Monthly Archives: April 2015

Fedora

Fedora 22 Security Update: perl-Test-Signature-1.11-1.fc22,perl-Module-Signature-0.78-1.fc22

Resolved Bugs
965126 – License metadata do not reflect cpansign license
1209911 – perl-Module-Signature: unsigned files interpreted as signed in some circumstances
1209915 – perl-Module-Signature: arbitrary code execution during test phase
1209917 – perl-Module-Signature: arbitrary code execution when verifying module signatures
1209918 – perl-Module-Signature: arbitrary modules loading in some circumstances
1209920 – perl-Module-Signature: various flaws [fedora-all]<br
This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a “skip” parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behaviour is included in this update.
Security issues:
* Module::Signature before version 0.75 could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries.
* When verifying the contents of a CPAN module, Module::Signature before version 0.75 ignored some files in the extracted tarball that were not listed in the signature file. This included some files in the t/ directory that would execute
automatically during “make test”.
* Module::Signature before version 0.75 used two argument open() calls to read the files when generating checksums from the signed manifest. This allowed embedding arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process.
* Module::Signature before version 0.75 has been loading several modules at runtime inside the extracted module directory. Modules like Text::Diff are not guaranteed to be available on all platforms and could be added to a malicious
module so that they would load from the ‘.’ path in @INC.

Fedora

Fedora 22 Security Update: netcf-0.2.8-1.fc22

Resolved Bugs
1172176 – CVE-2014-8119 netcf: augeas path expression injection via interface name
1207396 – CVE-2014-8119 netcf: augeas path expression injection via interface name [fedora-all]<br
Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4)

Fedora

Fedora 22 Security Update: tor-0.2.5.12-1.fc22

Resolved Bugs
1209804 – CVE-2015-2928 CVE-2015-2929 tor: multiple issues fixed in the new upstream releases
1209805 – CVE-2015-2928 CVE-2015-2929 tor: multiple issues fixed in the new upstream releases [fedora-all]
1204773 – CVE-2015-2688 CVE-2015-2689 tor: security fixes in 0.2.4.26 and 0.2.5.11
1204774 – tor: security fixes in 0.2.4.26 and 0.2.5.11 [fedora-all]<br
Update to upstream release 0.2.5.12.
Update to upstream release 0.2.5.11.

Security

Apple Leaves CNNIC Root in iOS, OSX Certificate Trust Lists

When it was revealed late last month that a Chinese certificate authority had allowed an intermediate CA to issue unauthorized certificates for some Google domains, both Google and Mozilla reacted quickly and dropped trust in CNNIC altogether, Apple has kept the root certificates in its trusted store for both iOS and OSX. Apple on Wednesday released […]

Panda Security

With only 70€ someone can steal your information on a public WiFi network!

wifi coffee

It is available in hotels, restaurants, libraries, airports or train stations. Nowadays most locations offer public WiFi networks and we don’t hesitate to enjoy its benefits. It is easy and free. We take out our smartphone, our tablet or our laptop and we connect to them without thinking that a cyber-attacker could intercept our device and steal our data.

We have advised you more than once to take precautions before using them, though you probably think that no one in the coffee shop has the knowledge to spy on you. We are sorry to tell you that you are wrong: the attacker does not need a big budget or any special computer skills to steal your data. Actually, if he tries he will be able to do spy on you without any difficulty.

“All you need is 70 euros, an average IQ and a little patience”, says the hacker Wouter Slotboom.  The security expert showed how, in just 20 minutes, he was able to get the personal information of almost all the users of a coffee shop in Amsterdam, even the history of their Google searches.

wifi poster

With only a laptop and a small device the size of a pack of cigarettes, Wouter launched a program and the antenna began to intercept the cellphones and laptop signals in the establishment. Then he ran the classic “man in the middle” attack, making his network to be the intermediary between the victim and the source: users believe they were connecting to the local network, but instead they were connected to the fictitious one the security expert deployed. He claims all the programs needed to do this can be easily downloaded from the internet.

In a short period of time, 20 users were connected to the network. But not only that, Slotboom was able to get their MacIDs and even see the specifications of their mobile phones, an information that could have easily been used for detecting the security gaps of each device. He even discovered what application was using each user.

This hacker asked the Dutch journalist who accompanied him to write his username and password. Within seconds, the data was in his possession. If we use the same password on multiple services, a technique not recommended but highly used, a cyber-attacker could easily access all the details of our virtual life. He also explained how to divert traffic, making the user believe he is entering his banks’ web but instead he is in a cloned site.  This technique can be used to clean you out virtually.

You are probably thinking that because Slotboom is a security expert these tasks come easy to him, but in fact even a child could access your devices if they are connected to a public network, literally. Recently, Betsy Davis, a seven-year-old British girl, was able to spy the communications of the devices around her, which were connected to a public WiFi network, in just ten minutes.

The virtual private network (VPN) provider Hidemyass conducted this experiment to point out these networks insecurities. Betsy created a Rogue Access Point (using the same attack “man in the middle”) and began intercepting data following just the instructions she found searching in Google. The messages from the other users of the public network started coming to her instead to arriving at their rightful recipient.

wifi street

If even Betsy is capable of spying on the devices connected to a public network, you should start being more careful and stop thinking that the people next to you in the coffee shop are harmless.

Although the best advice we can give you is not to use these networks, if you have to we recommend you to use a VPN service to connect through a private network, and that you access web pages with secure https protocol. Also avoid making bank transactions from an open network, in the unluckily event that there is a thieve waiting to empty your account.

Here you have some tips on how to connect to a public network safely, just in case. Its better be safe than sorry.

The post With only 70€ someone can steal your information on a public WiFi network! appeared first on MediaCenter Panda Security.

CentOS

CESA-2015:0794 Moderate CentOS 6 krb5 SecurityUpdate

CentOS Errata and Security Advisory 2015:0794 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0794.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
395aa571ff1ce0b19fb6f7615e3cd7ba1a44be0d97291d6768f70028621051c6  krb5-devel-1.10.3-37.el6_6.i686.rpm
5ea733d91e3d63148f3c9a9140dce4460b0e44d90ac8cefb32067e30da841964  krb5-libs-1.10.3-37.el6_6.i686.rpm
2a806635abf2bc7bc819e89a95ed644a06245deee7ab6b2124c8de6c7c64c23d  krb5-pkinit-openssl-1.10.3-37.el6_6.i686.rpm
be44fd07f926a391fb75caf3272b1239194b15d6637536e466331e5e58233e11  krb5-server-1.10.3-37.el6_6.i686.rpm
db92cd8d4154bb6d66b05c160ee4c993cdc062be0222be7b9f27d6e50eb0af09  krb5-server-ldap-1.10.3-37.el6_6.i686.rpm
90ac4ccf98a4b56d76c5418bf88af5f6ac2951863a3a8822e6da3e30511cdfaf  krb5-workstation-1.10.3-37.el6_6.i686.rpm

x86_64:
395aa571ff1ce0b19fb6f7615e3cd7ba1a44be0d97291d6768f70028621051c6  krb5-devel-1.10.3-37.el6_6.i686.rpm
d7c6513f3c96313d5f23c7211c9d2b8effb06199a1aaee82efa70cd58c26c437  krb5-devel-1.10.3-37.el6_6.x86_64.rpm
5ea733d91e3d63148f3c9a9140dce4460b0e44d90ac8cefb32067e30da841964  krb5-libs-1.10.3-37.el6_6.i686.rpm
b1d47512686365f16bc55567ad6d57ed15982c6852ac6230e5d00c2a091428fe  krb5-libs-1.10.3-37.el6_6.x86_64.rpm
c8600323ef8c6e8102d2c675c60eb32d3f0d774878ec131084b1e0cf7265edac  krb5-pkinit-openssl-1.10.3-37.el6_6.x86_64.rpm
2348489635b660b008b7e3570bc2f816d24d53da3ee64fffad49a798692902e0  krb5-server-1.10.3-37.el6_6.x86_64.rpm
db92cd8d4154bb6d66b05c160ee4c993cdc062be0222be7b9f27d6e50eb0af09  krb5-server-ldap-1.10.3-37.el6_6.i686.rpm
5fe443372e9cd465648371fc6e144ba36a983e2332f2a2ca4308fa4a4e47f882  krb5-server-ldap-1.10.3-37.el6_6.x86_64.rpm
dcd5f1801eb89556bf8b987f4af369653373d5938adfdddc0592be4c6ecf182a  krb5-workstation-1.10.3-37.el6_6.x86_64.rpm

Source:
44da125def3113c2ac45dc40ba7f7365126362bd19aeb7c67da1fa842ca9d2ae  krb5-1.10.3-37.el6_6.src.rpm
Full Disclosure

SEC Consult SA-20150409-0 :: Multiple XSS & XSRF vulnerabilities in Comalatech Comala Workflows

Posted by SEC Consult Vulnerability Lab on Apr 09

SEC Consult Vulnerability Lab Security Advisory < 20150409-0 >
=======================================================================
title: Multiple XSS & XSRF vulnerabilities
product: Comalatech Comala Workflows
vulnerable version: <= 4.6.1
fixed version: 4.6.2 for Confluence 5.4+ and 4.5.4 for Confluence 4.3+
impact: High
homepage:…