Kaspersky Lab Secures KVM Virtual Environments with New Version of Kaspersky Security for Virtualization
Monthly Archives: April 2016
Faraday 1.0.18
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
hardwear.io 2016 Call For Papers
hardwear is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. It will take place September 20th through the 23rd, 2016 in The Hague, Netherlands.
Release for CentOS Linux 7 Rolling media March2016
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am pleased to announce general availability of the March 2016 snapshot for CentOS Linux. This release includes CentOS Linux 7 iso based install media, Generic Cloud images, Atomic Host, Docker containers, Vagrant images, vendor hosted cloud images. This release set is tag'd 1603 and includes all updates released upto the 31st of March 2016. CentOS Linux rolling builds are point in time snapshot media rebuild from original release time, to include all updates pushed to mirror.centos.org's repositories. This includes all security, bugfix, enhancement and general updates for CentOS Linux. Machines installed from this media will have all these updates pre-included and will look no different when compared with machines installed with older media that have been yum updated to the same point in time. All rpm/yum repos remain on mirror.centos.org with no changes in either layout or content. - -------- CentOS Linux 7 / x86_64 install media is available at http://buildlogs.centos.org/rolling/7/isos/x86_64/ File: CentOS-7-x86_64-Minimal-1603-02.iso Sha: 58ee68c3ffae5c4ca629be9b992f97d108165e09726d3e8f80798ac9c7a1821e File: CentOS-7-x86_64-Everything-1603-02.iso Sha: f618b51bbbfbbc5a1d2fe64cb699735057f79df41125bad5be6eef11b4f7c575 File: CentOS-7-x86_64-DVD-1603-02.iso Sha: f78dcd1040afcdbb716c0581a182365ff34b7b37e9c20aa40b521b3c42677744 - -------- CentOS Linux 7 / x86_64 Cloud Images are available at : http://cloud.centos.org/centos/7/images/ Sha: c88230cde563ca29b065d53819586262f79a64769736e014bf6dabaa61a20968 File: CentOS-7-x86_64-GenericCloud-1603.qcow2 Sha:6d17808cf208bee3243f51b84e9bfb10b06f0cd04e2930505d9ea4fba2583bc5 File: CentOS-7-x86_64-GenericCloud-1603.qcow2c Sha: f91e602120a728f144da605baf0d5f4ad59293921bee99cc4aa3a1ab65e6d445 File: CentOS-7-x86_64-GenericCloud-1603.qcow2.xz Sha:5c5cacfc1f0700cc7d48d667933cd730f7443e866caeda94d8e205a8bc8ce511 File: CentOS-7-x86_64-GenericCloud-1603.raw.tar.gz - -------- CentOS Atomic Host is being release announced shortly. - -------- CentOS Linux 7 / x86_64 Vagrant images are updated at https://atlas.hashicorp.com/centos/7 and the backing files can be downloaded for libvirt and virtualbox providers at : Libvirt: http://cloud.centos.org/centos/7/vagrant/x86_64/images/CentOS-7-x86_64-V agrant-1603_01.LibVirt.box Sha: 4e01796e1afdd8c4bfbe98cffe5966caee227629429657a06c56d93d6e5fadaf Virtualbox: http://cloud.centos.org/centos/7/vagrant/x86_64/images/CentOS-7-x86_64-V agrant-1603_01.VirtualBox.box Sha: 549542fb475a02b7477000dded6dc7d12e7e325e461f029d25831eb9bb208a4b - -------- CentOS Linux 5 / 6 and 7 docker images are updated at https://hub.docker.com/_/centos/ - -------- We welcome all feedback around these rolling builds and media updates at the centos-devel mailing list ( http://lists.centos.org/ ). enjoy! - -- Karanbir Singh, Project Lead, The CentOS Project +44-207-0999389 | http://www.centos.org/ | twitter.com/CentOS GnuPG Key : http://www.karan.org/publickey.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJXBbWDAAoJEI3Oi2Mx7xbtkhQIAKWdQsR+3toahhrc/859kfXW Y3tyvRVU3t/i7i4bs+4jtwT4zih8rEP4DBNYQE/lkv7gusjWANiuvr9FtTrNCj5c 7mGhTOFQtNG7AqGEHfQLKcdkCM4LMUbINhOhAqzymX9Vvj/jznyqenBNBlbwj9Cc yQR0aEeGPKFLhzUQqBBBW7B8UT1GzEr6l3+d+V7zEXdUJkSVaCiM2rMBEdEK41P/ 1sYCcuodBPaTGFVEFPSPZf5sq/fMWQasKfx164xu0Sdi0QQUer7CzwRMlDev649x yXbzF4Fkhs89JomXM6js19IArjA+HSAOWFu+jiHyp14OFGjReEkEfOcm+swIJ9g= =Ob+s -----END PGP SIGNATURE-----
Cisco Security Advisory 20160406-cts1
Cisco Security Advisory – A vulnerability in Cisco TelePresence Server devices running software versions 4.1(2.29) through 4.2(4.17) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by sending multiple URL requests to an affected device. The requests will eventually time out because negotiation from the client does not occur; however, each request consumes additional memory, resulting in memory exhaustion that causes the device to crash. If successful, the attacker could utilize all available memory resources, causing the device to reload. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
Cisco Security Advisory 20160406-cts
Cisco Security Advisory – A vulnerability in Cisco TelePresence Server devices running software versions 3.0 through 4.2(4.18) could allow an unauthenticated, remote attacker to cause a kernel panic on the device. The vulnerability exists due to a failure to properly handle a specially crafted stream of IPv6 packets. A successful exploit could allow an attacker to cause a kernel panic, rebooting the device. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
Cisco Security Advisory 20160406-cts2
Cisco Security Advisory – A vulnerability in Cisco TelePresence Server devices running software version 3.1 could allow an unauthenticated, remote attacker to reload the device. The vulnerability exists due to a failure to properly process malformed Session Traversal Utilities for NAT (STUN) packets. An attacker could exploit this vulnerability by submitting malformed STUN packets to the device. If successful, the attacker could force the device to reload and drop all calls in the process. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
Cisco Security Advisory 20160406-ucs
Cisco Security Advisory – A vulnerability in the implementation of intra-process communication for Cisco UCS Invicta Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH private key that is stored in an insecure way on the system. An attacker could exploit this vulnerability by obtaining the SSH private key and connecting using the root account to the system without providing a password. An exploit could allow the attacker to gain access to the system with the privileges of the root user. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
Cisco Security Advisory 20160406-privauth
Cisco Security Advisory – A vulnerability in the application programming interface (API) web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to gain elevated privileges. The vulnerability is due to improper role-based access control (RBAC) when an unexpected HTTP URL request is received that does not match an expected pattern filter. An attacker could exploit this vulnerability by sending a crafted HTTP request with a modified URL to bypass RBAC settings. An exploit could allow the attacker to gain elevated privileges on the application to view and edit unauthorized data. Cisco has released software updates that address this vulnerability. Workarounds are not available.
Cisco Security Advisory 20160406-remcode
Cisco Security Advisory – A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending an HTTP POST with crafted deserialized user data. An exploit could allow the attacker to execute arbitrary code with root-level privileges on the affected system, which could be used to conduct further attacks. Cisco has released software updates that address this vulnerability. Workarounds are not available.