Click Here To Whizz To The Radar Page

About Us  |  Services  | Advertise  | Contact

  

 
   
IDS & IPS Products
Scanning Products
Firewall Products
Forensics Solutions
Content Protection
Training Courses
Raw Packets
Bug Sweeping / TSCM
Miscellaneous
Services

Computer Network Defence Alert State
 The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current security threat.  Increase in alert state will occur immediately upon detection of a new threat and drop again by one level each working day.  The rationale is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product.  It is important that the radar page is viewed at least daily in order to track these changes. Reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.


New Page
Identity & Access Management

 


Check out our Security Product Directory
 

NORMAL This alert state represents the normal level of security with minimal activity relating to the product.  The next stage above this level is 2, however falling alerts will go through 1 when returning to normal.

LOW This alert state indicates that an alert has been recognised for this product within the last few days but it is now returning to normal.  Inclusion of this level is for viewers that don't monitor this alert system regularly.

INCREASED This alert state indicates a need to increase the security posture due to an emerging threat for which there is currently no exploit, or you are witnessing the reduction in alert state after being at level 3 for more than 1 working day.

HIGH This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.
 

PATCHES This alert state indicates that patches are available for vulnerabilities that had previously resulted in a need for the alert state to increase and subsequently fall. The level of 2 or 3 indicates the urgency to patch.

EXPLOIT This alert state indicates that exploit code is available for vulnerabilities that had previously resulted in a need for the alert state to increase and subsequently fall. The level of 2 or 3 indicates the threat of the exploit.
Update 02 Sep:  Exploit Database has released a 0-day for Quicktime.  Details are technical, expect exploits.
More info.

A vulnerability has been discovered in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
Successful exploitation allows execution of arbitrary code.
More info.
Update 02 Sep:  The list of affected software continues to grow, no slow down in reports on affected software yet.

Update 31 Aug:  Microsoft has released a workaround and an automated "Microsoft Fix It" solution that can be used to block loading of libraries from remote locations.
More info.

The list of insecure software as a result of the Microsoft Insecure Library Loading vulnerability grows.  Assume if it runs on Windows, it's insecure!
The vulnerabilities affect applications using the "LoadLibrary", "SearchPath", "CreateProcess" and "ShellExecute" APIs in an insecure manner, and allow attackers to cause a vulnerable application to load a malicious DLL when opening a file from an untrusted network location.
More info.
A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the processing of Border Gateway Protocol (BGP) packets and can be exploited to continuously reset BGP peering sessions via a specially crafted peer prefix announcement with an unrecognised attribute.
The vulnerability is reported in all Cisco IOS XR Software devices configured with BGP routing.
More info.
VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service), malicious users to cause a DoS, and malicious people to bypass certain security restrictions and potentially compromise a vulnerable system.
More info.
 
   
 
A vulnerability has been reported in Hitachi Cosminexus products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
More info.
 
   
 
SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information, and by malicious people to cause a DoS.
More info.
 
   
Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to the use of vulnerable WebKit code.
More info.
 
   
 
 Exploit Database has released a 0-day for Adobe Reader and Flash.  Details are technical, expect exploits.
More info.

 

Click Here To Go To The Top Of The Page

Useful Links

These are links our analysts and radar page patrons find useful.  If you would like to suggest a link for this section, please send your suggestions to michele.jordan at securitywizardry.com

http://isc.sans.org/
http://www.us-cert.gov/
http://www.auscert.org.au/
http://cve.mitre.org/

http://www.cert.org/advisories/
http://secunia.com/Advisories
http://www.vupen.com/english/security-advisories/
http://www.securityfocus.com/vulnerabilities
http://www.coresecurity.com/content/corelabs-advisories

http://www.iss.net/threats/ThreatList.php
http://www.sourcefire.com/products/snort/vrt_advisories/

Click Here To Go To The Top Of The Page

Computer Network Defence Ltd AndyCuff@securitywizardry.com 

Copyright © 2004-2010 Computer Network Defence Ltd. All Rights Reserved.

PO Box 2680, Corsham, Wiltshire, SN13 0ZR, UK
Phone       0870 3219014
International +44 (0) 1225 811806