Abuse Melding

Je hebt een klacht over de onderstaande posting:

26-02-2016, 18:13 door Erik van Straten

Palo Alto wordt niet bij naam genoemd in het onderzoek. Echter, uit https://securityadvisories.paloaltonetworks.com/Home/Detail/38: Last revised: 02/25/2016 Summary When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. (Ref. #89752) Severity: Critical An attacker with network access to the vulnerable GlobalProtect portal may be able to perform a denial-of-service (DoS) attack on the device, and may be able to perform remote code execution on the affected device. In http://www.theregister.co.uk/2016/02/25/palo_alto_reveals_critical_bugs_and_march_16th_patch_deadline/ (mijn bron voor het bovenstaande) staat onder meer: 25 Feb 2016 at 05:31, Simon Sharwood: Palo Alto Networks has revealed four new nasties, one of which can allow remote code execution and DDOS attacks on its boxen, and given users until March 16th to patch ...

Beschrijf je klacht (Optioneel):

captcha