Monthly Archives: July 2015

Ubuntu

USN-2674-1: MySQL vulnerabilities

Ubuntu Security Notice USN-2674-1

21st July, 2015

mysql-5.5, mysql-5.6 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in MySQL.

Software description

  • mysql-5.5
    – MySQL database

  • mysql-5.6
    – MySQL database development files

Details

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.44 in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and
Ubuntu 14.10. Ubuntu 15.04 has been updated to MySQL 5.6.25.

In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.

Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html
http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-25.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
mysql-server-5.6

5.6.25-0ubuntu0.15.04.1
Ubuntu 14.10:
mysql-server-5.5

5.5.44-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:
mysql-server-5.5

5.5.44-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
mysql-server-5.5

5.5.44-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-2582,

CVE-2015-2611,

CVE-2015-2617,

CVE-2015-2620,

CVE-2015-2639,

CVE-2015-2641,

CVE-2015-2643,

CVE-2015-2648,

CVE-2015-2661,

CVE-2015-4737,

CVE-2015-4752,

CVE-2015-4757,

CVE-2015-4761,

CVE-2015-4767,

CVE-2015-4769,

CVE-2015-4771,

CVE-2015-4772

Full Disclosure

Why Full Disclosure is the solution ? An example with RIPE

Posted by Pierre Kim on Jul 22

Note: this email has been sent to Full-Disclosure and has been
blogposted to: https://pierrekim.github.io/blog/2015-07-22-why-full-disclosure-is-the-solution-an-examble-with-ripe.html

TL;DR: hashes list from the RIPE database has been posted to MEGA,
containing usable hashes from 2011 to July 2015.
( https://mega.co.nz/#!xMIxHZCT!EgWNb65ERsTf5URgBNq8VW_flzXSNbO3URwE0nqtsXY )

The human is reluctant to change. Full Disclosure is, sometimes, the…

Full Disclosure

RainbowCrack Plugin for Oracle hashes (<=10g)

Posted by bob secse on Jul 22

Hello everyone,

RainbowCrack (http://project-rainbowcrack.com/) doesn’t implement Oracle
hashes <=10g (7-10g R2) in last versions.

There is a plugin for RainbowCrack that implements this algorithm:
https://github.com/quentinhardy/RainbowCrackPlugin
This plugin can be used to:
– generate Oracle rainbow tables with a fixed username (ex: SYS).
– crack Oracle hashes.

I have tested this plugin with the latest version of RainbowCrack (1.6.1)…

NVD

CVE-2015-4651

The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

NVD

CVE-2015-4652

epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.