 5.4.33 and 15 bugs were fixed in version 5.5.17. All PHP users are encouraged to upgrade.The latest version are available for download here.

[1] http://php.net/ChangeLog-5.php#5.4.33
[2] http://php.net/ChangeLog-5.php#5.5.17
[3] http://windows.php.net/download

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Categories: Vulnerability Pipes

Web Scan looking for /info/whitelist.pac, (Fri, Sep 19th)

Thu, 09/18/2014 - 20:37

Nathan reported today that he has been seeing a new trend of web scanning against his webservers looking for /info/whitelist.pac. The scanning he has observed is over SSL. He has been observing this activity since the 22 Aug.

[22/Aug/2014:18:55:32 -0500]    xx.12.93.178    GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
[...]
[14/Sep/2014:11:10:05 -0500]    xx.216.137.7    GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
[14/Sep/2014:13:16:19 -0500]    xx.174.190.254 GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
[14/Sep/2014:14:03:48 -0500]    xx.252.188.49   GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
[14/Sep/2014:17:10:40 -0500]    xx.17.199.47     GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
[14/Sep/2014:21:10:26 -0500]    xx.13.136.13     GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
[16/Sep/2014:06:30:15 -0500]    xx.10.51.74       GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
[16/Sep/2014:14:03:54 -0500]    xx.240.174.203  GET /info/whitelist.pac HTTP/1.1   Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

Is anyone else seeing similar activity against their webservers?

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Categories: Vulnerability Pipes

Vuln: Microsoft Internet Explorer CVE-2014-4092 Remote Memory Corruption Vulnerability

Tue, 09/16/2014 - 19:00
Microsoft Internet Explorer CVE-2014-4092 Remote Memory Corruption Vulnerability
Categories: Vulnerability Pipes

Vuln: Microsoft Internet Explorer 'CAttrValue' Style Attribute Remote Memory Corruption Vulnerability

Tue, 09/16/2014 - 19:00
Microsoft Internet Explorer 'CAttrValue' Style Attribute Remote Memory Corruption Vulnerability
Categories: Vulnerability Pipes