| Vulnerability Details | A buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.
A vulnerability in Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
Twenty seven protocols and protocol subsystems have undergone configuration changes and the following protocol and protocol subsystems have received updates:
Attack (v21) Prevent action has been added to attack_prevention:IPS_ATTACKS, sensor mode has been added to alert details and values of SRC_OS and DST_OS in alert details.
IMAP (v22) False positives in the imap_literallength:literal_length_alert and imap_commandlen2:novell_dos_alert
IRC (v15) Port numbers are now included in alerts triggered by Badfiles for IRC traffic.
NDMP (v9) Default values for ndmp:BACKUP_SERVERS and a hostinfo_too_large_alert has been added to the configuration file.
P2P (v8) Port numbers have been added to alerts triggered by Badfiles for P2P traffic.
Policy Configuration Settings (v25) Packet captures have been added to the final summary alert.
POP (v19) Port numbers have been added to alerts triggered by Badfiles for POP traffic.
RADIUS (v13) The ptotocol parser has been improved.
SMTP2 (v19) Port numbers have been added to alerts triggered by Badfiles for SMTP 2 traffic and the protocol parser has been improved.
TCP (v25) Port numbers have been added to the following alerts
tcp_badflags:badflags_alert,
tcp_badflags:tcp_segment_overlap_diff_alert
tcp_badflags:tcpbadrst_alert
UDP (v14) Alert details have been added to udp_portscan:portscan_alert.
WWW 2 (v3 |
Feedback