Contact Us Today! (215) 853-2266

Bardissi Enterprises Blog

Bardissi Enterprises has been serving the Hatfield area since 2000, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

WatchGuard X Edge Vulnerability: User Authentication Bypass

Severity: High

17 November, 2008

Summary:

  • This vulnerability affects: Firebox X Edge 10.2.3 (and earlier versions)
  • How an attacker exploits it: By entering a specially crafted username into the authentication page, or by manually visiting a specific URL
  • Impact: A remote attacker can authenticate to your Edge without valid login credentials, in some cases gaining VPN access to your network
  • What to do: Install 10.2.4 immediately

Exposure:

In order for you to verify that your users really are who they claim to be, the Firebox X Edge supports various types of user authentication. With user authentication configured, you can create URL filtering or VPN policies that permit or deny data traffic based on who someone is, rather than based on the IP address they come from. You also utilize user authentication when setting up mobile VPN access to your network. The Edge provides a secure HTTPS web page that allows your users to authenticate to your Edge.

Continue reading
0 Comments

WatchGuard Live Security Service: Two New Zero Day Adobe Reader Exploits

SEVERITY: HIGH
28 April, 2009
SUMMARY:
  • This vulnerability affects: Adobe Reader and Acrobat 9.1 and earlier, on Windows, Mac, *nix computers
  • How an attacker exploits it: By enticing your users into viewing a maliciously crafted PDF document
  • Impact: An attacker can execute code on your computer, potentially gaining control of it
  • What to do: Implement the workarounds described in the Solutions section of this alert
EXPOSURE:
Yesterday, SecurityFocus released an advisory describing a new zero day Adobe Reader exploit they found in the wild. The Proof of Concept (PoC) exploit — written by some calling himself “Arr1val” — seems to leverage a flaw in the Adobe Reader function called “getAnnots()”. As it turns out, Arr1val released two new zero day exploits. The second exploit leverages another Adobe Reader function called “spell.customDictionaryOpen().” Arr1val’s code suggests he confirmed these flaws using Adobe Reader 9.1 and 8.1.4 for Linux. However, we suspect the flaws may affect all current versions of Reader running on any platform.
Continue reading
0 Comments

WatchGuard Live Security Three Visio Code Execution Vulnerabilities

Severity: Medium

10 February, 2009

Summary:

This vulnerability affects: All current versions of Visio

How an attacker exploits it: By enticing one of your users into opening a maliciously crafted Visio document

Impact: An attacker can execute code, potentially gaining complete control of your users’ computers

What to do: Deploy the appropriate Visio patch as soon as possible

Continue reading
0 Comments

WatchGuard Releases Version 10.2.7 for WSM, Edge, Fireware, and Fireware Pro

WatchGuard is pleased to announce the availability of version 10.2.7 of WatchGuard System Manager, Edge, Fireware, and Fireware Pro. This update is a maintenance release and contains a number of enhancements and fixes for critical issues as reported by WatchGuard customers.

Contained in this release are:

  • Improvements to configuration save behavior in Fireware
  • Improvements to High Availability in Fireware
  • An enhancement, adding the ability to create Traffic Management, Policy Scheduling, and QoS actions on Drag and Drop VPN tunnels
  • Improvements to Server Load Balancing in Fireware
  • Improvements to Mobile VPN with SSL client behavior
  • A fix for Firebox (Core) stability issues under certain conditions
  • Improvement to SSL VPN user authentication on Edge
  • A fix for e-Series BOVPN stability issues under certain conditions
  • A fix for an Edge spamBlocker Exception List problem
Recent comment in this post
Katemonahan
I really needed to know about the fireware but i was confused that where can i find information about it? This blog gives me detai... Read More
Thursday, 22 December 2016 22:06
Continue reading
1 Comment

Bardissi Enterprises, LLC Presents: Windows Small Business Server 2008 Webinar:A Cost-Effective Solution Built for Small Businesses

Join us for a Webinar on October 17

11:00AM – 12:00PM EST

Attend this exciting preview event exclusively for key business decision makers like you. Be one of the first to see how this affordable and integrated server solution helps you protect your business data, and increase your employees’ productivity.

See first-hand how Windows Small Business Server 2008 can help to:

• Protect your vital business information from loss by automatically backing up the computers and servers in your network, and enabling you to recover accidentally deleted files

• Work with existing technology, built on Microsoft best practices, and delivers a comprehensive network solution at an affordable price

• Give you highly secure access to business contacts, calendars, e-mail, files, and other important desktop resources from any Internet-connected computer, virtually anywhere at any time, so you can be productive while you’re away from the office or on the road

Register Today!

Continue reading
0 Comments

Bardissi Enterprises, LLC Presents: Windows Essential Business Server 2008 Webinar:A Cost-Effective Solution Built for Midsize Business

 

Join us for a Webinar on October 24

11:00 AM – 12:00 PM

 

Attend this exciting preview event exclusively for key IT and business decision makers like you. Be one of the first to see how this integrated platform, designed and priced specifically for midsize businesses, can propel your company forward by reducing IT complexity and improving business efficiency.

See first-hand how Windows Essential Business Server 2008 can help to:

• Simplify your daily activities with a Centralized Administration Console that gives you a single point of access to your IT environment

• Proactively manage your environment, reduce your IT complexity, and help give you back control of your systems

• Increase the predictability and reliability of your systems and reduce typical errors that can occur when standalone products are deployed

• Increase productivity by working both in and away from the office with remote access, anti-spam, and anti-virus protection, and improved messaging technologies

Register Today!

Continue reading
0 Comments

Northwest Erectors, Inc. of Ambler, Pennsylvania is now contracted with Bardissi Enterprises, LLC for all Managed Information Technology Solutions

September, 2008

Northwest Erectors, LLC of Ambler has secured the services of Bardissi Enterprises, LLC for all its Information Technology needs. The company has completely ungraded its network infrastructure to include the upgrade of its IT hardware as well.

With the numerous upgrades that the company has made, they have created an technological environment that will make their inner office operations run smoother and give them new and increased functionality that will provide a competitive edge which will advance their ability to grasp a greater market share in their field of expertise, stated George Bardissi, President of Bardissi Enterprises, LLC.
Continue reading
0 Comments

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

Recent Comments

Tip of the Week: Which Headphones are Right for Your Needs?
23 April 2018
I will recommend Plantronics Backbeat Pro 2 SE Noise cancelling Headset with it's Great features.
Gamification: Make Business Fun for Everyone
27 January 2017
The world is based on the games. There are many types of games as per the aussie essay writing servi...
Let's Talk Tablets
12 January 2017
The concept of tablet is far better than that of PC because you can bring them with you everywhere a...
Tip of the Week: Tweak Your Workday in These 4 Ways and See Major Results
12 January 2017
The only thing will I will say regarding this blog is that it is very helpful at least for me. As I ...
WatchGuard Releases Version 10.2.7 for WSM, Edge, Fireware, and Fireware Pro
23 December 2016
I really needed to know about the fireware but i was confused that where can i find information abou...