Welcome to the Network Security website at the IAS

This website is intended to bring you the latest news, how to's, tools and resources in Information Security.  Security Awareness of our Faculty, Members and Staff is key in creating a safer computing environment.

The three major Principles of Information Security, Availability, Integrity and Confidentiality, will be covered throughout the security awareness program at the Institute.  For a description of these principles, please see our About section.

In keeping with the spirit of the Institute, I encourage questions and open discussions about security.  And if you discover anything out of the ordinary, please feel free to bring it to my attention so that we can work together to create a more productive, safer environment.

Thanks,
Brian Epstein <security@ias.edu>
twitter: @epepepep


Reflections on Cybersecurity from Science Magazine

http://preview.tinyurl.com/yeqm6rs

Science Magazine published this reflection on Cybersecurity in the November 13 issue of their magazine.  It goes over some great topics in security, such as Defense in Depth and the concerns of not protecting the inside of your network.

I agree with the major points of the article and think it is a good read.

Thanks to Momota for passing the article my way.

 

VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

"1. Summary

Updated Java JRE packages and Tomcat packages address several security
issues. Updates for the ESX Service Console and vMA include kernel,
ntp, Python, bind libxml, libxml2, curl and gnutil packages. ntp is
also updated for ESXi userworlds.

MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability

http://www.securityfocus.com/bid/37076/discuss

"MySQL is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security
restrictions and obtain sensitive information that may lead to further
attacks.

Versions prior to MySQL 5.1.41 are vulnerable."

It is recommended to update to the latest version of MySQL as soon as
possible.

ClamAV Prior to 0.95.2 Multiple Scanner Bypass Vulnerabilities

http://www.securityfocus.com/bid/35410/info

"ClamAV is prone to multiple vulnerabilities because it fails to
properly restrict certain files after scanning them.

A successful attack may allow malicious users to bypass security
restrictions placed on certain files. Exploits may aid in further attacks.

Versions prior to ClamAv 0.95.2 are vulnerable."

It is recommended to update ClamAv to the latest version.

Linux Kernel KVM 'KVM_MAX_MCE_BANKS' Memory Corruption Vulnerability

http://www.securityfocus.com/bid/37035/info

"
The Linux kernel is prone to a memory-corruption vulnerability that
affects the Kernel-based Virtual Machine (KVM).

Local attackers can exploit this issue to execute arbitrary code with
superuser privileges. Successful exploits will completely compromise
affected computers.

Versions prior to Linux kernel 2.6.32-rc7 are vulnerable. "

It is recommended to update the kernel on affected systems.

Linux Kernel KVM 'KVM_MAX_MCE_BANKS' Memory Corruption Vulnerability

http://www.securityfocus.com/bid/37035/info

"
The Linux kernel is prone to a memory-corruption vulnerability that
affects the Kernel-based Virtual Machine (KVM).

Local attackers can exploit this issue to execute arbitrary code with
superuser privileges. Successful exploits will completely compromise
affected computers.

Versions prior to Linux kernel 2.6.32-rc7 are vulnerable. "

It is recommended to update the kernel on affected systems.

Linux Kernel KVM 'KVM_MAX_MCE_BANKS' Memory Corruption Vulnerability

http://www.securityfocus.com/bid/37035/info

"
The Linux kernel is prone to a memory-corruption vulnerability that
affects the Kernel-based Virtual Machine (KVM).

Local attackers can exploit this issue to execute arbitrary code with
superuser privileges. Successful exploits will completely compromise
affected computers.

Versions prior to Linux kernel 2.6.32-rc7 are vulnerable. "

It is recommended to update the kernel on affected systems.

Microsoft Excel Index Parsing Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/36909/discuss

"Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers can exploit this issue by enticing victims into opening a
specially crafted Excel ('.xls') file.

Successful exploits can allow attackers to execute arbitrary code with
the privileges of the user running the application. "

Microsoft Excel Index Parsing Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/36909/discuss

"Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers can exploit this issue by enticing victims into opening a
specially crafted Excel ('.xls') file.

Successful exploits can allow attackers to execute arbitrary code with
the privileges of the user running the application. "

Pages