The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
Monthly Archives: November 2014
CVE-2014-7815 (qemu, ubuntu_linux)
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
CVE-2014-8567 (mod_auth_mellon)
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request.
DarkHotel: A Sophisticated New Hacking Attack Targets High-Profile Hotel Guests – WIRED
TA14-318A: Microsoft Secure Channel (Schannel) Vulnerability (CVE-2014-6321)
Original release date: November 14, 2014
Systems Affected
- Microsoft Windows Server 2003 SP2
- Microsoft Windows Vista SP2
- Microsoft Windows Server 2008 SP2
- Microsoft Windows Server 2008 R2 SP1
- Microsoft Windows 7 SP1
- Microsoft Windows 8
- Microsoft Windows 8.1
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows RT
- Microsoft Windows RT 8.1
Microsoft Windows XP and 2000 may also be affected.
Overview
A critical vulnerability in Microsoft Windows systems could allow a remote attacker to execute arbitrary code via specially crafted network traffic.[1]
Description
Microsoft Secure Channel (Schannel) is a security package that provides SSL and TLS on Microsoft Windows platforms.[2, 3] Due to a flaw in Schannel, a remote attacker could execute arbitrary code on both client and server applications.[1]
It may be possible for exploitation to occur without authentication and via unsolicited network traffic. According to Microsoft MS14-066, there are no known mitigations or workarounds.[2]
Microsoft patches are typically reverse-engineered and exploits developed in a matter of days or weeks.[4] An anonymous Pastebin user has threatened to publish an exploit on Friday, November 14, 2014.[5]
Impact
This flaw allows a remote attacker to execute arbitrary code and fully compromise vulnerable systems.[6]
Solution
Microsoft has released Security Bulletin MS14-066 to address this vulnerability in supported operating systems.[2]
References
- [1] NIST Vulnerability Summary for CVE-2014-6321
- [2] Microsoft Security Bulletin MS14-066 – Critical
- [3] Microsoft, Secure Channel
- [4] Reddit, Microsoft Security Bulletin MS14-066
- [5] Pastebin, SChannelShenanigans
- [6] Winshock.txt
Revision History
- November 14, 2014: Initial Release
This product is provided subject to this Notification and this Privacy & Use policy.
Targeted Attacks against Tibetan Advocates using G20 2014 Summit Lure
APT actors trying to use big events as a lure to compromise their targets is nothing new. Tibetan NGOs being targeted by APT actors is also nothing new. Thus, surrounding the upcoming G20 2014 summit that is held in Brisbane, Australia, we were expecting to see G20 themed threats targeted at Tibetan NGOs. A Win32/Farfli (alias Gh0st RAT) sample ultimately confirmed our suspicions.
The post Targeted Attacks against Tibetan Advocates using G20 2014 Summit Lure appeared first on We Live Security.
