Language Selection

English French German Italian Portuguese Spanish

VPNs at risk from security glitch

Filed under

A flaw in a key Internet security protocol used by major networking products could open systems up to denial-of-service (DoS) and other kinds of attacks, experts have warned.

Finnish researchers at the University of Oulu announced Monday that they have found a vulnerability in the Internet Security Association and Key Management Protocol, or ISAKMP. The technology is used in IPsec virtual private network and firewall products from a range of networking companies, including giants Cisco and Juniper.

"These flaws may expose DoS conditions, format string vulnerabilities, and buffer overflows," the advisory said. All these could shut down devices and slow transmission of data across the Internet. In some cases, they could also allow hackers to execute code and hijack a device, NISCC warned.

Full Story.

More in Tux Machines

3 open source time management tools

For many people, one of the reasons they cite for using a Linux-based operating system is productivity. If you're a power user who has tweaked your system just to your liking, and particularly if you adept at the command line, chances are you've realized significant gains in productivity. But do you have to be an extreme power user to make use of open source software's ability to boost your productivity? Absolutely not! Read more

An introduction to Mozilla's Secure Open Source Fund

Thanks Mark. Mozilla is a unique institution—it's both a nonprofit mission-driven organization and a technology industry corporation. We build open source software (most notably the Firefox Web browser) and we are champions for the open Internet in technical and political fora. We've been a global leader on well-known policy issues like privacy and net neutrality, and we're also very active on most of today's big topics including copyright reform, encryption, and software vulnerabilities. Read more

Ubuntu Snappy Core 16 Up to Release Candidate State, Raspberry Pi 3 Image Is Out

This past weekend, Ubuntu Snappy developer Michael Vogt announced the availability of the Release Candidate (RC) development milestone of the upcoming Ubuntu Snappy Core 16 operating system. Read more

Black Lab Enterprise Linux 8 Service Pack 1 Supports Rebootless Kernel Installs

Softpedia was informed by the Black Lab Linux development team about the immediate availability of the first Service Pack (SP) of the Black Lab Enterprise Linux 8 OS. Based on the long-term supported Ubuntu 16.04 LTS (Xenial Xerus) operating system, Black Lab Enterprise Linux 8 Service Pack 1 (SP1) is now powered by Linux kernel 4.4.0-45.66, the same version used upstream, which is patched against the nasty "Dirty COW" bug that could have allowed a local attacker to gain administrative privileges. Now that Canonical is offering kernel live patch services for its Ubuntu 16.04 LTS release, Black Lab Linux developers also implemented the well-known Kspice tool for offering users rebootless kernel installs. Additionally, Black Lab Enterprise Linux 8 SP1 adds full UEFI support and the ability to install Snap packages. "Service Pack 1 is jam packed full of innovations and features," reads the announcement. "Black Lab Enterprise Linux is the fastest growing Enterprise desktop Linux offering on the market today. Black Lab Enterprise Linux 8.0 SP1 is a hybrid operating system meaning you can deploy local applications that you need as well as the cloud-based applications that you want." Read more