RSS Feed
News
Feb
12
Serious vulnerability with Cisco ASA firewalls
Posted by Dan Ankers on 12 February 2016 17:17

Cisco have released a Security Advisory for their ASA Firewall Software.  They have discovered a vulnerability that means “an attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.

The full advisory, and a list of the first fixed release of every major version (see “Software Versions and Fixes”), is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike

Please note that upgrades are dependent on there being sufficient memory present on the device.   No support contract is required to receive security upgrades.

If you require any further assistance with this notification, please raise a ticket and an engineer will respond.


Read more »



Jan
28
Notification - 'GHOST' Linux vulnerability
Posted by Andy Shephard on 28 January 2015 16:27

A buffer overflow bug has been discovered in the glibc library found within many distributions of Linux, including CentOS and Debian.  Dubbed ‘GHOST’ (CVE-2015-0235), this vulnerability is exploitable remotely and locally, allowing for arbitrary code execution and therefore unauthorized access.  This is achieved through use of the gethostbyname() function calls used for DNS resolving.

 

Patches have been made available for a number of Linux distribution and it is recommended that you patch as soon as possible.  This can be achieved in the following ways:

For CentOS, Red Hat, Fedora etc:

$ yum clean all && yum update

For Debian, Ubuntu and derivatives:

$ apt-get clean && apt-get update && apt-get upgrade

 

After installing the latest version of the glibc package, you will need to ensure that all packages dependent on glibc are restarted.  These can be identified with the following:

$ lsof | grep libc | awk '{print $1}' | sort | uniq

*The lsof package may need to be installed ($ yum install lsof)

Alternatively, rebooting the entire server will also achieve this.  If you can't reboot the entire system, restart at least all public-facing services like webservers, mailservers, etc.

 

Please also note that other vendor-specific devices and software may be vulnerable, but as yet patches have not been released.

 

If you require any assistance with securing your system, please raise a ticket with Domicilium Operations via Resolve, or speak to your account manager.


Read more »



Oct
11
Notification – Cisco Security Advisory
Posted by Andy Shephard on 11 October 2014 14:54

Cisco have released a Security Advisory for their ASA Firewall Software.  They have discovered a number of vulnerabilities that “are independent of one another; a release that is affected by one of the vulnerabilities may not be affected by the others”.

The full advisory, and a list of the first fixed release of every major version (see “Software Versions and Fixes”), is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa

Please note that upgrades are dependent on there being sufficient memory present on the device, as well as a valid support contract.

If you require any further assistance with this notification, please raise a ticket and an engineer will respond.


Read more »



Sep
20
A new look for Domicilium Resolve!
Posted by Sam Gordon on 20 September 2013 00:57

You may have noticed that Domicilium Resolve is looking a little fresher today! The new look is part of a continued effort to offer our customers a simple and efficient support experience.

Despite the new look, the site will continue to function as it did previously.

If you have any problems or concerns, please do not hesitate to contact us.


Read more »



Aug
19
Welcome to, Domicilium Resolve!
Posted by Sam Gordon on 19 August 2013 00:17

Welcome to, Domicilium Resolve! You can login using your registered email address and password.

You will still be able to access on-going support cases on our old system by going to https://update.domicilium.com/. Any open cases will be migrated to the new system on Monday 2nd September 2013.

Please let us know if you have an queries or difficulties and we will be happy to help. You can contact us via email, telephone (+44 1624 825278) or by raising a new ticket.

Useful knowledgebase articles:

How to raise a new support ticket:

http://resolve.domicilium.com/index.php?/Knowledgebase/Article/View/5/4/how-to-raise-a-new-support-ticket

How to raise a new support ticket via email:

http://resolve.domicilium.com/index.php?/Knowledgebase/Article/View/6/4/how-to-raise-a-new-support-ticket-via-email

 How to add a new user

http://resolve.domicilium.com/index.php?/Knowledgebase/Article/View/7/4/how-to-add-a-new-user


Read more »