tag:dreamwidth.org,2011-05-30:908460 Сисадмины всех кофеварок, соединяйтесь! Сисадмины всех кофеварок, соединяйтесь! 2017-09-15T05:08:08Z tag:dreamwidth.org,2011-05-30:908460:14155 scif_yar 2017-09-15T05:08:08Z 2017-09-15T05:08:08Z public 0 Posted by: <span lj:user='scif_yar' style='white-space: nowrap;' class='ljuser'><a href='https://scif-yar.dreamwidth.org/profile'><img src='https://www.dreamwidth.org/img/silk/identity/user.png' alt='[personal profile] ' width='17' height='17' style='vertical-align: text-bottom; border: 0; padding-right: 1px;' /></a><a href='https://scif-yar.dreamwidth.org/'><b>scif_yar</b></a></span><br /><br /><a href="http://nypost.com/2017/09/08/equifax-blames-giant-breach-on-vendor-software-flaw/">http://nypost.com/2017/09/08/equifax-blames-giant-breach-on-vendor-software-flaw/</a><br /><br /><a href="https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/">https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/</a><br /><br />(Поет) опенсорц безопасне! Миллионы глаз! Патчи!<br /><br /><img src="https://www.dreamwidth.org/tools/commentcount?user=ru_sysadmins&ditemid=14155" width="30" height="12" alt="comment count unavailable" style="vertical-align: middle;"/> comments tag:dreamwidth.org,2011-05-30:908460:13337 scif_yar 2017-07-03T19:17:32Z 2017-07-03T19:17:32Z public 0 Posted by: <span lj:user='scif_yar' style='white-space: nowrap;' class='ljuser'><a href='https://scif-yar.dreamwidth.org/profile'><img src='https://www.dreamwidth.org/img/silk/identity/user.png' alt='[personal profile] ' width='17' height='17' style='vertical-align: text-bottom; border: 0; padding-right: 1px;' /></a><a href='https://scif-yar.dreamwidth.org/'><b>scif_yar</b></a></span><br /><br />OpenVPN has this week patched four vulnerabilities, including a critical remote code execution bug, a little more than a month after the results of two security audits of the open source VPN software were published.<br /><br />The patches were released after private disclosures in May and June by researcher Guido Vranken of the Netherlands. Vranken said the vulnerabilities were not turned up in either audit, which were a combination of manual source code reviews and automated scanning; Vranken said he exclusively used a fuzzer to find these bugs<br /><br />The most critical vulnerability, CVE-2017-7521, affects OpenVPN server side and could allow an authenticated hacker to run code on a compromised box.<br /><a href="https://threatpost.com/openvpn-patches-critical-remote-code-execution-vulnerability/126425/">https://threatpost.com/openvpn-patches-critical-remote-code-execution-vulnerability/126425/</a><br /><br />Миллион миллион миллион красных глаз ..<br /><br /><img src="https://www.dreamwidth.org/tools/commentcount?user=ru_sysadmins&ditemid=13337" width="30" height="12" alt="comment count unavailable" style="vertical-align: middle;"/> comments