We look at partner programs from 10 cloud vendors that will arm partners with the tools, support and revenue to be successful in cloud computing.
Apple doesn't often buy companies, and it's almost always tight lipped about how they'll fit into its strategy.
FileMaker Pro 11 has arrived, and we had a chance to try out some of the new features.
Cisco Releases Three Security Advisories
8:06 PM EDT Wed. May. 21, 2008
The Cisco Service Control Engine contains three vulnerabilities that could allow an attacker to completely reload the SCE. The errors could potentially be triggered during a login activity within an aggressive timeframe or by normal login activity in combination with other control engine management activities. The vulnerabilities could also be triggered during SSH login through specific actions regarding invalid authentication credentials.
The Secure Shell server in Cisco IOS also contains numerous vulnerabilities that could enable an unauthenticated user to create a memory access error or, in certain cases, use the vulnerability to reload the device.
Meanwhile, the third Cisco advisory warns of a privilege escalation error in the Cisco Unified Customer Voice Portal that could allow a potential attacker to create, modify or delete an account with elevated priveleges.
While there are no immediate workarounds, Cisco has released software upgrades addressing the vulnerabilities found in the Service Control Engine and Customer Voice Portal, which are available for free to affected customers.
None of the vulnerabilities allow an attacker to execute remote code execution. However, a posting on the SANS Institute Web site warned that with memory access issues that lead to a Denial of Service, "thoughts immediately go to arbitrary code execution."
"There is no evidence that this is possible, but in light of the recent work in IOS rootkits, vulnerabilities Cisco devices should not be taken lightly," SANS said.
So far, however, there are no known exploits loose in the wild.
SANS said that CORE Security researcher Sebastian Muniz is scheduled to release a proof of concept Cisco IOS rootkit Thursday at EuSecWest Conference in London.
30% off Virtualization Manager 2010 CorporateSave 30% on Paragon Software Virtualization Manager 2010 Corporate. Our response to the typical problems of every modern comp...
