Click Here To Whizz To The Radar Page

About Us  |  Services  | Advertise  | Contact

  

 
   
IDS & IPS Products
Scanning Products
Firewall Products
Forensics Solutions
Content Protection
Training Courses
Raw Packets
Bug Sweeping / TSCM
Miscellaneous
Services

Computer Network Defence Alert State
 The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current security threat.  Increase in alert state will occur immediately upon detection of a new threat and drop again by one level each working day.  The rationale is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product.  It is important that the radar page is viewed at least daily in order to track these changes. Reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.


New Page
Identity & Access Management

 


Check out our Security Product Directory
 

NORMAL This alert state represents the normal level of security with minimal activity relating to the product.  The next stage above this level is 2, however falling alerts will go through 1 when returning to normal.

LOW This alert state indicates that an alert has been recognised for this product within the last few days but it is now returning to normal.  Inclusion of this level is for viewers that don't monitor this alert system regularly.

INCREASED This alert state indicates a need to increase the security posture due to an emerging threat for which there is currently no exploit, or you are witnessing the reduction in alert state after being at level 3 for more than 1 working day.

HIGH This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.
 

PATCHES This alert state indicates that patches are available for vulnerabilities that had previously resulted in a need for the alert state to increase and subsequently fall. The level of 2 or 3 indicates the urgency to patch.

EXPLOIT This alert state indicates that exploit code is available for vulnerabilities that had previously resulted in a need for the alert state to increase and subsequently fall. The level of 2 or 3 indicates the threat of the exploit.
     
Some vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to conduct spoofing attacks and bypass certain security restrictions.
More info.
IBM has acknowledged a vulnerability in IBM HTTP Server, which can be exploited by malicious people to potentially compromise a vulnerable system.
Successful exploitation requires that "mod_isapi" is enabled (disabled by default).
More info.
Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose sensitive information or potentially compromise a user's system.
More info.
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and bypass certain security restrictions, and by malicious people to cause a DoS.
More info here and here.
F5 has acknowledged some vulnerabilities in FirePass, which can potentially be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to unspecified parts of the product being built using a vulnerable ATL (Active Template Library) version.
A patch is available.
More info.

Also, F5 has acknowledged a vulnerability in FirePass, which can be exploited by malicious people to conduct spoofing attacks.
This remains unpatched.
More info.
SUSE has issued an update for OpenOffice_org. This fixes multiple vulnerabilities and a security issue, which can be exploited by malicious people to conduct spoofing attacks and compromise a user's system.
More info.
A vulnerability has been identified in SAP MaxDB, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error within the "serv.exe" process when handling a malformed handshake packet sent to port 7210/TCP, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges.
More info.
 

 
 

 

 
 

 
 
 

 

Click Here To Go To The Top Of The Page

Computer Network Defence Ltd /font> AndyCuff@securitywizardry.com 

Copyright © 2004-2009 Computer Network Defence Ltd. All Rights Reserved.

PO Box 2680, Corsham, Wiltshire, SN13 0ZR, UK
Phone       0870 3219014
International +44 (0) 1225 811806