MyConnection Server version 8.2b suffers from a cross site scripting vulnerability.
Monthly Archives: February 2015
CVE-2014-7922
The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding _opt_ parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scopes including the SID and LSID scopes, and consequently obtain access to a Google account, via a crafted application, as demonstrated by setting the has_permission=1 parameter value upon finding _opt_has_permission in that argument.
ECommerce-Shopping Cart Zeuscart v. 4: Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities
Posted by Steffen Rösemann on Feb 23
Advisory: Multiple reflecting XSS-, SQLi and
InformationDisclosure-vulnerabilities in Zeuscart v.4
Advisory ID: SROEADV-2015-12
Author: Steffen Rösemann
Affected Software: Zeuscart v.4
Vendor URL: http://zeuscart.com/
Vendor Status: pending
CVE-ID: will asked to be assigned after release on FullDisclosure via
OSS-list
Software used for research: Mac OS X 10.10, Firefox 35.0.1
==========================
Vulnerability Description:…
DSA-3171 samba – security update
Richard van Eeden of Microsoft Vulnerability Research discovered that
Samba, a SMB/CIFS file, print, and login server for Unix, contains a
flaw in the netlogon server code which allows remote code execution with
root privileges from an unauthenticated connection.
DSA-3170 linux – security update
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, information leaks or privilege
escalation.
Vuln: xdg-utils 'xdg-open' CVE-2015-1877 Remote Command Injection Vulnerability
xdg-utils ‘xdg-open’ CVE-2015-1877 Remote Command Injection Vulnerability
DSA-3169 eglibc – security update
Several vulnerabilities have been fixed in eglibc, Debian’s version of
the GNU C library:
Lenovo and the Superfish
This sounds like the title of a children’s book, but unfortunately the issue highlighted in the press this week is more concerning than a story. The pre-loading of the SuperFish software on the Lenovo machines introduced a vulnerability to users even before they unboxed their new laptop.
There are several issues with the pre-installed application, one is that it is an ad-injector which inserts adverts into your browser based on what you are searching for, and without being an expert at identifying these you might be directed to sites to purchase things without understanding why.
To do this more effectively, Superfish also installs a root certificate which allows them to see traffic on encrypted websites, like your banking website, that you might have considered private and secure.
This is a bit like me giving out the keys to your house and could be abused by other malicious people and used to capture passwords and other personal information.
AVG detects and removes the Superfish add-on. If you have attempted to download something it was bundled with then AVG would have detected and blocked it advising the user it was an ‘unwanted application’ and potentially harmful.
This means no part of it was ever installed – good for existing AVG users, but what about if you have purchased a Lenovo and then installed an anti-virus product, the risk here is that full removal of some parts are difficult to remove as they are embedded into the system.
This week Lenovo has been re-active to this and developed a removal tool which you can download here. There are also manual instructions available should you want to do this yourself.
There is a much wider issue for consumers though, it’s becoming very difficult to know which products and manufacturers to trust and who is doing what with our data.
There are discussions in the tech industry on improving transparency so that consumers can once again have confidence in brands.
I believe that over the next few months we will see progress in a more coordinated effort by the security industry to protect users from these types of applications.
If you are at all concerned then be sure to run a full system scan from you Anti-Virus product and ensure that the updates have been run. If you’re running an expired product then either renew it or download the AVG AntiVirus Free solution here.
Follow me on twitter – @tonyatavg
Fwd: Apple OS X: Don't trust, and don't prompt to trust certificates
Posted by Douglas Held on Feb 22
Summary:
It is essential to provide a configuration option in the operating system
to:
1. never trust invalid certificates, and
2. to not prompt to trust them.
Steps to reproduce:
1. Install OS X on an Apple laptop.
2. Configure Mail.app (for example) to connect over SSL to your mail
server. Prepare a draft email with sensitive information about the
iPhone 8 or whatever.
3. Go treat yourself to a hotel visit.
4. Connect to the hotel Wifi SSID…
CVE-2014-6184
Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors.