A flaw exists in Netscape Navigator that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information.
"There are four remotely exploitable buffer overflows in OpenSSL. There are also encoding problems in the ASN.1 library used by OpenSSL. Several of these vulnerabilities could be used by a remote attacker to execute arbitrary code on the target system...
Studies Internet security vulnerabilities, provides incident response services to sites that have been the victims of attack, publishes a variety of security alerts, researches security and survivability in wide-area-networked computing, and develops ...
CERT is the Computer Emergency Response Team that was founded at Carnegie Mellon shortly after the first worm, the Morris worm, caused havoc over a decade ago. CERT offers training to organizations to mitigate security vulnerabilities and respond to s...
Research focuses on methods of improving the technical approach of identifying and preventing security flaws, limiting the damage from attacks, and ensuring that systems continue to provide essential services despite of compromises or failures.