Fighting malware and spam
Vulnerability hits F-Secure gateway products
Flaw in OpenSSL could allow DoS on servers.
A vulnerability in OpenSSL software, used to access the administration interface in some F-Secure gateway and mail protection products, could allow remote attackers to carry out a denial of service attack on servers running the product, F-Secure have announced.
The OpenSSL flaw can also be used to gain remote system access in some cases, but F-Secure's implementation is only vulnerable to DoS attacks. The affected products are F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper, versions 6.4 and up, and admins running this software are advised to update to ensure they are protected.
Both hotfixes for OpenSSL and updated versions of the F-Secure software are available. The original OpenSSL advisory is here, while F-Secure's alert, including links to fixed products versions, is here. A Secunia alert on the issue can be found here.
29 November 2006
Tags:
virus 
del.icio.us 
digg this
Poll
Who in your company is responsible for installing software patches?Leave a comment
VB100 certification
The final VB100 of the year sees a double whammy of potential
pitfalls for our comparative participants - the
Vista operating system, which still seems shiny
and new as well as a little scary (to both developers and users), as well
as the x64 architecture, whose ostensible compatibility with standard
32-bit software belies oddities and intricacies that developers ignore at
their peril. The announcement of the test brought a few surprises, as
several regulars opted to skip this one, but the majority of veteran
competitors took part as usual, along with several newer faces, many of
whom look set to join the ranks of our regulars.
See full results.
Virus Bulletin currently has 148,295 registered users.