The Turla espionage group has been targeting various institutions for many years. Recently, ESET found several new versions of Carbon.
The post Carbon Paper: Peering into Turla’s second stage backdoor appeared first on WeLiveSecurity
All posts by 007admin
Widespread Email Scam Targets Github Developers with Dimnie Trojan
Open source developers who use the popular code-sharing site GitHub were put on alert after the discovery of a phishing email campaign that attempts to infect their computers with an advanced malware trojan.
Dubbed Dimnie, the reconnaissance and espionage trojan has the ability to harvest credentials, download sensitive files, take screenshots, log keystrokes on 32-bit and 64-bit
Bugtraq: ESA-2017-028: EMC Isilon OneFS Path Traversal Vulnerability
ESA-2017-028: EMC Isilon OneFS Path Traversal Vulnerability
Bugtraq: ESA-2017-013: RSA Archer® GRC Security Operations Management Sensitive Information Disclosure Vulnerability
ESA-2017-013: RSA Archer® GRC Security Operations Management Sensitive Information Disclosure Vulnerability
Bugtraq: [security bulletin] HPESBUX03725 rev.1 – HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities
[security bulletin] HPESBUX03725 rev.1 – HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities
Bugtraq: [security bulletin] HPESBHF03723 rev.1 – HPE Aruba ClearPass Policy Manager, using Apache Struts, Remote Code Execution
[security bulletin] HPESBHF03723 rev.1 – HPE Aruba ClearPass Policy Manager, using Apache Struts, Remote Code Execution
RHBA-2017:0849-1: kernel bug fix update
Red Hat Enterprise Linux: Updated kernel packages that fix two bugs are now available for Red Hat
Enterprise Linux 6.5 Advanced Update Support.
USN-3236-1: Oxide vulnerabilities
Ubuntu Security Notice USN-3236-1
29th March, 2017
oxide-qt vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary
Several security issues were fixed in Oxide.
Software description
- oxide-qt
– Web browser engine for Qt (QML plugin)
Details
Multiple vulnerabilities were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to obtain sensitive information, spoof
application UI by causing the security status API or webview URL to
indicate the wrong values, bypass security restrictions, cause a denial
of service via application crash, or execute arbitrary code.
(CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033,
CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041, CVE-2017-5044,
CVE-2017-5045, CVE-2017-5046)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.10:
-
liboxideqtcore0
1.21.5-0ubuntu0.16.10.1
- Ubuntu 16.04 LTS:
-
liboxideqtcore0
1.21.5-0ubuntu0.16.04.1
- Ubuntu 14.04 LTS:
-
liboxideqtcore0
1.21.5-0ubuntu0.14.04.1
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
USN-3250-1: Linux kernel vulnerability
Ubuntu Security Notice USN-3250-1
29th March, 2017
linux vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 14.04 LTS
Summary
The system could be made to crash or run programs as an administrator.
Software description
- linux
– Linux kernel
Details
It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 14.04 LTS:
-
linux-image-powerpc-smp
3.13.0.115.125
-
linux-image-powerpc-e500mc
3.13.0.115.125
-
linux-image-3.13.0-115-powerpc64-smp
3.13.0-115.162
-
linux-image-3.13.0-115-lowlatency
3.13.0-115.162
-
linux-image-3.13.0-115-generic
3.13.0-115.162
-
linux-image-generic
3.13.0.115.125
-
linux-image-3.13.0-115-generic-lpae
3.13.0-115.162
-
linux-image-3.13.0-115-powerpc-e500mc
3.13.0-115.162
-
linux-image-3.13.0-115-powerpc-e500
3.13.0-115.162
-
linux-image-powerpc-e500
3.13.0.115.125
-
linux-image-powerpc64-smp
3.13.0.115.125
-
linux-image-generic-lpae
3.13.0.115.125
-
linux-image-3.13.0-115-powerpc-smp
3.13.0-115.162
-
linux-image-lowlatency
3.13.0.115.125
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
USN-3248-1: Linux kernel vulnerability
Ubuntu Security Notice USN-3248-1
29th March, 2017
linux, linux-ti-omap4 vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 12.04 LTS
Summary
The system could be made to crash or run programs as an administrator.
Software description
- linux
– Linux kernel - linux-ti-omap4
– Linux kernel for OMAP4
Details
It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 12.04 LTS:
- linux-image-powerpc-smp 3.2.0.125.140
-
linux-image-3.2.0-125-generic-pae
3.2.0-125.168
- linux-image-omap4 3.2.0.1503.98
-
linux-image-3.2.0-125-powerpc64-smp
3.2.0-125.168
- linux-image-generic 3.2.0.125.140
-
linux-image-3.2.0-125-virtual
3.2.0-125.168
- linux-image-generic-pae 3.2.0.125.140
- linux-image-highbank 3.2.0.125.140
-
linux-image-3.2.0-125-generic
3.2.0-125.168
-
linux-image-3.2.0-125-omap
3.2.0-125.168
-
linux-image-3.2.0-125-powerpc-smp
3.2.0-125.168
- linux-image-powerpc64-smp 3.2.0.125.140
- linux-image-omap 3.2.0.125.140
-
linux-image-3.2.0-1503-omap4
3.2.0-1503.130
-
linux-image-3.2.0-125-highbank
3.2.0-125.168
- linux-image-virtual 3.2.0.125.140
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.