NTA Monitor

Latest News

60% of UK website tests revealed Internet encryption and cross-site scripting vulnerabilities

10th April 2008 60% of web application tests performed for UK organisations showed that their websites contain weak encryption or cross-site scripting (XSS) vulnerabilities Read More

Demilitarised Zone most secure option for BlackBerry device

28th February 2008 Recent BlackBerry testing by IT security consultancy, NTA Monitor, has revealed that organisations are still not configuring these mobile devices correctly Read More

Retailers should put security top of their Christmas list

13th November 2007 With British consumers spending more than £6.6 billion online in the last two months of last year, the 2007 festive season is set to be one of great cheer for online retailers Read More

Businesses warned not to have skeletons in cupboards

13th November 2007 For many organisations, the festive season is an opportunity to heave a corporate sigh of relief and enjoy the brief respite in frenetic business activity as countless people all over the world, go home to celebrate Christmas Read More
Welcome to December's edition of Internet Security News, the monthly risks bulletin detailing the latest Internet software and system vulnerabilities from NTA Monitor, a leading Internet security testing company. It provides a convenient way to keep up to date with the fast changing world of Internet security; this month's edition includes a total of 15 risk issues: 9 High, 3 Medium, 1 Low and 2 Informational.

December 2005

Avaya VPNRemote VPN Client Password Disclosure vulnerability

(Low risk) NTA Monitor has discovered a password disclosure issue in the Avaya VPNRemote VPN client Read More

Cisco Security Alert

(High risk) A locally exploitable vulnerability in various Cisco CSA products has been reported by the French security firm FrSIRT. Read More

Flaws in Ethereal

(Medium risk) Multiple security vulnerabilities have been discovered in Ethereal Read More

Overhaul for Firefox

(Medium risk) Firefox 1.5 is now available for download, marking the end of a thriving year for the browser. Read More

Google Mini Search Appliance Multiple Vulnerabilities

(High risk) Multiple flaws have been discovered in Google's Mini Search Appliance Read More

ISAKMP Flaws in Symantec products

(Medium risk) While testing against a range of nearly 5000 potential ISAKMP vulnerabilities, Symantec uncovered a buffer overflow flaw that affects some of its products. Read More

ISAKMP advisory

(Informational) CERT-FI and NISCC have released a joint advisory disclosing multiple vulnerabilities in implementation of the ISAKMP Protocol Read More

Apple's iTunes 6 vulnerability

(High risk) A critical vulnerability has been found in some versions of Apple's popular iTunes that could allow attackers to remotely take over a user's computer. Read More

Keyloggers

(Informational) The stealthy world of keyloggers Read More

Lotus Domino

(High risk) Several vulnerabilities have been discovered in IBM's Lotus Domino and Lotus Domino Web Access, which could result in Denial of Service attacks. Read More

Microsoft Patch Train

(High risk) A lone passenger on the regular MS Patch Train this month. A critical one though. Read More

Opera Flaw

(High risk) The security firm Secunia has reported a vulnerability in Opera, which can be exploited by people to compromise a user's system. Read More

phpBB flaw

(High risk) Some vulnerabilities have been discovered in the popular Open Source bulletin board package phpBB. Read More

QuickTime

(High risk) Multiple vulnerabilities in Apple QuickTime have been reported that could result in Denial of Service to System Access. Read More

SCO OpenServer update for Multiple Packages.

(High risk) SCO has issued a maintenance pack for OpenServer that fixes various vulnerabilities. Read More

About NTA Monitor

This bulletin is produced as a by-product of ongoing research carried out to develop NTA Monitor's Internet security testing service, Regular Monitor. NTA are a full-service Internet security testing company with a comprehensive range of testing services including:
  • VPN Testing
  • Onsite Auditing
  • Web Application Test
  • War Dialling
  • Wireless Infrastructure Testing
  • RM Vulnerability Testing
For more information on the above services please see our services page.