EGI CSIRT:Alerts
Jump to navigation
Jump to search
| Mission | Members | Contacts
| Incident handling | Alerts | Monitoring | Security challenges | Procedures | Dissemination
Security alerts and/or security advisories will be sent to all EGI site security contacts or NGI security officers by EGI CSIRT using either an EGI broadcasting tool or a pre-established mailing list. They will also be listed on this page. They may cover a wide range of software, including — but not limited to — the EGI middleware.
Date | Title | Contents | Rating |
---|---|---|---|
2010-XX-XX | A brief discription | Link to the alert/advisory | Extremely critical/Critical/High/Moderate/Low Risk |
EGI Alerts
The following alert bulletins describe security vulnerabilities or immediate threats against one or more sites or the EGI infrastructure and include recommendations and mitigation techniques.
Date | Title | Contents | Rating |
---|---|---|---|
2010-11-02 | HIGH iovec integer overflow in net/rds/rdma.c (CVE-2010-3865) | Alerts/rds/rdma-2010-11-02 | High |
2010-10-23 | HIGH Vulnerability in C library dynamic linker (CVE-2010-3856) | Alerts/liblinker-2010-10-23 | High |
2010-10-20 | HIGH Local root vulnerability in RDS (CVE-2010-3904) | Alerts/rds-2010-10-20 | High |
2010-10-18 | HIGH Vulnerability in C library dynamic linker (CVE-2010-3847) | Alerts/liblinker-2010-10-18 | High |
2010-09-30 | RHEL4 patch for CVE-2010-3081 kernel vulnerability | Alerts/kernel-2010-09-30 | Moderate |
2010-09-16 | Critical Kernel Vulnerability: 64-bit Compatibility Mode Stack Pointer Corruption | Alerts/kernel-2010-09-16 | Critical |
2010-08-18 | Moderate Impact Vulnerabilities in Elog Web Application | Alerts/elog-2010-08-18 | Moderate |
2010-06-28 | Moderate Impact Vulnerability In Intel Compiler Suite | Alerts/intel-28-06-2010 | Moderate |
EGEE Alerts
List of alerts published during EGEE
Date | Title | Contents | Rating |
---|---|---|---|
2009-10-20 | High-risk vulnerabilities in CREAM CE software | Alerts/cream-20-10-2009 | High risk |
2009-07-09 | Remote command execution in Nagios WAP/WML interface | Alerts/nagios-09-07-2009 | Medium risk |
2008-07-29 | DNS cache poisoning/spoofing | Alerts/dns-29-07-2008 | Medium risk |
2006-10-23 | Critical Vulnerability: OpenPBS/Torque | Alerts/openpbs-23-10-2006 | Extremely critical |
Source
Parts of this article came from the OSCT wiki, this was written by the EGEE Operational Security Coordination Team. |