Archive for year: 2015

What’s new in Shibboleth IdP V3?

December 14, 2015/in Shibboleth /by ossadmin

Shibboleth Identity Provider (IdP) version 3 An Overview – References

September 14, 2015/in Uncategorized /by ossadmin

https://wiki.shibboleth.net/confluence/display/IDP30/UpgradingFromV2

http://www.ukfederation.org.uk/content/Documents/Setup3IdP

http://www.jisc.ac.uk/advice/training/network/implementing-a-shibboleth-identity-provider

http://www.jisc.ac.uk/advice/training/network/implementing-a-shibboleth-identity-provider-and-service-provider

Free webinar – Shibboleth Identity Provider (IdP) version 3 overview

August 17, 2015/in updates /by ossadmin

IIS Denial of Service Vulnerability CVE-2015-1635

April 16, 2015/in Uncategorized /by ossadmin

A recent exploit (CVE-2015-1635) affecting IIS was released yesterday. The exploit is a Denial of Service (DoS) vulnerability in the HTTP.sys.

Versions of Windows that are vulnerable:

Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. HTTP.sys is used by any version of IIS running on one of these operating systems.

A patch was released on Tuesday April 14th as part of Microsoft’s Patch Tuesday, we recommend that you patch your IIS affected servers as soon as possible to avoid any potential DoS exploits.

More detailed information of the vulnerability can be found here https://isc.sans.edu/diary/MS15-034%3A+HTTP.sys+%28IIS%29+DoS+And+Possible+Remote+Code+Execution.+PATCH+NOW/19583