Monthly Archives: December 2014

NVD

CVE-2014-5208 (centum_cs_3000, centum_vp, exaopc)

BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784.

Panda Security

The number of leaked email addresses and passwords has exploded in 2014

The number of leaked email addresses and passwords has exploded in 2014

The statistics speak for themselves: The emails you send and receive every day at work are a time-bomb.

This is not just because they can be an entry point for cyber-crime, such as extortion or malware that can infect your computer, but also because through email, cyber-criminals can steal your account.

In fact, the email account you use in your company is now in more danger than ever before, simply because the number of compromised email accounts has reached astronomical figures.

Just a few months ago, five million Gmail account details were leaked on a Russian cyber-security forum, raising doubts about the security of the Google service, and creating jitters among the service’s millions of users.

However, the scandal of leaked Gmail accounts was barely the tip of the iceberg. Shortly after, Home Depot, the home improvements retails chain, announced a security breach in its payment platform that had compromised the details of no less than 53 million email addresses.  It’s clear then that our details of email addresses can be obtained from anywhere.

As if this weren’t enough, a group of cyber-security experts recently published a study confirming the trend (as if it were really in any doubt): In just three months the details of more than six million accounts have been leaked, along with the corresponding passwords.

five million Gmail account details leaked

It’s a frightening figure, and more so considering that these are just the confirmed cases.

According to the study, most cases are due to people using company email addresses in private environments and the low levels of security associated with such email accounts.

Trojans infecting poorly protected computers or the use of email accounts with inadequate security are the most probable causes of this increase in the leaking of email addresses and their passwords.

The result of all this is seriously concerning: the use of these passwords by cyber-criminals against the users themselves. Moreover, if millions of account details have been leaked in just the last three months, the amount for the whole of 2014 could be twenty times greater.

Given how this trend underlines that corporate email accounts are not as secure as they should be, it is advisable to implement security measures such as two-step verification or at least frequent changes to email passwords.

The post The number of leaked email addresses and passwords has exploded in 2014 appeared first on MediaCenter Panda Security.

Security

Ubuntu Security Notice USN-2449-1

Ubuntu Security Notice 2449-1 – Neel Mehta discovered that NTP generated weak authentication keys. A remote attacker could possibly use this issue to brute force the authentication key and send requests if permitted by IP restrictions. Stephen Roettger discovered that NTP generated weak MD5 keys. A remote attacker could possibly use this issue to brute force the MD5 key and spoof a client or server. Stephen Roettger discovered that NTP contained buffer overflows in the crypto_recv(), ctl_putdata() and configure() functions. In non-default configurations, a remote attacker could use these issues to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. In addition, attackers would be isolated by the NTP AppArmor profile. Various other issues were also addressed.

Security

Red Hat Security Advisory 2014-2024-01

Red Hat Security Advisory 2014-2024-01 – The Network Time Protocol is used to synchronize a computer’s time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd’s crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit.

Security

Debian Security Advisory 3109-1

Debian Linux Security Advisory 3109-1 – Dmitry Kovalenko discovered that the Firebird database server is prone to a denial of service vulnerability. An unauthenticated remote attacker could send a malformed network packet to a firebird server, which would cause the server to crash.

Security

Red Hat Security Advisory 2014-2025-01

Red Hat Security Advisory 2014-2025-01 – The Network Time Protocol is used to synchronize a computer’s time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd’s crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit.