|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Finnish Communications Regulatory Authority (FICORA) Switchboard +358 9 69 661 Television fees Customer service of Fi-domain names +358 9 6966 700 |
17.03.2008 FICORA coordinates repair of wide array of software vulnerabilitiesThe Finnish Communications Regulatory Authority's (FICORA) CERT-FI group together with the British CPNI (Centre for the Protection of National Infrastructure) and the Japanese JPCERT has coordinated the repair of several severe software vulnerabilities. The vulnerabilities uncovered by the Oulu university research group OUSPG concern archive and package formats, such as programs handling the zip file format. Archive and package formats are used for compressing and archiving files. Since the vulnerability discovery, FICORA's CERT-FI group has actively contacted tens of software manufacturers in order that they patch their vulnerable software. In fact, several patches have already been released. By exploiting the vulnerability, the attacker can typically run his own commands on the network device or the computer system under attack. The attacker can also send a denial-of-service attack to the vulnerable target system. The vulnerability discovery is a result from OUSPG's long-term vulnerability research, the results of which were globally published on 17 March 2008. The CERT-FI bulletin on vulnerabilities and possible solutions to them are available on CERT-FI's website. Further information:
|
