UPDATE on Vulnerability CVE-2015-0932

Grace NacesAdvisories, Latest News

We would like to proactively inform you about a zero-day vulnerability found with some of our InnGate HSIA gateways. We also would like to update you that a fix for the vulnerability is already available since 26 Mar 2015 and that we are actively working with our partners to patch … Read More

Advisory: Glibc Vulnerability

Grace NacesAdvisories

A buffer overflow vulnerability in the glibc gethostbyname() function was publicly announced on January 27, 2015. The issue is identified by CVE-2015-0235 and was given the name “Ghost.” The ANTlabs Engineering Team started investigating this issue immediately. This vulnerability is related to the various gethostbyname functions included in glibc and affect … Read More

Advisory on Darkhotel Malware

Grace NacesAdvisories

Information has been circulated that there is a malware known as Darkhotel, which targets and compromises various hotel systems. This malware initiates targeted attacks to selected users when they check in to hotels by pushing Trojans, information stealers and key loggers into the user’s machine. Please be informed that the … Read More

Advisory on SSL3 ‘Poodle’ vulnerability

Grace NacesAdvisories

The “Poodle” vulnerability, released on October 14th, 2014, is an attack on the SSL 3.0 protocol. It is a protocol flaw and every implementation of SSL 3.0 suffers from it. Note that we are talking about the old SSL 3.0, not TLS 1.0 or later. The TLS versions are not … Read More

Advisory: ShellShock Bash Vulnerability

Grace NacesAdvisories

Please be informed that ANTlabs products are not affected by “ShellShock” Bash Vulnerability. This is mainly because our products are appliance-based and do not use bash for console shell access. Administrators use ANTlabs’ own customised shell (that is not subject to the ShellShock Bash vulnerability) to access the command line … Read More