The EN100 module with firmware before 4.25 for Siemens SIPROTEC 4 and SIPROTEC Compact devices allows remote attackers to cause a denial of service via crafted packets on UDP port 50000.
Monthly Archives: July 2015
RE: Donation Offer
________________________________ From: Stavris, Karen Sent: Saturday, July 18, 2015 5:23 AM To: Stavris, Karen Subject: Donation Offer You Have Been Picked For A Donation , Email: ( [email protected] ) For More Details
How to thoroughly wipe your phone before selling it
Make sure your Android phone is wiped clean before you sell it.
Every day, tens of thousands of people sell or give away their old mobile phones. We decided to buy some of these used phones to test whether they had been wiped clean of their data. What we found was astonishing: 40,000 photos including 750 photos of partially nude women and more than 250 male nude selfies, 750 emails and texts, 250 names and addresses, a collection of anime porn, a complete loan application, and the identity of four of the previous phone owners.
How did we recover so much personal data?
The problem is that people thought they deleted files but the standard features that came with their operating system did not do the job completely. The operating system deleted the corresponding pointers in the file table and marked the space occupied by the file as free. But in reality, the file still existed and remained on the drive.
With regular use of the device, eventually new data would overwrite the old data but since the person was selling the phone, that never happened and the files were still intact.
It works the same way on your PC. I used free software to recover deleted photos that I thought were missing forever because they had not been overwritten yet.
You can permanently delete data with Avast Anti-Theft
Avast’s free app for Android, Avast Anti-Theft, actually deletes and overwrites all of your personal files. All you do is follow these steps to delete personal data from your smartphone before you sell it or give it away.
1. Install Avast Anti-Theft on your Android device. The app is free from the Google Play Store.
2. Configure Avast Anti-Theft to work with your My Avast account. This gives you remote access to your phone through your PC.
3. Turn on the thorough wipe feature within the app.
4. Log in to your My Avast account from a PC to wipe your phone. This will delete and overwrite all of your personal data.
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
CVE-2015-3625
The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference.
DSA-3309 tidy – security update
Fernando Muñoz discovered that invalid HTML input passed to tidy, an
HTML syntax checker and reformatter, could trigger a buffer overflow.
This could allow remote attackers to cause a denial of service (crash)
or potentially execute arbitrary code.
GLSA 201507-20: PostgreSQL: Multiple vulnerabilities
DSA-3308 mysql-5.5 – security update
Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.44. Please see the MySQL 5.5 Release Notes and Oracle’s
Critical Patch Update advisory for further details:
Vuln: Adobe Reader and Acrobat JavaScript API Execution Multiple Security Bypass Vulnerabilities
Adobe Reader and Acrobat JavaScript API Execution Multiple Security Bypass Vulnerabilities
Vuln: Microsoft Internet Explorer CVE-2015-2412 Information Disclosure Vulnerability
Microsoft Internet Explorer CVE-2015-2412 Information Disclosure Vulnerability
Fedora 21 Security Update: httpd-2.4.16-1.fc21
Resolved Bugs
1243894 – CVE-2015-3185 CVE-2015-3183 CVE-2015-0253 httpd: various flaws [fedora-all]
1243887 – CVE-2015-3183 httpd: chunk header parsing defect
1243888 – CVE-2015-3185 httpd: replacement of ap_some_auth_required with new ap_some_authn_required and ap_force_authn
1243891 – CVE-2015-0253 httpd: a crash with ErrorDocument 400 pointing to a local URL-path
1202988 – CVE-2015-0228 httpd: Possible mod_lua crash due to websocket bug
1232127 – CVE-2015-0228 httpd: Possible mod_lua crash due to websocket bug [fedora-all]
1187888 – httpd-2.4.16 is available<br
Update to new version 2.4.16. This update fixed various bugs as well as few security issues.
For full changelog, see http://www.apache.org/dist/httpd/CHANGES_2.4.16