Red Hat Enterprise Linux: Updated samba3x packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having Critical security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
CVE-2015-0240
Red Hat Enterprise Linux: Updated preupgrade-assistant-contents package that fixes several bugs and adds
two enhancements are now available for Red Hat Enterprise Linux 6 Extras.
23rd February, 2015
A security issue affects these releases of Ubuntu and its
derivatives:
e2fsprogs could be made to crash or run programs as an administrator
if it processed a specially crafted filesystem image.
Jose Duart discovered that e2fsprogs incorrectly handled invalid block
group descriptor data. A local attacker could use this issue with a
crafted filesystem image to possibly execute arbitrary code.
(CVE-2015-0247, CVE-2015-1572)
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
23rd February, 2015
A security issue affects these releases of Ubuntu and its
derivatives:
Samba could be made to run programs as an administrator if it received
specially crafted network traffic.
Richard van Eeden discovered that the Samba smbd file services incorrectly
handled memory. A remote attacker could use this issue to possibly execute
arbitrary code with root privileges.
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
23rd February, 2015
A security issue affects these releases of Ubuntu and its
derivatives:
ca-certificates was updated to the 20141019 package.
The ca-certificates package contained outdated CA certificates. This update
refreshes the included certificates to those contained in the 20141019
package.
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
Despite the continuous and growing investments in computer security –Gartner estimated that in 2013 enterprises spent more than $13 billion on firewalls, intrusion prevention systems, endpoint protection platforms and secure Web gateways–, it is clear that the war against malware is far from being won.
In fact, the consulting firm warns that “All organizations should now assume that they are in a state of continuous compromise” (“Designing an Adaptive Security Architecture for Protection from Advanced Attacks”, February 12, 2014). It is precisely with the aim of informing our customers and users in general of the real danger posed by advanced threats that we offer readers this exclusive newsletter that includes the aforementioned Gartner report.
The subject is really important, as shown by the following data: 85 percent of targeted attacks against businesses go undetected for weeks or more, and 92 percent of incidents are discovered by a third party, according to Verizon’s 2014 Data Breach Investigations Report.
To fight this situation, Panda Security proposes the use of services capable of detecting and combating advanced threats: Panda Advanced Protection Service monitors and controls every application running in an organization. The service, designed for large enterprise customers, consists of an agent installed on every endpoint on the network, a cloud infrastructure, and the constant monitoring and assistance provided by PandaLabs security experts.
The post Speaking with Gartner about Advanced Persistent Threats appeared first on MediaCenter Panda Security.
EVO-CMS version 2.1.0 suffers from a cross site request forgery vulnerability.
A code execution vulnerability exists in RPM package manager. The vulnerability is due to an integer overflow when parsing the CPIO header in the payload section of an RPM file, leading to a stack buffer overflow. A remote attacker can exploit this vulnerability by enticing a user to install a maliciously modified signed RPM package.
An integer overflow vulnerability has been reported in Trihedral VTScada. The vulnerability is due to improper bounds checking while handling crafted requests to the HTTP server. By providing a crafted Content-Length header value, an attacker is able to terminate the HTTP server, creating a denial of service condition.
A new variant of the Dyre (Dyreza) banking Trojan has been found. A remote attacker can inject this Trojan using forged SSL certificates.
