Welcome to the Network Security website at the IAS

This website is intended to bring you the latest news, how to's, tools and resources in Information Security.  Security Awareness of our Faculty, Members and Staff is key in creating a safer computing environment.

The three major Principles of Information Security, Availability, Integrity and Confidentiality, will be covered throughout the security awareness program at the Institute.  For a description of these principles, please see our About section.

In keeping with the spirit of the Institute, I encourage questions and open discussions about security.  And if you discover anything out of the ordinary, please feel free to bring it to my attention so that we can work together to create a more productive, safer environment.

Thanks,
Brian Epstein <security@ias.edu>
twitter: @epepepep


Foxit Reader Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/39109

"Foxit Reader is prone to a remote code-execution vulnerability because
it fails to properly restrict access to certain functionality.

An attacker can exploit this issue by enticing a user to open a
malicious PDF file.

Successful exploits may allow the attacker to execute arbitrary code or
commands in the context of a user running the affected application.

TikiWiki Versions Prior to 4.2 Multiple Vulnerabilities

http://www.securityfocus.com/bid/38608

"TikiWiki is prone to multiple vulnerabilities, including:

- An SQL-injection vulnerability
- An unspecified authentication-bypass vulnerability
- An unspecified vulnerability

Exploiting these issues could allow an attacker to compromise the
application, access or modify data, exploit latent vulnerabilities in
the underlying database, and gain unauthorized access to the affected
application. Other attacks are also possible.

Apple iPhone Malformed VML Data Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/38990/discuss

A POC exploit has been written that can crash Safari on the Apple iPhone
when the user visits a maliciously crafted webpage. This affects:

Apple iPhone 3.1.3
Apple iPhone 3.1.2
Apple iPhone 3.0.1
Apple iPhone 3.1
Apple iPhone 3.0

The POC claims the ability to execute arbitrary code via this exploit.
Apple has not yet released a patch or verified this issue.

Apple iPhone Malformed VML Data Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/38990/discuss

A POC exploit has been written that can crash Safari on the Apple iPhone
when the user visits a maliciously crafted webpage. This affects:

Apple iPhone 3.1.3
Apple iPhone 3.1.2
Apple iPhone 3.0.1
Apple iPhone 3.1
Apple iPhone 3.0

The POC claims the ability to execute arbitrary code via this exploit.
Apple has not yet released a patch or verified this issue.

Apple iPhone Malformed VML Data Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/38990/discuss

A POC exploit has been written that can crash Safari on the Apple iPhone
when the user visits a maliciously crafted webpage. This affects:

Apple iPhone 3.1.3
Apple iPhone 3.1.2
Apple iPhone 3.0.1
Apple iPhone 3.1
Apple iPhone 3.0

The POC claims the ability to execute arbitrary code via this exploit.
Apple has not yet released a patch or verified this issue.

90 percent of Windows 7 flaws fixed by removing admin rights

http://arstechnica.com/microsoft/news/2010/03/half-of-windows-flaws-miti...

Thanks to David for this article.  In it Ars Technica covers a report by BeyondTrust on Windows vulnerabilities in 2009.  It compares the vulnerability on Windows 2000 through Windows 7, and whether a user has admin rights or not.

If nothing else, this article speaks to why regular users are better protected if they run without administrative privileges.

Thanks,
ep

Broadcom NetXtreme Ethernet Card possible remote vulnerability

http://www.kb.cert.org/vuls/id/512705

"A buffer overflow vulnerability exists in the Broadcom NetXtreme
management firmware. This vulnerability may allow a remote attacker to
execute arbitrary code on an affected device."

This affects the firmware on the card itself, regardless of whether the
machine is turned on or off. Both Dell and HP use these cards in their
desktops and servers.

The following devices/firmwares are affected:

Broadcom NetXtreme Ethernet Card possible remote vulnerability

http://www.kb.cert.org/vuls/id/512705

"A buffer overflow vulnerability exists in the Broadcom NetXtreme
management firmware. This vulnerability may allow a remote attacker to
execute arbitrary code on an affected device."

This affects the firmware on the card itself, regardless of whether the
machine is turned on or off. Both Dell and HP use these cards in their
desktops and servers.

The following devices/firmwares are affected:

Pages