http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2008-08-29 18:04:16 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/47976.shtmlhttp://www.secuobs.com/revue/news/47976.shtml 2008-08-29 17:03:13 - Les derniers documents du CERTA. : CERTA-2008-AVI-432http://www.secuobs.com/revue/news/47954.shtmlhttp://www.secuobs.com/revue/news/47954.shtml 2008-08-29 11:03:40 - Global Security Mag Online : Plusieurs vulnérabilités ont été annoncées dans Red Hat Directory Server,la plus grave pouvant conduire à l'exécution de codeGravité : 3/4Conséquences : accès/droits privilégiéProvenance : client intranetMoyen d'attaque : aucun démonstrateur, aucune attaqueCompétence de l'attaquant : expert 4/4Confiance : confirmé par l'éditeur 5/5Diffusion de la configuration vulnérable : élevée 3/3Date création : 28/08/2008Référence : VIGILANCE-VUL-8070PRODUITS CONCERNÉSRed Hat - Vulnérabilitéshttp://www.secuobs.com/revue/news/47926.shtmlhttp://www.secuobs.com/revue/news/47926.shtml 2008-08-27 05:02:50 - SearchWindowsSecurity.com Advice for securing Windows : In this thread from our IT Knowledge Exchange ITKE, learn how you cankeep your Windows Server 2003 system up to date with the latestsecurity patches without even being connected to the InternetIMAGEIMAGEhttp://www.secuobs.com/revue/news/47471.shtmlhttp://www.secuobs.com/revue/news/47471.shtml 2008-08-27 03:04:27 - Hack In The Box : Attacks in the wild are under way against Linux systems with compromisedSSH keys, the US Computer Emergency Readiness Team is warning Theattacks appear to use stolen SSH keys to take hold of a targetedmachine and then gain root access by exploiting weaknesses in thekernel The attacks then install a rootkit known as Phalanx2, whichscours the newly infected system for additional SSH keys There's aviral aspect to this attack As new SSH keys are stolen, new machinesare potentially vulnerable to attack The CERT advisory makes nomention of the flaw in the Debian random number generator, but that'smost likely the starting point for the attack The flaw caused SSLkeys generated for more than a year to be so predictable that theycould be guessed in a matter of hours Debian fixed the flaw in Mayhttp://www.secuobs.com/revue/news/47429.shtmlhttp://www.secuobs.com/revue/news/47429.shtml 2008-08-27 01:05:31 - Security Park : SteelEye Technology Inc has announced general availability of SteelEyeProtection Suite, a comprehensive solution that provides disasterprotection of virtual machines running on Citrix XenServer SteelEyeProtection Suite delivers real-time LAN and WAN replication ofXenServer virtual machines It is designed for companies that havemigrated critical enterprise applications to XenServer virtualhttp://www.secuobs.com/revue/news/47409.shtmlhttp://www.secuobs.com/revue/news/47409.shtml 2008-08-26 23:03:18 - Black Hat Announcements : Black Hat will have some intermittent scheduled downtime Wednesday,August 27 and Thursday, August 28 We appreciate your patience as weperform some much-needed upgradeshttp://www.secuobs.com/revue/news/47381.shtmlhttp://www.secuobs.com/revue/news/47381.shtml 2008-08-26 04:01:36 - News : Microsoft Friday said it has completed development on Small BusinessServer 2008 and that the software will hit its targeted ship date ofNov 12read moreIMAGEhttp://www.secuobs.com/revue/news/47213.shtmlhttp://www.secuobs.com/revue/news/47213.shtml 2008-08-25 16:03:49 - Latest from Computerworld : The biggest driver for the server market as a whole during the quarterwas x86 system replacements, according to GartnerIMAGEIMAGEhttp://www.secuobs.com/revue/news/47052.shtmlhttp://www.secuobs.com/revue/news/47052.shtml 2008-08-23 05:05:20 - Computer Security News : August 22, 2008 Red Hat confirmed Friday that hackers compromisedinfrastructure servers belonging to the company and the FedoraProject, including systems used to sign Fedora packageshttp://www.secuobs.com/revue/news/46844.shtmlhttp://www.secuobs.com/revue/news/46844.shtml