Zhone ADSL2+ 4P Bridge & Router (Broadcom) – Multiple Vulnerabilities

Posted by Vulnerability Lab on Sep 03

Document Title:
===============
Zhone ADSL2+ 4P Bridge & Router (Broadcom) – Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1591

Download: http://www.zhone.com/support/downloads/cpe/6218-I2/6218-I2_R030220_AnnexA.zip

Release Date:
=============
2015-09-03

Vulnerability Laboratory ID (VL-ID):
====================================
1591

Common Vulnerability Scoring…

New Versions of Carbanak Banking Malware Seen Hitting Targets in U.S. and Europe

New variants of the notorious Carbanak Trojan have surfaced in Europe and the United States, and researchers say that the malware now has its own proprietary communications protocol and the samples seen so far have been digitally signed. Carbanak has been in use for several years, and researchers at Kaspersky Lab earlier this year revealed the […]

Mr. Robot Review: zer0-day.avi

via: USA Networks

The season finale of Mr. Robot left me asking myself many questions. The big question that most of the characters in the show asked themselves as well was: Where is Tyrell?

What exactly happened while Elliot was in Tyrell’s car? Did Tyrell execute the plan to bring down E Corp or did Elliot? Why is Angela now working for E Corp? Who really put that video of Elliot falling from the boardwalk on the James Bond-like sunglasses USB stick? Did Angela really have to go shopping for designer shoes after James Plouffe’s suicide? Does she not own more than one pair of high heels? Who is knocking on Elliot’s door at the end of the episode?

I admit, I initially stopped watching as the credits came, but then I read online that that was a big mistake. There is a scene that comes after the credits, which, of course, left me asking myself two more questions: Why is White Rose meeting with the CEO of E Corp? Does E Corp really know that Elliot is behind the take down?

However, one very important question that I have been asking myself for the last 15 years was finally answered in this episode. FSociety let the dogs out.

In addition to the numerous plot questions, I had two technical questions after watching the episode. I sat down with senior malware analyst, Jaromir Horejsi, who kindly answered my questions for me.

In the opening scene, Krista meets with her ex-boyfriend Michael, aka Lenny. Lenny needs more evidence to prosecute Elliot. “He was routing through something called proxies or something, out in Estonia, he’s untraceable,” Lenny told Krista.

Stefanie: What is a proxy? How did this process make Elliot untraceable?

Jaromir:  A proxy, or proxy server, acts as the middleman when you request information from servers over the web. Proxies are used for a variety of reasons. Schools and commercial organizations sometimes use proxies to control which content is accessed within the school or organization. Proxies can also be used to circumvent geo-location content restrictions. In this case, the person’s true IP address is not revealed to the server the person is accessing, rather the person connects to the server via a proxy located in a different country.

In this case, Elliot used a proxy to anonymize his web traffic. The server that Elliot requests a web page from receives his request from an anonymizing proxy server, which in the example Lenny gives, was located in Estonia. The proxy server then forwards the web page to Elliot. If configured properly, anonymizing proxy servers delete all logs and traces of requests made ,in addition to keeping the user’s IP address anonymous.

At minute 14:35  Elliot tries to figure out what exactly happened. He mentions a simple program, a worm that can make data unreadable. Malware that took Darlene maybe two hours to code. He also mentions that Darlene encrypted everything with 256-bit AES and that because of this, it would take an incomprehensible amount of time to crack the encryption.

Stefanie: What is 256-bit AES and why is it so hard to decrypt?

Jaromir: AES is an encryption method that was established by the U.S. National Institute of Standards and Technology. AES is a symmetric-key algorithm, which means the key used to encrypt the data is the same key that can decrypt the data. The lengths of the encryption key can be three different lengths: 128, 192 and 256 bits.

A 256-bit AES key is made up of 256 bits, which are made up of 1s and 0s. Meaning the key has 2e256  possible combinations, making it impossible to crack. A year ago, a reddit user posted his calculations of how long it would take to crack a 256-bit AES encryption. Here are his results:  “The universe itself only existed for 14 billion (1.4e10) years. It would take ~6.7e40 times longer than the age of the universe to exhaust half of the keyspace of a AES-256 key.”

I would like to thank all of the Avast experts who helped me understand the Mr. Robot hacks this season and look forward to discussing season two’s hacks with you :)

What did you think of the finale episode? Let us know us know in the comments below!

 

CESA-2015:1708 Important CentOS 7 libXfontSecurity Update

CentOS Errata and Security Advisory 2015:1708 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1708.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
d0c7cd0ab4dc74e06f81eea25702ae372b5185314cc740de0bfd4c1467e23572  libXfont-1.4.7-3.el7_1.i686.rpm
56c8af2cd14daecb5c232fc1857d9ff24392bdace0b749be37802393fcd22272  libXfont-1.4.7-3.el7_1.x86_64.rpm
db382660e3e64a5576d5063fa19954eb957b82d3d2e32baf19eb0c26d4f704eb  libXfont-devel-1.4.7-3.el7_1.i686.rpm
ae204ce0915b0846d92f0464c84260e7486410565dc8f13bf75f350bb6a7011e  libXfont-devel-1.4.7-3.el7_1.x86_64.rpm

Source:
e06340a5791527201c75f63c1646b8e1f913c8ec56ef5ac93b83bbb43ff910d6  libXfont-1.4.7-3.el7_1.src.rpm



CESA-2015:1705 Important CentOS 7 bind SecurityUpdate

CentOS Errata and Security Advisory 2015:1705 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1705.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
3c52fc07df91af417260ec7c29130f81f00a865c5bd3284c93129c9dcdc5e7bf  bind-9.9.4-18.el7_1.5.x86_64.rpm
5e52f4486b1ed795198d23b0d3c8d5148158bc8cf3afbd2625dc87c4937fade9  bind-chroot-9.9.4-18.el7_1.5.x86_64.rpm
97984e4b2dc9ad73865ac219fa40602405b4c6caa1591e90427527f7208c9498  bind-devel-9.9.4-18.el7_1.5.i686.rpm
e129f2cffbc8b78865ac4cb70bb6495ec6f6696973512da7940b9974a7baba11  bind-devel-9.9.4-18.el7_1.5.x86_64.rpm
37feef97c99d78c48cfa482cb74fe272fe32e1d3d2dc35fc3a93b66eb48e631f  bind-libs-9.9.4-18.el7_1.5.i686.rpm
4d0e36862620019210239c57a7a19cf2a9e496882d40c02918038515d021da8e  bind-libs-9.9.4-18.el7_1.5.x86_64.rpm
c7742baecb76658ad077932b01b776a4d61bfb3d5e5094468240d7990d6f7729  bind-libs-lite-9.9.4-18.el7_1.5.i686.rpm
7de89035c55c74b6f3db7a69f2a45515e88769f0bd366cb4514fca9a4d335621  bind-libs-lite-9.9.4-18.el7_1.5.x86_64.rpm
bf82732e738febb7bac091be60763080883504494066d378329f5d15a50c2abc  bind-license-9.9.4-18.el7_1.5.noarch.rpm
dbb2ab00757f4b7cd1f1165b5b0de8aafd8561b1c7fb992286b72339865bb9d0  bind-lite-devel-9.9.4-18.el7_1.5.i686.rpm
590e35f9fa11b348b14ef7d922cc8cc73fd650ad2dec77dc41b2fea47c08ec94  bind-lite-devel-9.9.4-18.el7_1.5.x86_64.rpm
6e7c4dd6e8f6c624a85ec7bac326987ac2db01e62ce6a9c3618e2cbb001873c8  bind-sdb-9.9.4-18.el7_1.5.x86_64.rpm
ccbce6e7a229ba65a6427c9c0267ae997781d31703e1306489dde62f51cdc445  bind-sdb-chroot-9.9.4-18.el7_1.5.x86_64.rpm
9d3650eb70e0438b6922c85afe13d3afccb30600661cb71abdd32a6e88d1d38b  bind-utils-9.9.4-18.el7_1.5.x86_64.rpm

Source:
0c812dfb6be8e0e42aa4e929d45394a28377c3b6603eeb1a6c6a3a8940c820ab  bind-9.9.4-18.el7_1.5.src.rpm



CESA-2015:1706 Important CentOS 5 bind SecurityUpdate

CentOS Errata and Security Advisory 2015:1706 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1706.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
bba46a116e6b5186632655032db42a9ff77c7b0ef3076e21cb4805d8c1c88a8b  bind-9.3.6-25.P1.el5_11.4.i386.rpm
4de4794280e628d8267ef18e2706cd2cf9928efa3f2088d8b208cf4362946e3c  bind-chroot-9.3.6-25.P1.el5_11.4.i386.rpm
157ff53e52f56d2b53fe52a1e59bf775934ce43013b99287fea3314c713748a6  bind-devel-9.3.6-25.P1.el5_11.4.i386.rpm
088c619c002bb48d1f4b5f1349eb16ce76caf4f5caaef2839654c98ce16ac16f  bind-libbind-devel-9.3.6-25.P1.el5_11.4.i386.rpm
840aa7dbbd9f434e04ebd8a0cdfbe5e78b5a93c5f576144ec7e5ec64410745b5  bind-libs-9.3.6-25.P1.el5_11.4.i386.rpm
f9a1f759794832717f63ceef8bc83b455f456a59458e9e79ed4236dd008fb8d7  bind-sdb-9.3.6-25.P1.el5_11.4.i386.rpm
d8095ae46d01160f9dbe82762b8b2c00a6dc91846cb2f362dc1f8c38432c147d  bind-utils-9.3.6-25.P1.el5_11.4.i386.rpm
5aa82705c9a3da0d61378003c49c6b384b1ed649cc55e982ae2a9056e2cf6adf  caching-nameserver-9.3.6-25.P1.el5_11.4.i386.rpm

x86_64:
c308da83d5f57ea6aefc77a5ae0d6af76b0835dab55d6e06d2aaaeade5b2d422  bind-9.3.6-25.P1.el5_11.4.x86_64.rpm
10f51b1209242695ef78d9717b0954a1a53511f83ca2827e0ba5b8969636b39e  bind-chroot-9.3.6-25.P1.el5_11.4.x86_64.rpm
157ff53e52f56d2b53fe52a1e59bf775934ce43013b99287fea3314c713748a6  bind-devel-9.3.6-25.P1.el5_11.4.i386.rpm
5bf1a1f68758dbb84f1e5f3a4b5055d6f0aab041355d0e02c4894f98da4723f3  bind-devel-9.3.6-25.P1.el5_11.4.x86_64.rpm
088c619c002bb48d1f4b5f1349eb16ce76caf4f5caaef2839654c98ce16ac16f  bind-libbind-devel-9.3.6-25.P1.el5_11.4.i386.rpm
821d9a5b24aa6feeefb47e504bdee4ed13bfc1ceddc66ba269b23391373e5a78  bind-libbind-devel-9.3.6-25.P1.el5_11.4.x86_64.rpm
840aa7dbbd9f434e04ebd8a0cdfbe5e78b5a93c5f576144ec7e5ec64410745b5  bind-libs-9.3.6-25.P1.el5_11.4.i386.rpm
a88cd1532c1a2014b5defd709c75bea6d36803f07aa04970b01b44fedcf46a1d  bind-libs-9.3.6-25.P1.el5_11.4.x86_64.rpm
980d8292429f0a873bd57a657a9e8051c47bdeca2077f640901fadb00d1a79b3  bind-sdb-9.3.6-25.P1.el5_11.4.x86_64.rpm
5751ec2f6f313ce7794269be03a2c9ca57146739474b883298ac0471fc185e48  bind-utils-9.3.6-25.P1.el5_11.4.x86_64.rpm
ab9869976e37f4144693efb8653cb2c7001edfed8dd9347abf5ed67d9fa8c837  caching-nameserver-9.3.6-25.P1.el5_11.4.x86_64.rpm

Source:
6a45a7a6b9535bf75e9efe1e14abd1f71f4aef4cc298ff569bd3092c468a049d  bind-9.3.6-25.P1.el5_11.4.src.rpm



CESA-2015:1707 Important CentOS 5 bind97 SecurityUpdate

CentOS Errata and Security Advisory 2015:1707 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1707.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
93518ae05069f07cee1d3c342811afff6dd9cde162e3b6718b9c5bd7ea01bbd1  bind97-9.7.0-21.P2.el5_11.3.i386.rpm
2d5bc214ecf7c70b65daf7b6972caa0f065db4ba48ead25628f7f1f5394e4388  bind97-chroot-9.7.0-21.P2.el5_11.3.i386.rpm
bdcd6f99d94058974438d749db7efa81a2722ba0243fad11f721c625871b418b  bind97-devel-9.7.0-21.P2.el5_11.3.i386.rpm
f719d43543c8cc4e8228ab687af750b7c98f9d6f070da4e0801c85c580fd56c2  bind97-libs-9.7.0-21.P2.el5_11.3.i386.rpm
3898e53d5b8f3e4b1aa8e5569d243d1bb787eabad42f185fdb28edf45cbfcf8d  bind97-utils-9.7.0-21.P2.el5_11.3.i386.rpm

x86_64:
1578c42cc5e522954fb8d8a2e4e4f304cd7af44b77f057a1ee49dfcfc573ef8c  bind97-9.7.0-21.P2.el5_11.3.x86_64.rpm
5e04566783c2cc1c423b7d1c3d990545abd864fd51e2a74e68df93396b55ed7b  bind97-chroot-9.7.0-21.P2.el5_11.3.x86_64.rpm
bdcd6f99d94058974438d749db7efa81a2722ba0243fad11f721c625871b418b  bind97-devel-9.7.0-21.P2.el5_11.3.i386.rpm
07a3ff80544201f6792fabc697373c6e012abbc34f9803ef6b22d98b0e6b4784  bind97-devel-9.7.0-21.P2.el5_11.3.x86_64.rpm
f719d43543c8cc4e8228ab687af750b7c98f9d6f070da4e0801c85c580fd56c2  bind97-libs-9.7.0-21.P2.el5_11.3.i386.rpm
a5583bc99a031162392ad555e2fbb75b7e6c87fc524d60bd9ecce287be1b7e43  bind97-libs-9.7.0-21.P2.el5_11.3.x86_64.rpm
65cfdf01abb9b673bbb5940eee2212ce11677e5b048d57fc7447c0e6fc9abfe5  bind97-utils-9.7.0-21.P2.el5_11.3.x86_64.rpm

Source:
2e05b776888819f6aa86cabf1a3a11bc87a0f07ccd8b21ac4406d4c2fc635609  bind97-9.7.0-21.P2.el5_11.3.src.rpm