Welcome to the Network Security website at the IAS

This website is intended to bring you the latest news, how to's, tools and resources in Information Security.  Security Awareness of our Faculty, Members and Staff is key in creating a safer computing environment.

The three major Principles of Information Security, Availability, Integrity and Confidentiality, will be covered throughout the security awareness program at the Institute.  For a description of these principles, please see our About section.

In keeping with the spirit of the Institute, I encourage questions and open discussions about security.  And if you discover anything out of the ordinary, please feel free to bring it to my attention so that we can work together to create a more productive, safer environment.

Thanks,
Brian Epstein <security@ias.edu>
twitter: @epepepep


Pidgin Remote Code Execution Vulnerability in MSN plugin

http://www.securityfocus.com/bid/36071

A vulnerability in the MSN plugin for pidgin allows remote users to
execute arbitrary code and/or cause a DoS attack.

Affected Products:

Pidgin prior to 2.5.9
Libpurple prior to 2.6.0
Gaim 0.79 and later
Adium 1.3.5 and prior

Updated versions are available for most OS Vendors. It is highly
recommended to update to the latest version of the product.

Pidgin Remote Code Execution Vulnerability in MSN plugin

http://www.securityfocus.com/bid/36071

A vulnerability in the MSN plugin for pidgin allows remote users to
execute arbitrary code and/or cause a DoS attack.

Affected Products:

Pidgin prior to 2.5.9
Libpurple prior to 2.6.0
Gaim 0.79 and later
Adium 1.3.5 and prior

Updated versions are available for most OS Vendors. It is highly
recommended to update to the latest version of the product.

Apple releases Leopard update 10.5.8 which fixes varios security vulnerabilities

http://support.apple.com/kb/HT3606
http://support.apple.com/kb/HT1222

Thanks to Kevin for the heads up on this one. Looks like Apple updated
Macintosh Leopard to 10.5.8 which in addition to new features, fixes 55
security vulnerabilities in earlier releases.

It is recommended to install these security updates manually, or upgrade
to 10.5.8.

Apple releases Leopard update 10.5.8 which fixes varios security vulnerabilities

http://support.apple.com/kb/HT3606
http://support.apple.com/kb/HT1222

Thanks to Kevin for the heads up on this one. Looks like Apple updated
Macintosh Leopard to 10.5.8 which in addition to new features, fixes 55
security vulnerabilities in earlier releases.

It is recommended to install these security updates manually, or upgrade
to 10.5.8.

Apple releases Leopard update 10.5.8 which fixes varios security vulnerabilities

http://support.apple.com/kb/HT3606
http://support.apple.com/kb/HT1222

Thanks to Kevin for the heads up on this one. Looks like Apple updated
Macintosh Leopard to 10.5.8 which in addition to new features, fixes 55
security vulnerabilities in earlier releases.

It is recommended to install these security updates manually, or upgrade
to 10.5.8.

Pages