2010 Issue #47
ScoutNews
The weekly Security update from
the makers of SecureScout
November 26, 2010
2010 Issue #47 | ScoutNews |
Table of Contents
Product Focus |
Apache Chunked Vulnerability Scanner - The S4 Apache Chunked Vulnerability Scanner is a free utility made by SecureScout that will scan up to 256 IP addresses at once to assess if any are vulnerable to the Apache Chunked Encoding buffer overflow.
Download Here:
http://www.netvigilance.com/productdownloads?productname=apachechunkedvulnerabilityscanner
This Week in Review
Infected web sites on the rise. Some good advice on cloud security. Massive malware expected result of Cyber Monday. New sms/text - and phone based scams coming.
A word from Jesper Jurcenoks: We at netVigilance use Wikipedia for all kinds of knowledge, both security specific and other. In my view Wikipedia is the most important individual contribution that the internet has given humankind.
I am proud to contribute to Wikipedia for the 3rd year in a row, please join me in making sure that Wikipedia stays the free source of all human knowledge in the years to come.
Please follow the link to see a message from Wikipedia founder Jimmy Wales http://wikimediafoundation.org/wiki/Fundraising
Enjoy reading & Stay safe.
Call or email netVigilance to get an update on SecureScout.
(503) 524 5758 or sales@netVigilance.com
Top Security News Stories this Week
• Report: Infected Web sites double in 2010
Web-based malware growth Q3 2009 - Q3 2010
(Credit:
Dasient)
The number of Web sites infected with malware has doubled from a year ago to more than 1.2 million, according to a study released today by Internet security company Dasient.
Cnet Security
Full Story :
http://news.cnet.com/8301-27080_3-20023576-245.html?part=rss&subj=news&tag=2547-1_3-0-20
• Security for large-company cloud providers
CSO - I'm a CIO or CSO of a corporation that has yearly revenues of $1 billion or more. What are the security concerns that I have before I'm willing to deploy my IT infrastructure into a cloud? Let's flesh out the following security issues: What belongs in the cloud? How should sensitive data be protected? How are encryption upgrades addressed? How do I limit access to sensitive data? And how will critical systems metadata (data describing data) be tracked?
See also: Cloud security: The basics
Let's assume that each corporation has a variety of firewall segments and corresponding network equipment within the cloud-computing vendor's cloud. Each segment will have a variety of applications it supports. Because other companies may be in the same cloud, they may share the same firewall segment and network components, the same database, virtualized operating system, and virtualized storage. (Related: Small clouds: Security selection criteria)
Computerworld
Full Story :
http://www.computerworld.com/s/article/9197879/Security_for_large_company_cloud_providers?source=rss_security
• Cyber Monday: Beware the malware
It's the Monday after Thanksgiving and you're sitting at your work computer suffering from food coma. Too bloated to get any real work done, you decide to do something that doesn't occupy too much of the brain--online Christmas shopping.
There's more at stake here than the cost of shipping and handling, though. First off, you're boss probably doesn't want you to be surfing Amazon when you have spreadsheets to complete. Secondly, you could be opening up the corporate network to malicious hackers during what is known to be a particularly risky period.
Scammers are ready for unsuspecting online shoppers to be hunting for holiday bargains that hit on what has become known as Cyber Monday (given that more than 40 percent of you will be buying holiday gifts online, according to this survey). There will no doubt be malware hiding on retail sites, fake sites created just for distributing viruses and Trojans, and e-mails with malware-laden attachments and links leading to nastiness.
Cnet Security
Full Story :
http://news.cnet.com/8301-27080_3-20023728-245.html?part=rss&subj=news&tag=2547-1_3-0-20
• FBI warns of SMS and phone-based phishing scams
Social networking sites and search engines are expected to be hit hard by cybercriminals this holiday season, but the FBI is warning consumers about two other threats they may encounter - so called "smishing" and "vishing" scams.
Both threats are variations of phishing, but smishing uses SMS texts to initiate the scam, while vishing uses automated phone calls.
Reports of these types of scams date back to at least 2006, but the FBI's Internet Crime Complaint Center (IC3) issued an advisory Friday warning consumers that they will be prevalent this holiday season.
In these types of attacks, a user receives a text message or automated phone call to their cell phone stating there is a problem with their bank account, the FBI said in its advisory. The user is given a phone number to call or a website to log onto to provide account credentials to remedy the issue.
SC Magazine
Full Story :
http://www.scmagazineus.com/fbi-warns-of-sms-and-phone-based-phishing-scams/article/191565/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineNews+%28SC+Magazine+News%29
New Vulnerabilities Tested in SecureScout
• 14609 Adobe Acrobat / Reader input validation Vulnerability (CVE-2010-3627) (Remote File Checking)
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via unknown vectors.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3627 (cve.mitre.org, nvd.nist.gov)
• 14610 Adobe Acrobat / Reader memory corruption Vulnerability (CVE-2010-3628) (Remote File Checking)
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3632, and CVE-2010-3658.
Test Case Impact: Gather Info Vulnerability Impact: DoS / Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3628 (cve.mitre.org, nvd.nist.gov)
• 14611 Adobe Acrobat / Reader image-parsing input validation Vulnerability (CVE-2010-3629) (Remote File Checking)
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620.
Test Case Impact: Gather Info Vulnerability Impact: Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3629 (cve.mitre.org, nvd.nist.gov)
• 14612 Adobe Acrobat / Reader denial of service or code execution Vulnerability (CVE-2010-3630) (Remote File Checking)
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
Test Case Impact: Gather Info Vulnerability Impact: DoS / Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3630 (cve.mitre.org, nvd.nist.gov)
• 14613 Adobe Acrobat / Reader memory corruption Vulnerability (CVE-2010-3632) (Remote File Checking)
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658.
Test Case Impact: Gather Info Vulnerability Impact: DoS / Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3632 (cve.mitre.org, nvd.nist.gov)
• 14614 Adobe Acrobat / Reader denial of service Vulnerability (CVE-2010-3656) (Remote File Checking)
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657.
Test Case Impact: Gather Info Vulnerability Impact: DoS Risk: Medium
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3656 (cve.mitre.org, nvd.nist.gov)
• 14615 Adobe Acrobat / Reader denial of service Vulnerability (CVE-2010-3657) (Remote File Checking)
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656.
Test Case Impact: Gather Info Vulnerability Impact: DoS Risk: Medium
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3657 (cve.mitre.org, nvd.nist.gov)
• 14616 Adobe Acrobat / Reader memory corruption Vulnerability (CVE-2010-3658) (Remote File Checking)
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632.
Test Case Impact: Gather Info Vulnerability Impact: DoS / Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* CONFIRM: apsb10-21
http://www.adobe.com/support/security/bulletins/apsb10-21.html
* REDHAT: RHSA-2010:0743
http://www.redhat.com/support/errata/RHSA-2010-0743.html
* SUSE: SUSE-SA:2010:048
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
* CERT: TA10-279A
http://www.us-cert.gov/cas/techalerts/TA10-279A.html
CVE Reference:
CVE-2010-3658 (cve.mitre.org, nvd.nist.gov)
• 14617 Adobe Acrobat / Reader memory corruption Vulnerability (CVE-2010-3654) (Remote File Checking)
Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Test Case Impact: Gather Info Vulnerability Impact: DoS / Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* MISC:
http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html
* CONFIRM:
http://www.adobe.com/support/security/advisories/apsa10-05.html
* CONFIRM:
http://www.adobe.com/support/security/bulletins/apsb10-26.html
* CONFIRM:
http://support.apple.com/kb/HT4435
* APPLE: APPLE-SA-2010-11-10-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
* REDHAT: RHSA-2010:0829
http://www.redhat.com/support/errata/RHSA-2010-0829.html
* REDHAT: RHSA-2010:0834
http://www.redhat.com/support/errata/RHSA-2010-0834.html
* CERT-VN: VU#298081
http://www.kb.cert.org/vuls/id/298081
* BID: 44504
http://www.securityfocus.com/bid/44504
* SECTRACK: 1024659
http://www.securitytracker.com/id?1024659
* SECTRACK: 1024660
http://www.securitytracker.com/id?1024660
* SECUNIA: 41917
http://secunia.com/advisories/41917
* SECUNIA: 42030
http://secunia.com/advisories/42030
* SECUNIA: 42183
http://secunia.com/advisories/42183
* VUPEN: ADV-2010-2903
http://www.vupen.com/english/advisories/2010/2903
* VUPEN: ADV-2010-2906
http://www.vupen.com/english/advisories/2010/2906
* VUPEN: ADV-2010-2918
http://www.vupen.com/english/advisories/2010/2918
CVE Reference:
CVE-2010-3654 (cve.mitre.org, nvd.nist.gov)
• 14618 Adobe Reader memory corruption Vulnerability (CVE-2010-4091) (Remote File Checking)
The EScript.api plugin in Adobe Acrobat Reader 9.4.0, 8.1.7, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Test Case Impact: Gather Info Vulnerability Impact: DoS / Attack Risk: High
References:
* VUPEN: VUPEN/ADV-2010-2573
http://www.vupen.com/english/advisories/2010/2573
* SECTRACK: 1024511
http://securitytracker.com/alerts/2010/Oct/1024511.html
* BID: 43724
http://www.securityfocus.com/bid/43724
* NETVIGILANCE-UNKNOWN: 15419
http://www.exploit-db.com/exploits/15419
* FULLDISC: 20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution
http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html
* MISC:
http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html
* MISC:
http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html
* BID: 44638
http://www.securityfocus.com/bid/44638
* OSVDB: 69005
http://osvdb.org/69005
* SECUNIA: 42095
http://secunia.com/advisories/42095
* VUPEN: ADV-2010-2890
http://www.vupen.com/english/advisories/2010/2890
* XF: adobe-reader-pdf-file-ce(62996)
http://xforce.iss.net/xforce/xfdb/62996
CVE Reference:
CVE-2010-4091 (cve.mitre.org, nvd.nist.gov)
New Vulnerabilities found this Week
• CVE-2010-3872 Apache CVSS 2.0 Score = 7.2
The apr_status_t fcgid_header_bucket_read function in fcgid_bucket.c in Apache mod_fcgid before 2.3.6 does not use bytewise pointer arithmetic in certain circumstances, which has unknown impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: https://issues.apache.org/bugzilla/show_bug.cgi?id=49406
XF: http://xforce.iss.net/xforce/xfdb/63303
VUPEN: http://www.vupen.com/english/advisories/2010/2998
VUPEN: http://www.vupen.com/english/advisories/2010/2997
MLIST: http://www.gossamer-threads.com/lists/apache/announce/391406
SECUNIA: http://secunia.com/advisories/42302
SECUNIA: http://secunia.com/advisories/42288
OSVDB: http://osvdb.org/69275
FEDORA: http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050976.html
FEDORA: http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050932.html
FEDORA: http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050930.html
CVE Reference: CVE-2010-3872
• CVE-2010-3803 Apple CVSS 2.0 Score = 9.3
Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: http://support.apple.com/kb/HT4455
APPLE: http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
CVE Reference: CVE-2010-3803
• CVE-2010-3805 Apple CVSS 2.0 Score = 9.3
Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving WebSockets. NOTE: this may overlap CVE-2010-3254.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: http://support.apple.com/kb/HT4455
APPLE: http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
CVE Reference: CVE-2010-3805
• CVE-2010-3808 Apple CVSS 2.0 Score = 9.3
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: http://support.apple.com/kb/HT4455
APPLE: http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
CVE Reference: CVE-2010-3808
• CVE-2010-3809 Apple CVSS 2.0 Score = 9.3
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: http://support.apple.com/kb/HT4455
APPLE: http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
CVE Reference: CVE-2010-3809
• CVE-2010-3811 Apple CVSS 2.0 Score = 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: http://support.apple.com/kb/HT4455
APPLE: http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
CVE Reference: CVE-2010-3811
• CVE-2010-3812 Apple CVSS 2.0 Score = 9.3
Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: http://support.apple.com/kb/HT4455
APPLE: http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
CVE Reference: CVE-2010-3812
• CVE-2010-3816 Apple CVSS 2.0 Score = 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.
Test Case Impact: Vulnerability Impact: Risk: High
References:
CONFIRM: http://support.apple.com/kb/HT4455
APPLE: http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html
CVE Reference: CVE-2010-3816
Vulnerability Resource
Check out this compendium of links and up-to-the minute information about network security issues.
Their claim to be the 'security portal for information system security professionals' is well founded.
http://www.infosyssec.org/infosyssec/
Thank You
Thanks for sifting through another great edition of the ScoutNews. We hope we captured a flavor for the week and gave you
just enough information on newly found vulnerabilities to keep you up-to-date. To subscribe or unsubscribe, contact us at
ScoutNews@netVigilance.com
About SecureScout
SecureScout is a leading vulnerability scanner and management tool developed and marketed worldwide by NexantiS Corporation.
SecureScout is a trademark of NexantiS Corporation.
netVigilance, Inc. is a partner of NexantiS and an authorized distributor of SecureScout.
For any inquiry about SecureScout by:
Customers in America and Northern Europe contact us at info@netVigilance.com
Customers in France, Italy, Spain, Portugal, Greece, Turkey, Eastern Europe, Middle East, Africa and Asia/Pacific, contact NexantiS at
info-scanner@securescout.net