Posted by CORE Advisories Team on May 13
1. Advisory Information
Title: SAP LZC/LZH Compression Multiple Vulnerabilities
Advisory ID: CORE-2015-0009
Advisory URL: http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities
Date published: 2015-05-12
Date of last update: 2015-05-12
Vendors contacted: SAP
Release mode: Coordinated release
2. Vulnerability Information
Class: Out-of-bounds Write [CWE-787], Out-of-bounds Read [CWE-125]
Impact: Denial of service…
Posted by Vulnerability Lab on May 13
Document Title:
===============
Web India Solutions CMS 2015 – SQL Injection Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1495
Release Date:
=============
2015-05-13
Vulnerability Laboratory ID (VL-ID):
====================================
1495
Common Vulnerability Scoring System:
====================================
8.3
Product & Service Introduction:…
Power, functionality and great price drive top rating for the M440 and make it SC Magazine’s Recommended UTM Product
CentOS Errata and Security Advisory 2015:0998 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0998.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 85cce3eefbd38e1e2e0ace1ebe9a50352eefd8d67d098106c7dc5df16aa92ce4 qemu-guest-agent-0.12.1.2-2.448.el6_6.3.i686.rpm x86_64: 608a5a17faf2e9822cfcb5712b7352c88132e5cc5dd31484cb124e7c97095329 qemu-guest-agent-0.12.1.2-2.448.el6_6.3.x86_64.rpm 9a125f14d860f05bb37195262b2fd81c262124b0f507fe18e78b139ff6777a8e qemu-img-0.12.1.2-2.448.el6_6.3.x86_64.rpm 4fe4a06b5af8e7b2fe59cf298d5427094ef9884f5bdbbfb646981c14d97a11f9 qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64.rpm 685610c1cf705c945cc82cef5d22aa7671b85d2725003c89e1bc98ad2552c5a4 qemu-kvm-tools-0.12.1.2-2.448.el6_6.3.x86_64.rpm Source: 8b538ce2fe691c5f4f7b1b8b5b7462aef670d6edd1d92d7773347059c1e1a4d5 qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm
The website of celebrity TV chef and food activist Jamie Oliver has been compromised with malware for the third time this year, potentially infecting the computers of the site’s visitors.
The post Jamie Oliver website makes a meal of malware clean-up appeared first on We Live Security.
CentOS Errata and Security Advisory 2015:1002 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1002.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: e271add705175b58f8505ecad07872ab4e5c0bf7c4b582f9121823099be6d777 xen-3.0.3-146.el5_11.i386.rpm 7b56812f66439c7f911a8eb957a1e7afda7af859863d1e14f84ce7316fbebc66 xen-3.0.3-146.el5_11.i686.rpm 3274429d862babafba0489ab4de15d4e1e9db79f2ff71d7dba60a8a899e2b3dc xen-devel-3.0.3-146.el5_11.i386.rpm 50c4024367fe5079dbe2bb0a36b6fd4d8a1323416d3ef8ba88d7adb0ce075e50 xen-devel-3.0.3-146.el5_11.i686.rpm 616f43070e2c587a23a823c6ef2fa41523c440bbde1f482a077a0ecbe121afcc xen-libs-3.0.3-146.el5_11.i386.rpm f7eedd32666061cd26c9f60f19dc0cd0b4de8ce2b7bde1937dcba7f7a6b267d2 xen-libs-3.0.3-146.el5_11.i686.rpm x86_64: 03b0f66cbd78066575ddd044e650c243a721435e16c250b4171c3304bd300893 xen-3.0.3-146.el5_11.x86_64.rpm 3274429d862babafba0489ab4de15d4e1e9db79f2ff71d7dba60a8a899e2b3dc xen-devel-3.0.3-146.el5_11.i386.rpm 02b72fe85bdf0d1eb26838ad26455886bc365002f67792386bd6848db4959830 xen-devel-3.0.3-146.el5_11.x86_64.rpm 616f43070e2c587a23a823c6ef2fa41523c440bbde1f482a077a0ecbe121afcc xen-libs-3.0.3-146.el5_11.i386.rpm ae77d5c20d255b7b40033cc5988168003d3e58c307eef4a7fd182d45ddcc1503 xen-libs-3.0.3-146.el5_11.x86_64.rpm Source: e48d99b1f647c01f0336f7495dbafc4ca077569a948cb88dade3d357952e3542 xen-3.0.3-146.el5_11.src.rpm
CentOS Errata and Enhancement Advisory 2015:0958 Upstream details at : https://rhn.redhat.com/errata/RHEA-2015-0958.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 610d1b0af152950747452839f7e8cae7840983906a8e0d64dc2e67fa924441f5 openssl-0.9.8e-34.el5_11.i386.rpm 1618020fd68d5d612fb181508029515d2cc94e8429c8004a797ef1dbc1fa26fa openssl-0.9.8e-34.el5_11.i686.rpm 03655f5a652f7bf2255cdc2673f817ca0dec604540f52171079f400eceafa077 openssl-devel-0.9.8e-34.el5_11.i386.rpm 2a62b3080a29da4b6750f8ac6db00adf7f0fed258ddf2ac4779ae7ff1f0cd2f2 openssl-perl-0.9.8e-34.el5_11.i386.rpm x86_64: 1618020fd68d5d612fb181508029515d2cc94e8429c8004a797ef1dbc1fa26fa openssl-0.9.8e-34.el5_11.i686.rpm 7efae30dd617ba0937c77595b04bd9f7d47f138fa7853dc28d6f256abf887836 openssl-0.9.8e-34.el5_11.x86_64.rpm 03655f5a652f7bf2255cdc2673f817ca0dec604540f52171079f400eceafa077 openssl-devel-0.9.8e-34.el5_11.i386.rpm 553134cd587e415d1ccb2b73b2e2fb30370fa358127a9eca818407fca1f3b23c openssl-devel-0.9.8e-34.el5_11.x86_64.rpm c9eaac06a61688aa152741e1d1ba0378afcae8d4b2fe0907c9906605d15abc1b openssl-perl-0.9.8e-34.el5_11.x86_64.rpm Source: c699bb0d90fb7dea97307f670ef21de16deced9ab7846fc05057c50629e16335 openssl-0.9.8e-34.el5_11.src.rpm
The reason why botnets like that can even exist? According to a study by Incapsula it’s simple negligence – by ISPs, vendors and users alike.
The attacks were first spotted last year in December and seem to be ongoing ever since. More than 40,000 infected routers from 1,600 ISPs all over the world have been documented. When not used to execute DDoS (distributed denial of service) attacks the routers do something rather scary: In their idle time they use their resources to scan for additional routers to recruit!
“Our analysis reveals that miscreants are using their botnet resources to scan for additional routers to add to their “flock.” They do so by executing shell scripts, searching for devices having open SSH ports which can be accessed using default credentials.
Facilitating the infiltration, all of these under-secured routers are clustered in the IP neighborhoods of specific ISPs, which provide them in bulk to end users. For perpetrators, this is like shooting fish in a barrel, which makes each of the scans that much more effective. Using this botnet also enables perpetrators to execute distributed scans, improving their chances against commonplace blacklisting, rate-limiting and reputation-based defense mechanisms”, the study says.
The researchers believe that the routers were not hacked by means of vulnerabilities in the firmware but were hijacked due to other issues: all units are remotely accessible via HTTP and SSH on their default ports and nearly all of them are configured with vendor-provided default login credentials.
This combination invites trouble and DDoS attacks are only one of the possible threats resulting from it. Attackers could just as well:
Make sure to always change the default login credentials. That’s something every router owner should do from the start. You should also think twice before enabling remote access to your router management interface.
The post Mass-Scale Abuse of Routers Due to Lax Security appeared first on Avira Blog.
Following investor briefings this week in New York and the recent acquisition announcement of UK based Privax Ltd., makers of the popular ‘HMA! Pro VPN’, it has been a busy time at AVG.
This is the second time that the AVG executive team has had the privilege of ringing the opening bell, doing so in 2012 when it first listed on the exchange. Now with 200 million active users, and over half of them on mobile devices, AVG is once again celebrating.
The NYSE was founded in 1817 and the original signal to open and close the market was a gavel, but during the late 1800’s this changed to a gong. And then in 1903 the gong was switched to the bell format seen today.
Famous NYSE bell ringers have included Joe DiMaggio of the New York Yankees, Nelson Mandela, Kofi Annan and even fictional characters such as Micky Mouse and Darth Vader.
Standing on the NYSE podium and pushing the button that signals the bells to ring is seen by many as a great honor and a lifetime achievement. We couldn’t be more proud of our executive team at AVG for their hard work and tireless dedication for this well deserved recognition.
