Monthly Archives: August 2016

Security

Red Hat Security Advisory 2016-1657-01

Red Hat Security Advisory 2016-1657-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel’s keyring handling code, where in key_reject_and_link() an uninitialised variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. A flaw was found in the way certain interfaces of the Linux kernel’s Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

Security

Red Hat Security Advisory 2016-1664-01

Red Hat Security Advisory 2016-1664-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel’s networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. An off-path attacker could use this flaw to either terminate TCP connection and/or inject payload into non-secured TCP connection between two endpoints on the network.

NVD

CVE-2016-5081

ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.

NVD

CVE-2016-5645

Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.

NVD

CVE-2016-5650

ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote attackers to trigger association with an arbitrary access point by using a recognized SSID value.

NVD

CVE-2016-5799

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

NVD

CVE-2016-5812

Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file.

AVG

AVG equals 100% with no mistakes

AVG’s perfect test score for real world protection translates into an Advanced+ award from AV-Comparatives. You can go about your daily browsing knowing you have award winning protection from AVG.

 

AV-Comparatives have just released the Real-World Test scores for July. One company stands out from the rest with a ‘Perfect Game’, 100% detection with zero false positives, AVG. The term Perfect Game is a baseball reference when a pitcher plays the whole game with none of the opposing team getting to first base. For the soccer fans out there we might refer to this as a ‘clean sheet’.

It sounds great but what does it all mean?

Real-world testing means exactly what it says, the researchers at AV-Comparatives identified 355 infected URLs that were delivering a malicious exploits and drive-by-downloads and then tested each vendor to see if they are detected. By testing this way it imitates the exact way that you or I might encounter an infected website in our everyday lives.

And what is meant by a false positive?

To check that a product does not over block or even block every web site or file to achieve 100% detection scores, sites and files known to be clean are tested to ensure they can run without hindrance from the anti-virus product installed. A detection of a clean file or web page as malicious is regarded as a false positive and it can be devastating to your everyday life as you can no longer access or run the program, file or web page.

A perfect game for an AV product is perfection itself, 100% detection with Zero false positives. Giving you the confidence to browse and go about your online life knowing AVG is there and providing you best detection rate with zero risk.

Click the award below to see the full test results.

And I can’t write this blog without mentioning the hard work and diligence of the AVG researchers and engineers that work 24 x 7 to make all this possible, well done team and keep up the good work.