The webserver hosting SquirrelMail was hacked and several plugins were
replaced with malicious code. The code included sending usernames and
passwords used on the system to an offsite account.
"By sending a specially-crafted dynamic update packet to a BIND 9
server, a remote, unauthenticated attacker can cause a denial of service
by causing BIND to crash."
This vulnerability is fixed in "ISC BIND versions 9.4.3-P3, 9.5.1-P3,
and BIND 9.6.1-P1."
Please report which versions of BIND we are using so that we can assess
It appears that there are 3 DoS and 1 unauthorized configuration
vulnerabilities in Cisco WLCs. Cisco has released software updates to
fix these vulnerabilities.
This vulnerability in Microsoft Office Web Components can lead to remote
code execution through IE.
Apparently, a specially crafted SMS can install software with root
permissions on iPhones. Apple is working on a patch, until then, be
wary of any odd incoming SMS messages.
If you are trying to import our internal IAS CA in MacOS 10.5.7, you may
run into some issues if you aren't using the command line. This article
may be of use to you.
Vulnerabilities range from DoS, to arbitrary code execution and
It is recommended that users update to Firefox 3.0.11 to avoid these
avenues to exploitation.