CentOS Errata and Bugfix Advisory 2015:1827 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1827.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: b92fe0b2b37e45d24d94a869ef24c38d0e415d9dbec122834409973b06ffa550 kernel-2.6.32-573.7.1.el6.i686.rpm 4604d03db10a65c6a7fd42127a0fde427f7e039e3c0abcfddf51eaa5c3f24248 kernel-abi-whitelists-2.6.32-573.7.1.el6.noarch.rpm d1495ed4bdeadc9b95bd0c3aa648668db9b747505e86eaffe9539e77071d0c33 kernel-debug-2.6.32-573.7.1.el6.i686.rpm 2981ed4f4e52348bc896dcc82e731519bb7e170b80e793fd76b6b8de8e4237bb kernel-debug-devel-2.6.32-573.7.1.el6.i686.rpm 244d5c5416fe86e5fc72782bcac76c56781de1858c7e9e40443aa4bec0dd7228 kernel-devel-2.6.32-573.7.1.el6.i686.rpm 8ee59ef84778fd5fb5e5b38d48eef13aa162674e2c81a3882062be59a6738aa2 kernel-doc-2.6.32-573.7.1.el6.noarch.rpm ff6f44de69d644737ffa8227afd3cec403c51030ed88fe128087d6331d6e777b kernel-firmware-2.6.32-573.7.1.el6.noarch.rpm 3afc157dd6f5aae5d345d47286f506cc5990158b515757c42affecf5a9777835 kernel-headers-2.6.32-573.7.1.el6.i686.rpm 8f68a87eeb8499822246e786dde320d58b976a9e3bd71c534bb15bcb6043324e perf-2.6.32-573.7.1.el6.i686.rpm 999151ff5072de298c198d09a2e9250441fdde47c8d85200a868f03b5c4bce59 python-perf-2.6.32-573.7.1.el6.i686.rpm x86_64: 86dee3590cd4d0b9314a6d0c179906193da413bfb47409612eebaa8ef384b6bc kernel-2.6.32-573.7.1.el6.x86_64.rpm 4604d03db10a65c6a7fd42127a0fde427f7e039e3c0abcfddf51eaa5c3f24248 kernel-abi-whitelists-2.6.32-573.7.1.el6.noarch.rpm 2fa77db911cb09a861210eb49598938105f6a4cc497c824430e5ca3143904de9 kernel-debug-2.6.32-573.7.1.el6.x86_64.rpm 2981ed4f4e52348bc896dcc82e731519bb7e170b80e793fd76b6b8de8e4237bb kernel-debug-devel-2.6.32-573.7.1.el6.i686.rpm 0d417511a1688e9be97f8cdc786c35fdb4df1095905d8dc9313ac0d7511acab4 kernel-debug-devel-2.6.32-573.7.1.el6.x86_64.rpm 42410a009bf3f99a89b3405f1ed14737f940582cfb3b635653469a3c755a5e09 kernel-devel-2.6.32-573.7.1.el6.x86_64.rpm 8ee59ef84778fd5fb5e5b38d48eef13aa162674e2c81a3882062be59a6738aa2 kernel-doc-2.6.32-573.7.1.el6.noarch.rpm ff6f44de69d644737ffa8227afd3cec403c51030ed88fe128087d6331d6e777b kernel-firmware-2.6.32-573.7.1.el6.noarch.rpm 25f57d1e14dccf01cf3b5985e725e6488ea35cf496e7502292153b041504bc1a kernel-headers-2.6.32-573.7.1.el6.x86_64.rpm 373adb0f0c0b1a28bf67e5c6890f4bcc68b2dfefc0c0ba084dcd89d00cb7eeb9 perf-2.6.32-573.7.1.el6.x86_64.rpm cad2c0c727790d5f2231aef8c6b4b2d7b58e28592e507ed103f7b1a36afdf096 python-perf-2.6.32-573.7.1.el6.x86_64.rpm Source: 0fc4befb89b58cb8e85ac5af4804a0e794cb9277450df329cd0374def56b601e kernel-2.6.32-573.7.1.el6.src.rpm
Monthly Archives: September 2015
CESA-2015:1834 Critical CentOS 5 firefox SecurityUpdate
CentOS Errata and Security Advisory 2015:1834 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1834.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: a8f505047679a55383623de4619722c08f4cbc1451f0985efe3a4005a4447a72 firefox-38.3.0-2.el5.centos.i386.rpm x86_64: a8f505047679a55383623de4619722c08f4cbc1451f0985efe3a4005a4447a72 firefox-38.3.0-2.el5.centos.i386.rpm 7552c47343e9f9e3f490b9f5fbe1c66413e8e6e9b8458bb5aaa98f3035a26c0c firefox-38.3.0-2.el5.centos.x86_64.rpm Source: a04e2ec4b441bc6fa739fcbb3477f9bf5596868a6e399f939b02197da7505f32 firefox-38.3.0-2.el5.centos.src.rpm
Apple removes malicious apps from App Store
image via TechInsider
While the rest of us were soaking up the last of the season’s sunshine, Apple researchers spent the weekend removing hundreds of malicious apps for iPhone and iPad from the iOS App Store.
“The recent exploit on Apple has shown us that even Apple’s system can be compromised quite easily,” said Avast security researcher Filip Chytry. “While this time nothing significant happened, it is a reminder that having everything under an Apple system could potentially make a system vulnerable.”
The malware seems to have been focused on Chinese users. Chinese media reported more than 300 apps including the popular instant messaging service WeChat, Uber-like taxi hailing program Didi Kuaidi, banks, airlines, and a popular music service were infected.
The malicious software programs got by Apple’s strict review process in an ingenious way. Hackers targeted legitimate app developers by uploading a fake version of Xcode, Apple’s development software used to create apps for iOS and OS X, to a Chinese server. It’s a large file, and reportedly quite slow to download from Apple’s U.S. servers, so to save time, unwitting Chinese developers bypassed the U.S. server and got their development tools from the faster Chinese server. Once their apps were completed, the malicious code traveled Trojan-horse style to the App Store.
“If hackers are able to exploit one entry point, they are able to attack all of the other iOS devices – and the fact that Apple doesn’t have a big variety of products makes it easier,” said Chytry.
Apps built using the counterfeit tool could allow the attackers to steal personal data, but there have been no reports of data theft from this attack.
“Regarding this specific vulnerability, consumers shouldn’t worry too much, as sandboxing is a regular part of the iOS system,” said Chytry.
A sandbox is a set of fine-grained controls that limit the app’s access to files, preferences, network resources, hardware, etc.
“As part of the sandboxing process, the system installs each app in its own sandbox directory, which acts as the home for the app and its data. So malware authors cannot easily access sensitive data within other apps,” said Chytry.
In a statement Apple said, “To protect our customers, we’ve removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.”
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
CESA-2015:1834 Critical CentOS 6 firefox SecurityUpdate
CentOS Errata and Security Advisory 2015:1834 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1834.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d6d11136c88446527f96dddab02f45bc5b33a5847150aadc8fdd4aeb0da2d574 firefox-38.3.0-2.el6.centos.i686.rpm x86_64: d6d11136c88446527f96dddab02f45bc5b33a5847150aadc8fdd4aeb0da2d574 firefox-38.3.0-2.el6.centos.i686.rpm 0d8e633b4f9e576aeb6452804e2d14a5d59a4c0c89eca93f0d0dad6678f1f538 firefox-38.3.0-2.el6.centos.x86_64.rpm Source: 5033d28c5ebad5b1a683f431b14e1b9cb3430636d257025ec0743aff48c84e56 firefox-38.3.0-2.el6.centos.src.rpm
Obtaining LAN IP from JavaScript for CSRF
Posted by Craig Young on Sep 22
I recently came across an interesting PoC on GitHub for utilizing STUN to
determine a local LAN IP via JavaScript. This was surprising to me since I
thought you generally shouldn’t be able to identify the LAN IP in
JavaScript so I have started using this in CSRF exploit demonstrations.
A brief explanation including a link back to the original work is on the
Tripwire State of Security blog here:…
CESA-2015:1834 Critical CentOS 7 firefox SecurityUpdate
CentOS Errata and Security Advisory 2015:1834 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1834.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 2e0883c7ab4ac5b9426b4e1ea246597ff2d0b62c129d843f53098df3816bf939 firefox-38.3.0-2.el7.centos.i686.rpm 5142b476f4db6a96d8530190301546f7f0e36ac9c596fab5950485cb29315a92 firefox-38.3.0-2.el7.centos.x86_64.rpm Source: ff770fd42adcaa58e5a5403e69f909ef404f2d98ba2918f8a57337ffed0f77ce firefox-38.3.0-2.el7.centos.src.rpm
Windows Kernel Pool Buffer Overflow Drawing Caption Bar
This proof of concept exploit triggers a crashes due to a pool buffer overflow while drawing the caption bar of window.
CESA-2015:1833 Moderate CentOS 6 qemu-kvmSecurity Update
CentOS Errata and Security Advisory 2015:1833 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1833.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 74e962237c0f5ca9cd9390e555f307d1b43ca2a94c06f380c060a24c82cac944 qemu-guest-agent-0.12.1.2-2.479.el6_7.1.i686.rpm x86_64: e17eedbd90166748b6a2889155ad5458e0ebbaff3bd22e26a2ef629a5a0d9b6a qemu-guest-agent-0.12.1.2-2.479.el6_7.1.x86_64.rpm e8ced38199a16b79a581a72914663485822e498d5cf5448ab61d7dd1c84dbf6f qemu-img-0.12.1.2-2.479.el6_7.1.x86_64.rpm c02c85931201cf7cfb3a1c6ac44233b0248b808e6b33ff90705c1626c07e96b7 qemu-kvm-0.12.1.2-2.479.el6_7.1.x86_64.rpm fe6a3b8e8a83c9898cdba23155f9e08b8d9cdb31d272170c37e18ef37791f792 qemu-kvm-tools-0.12.1.2-2.479.el6_7.1.x86_64.rpm Source: aa47209436c74dee9be426c42c392dbfff417e3eb9d78692aa994f0c585b2c8b qemu-kvm-0.12.1.2-2.479.el6_7.1.src.rpm
CEBA-2015:1811 CentOS 6 bash BugFix Update
CentOS Errata and Bugfix Advisory 2015:1811 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1811.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: a732121d43926323882fa3d3915353221e61f27d5d42ae8c83082d0105728392 bash-4.1.2-33.el6_7.1.i686.rpm f8ad24f27a19a6f5995ee6cb5bfc6a6153596719e69bd988f8072c5b19e6033c bash-doc-4.1.2-33.el6_7.1.i686.rpm x86_64: 826458427d489d10472843abb8785c08a5f25e223354f292c63cbc5e685cfc35 bash-4.1.2-33.el6_7.1.x86_64.rpm b72cb0929fcf3fb7216c5b39beae126cf5c81040c2f866251bb7d831fc3f493d bash-doc-4.1.2-33.el6_7.1.x86_64.rpm Source: f917ba1d5b4ded250eda214d48d6d99e1f656791613c58668205bf99107c07d9 bash-4.1.2-33.el6_7.1.src.rpm
CEBA-2015:1810 CentOS 6 initscripts BugFix Update
CentOS Errata and Bugfix Advisory 2015:1810 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1810.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: b15e2d990c30a120914253ababba6722c57784991709e24c44796b85ba73f117 debugmode-9.03.49-1.el6.centos.1.i686.rpm bde979967aa112d05c41093cd24ab9aee6ddb62f77d279b22e1418311c895b3b initscripts-9.03.49-1.el6.centos.1.i686.rpm x86_64: b888239bb001e1e3e8a6d1b30550e5fa2bbbd8502312c83a827906b7fed97eaf debugmode-9.03.49-1.el6.centos.1.x86_64.rpm 4523bf8f58cf2dee1342d1714f81d075ef897be19d50c84d43bcf3110771b9e5 initscripts-9.03.49-1.el6.centos.1.x86_64.rpm Source: 25db034f65d8c2635f17e3020800135d20a7a5ba62a76e6d1a4c621348a5ec0c initscripts-9.03.49-1.el6.centos.1.src.rpm