CentOS Errata and Security Advisory 2015:1087 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1087.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: f8d6bb87b54a05956cc46daa08aac5a396caeb5606382ad41727892e656ffb53 qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm x86_64: 7066bac5fd89957feeb063713b3a87f9a2a8098f19d875417b1523976570a02b qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm a38e60d3e2ad9496185f4a6873be55916ddbaab38f6e27fe64f3dfd07862b978 qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm d14a788d206d97466c26c0be1c33eeb30724511fd639b1ba61257dc00a00db25 qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm 978eace6168837b2f3cd7f62d42f586d3ce1e25e75ee8cfbef09cbb70cd87633 qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm Source: 96a9c268cb3ccdded1cc1a8ce3d97ea6f3ab22891ef32428dd2c1e5af4d41b47 qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm
Monthly Archives: June 2015
CVE-2015-3935
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM before 3.5 and 3.6 allow remote attackers to inject arbitrary web script or HTML via the Business Search (search_nom) field to (1) htdocs/societe/societe.php or (2) htdocs/societe/admin/societe.php.
CVE-2015-4415
Multiple directory traversal vulnerabilities in func.php in Magnifica Webscripts Anima Gallery 2.6 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) theme or (2) lang cookie parameter to AnimaGallery/.
Congress Looking Into Restricting Power of Government-Owned CAs
UPDATE–As the debate over potential government interference with encryption technologies rages in countries around the world, Congress is now going down a different path, asking technology companies whether it’s feasible and potentially effective for certificate authorities to restricting the way that government-owned CAs can issue certificates. Members of the House Committee on Energy and Commerce […]
CEBA-2015:1084 CentOS 6 resource-agents BugFixUpdate
CentOS Errata and Bugfix Advisory 2015:1084 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1084.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 2321c7c8e4606cbba5f1b4b7cd6d6fba377c82501df1264a06394b226616eb31 resource-agents-3.9.5-12.el6_6.6.i686.rpm x86_64: 3f2a4b7048ad8b99a54bb6a7370e15869c1f6a2fb6567328228f1c67263e8fe3 resource-agents-3.9.5-12.el6_6.6.x86_64.rpm 96db168efb82ce9504f64cfeaff75c4eba0a2241a20f991d378f64694ca6a4fa resource-agents-sap-3.9.5-12.el6_6.6.x86_64.rpm 0c0a1ea22300da648721b2e00d9e816146f50c24539768135622380b274e75b4 resource-agents-sap-hana-3.9.5-12.el6_6.6.x86_64.rpm Source: 8ac6853dd665404b3e4130de5ddaa4fa0a708ff49589a11aaebe034a0d11742d resource-agents-3.9.5-12.el6_6.6.src.rpm
CEBA-2015:1085 CentOS 6 db4 BugFix Update
CentOS Errata and Bugfix Advisory 2015:1085 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1085.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 543f20c2dcb5f1c6ff74acd32f4bb038e1efa8e2ba9d8c9296fff59ae595ea68 db4-4.7.25-19.el6_6.i686.rpm bd94ffa5b16c4ca1c16112879dff571276141f3466859dd19d935d2853b37ec4 db4-cxx-4.7.25-19.el6_6.i686.rpm f0449db17f1cf86e2b0f4cd315dceb71d76d881625d7014eaef9950709b89401 db4-devel-4.7.25-19.el6_6.i686.rpm 4b0fee92a8235b39b680a2d331f6a0c482bc5a718763fc51368ed05c3f5b8fc7 db4-devel-static-4.7.25-19.el6_6.i686.rpm c78b5c8ffc690a07066dccee88695c69fbfc1a52cfe386b66168c065eea89b0a db4-java-4.7.25-19.el6_6.i686.rpm f5399fe37ff073031beb75b56dccf6d6bdb6bb3376c0085090e60e6ca78b2ff0 db4-tcl-4.7.25-19.el6_6.i686.rpm 75bb0cf3bba3af6734cba5a1acb867e0884d769aba4545326132cf43cde48f05 db4-utils-4.7.25-19.el6_6.i686.rpm x86_64: 543f20c2dcb5f1c6ff74acd32f4bb038e1efa8e2ba9d8c9296fff59ae595ea68 db4-4.7.25-19.el6_6.i686.rpm 91e69ebef93acb1eed7b92a9e4168ce64bd46cffbb4bc844e967871fbd4ffb0c db4-4.7.25-19.el6_6.x86_64.rpm bd94ffa5b16c4ca1c16112879dff571276141f3466859dd19d935d2853b37ec4 db4-cxx-4.7.25-19.el6_6.i686.rpm ac69b21db4a932c608b2e22d018a506090265cdbfdcd93faddee2084a69d3c07 db4-cxx-4.7.25-19.el6_6.x86_64.rpm f0449db17f1cf86e2b0f4cd315dceb71d76d881625d7014eaef9950709b89401 db4-devel-4.7.25-19.el6_6.i686.rpm e2b467ad1a7ca620e71b6178ba08ca88dc646c25e3609d8fa7b51492f4689b84 db4-devel-4.7.25-19.el6_6.x86_64.rpm b2c421152dc6b0d5a2b10ca9944aee463e3b201ae02ebee2d7a25afd57eb185c db4-devel-static-4.7.25-19.el6_6.x86_64.rpm bab8757100a291fafeb622e89779fc7ba600125b4577d8bea5463452c14608f5 db4-java-4.7.25-19.el6_6.x86_64.rpm 2ca90a1ef4ccef5ec81cbfadd0f91b97d0f8cbe3f83af8a770d335a0d66c4f9e db4-tcl-4.7.25-19.el6_6.x86_64.rpm cca5527012415f5b02af9f298cd0242e2aa9ce07f993cc49887949fce1a27279 db4-utils-4.7.25-19.el6_6.x86_64.rpm Source: 86f2bf2989bdb4cb9dccb8c16977e48623310901be48306b272fa1ad3bd7845e db4-4.7.25-19.el6_6.src.rpm
Apple Watch: nothing prevents thieves from resetting the password and using a stolen one (even for shopping)
It is one of the longest awaited gadgets in recent times and is set to become one of the technological gadgets of the year, but it has already given rise to the first scare: Apple Watch is vulnerable.
Apple’s smart watch, which has been on the market for just over a month, has given a hint to the public of its security flaws: security gaps which can end up being expensive for this wearable first buyers.
Apple Watch lacks an Activation Lock feature
On the one hand, Apple’s watch may become an object of desire for thieves, something the iPhone tried to prevent with certain security measures. The smart watch lacks of an ‘Activation Lock’ feature, which was created to dissuade criminals from illegally obtaining one of the company’s devices.
This feature first appeared with iOS7, and makes that the only way of disabling the ‘Find my iPhone’ option –which allows the user knowing where his device exactly is- is with the user’s Apple ID and password. In other words, unless the thief has your username and password, he won’t be able to disable the option that will allow you to find your stolen iPhone.
However, the smart watch doesn’t have the ‘Activation Lock’ feature. In addition, resetting the device and erasing all data- password included- is simple, even without having the PIN code which protects the watch, as you can see in the following video:
Shopping at your expense
A second vulnerability of the Apple Watch may work out to be even more expensive for the pioneers who have already bought it.
Thanks to its sensors the device detects when it is placed on a user’s wrist. While it is being worn it doesn’t require a password to unlock it, to enable its owner to access the screen and to make payments with Apple Pay.
If we take the watch off our wrist, Apple Watch will ask you to re-enter the password, so that, if it gets stolen, your data is safe, especially your financial one.
However, the watch’s sensors have a delay of about a second to re-enable the PIN code and, in addition, they don’t detect whether the watch is on the wrist or on any other body part, so some crafty thieves can take the watch off of a wearer’s wrist and then quickly cover the sensors with his fingers to keep the watch from locking.
Here the thief was not only able to access the information stored in your Apple Watch, but also to make purchases with your Apple Pay account.
So, the cracks in the security of the so long awaited Apple Watch are starting to undermine the fame of the device that Apple fans wanted to have on their wrists. The fact that with some tattoos the sensors of the Apple’s Watch don’t work is just a mere anecdote, now the security of its users is at stake.
The post Apple Watch: nothing prevents thieves from resetting the password and using a stolen one (even for shopping) appeared first on MediaCenter Panda Security.
Homicide no longer requires proximity
Although computerized hospital pumps are widely known to be beneficial for mitigating dosage errors, news of hackable hospital pumps came to public attention a few months ago when security researcher Billy Rios discovered a pump that doesn’t use authentication for its drug library – thus enabling a hacker to load a different library into the device, which in theory could lead to a deadly dose being delivered. But new findings by Rios indicate that hackers may now themselves be able to remotely administer a deadly dose of a drug to a patient.
The Vulnerabilities
According to Rios’s findings, a hacker could alter – from within the hospital computer network or even over the Internet – the allowable upper dosage limit to give either too low or too high a dose. Doctors or nurses could then accidentally set the machine to give too high or low a dose without the machine issuing an alert.
When the story initially broke, this alteration of dosage limits was not considered to be such a severe vulnerability as if the hacker could himself set the dosage amount (remotely). However, now Rios has found a new vulnerability that would allow hackers to remotely set the dosage amount by altering the firmware to gain total device control.
Coupling the previously known ability to change the drug library data with the newly found ability to remotely set the amount of the dose, a hacker can now potentially deliver a lethal dose of medication.
Pervasiveness of the Problem
How widespread the vulnerabilities are is yet unknown, but with estimates limited to just the one manufacturer whose pumps Rios discovered these vulnerabilities in, close to half a million intravenous medicine pumps globally could be affected.
Naïvety or Denial?
When Rios initially notified the company making the pumps in question, that its pumps could have their firmware changed by hackers, the company insisted that the pumps are safe because of partitioning between the comms module and motherboard. Rios found that, while the physical partition does exist, a serial cable connects the two components “in a way that you can actually change the core software on the pump.”
As the company uses this same approach for remotely delivering firmware updates to its computerized pumps, it is unclear as to why any computerized-equipment maker would be so skeptical of their own methods being used by hackers. Regardless, while the company works on a proof-of-concept that their devices have no vulnerabilities, Rios is working on his own proof-of-concept to the contrary, which he plans to share during the 2015 SummmerCon security conference in Brooklyn.
“You can talk to that communication module over the network or over a wireless network,” Rios told Wired (read the full Wired report here).
The post Homicide no longer requires proximity appeared first on Avira Blog.
PHP 5.6.9 Use-After-Free
High-Tech Bridge Security Research Lab discovered use-after-free vulnerability in a popular programming language PHP, which can be exploited to cause crash and possibly execute arbitrary code on the target system. The vulnerability resides within the ‘spl_heap_object_free_storage()’ PHP function when trying to dereference already freed memory. A local attacker can cause segmentation fault or possibly execute arbitrary code on the target system with privileges of webserver.
ISPConfig 3.0.5.4p6 SQL Injection / Cross Site Request Forgery
ISPConfig version 3.0.5.4p6 suffers from cross site request forgery and remote SQL injection vulnerabilities.