HTTP_Upload version 1.0.0b3 fails to appropriately take into consideration more than file extensions when mitigating malicious file uploads, allowing for remote code execution.
Monthly Archives: January 2017
Red Hat Security Advisory 2017-0195-01
Red Hat Security Advisory 2017-0195-01 – Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a newer upstream version: ansible. Multiple security issues have been addressed.
Red Hat Security Advisory 2017-0196-01
Red Hat Security Advisory 2017-0196-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel’s socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.
Cisco Security Advisory 20170125-cas
Cisco Security Advisory – A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Cisco Security Advisory 20170125-expressway
Cisco Security Advisory – A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets in an H.323 call. An exploit could allow the attacker to overflow a buffer in a cache that belongs to the received packet parser, which will result in a crash of the application, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Cisco Security Advisory 20170125-telepresence
Cisco Security Advisory – A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
Debian Security Advisory 3771-1
Debian Linux Security Advisory 3771-1 – Multiple security issues have been found in the Mozilla Firefox web errors may lead to the execution of arbitrary code, information disclosure or privilege escalation.
How to Hide Information with Ordinary Office Printers
The printer you have in your office may be less innocent than you thought. Some experts have already shown that they can even become a steganographic tool, the art, well-known in computer security, of hiding information from prying eyes.
A few years ago, the Electronic Frontier Foundation, an organization that defends civil liberties on the internet, reported that some laser printers included a code on the documents they printed that could be viewed with a certain light and a microscope. Manufacturers later had to admit that the US secret services had, apparently, reached an agreement with them so as to identify counterfeiters with that hidden code.
Researchers at the University of Utah have now shown that a conventional inkjet printer such as the one above your desktop can be used to print hidden images invisible to the human eye.
Messages hidden with silver and charcoal
Experts have used a silver and carbon ink to print an image formed by small rods of a millimeter in length and a few hundred microns in width. By varying the proportion of silver and coal, the conductivity of each bar also changes. The human eye is unable to perceive this modification. Using harmless terahertz radiation, which is located in the electromagnetic spectrum between infrared and microwave and is able to traverse opaque objects, the information encoded in the conductivity can be unveiled.
In a study published in the journal of the Optical Society (OSA), researchers demonstrated their new method by hiding QR codes in an image. At first glance, they looked just like an array of identical lines, but, thanks to terahertz radiation, the QR code was discovered. With this method, they have even camouflaged color QR codes.
“Our very easy-to-use method can print complex patterns of rods with varying conductivity,” explained Ajay Nahata, one of the authors of the study. “An added benefit to our technique is that it can be performed very inexpensively.”
Printers used for espionage?
Although they performed this test using relatively simple and small QR codes, they believe the technique could be used to conceal information in more detailed and complex images.
In World War I, the Germans used lemon juice in their letters as invisible ink to escape censorship. Now, the researchers at the University of Utah have shown that there are far more sophisticated ways of hiding information, and there is no need to dig too deep into your pockets to use it.
They also plan to develop inks that need to be heated or exposed to light at a given wavelength to uncover information. Will invisible inks for printers become a new way of hiding confidential information? We may never know.
The post How to Hide Information with Ordinary Office Printers appeared first on Panda Security Mediacenter.