ep's blog

BlackBerry Attachment Service PDF Distiller Multiple Remote Code Execution Vulnerabilities

http://www.securityfocus.com/bid/37167/info

"BlackBerry Attachment Service is prone to multiple remote
code-execution vulnerabilities when handling specially crafted PDF files.

Attackers can leverage these issues to corrupt memory and execute
arbitrary code in the context of the vulnerable service, possibly with
SYSTEM-level privileges. Successful exploits will compromise the server.
Failed attacks will likely result in denial-of-service conditions. "

Linux Kernel 'net/mac80211/' Multiple Remote Denial of Service Vulnerabilities

http://www.securityfocus.com/bid/37170/info

"The Linux Kernel is prone to multiple remote denial-of-service
vulnerabilities.

An attacker can exploit these issues to cause a kernel panic, denying
service to legitimate users."

It should be noted that this affects the mac80211 code in the kernel
which deals specifically with the 802.11 wireless lan standard.

ldd arbitrary code execution

http://www.catonmat.net/blog/ldd-arbitrary-code-execution/

Seasoned Unix admins may already know the pitfalls of blindly running
ldd on unknown executables. However, since this article was recently
released, I thought it might be good as a reminder to everyone to be
careful when using it.

This article shows some techniques on how to cause ldd to run arbitrary
code, and how easy it is to trick a sysadmin into executing that code as
root.

VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

"1. Summary

Updated Java JRE packages and Tomcat packages address several security
issues. Updates for the ESX Service Console and vMA include kernel,
ntp, Python, bind libxml, libxml2, curl and gnutil packages. ntp is
also updated for ESXi userworlds.

MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability

http://www.securityfocus.com/bid/37076/discuss

"MySQL is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security
restrictions and obtain sensitive information that may lead to further
attacks.

Versions prior to MySQL 5.1.41 are vulnerable."

It is recommended to update to the latest version of MySQL as soon as
possible.

ClamAV Prior to 0.95.2 Multiple Scanner Bypass Vulnerabilities

http://www.securityfocus.com/bid/35410/info

"ClamAV is prone to multiple vulnerabilities because it fails to
properly restrict certain files after scanning them.

A successful attack may allow malicious users to bypass security
restrictions placed on certain files. Exploits may aid in further attacks.

Versions prior to ClamAv 0.95.2 are vulnerable."

It is recommended to update ClamAv to the latest version.

Reflections on Cybersecurity from Science Magazine

http://preview.tinyurl.com/yeqm6rs

Science Magazine published this reflection on Cybersecurity in the November 13 issue of their magazine.  It goes over some great topics in security, such as Defense in Depth and the concerns of not protecting the inside of your network.

I agree with the major points of the article and think it is a good read.

Thanks to Momota for passing the article my way.

 

TLS / SSLv3 renegotiation vulnerability explained

Back in September, a vulnerability in the way we encrypt was found and quietly discussed in the security community.  It was a vulnerability that would allow malicious attackers to inject data into an encrypted conversation, thus breaking the integrity of the conversation.  When the vulnerability became public in October and mainstream in November, there was a lot of confusion about what was vulnerable, and what the risk was in using this type of encryption.

G-Sec from Luxemburg wrote this paper describing the issue in detail.

Linux Kernel KVM 'KVM_MAX_MCE_BANKS' Memory Corruption Vulnerability

http://www.securityfocus.com/bid/37035/info

"
The Linux kernel is prone to a memory-corruption vulnerability that
affects the Kernel-based Virtual Machine (KVM).

Local attackers can exploit this issue to execute arbitrary code with
superuser privileges. Successful exploits will completely compromise
affected computers.

Versions prior to Linux kernel 2.6.32-rc7 are vulnerable. "

It is recommended to update the kernel on affected systems.

Pages