Tech Talk

[here]

FYI...

- http://www.securitypipeline.com/news/showA...bleArticle=true
"The British government earlier this week revealed that it had discovered security flaws that affect the products of dozens of vendors. The flaws were found in software that support a variety of applications and technologies, including voice over IP, videoconferencing, text messaging, Session Initiation Protocol, devices and hardware, and critical networking equipment such as routers and firewalls. The severity of the flaws vary from vendor to vendor, but the risks range from denial-of-service attacks to allowing access to malicious code...The H.323 flaw affects each product differently. If successfully attacked, some may freeze up and have to reboot. Other products could be taken over by attackers, giving them access to a business' technology systems...According to Microsoft Bulletin MS04-001, which the vendor ranked as critical, the vulnerability could allow an attacker to gain complete control of the system...The CERT advisory states that Microsoft and Cisco have addressed their vulnerable products. But CERT is awaiting statements from dozens of other vendors as to their potential susceptibility to the flaw. A complete list of potentially affected vendors is available at http://www.cert.org/advisories/CA-2004-01.html#vendors ..."

-