search for: icsa

I just saw this: https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01 which includes this: " A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process. All NTP4 releases before 4.2.8 are vulnerable." "This vulnerabil...

I'd like to request information about the FreeBSD native firewall software Does the firewall attends to the security certification at International Computer Security Association (ICSA Labs Firewall Certification Program) Labs or Trust Technology Assessment Program (TTAP) or similar programs? Thanks for your attention Fernando Castro fcastro@smsweb.com.br

fixed in: https://rhn.redhat.com/errata/RHSA-2014-2025.html https://rhn.redhat.com/errata/RHSA-2014-2024.html maybe it's soon in centos too.. 2014-12-20 4:42 GMT+02:00 listmail <listmail at entertech.com>: > I just saw this: > > https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01 > > which includes this: > " A remote attacker can send a carefully crafted packet that can overflow a > stack buffer and potentially allow malicious code to be executed with the > privilege level of the ntpd process. All NTP4 releases before 4.2.8 are > vulnerable....

Hi All, Yes, I know, it's really really embarrassing to have to ask but I'm being pushed to the wall with PCI DSS Compliance procedure (http://en.wikipedia.org/wiki/PCI_DSS) and have to either justify why we don't need to install an anti-virus or find an anti-virus to run on our CentOS 5 servers. Whatever I do - it needs to be convincing enough to make the PCI compliance guy tick the