The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC’s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.
Monthly Archives: July 2015
CVE-2015-4232
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
CVE-2015-4234
Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.
CVE-2015-4237
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
CVE-2015-4239
Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220.
PC Per la SCUOLA – Ricondizionati Microsoft – Antivirus GRATIS
Shopping via Selfie is the next thing …
Now the favorite past time of some (namely taking selfies!) might actually become a legit payment method for MasterCard users. The company is experimenting with a feature called ID Check, which would scan your face (or your fingerprint, depending on what you choose) in order to approve an online purchase. Basically they are trying to go full blown biometric.
Ajay Bhalla, the MasterCard executive who’s in charge of the new payment methods told CNN: “The new generation, which is into selfies … I think they’ll find it cool. They’ll embrace it.“
Why MasterCard would do something like that? Definitely not only to please us youngster, but also to cut down fraud, it seems. The US trial is supposed to start very soon with a limited customer base of 500. The launch will follow sometime after that.
If you’re afraid that you’ll need a selfie stick in order to make payments with your MasterCard in the future, don’t worry too much: The way the system is described you’ll just install the MasterCard app, purchase something, and once you want to pay a pop up appears. Now you can choose to complete the payment with a fingerprint scan or via said selfie. According to CNN “you stare at the phone — blink once — and you’re done. MasterCard’s security researchers decided blinking is the best way to prevent a thief from just holding up a picture of you and fooling the system.” Easy peasy, right?
Well, let’s see how it will work out and what’s next: Bhalla also said that MasterCard is experimenting with voice recognition and approving transactions by recognizing your heartbeat …
The post Shopping via Selfie is the next thing … appeared first on Avira Blog.
What is the right age to learn about online safety?
When our kids are just about knee high to a grasshopper we start the process of teaching them things to keep them safe, whether it’s that the cooker is hot or that crossing the road could be dangerous.
The process of crossing the road starts at a young age, we hold their hands and stand near the edge of the sidewalk and talk to them about looking both ways and listening, then under our guidance we walk them across the road. As time progresses we ask them to do the looking and listening, we do it too and then we cross the road on their instruction but with us close by having checked that its safe to do so.
The final stage of this is their first outing to the shop, whether for candy or a newspaper we send them off on the big adventure of being grown up enough to step out on their own.
I often get asked at what age should we be talking to our kids about internet safety, my answer is simple, as soon as you let them start using it. Their experience online should be similar to the way we teach them to cross the road, first we do things with them and then with time and experience they step out to do things on their own.
Our recent survey of 2200 parents in the UK shows that 40% of parents with children aged 4-6 have not yet educated their children on the possible dangers and a quarter of them have no plans to give any guidance to their kids. I am certain that if I asked the same question about crossing the road the percentage would be much lower.
More than 40% believed that their kids are sensible enough not to need it, does this mean that parents don’t know the challenges themselves or that they just feel uncomfortable in having what can be an awkward conversation.
24% of parents have no plans to teach their child about Internet safety. @TonyAtAVG is talking at #cisafe pic.twitter.com/xNC6hfxXsQ
— AVGFree (@AVGFree) July 3, 2015
The Internet offers our kids a learning and communication experience that we only thought possible in science fiction movies when we were kids, flat screens, voice activation, video on demand and an endless supply of data and information to keep our lives enriched with content.
With the world very much at their finger tips our kids need our wisdom, maturity and knowledge to guide them in accessing the wealth of information and entertainment available to them. As with anything in life there are risks, but they become very minimized if we are equipped to deal with them.
RHSA-2015:1207-1: Critical: firefox security update
Red Hat Enterprise Linux: Updated firefox packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2731, CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740, CVE-2015-2741, CVE-2015-2743
RHSA-2015:1206-1: Important: openstack-cinder security and bug fix update
Red Hat Enterprise Linux: Updated openstack-cinder packages that fix one security issue and multiple
bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0
and 6.0.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
CVE-2015-1851