Secunia

Nginx

nginx buffer underflow reported by Secunia

2009-09-15 Felix Ehlers

Secunia reports in advisory SA3675 about a buffer underflow vulnerability in the function ngx_http_parse_complex_uri() of the nginx webserver and rates it as highly critical. Impacts may be a DoS attack or remote system access. Changelogs were published for nginx 0.7.62, nginx 0.6.39 and nginx 0.5.38. We highly recommend that you upgrade to the latest version of nginx.

Secunia releases annual report for 2008

2009-03-06 Felix Ehlers

Secunia, well known for their vulnerability research and vuln announcements, has released the Secunia 2008 Report as pdf. The report shows that they release more advisories per year and 0-day vulnerabilities felt back to the 2006-level for decreasing about 40 percent. Also very interesting was the comparison of browser security. While Firefox has more vulnerabilities than IE, Safari and Opera together, those security holes are closed way faster than the ones from IE.

Secunia PSI 1.0 released

2008-11-25 Felix Ehlers

The danish computer security service provider has released Secunia PSI (Personal Software Inspector) version 1.0 after a 17 month beta test period. With this software you can identify unpatched and old software that makes your Windows system vulnerable to attacks. Though this is not a complete indicator, Secunia can identify currently about 5.500 applications. This is quite a lot and the list continues to grow. I also tested and still use Secunia PSI.