Cisco Security Advisory – A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the proxy process unexpectedly restarts. The vulnerability occurs because the affected software does not properly allocate space for the HTTP header and any expected HTTP payload. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition when the proxy process unexpectedly reloads, which can cause traffic to be dropped. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Monthly Archives: May 2016
Magento Unauthenticated Arbitrary File Write
Magento versions prior to 2.0.6 suffer from an unauthenticated arbitrary unserialize to arbitrary write file vulnerability.
VMware Releases Security Updates
Original release date: May 18, 2016
VMware has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0005 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
4digits 1.1.4 Local Buffer Overflow
4digits version 1.1.4 suffers from a local buffer overflow that allows for privilege escalation providing the binary is either setuid or setgid.
ESET releases new decryptor for TeslaCrypt ransomware
If your encrypted files had the extensions .xxx, .ttt, .micro, .mp3 or left unchanged, then ESET has good news for you.
The post ESET releases new decryptor for TeslaCrypt ransomware appeared first on We Live Security.
Cisco Releases Security Updates
Original release date: May 18, 2016
Cisco has released security updates to address vulnerabilities in its Web Security Appliance software. Exploitation of these vulnerabilities could cause a denial-of-service-condition on an affected system.
Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates.
- Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability
- Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
- Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
- Cisco Web Security Appliance Connection Denial of Service Vulnerability
This product is provided subject to this Notification and this Privacy & Use policy.
This App Lets You Find Anyone's Social Profile Just By Taking Their Photo
Is Google or Facebook evil? Forget it!
Russian nerds have developed a new Face Recognition technology based app called FindFace, which is a nightmare for privacy lovers and human right advocates.
FindFace is a terrifyingly powerful facial recognition app that lets you photograph strangers in a crowd and find their real identity by connecting them to their social media accounts with 70%
Registration Codes – Less Critical – Input Validation Vulnerability – SA-CONTRIB-028
- Advisory ID: DRUPAL-SA-CONTRIB-2016-028
- Project: Registration codes (third-party module)
- Version: 6.x, 7.x
- Date: 2016-May-18
- Security risk: 9/25 ( Less Critical) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default
- Vulnerability: Access bypass
Description
This module enables you to allow users to enter a special registration code in order to sign up for the site.
The module doesn’t sufficiently validate the entered registration code
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- Registration Codes 7.x-2.x versions prior to 7.x-1.4.
Drupal core is not affected. If you do not use the contributed Registration codes module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the Registration Codes module for Drupal 6.x, (1.x branch), upgrade to Registration Codes 6.x-1.7.
- If you use the Registration Codes module for Drupal 6.x, (2.x branch), upgrade to Registration Codes 6.x-2.9.
- If you use the Registration Codes module for Drupal 7.x, upgrade to Registration Codes 7.x-1.4.
Also see the Registration codes project page.
Reported by
Fixed by
- Ayesh Karunaratne the module maintainer
Coordinated by
- David Snopek of the Drupal Security Team
- Greg Knaddison of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version:
Views Megarow – Critical – Access Bypass – SA-CONTRIB-2016-029
- Advisory ID: DRUPAL-SA-CONTRIB-2016-027
- Project: Views Megarow (third-party module)
- Version: 7.x
- Date: 2016-May-18
- Security risk: 16/25 ( Critical) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All
- Vulnerability: Access bypass, Information Disclosure
Description
This module enables you to display content from any path within a list of content inside a view or form. The content is displayed in a modal-like format when the user clicks on the “view link” or any custom links created.
The module doesn’t sufficiently check access permissions when the user clicks on a views megarow link.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- Views megarow 7.x-1.x versions prior to 7.x-1.6.
Drupal core is not affected. If you do not use the contributed Views Megarow module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the Views megarow module for Drupal 7.x, upgrade to Views megarow 7.x-1.6
Also see the Views Megarow project page.
Reported by
- Richard Thomas of the Drupal Security Team
Fixed by
- Julien Dubois the module maintainer
- Pere Orga of the Drupal Security Team
Coordinated by
- Real Name of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Dropbox client – Multiple Vulnerabilities – SA-CONTRIB-2016-027
- Advisory ID: DRUPAL-SA-CONTRIB-2016-027
- Project: Dropbox Client (third-party module)
- Version: 7.x
- Date: 2016-May-18
- Security risk: 15/25 ( Critical) AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:All
- Vulnerability: Cross Site Scripting, Access bypass, Cross Site Request Forgery, Information Disclosure, Multiple vulnerabilities
Description
This module enables you to view dropbox files in your Drupal site.
The module doesn’t sufficiently sanitize filenames when displaying them to users or administrators leading to a Cross Site Scripting (XSS) vulnerability. This vulnerability is mitigated by the fact that an attacker must be able to upload files to the dropbox folder that the victim later views through the Drupal site.
Additionally, the module shipped with hardcoded and exposed Oauth credentials, making known users of the module exposed to phishing and/or access bypass.
The app secret has been made invalid, making the exposed secrets unusable for the attacker. This also makes the module unusable without upgrading and taking necessary steps to register a new Dropbox app.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.
Versions affected
- All dropbox_client 7.x-3.x versions.
Drupal core is not affected. If you do not use the contributed Dropbox Client module, there is nothing you need to do.
Solution
Install the latest version:
- If you use the dropbox_client module for Drupal 7.x, upgrade to dropbox_client 7.x-4.0
- Versions 3.x is no longer supported
Also see the Dropbox Client project page.
Reported by
Fixed by
Coordinated by
- Pere Orga of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Drupal version: