blog trackingRealtime Web Statistics vulnerabilities. Archives - Page 5 of 9 - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘vulnerabilities.’

Samsun TV and BD-players security vulnerabilities

<!– Samsun TV and BD-players security vulnerabilities –>

 
news /
advisories /
forum /
software /
advertising /
search /
exploits

 

<!–
google_ad_client = “pub-9080155680222782″;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484”;
google_color_border = “333333”;
google_color_bg = “0D0030″;
google_color_link = “AAAAAA”;
google_color_text = “999999”;
google_color_url = “C0C0C0″;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>

BUGTRAQSecurityVulns ID:12333Type:Luigi Auriemma, Vulnerabilities in Samsung TV (remote controller protocol) (22.04.2012)Discuss:Read or add your comments to this news (0 comments)



Article source: http://securityvulns.com/news/Samsung/TV/RC.html

View full post on National Cyber Security

Website vulnerabilities fall, but hackers become more skilled

The number of coding mistakes on websites continues to fall but companies are slow to fix issues that could be exploited by hackers working with improved attack tools, a security expert said.

The average number of serious vulnerabilities introduced to websites by developers in 2011 was 148, down from 230 in 2010 and 480 in 2009, said Jeremiah Grossman, chief technology officer for WhiteHat Security, which specialises in testing websites for security issues. Grossman spoke on the sidelines of the Open Web Application Security Project conference in Sydney on Monday.

The vulnerabilities are contained within custom website code and are not issues that can be fixed by applying patches from, for example, Microsoft or Oracle, Grossman said. According to WhiteHat Security statistics, it takes organisations an average of 100 days to fix about half of their vulnerabilities.

The risk is that vulnerabilities which haven’t been speedily remedied could be found by a hacker, resulting in a high-profile data breach such as those that affected Sony, the analyst firm Stratfor Global Intelligence, and ATT.

Hackers are honing their skills and are becoming better focused. They are using a wider array of improved tools in order to find coding problems in websites. “Offense gets better every year,” Grossman said.

Security analysts in Grossman’s company constantly try to hack websites belonging to major financial institutions and other companies — with permission. Developers in those companies don’t tell WhiteHat when they roll out new features or make changes. WhiteHat’s hackers go to work, trying to find cross-site scripting flaws, SQL injection or information leakage vulnerabilities.

“We are constantly smashing [websites],” Grossman said. “We’re LulzSec or Anonymous 24/7. We don’t stop.”

Companies decide whether they want to fix the problems, which often involves reassigning a developer working on a new feature that the business needs to roll out, Grossman said. It’s a gamble whether or not to fix, since the vulnerability may never be found by a hacker but could cost the company dearly if it is.

“Do you take the developer off that [project] and put them on correcting a vulnerability that they know they have but may or may not get exploited and may or may not cost them any money whatsoever?” Grossman said.

The best scenario is to write good software from the start, with a keen eye on security. “We’re not going to get perfect at software, but we can get economically good enough software,” Grossman said.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1e749251/l/0Lnews0Btechworld0N0Csecurity0C33514980Cwebsite0Evulnerabilities0Efall0Ebut0Ehackers0Ebecome0Emore0Eskilled0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Adobe Reader vulnerabilities patched and bundled Flash Player removed

Adobe Systems has released new versions of Adobe Reader 10.x and 9.x, addressing four arbitrary code execution vulnerabilities and making several security-related changes to the product, including the removal of the bundled Flash Player component from the 9.x branch.

All of the vulnerabilities fixed in the newly released Adobe Reader 10.1.3 and Adobe Reader 9.5.1 versions could be exploited by an attacker to crash the application and potentially take control of the affected system, Adobe said in its APSB12-08 security bulletin. Users are advised to install these updates as soon as possible.

The company also announced that Adobe Reader 9.5.1 no longer includes authplay.dll, a Flash Player library that was bundled with previous versions of the program to enable the rendering of Flash content embedded in PDF documents.

The presence of the authplay.dll component in Adobe Reader has caused some security issues in the past, primarily because of the inconsistent update schedules for Adobe Reader and Flash Player.

Authplay.dll contains much of the stand-alone Flash Player’s code, which also means that it shares most of the latter’s vulnerabilities. However, while Flash Player is patched by Adobe when needed, Adobe Reader used to follow a more strict quarterly update cycle.

Product Security Incident Response Team

This often resulted in situations where some known vulnerabilities got patched in Flash Player, but remained exploitable through authplay.dll for months, until the next scheduled update for Adobe Reader.

Such is the case with the new Adobe Reader 10.1.3 version, which incorporates three previous Flash Player security updates that were released separately during the last three months.

Starting with Adobe Reader 9.5.1, Adobe Reader 9.x will use the stand-alone Flash Player plug-in that’s already installed on computers for browsers like Mozilla, Safari or Opera, in order to play Flash content in PDF files.

This functionality will not work with the ActiveX-based Flash Player plug-in for Internet Explorer or the special Flash Player plug-in version bundled with Google Chrome.

Adobe plans to remove authplay.dll from the 10.x branch of Adobe Reader in the future as well and is currently working on APIs (application programming interfaces) to make this possible, said David Lenoe, group manager for Adobe’s Product Security Incident Response Team (PSIRT).

Vulnerability management vendor Secunia welcomes Adobe’s decision to remove authplay.dll from Adobe Reader, because it will make addressing Flash vulnerabilities easier for users, Secunia’s chief security specialist, Carsten Eiram, said.

3D content rendering

“However, the default option in Adobe Reader should be to not support Flash content in PDF files, requiring users to specifically enable this,” Eiram said. “Most users do not need it and Flash content embedded in PDF files has historically been exploited as a vector to compromise Adobe Reader users’ systems.”

This is actually the approach Adobe has taken with the 3D content rendering feature. Starting with Adobe Reader 9.5.1, this feature has been disabled by default because it’s not commonly used and can be exploited in certain circumstances, Lenoe said.

“We’ve seen 0-days targeting this part of the functionality and it seems to be one of the more flawed features,” Eiram said. “We’ve for a long time been recommending users to disable the plugins used for 3D parsing.”

In addition to making these security patches and changes, Adobe also decided to cancel its quarterly update cycle for Adobe Reader and Acrobat and return to its previous patch-as-needed policy. Future Adobe Reader updates will continued be released on the second Tuesday of the month, but it will no longer happen every four months.

“We will publish updates to Adobe Reader and Acrobat as needed throughout the year to best address customer requirements and keep all of our users safe,” Lenoe said.

“The quarterly update cycle never worked for Adobe,” Eiram said. “Vulnerability fixes should always be provided as quickly as possible; it’s not justifiable to unnecessarily postpone a vulnerability fix for up to three months simply due to policy reasons.”

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1e518b4f/l/0Lnews0Btechworld0N0Csecurity0C3350A60A80Cadobe0Ereader0Evulnerabilities0Epatched0Ebundled0Eflash0Eplayer0Eremoved0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Flashback malware evolves to exploit unpatched Java vulnerabilities

The Flashback Trojan horse is a fairly recent malware package developed for OS X that attempts to steal personal information by injecting code into Web browsers and other applications on an OS X system. When these programs are then launched, the malicious code attempts to contact remote servers and upload screenshots and other personal information to them.

This malware was initially found in September 2011 while being distributed as a fake Flash Player installer (hence its “Flashback” name). In in the past few months it has evolved to exploiting Java vulnerabilities to  target
Mac systems.

While the exploits used by recent variants of the Flashback malware have been for older, patched vulnerabilities, over the weekend another variant surfaced that appears to be taking advantage of Java vulnerability (CVE-2012-0507) that currently is unpatched in OS X.

For OS X systems with Java installed, simply visiting a malicious Web site containing the malware will result in one of two installation routes, both of which have been characteristic of prior variants of the malware. First it will ask for an administrator password, and if supplied it will install its payload into target programs within the /Applications folder. However, if no password is supplied, then the malware will still install to the user accounts where it will run in a more global manner.

While Apple does have a built-in malware scanner called XProtect, which will catch some variants of the Flashback malware, this scanner will not detect files being executed by the Java runtime, so these latest Flashback variants bypass this mode of protection.

This shortcoming of XProtect, coupled with Java for OS X currently being unpatched, might be concerning; however, in most cases Mac users should be relatively safe. Starting with OS X 10.6 Snow Leopard, Apple stopped including a Java runtime with OS X, so if you have purchased a new system with OS X 10.6 or later, or have formatted and reinstalled either OS X 10.6 or 10.7, then you will, by default, not be affected by this malware.

However, if you do have Java installed on your system, then for now the only way to prevent this malware from running is to disable Java. This can be done in the Security preferences in
Safari, or by unchecking the Java runtime entries in the Java Preferences utility.

Even though new Mac systems cannot be affected by this malware in their default configurations, this development does outline a problem with how threats are handled in cross-platform runtimes such as Java. When vulnerabilities like the one here are discovered, they are often distributed among malware creators via exploit kits like Blackhole, which offer tools and code that make developing malware far easier for the criminals to do.

Because of the availability of these kits, even if the runtime for one platform is patched, then any lag in development for the other platforms (as is the case with Java on OS X) will provide a larger window of opportunity for malware developers to take advantage.

It appears this is exactly what the criminals behind the Flashback malware are doing, and as a result it puts those who use Java at an increased risk.


Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.

Article source: http://rss.feedsportal.com/c/32447/f/475521/s/1e096d00/l/0Lreviews0Bcnet0N0C830A10E137270I70E5740A83830E2630Cflashback0Emalware0Eevolves0Eto0Eexploit0Eunpatched0Ejava0Evulnerabilities0C0Dpart0Frss0Gsubj0Fnews0Gtag0F25470E10I30E0A0E20A/story01.htm

View full post on National Cyber Security » Virus/Malware/Worms

HP Performance Manager security vulnerabilities

<!– HP Performance Manager security vulnerabilities –>

 
news /
advisories /
forum /
software /
advertising /
search /
exploits

 

<!–
google_ad_client = “pub-9080155680222782″;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484”;
google_color_border = “333333”;
google_color_bg = “0D0030″;
google_color_link = “AAAAAA”;
google_color_text = “999999”;
google_color_url = “C0C0C0″;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>

BUGTRAQSecurityVulns ID:12297Type:HP : HP Performance Manager 9.00CVE:CVE-2012-0127 (Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.)Original documentHP, [security bulletin] HPSBMU02756 SSRT100596 rev.1 – HP Performance Manager Running on HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) (02.04.2012)Discuss:Read or add your comments to this news (0 comments)



Article source: http://securityvulns.com/news/HP/PM/1204.html

View full post on National Cyber Security

HP Performance Manager security vulnerabilities

<!– HP Performance Manager security vulnerabilities –>

 
news /
advisories /
forum /
software /
advertising /
search /
exploits

 

<!–
google_ad_client = “pub-9080155680222782″;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484”;
google_color_border = “333333”;
google_color_bg = “0D0030″;
google_color_link = “AAAAAA”;
google_color_text = “999999”;
google_color_url = “C0C0C0″;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>

BUGTRAQSecurityVulns ID:12297Type:HP : HP Performance Manager 9.00CVE:CVE-2012-0127 (Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.)Original documentHP, [security bulletin] HPSBMU02756 SSRT100596 rev.1 – HP Performance Manager Running on HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) (02.04.2012)Discuss:Read or add your comments to this news (0 comments)



Article source: http://securityvulns.com/news/HP/PM/1204.html

View full post on National Cyber Security

McAfee Email and Web Security Appliance multiple security vulnerabilities

<!– McAfee Email and Web Security Appliance multiple security vulnerabilities –>

 
news /
advisories /
forum /
software /
advertising /
search /
exploits

 

<!–
google_ad_client = “pub-9080155680222782″;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484”;
google_color_border = “333333”;
google_color_bg = “0D0030″;
google_color_link = “AAAAAA”;
google_color_text = “999999”;
google_color_url = “C0C0C0″;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>

BUGTRAQSecurityVulns ID:12296Type:MCAFEE : McAfee Email and Web Security 5.6 MCAFEE : McAfee Email Gateway 7.0Original documentResearch@NGSSecure, NGS00158 Patch Notification: McAfee Email and Web Security Appliance v5.6 – Arbitrary file download is possible with a crafted URL when logged in as any user (02.04.2012) Research@NGSSecure, NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 – Password hashes can be recovered from a system backup and easily cracked (02.04.2012) Research@NGSSecure, NGS00156 Patch Notification: McAfee Email and Web Security Appliance v5.6 – Active sesssion tokens of other users are disclosed within the UI (02.04.2012) Research@NGSSecure, NGS00155 Patch Notification: McAfee Email and Web Security Appliance v5.6 – Any logged-in user can bypass controls to reset passwords of other administrators (02.04.2012) Research@NGSSecure, NGS00154 Patch Notification: McAfee Email and Web Security Appliance v5.6 – Session hijacking and bypassing client-side session timeouts (02.04.2012) Research@NGSSecure, NGS00153 Patch Notification: McAfee Email and Web Security Appliance v5.6 – Reflective XSS allowing an attacker to gain session tokens (02.04.2012)Discuss:Read or add your comments to this news (0 comments)



Article source: http://securityvulns.com/news/McAfee/EWSA.html

View full post on National Cyber Security

Flash Player 11.2 fixes critical vulnerabilities and adds silent updates

Adobe have released Flash Player 11.2, addressing two critical arbitrary code execution vulnerabilities and introducing a silent update option.

One of the patched vulnerabilities stems from how older versions of Flash Player checks URL security domains, and only affects the Flash Player ActiveX plug-in for Internet Explorer on Windows 7 or Vista.

Both vulnerabilities can trigger memory corruptions and can be exploited to execute arbitrary code remotely. However, Adobe is not aware of any exploits for these flaws being used in online attacks at this time, said Wiebke Lips, Adobe’s senior manager of corporate communications.

Users of Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Macintosh, Linux and Solaris are advised to update to the new Adobe Flash Player 11.2 for their respective platforms. Users of Adobe Flash Player 11.1.111.7 for Android are advised to update to Flash Player 11.1.111.8.

Flash Player 11.2 also introduces a new updating mechanism that can be configured to check for and deploy updates in the background automatically, without requiring user interaction. The feature has been in Adobe’s plans for a long time and is expected to decrease the number of outdated Flash Player installations that attackers can target.

“The new background updater will provide a better experience for our customers, and it will allow us to more rapidly respond to zero-day attacks,” said Peleus Uhley, platform security strategist at Adobe. “This model for updating users is similar to the Google Chrome update experience, and Google has had great success with this approach. We are hoping to have similar success.”

The move was welcomed by Thomas Kristensen, chief security officer at Secunia, which develops the popular Personal Software Inspector (PSI) patch management program.

“A silent and automatic updating mechanism for Flash would help the majority of users. A more consistent and rapid updating of the user base is likely to impact the attackers’ preferences for Flash,” he said.

Of course, this will only happen after the vast majority of users upgrade to Flash Player 11.2 or a later version using the old method that requires explicit approval.

When Adobe Flash Player 11.2 is installed, users are asked to choose an update method. The available choices are: install updates automatically when available (recommended), notify me when updates are available, and never check for updates (not recommended).

The silent updater will try to contact Adobe’s update server every hour until it succeeds. If it receives a valid response from the server that no update is available, it will wait 24 hours before checking again.

For now, the automatic update option is only available for Flash Player on Windows, but Adobe is working on implementing it for Mac versions as well, Uhley said.

However, even if the automatic update option is enabled, Adobe will decide on a case-by-case basis which updates will be deployed silently and which won’t. Those that change the Flash Player default settings will require user interaction.

The new updater will update all Flash Player browser plug-ins installed on the system at the same time. “This will solve the problem of end-users having to update Flash Player for Internet Explorer separately from Flash Player for their other open source browsers,” Uhley said.

In addition to keeping the Flash Player install base up to date more easily and reducing the time required to effectively respond to zero-day attacks – attacks that exploit previously unknown vulnerabilities – the new silent updater could also reduce the number of scams that distribute malware as Flash Player updates.

“The pretext of a Flash Player update has been intensively used by cyber-crooks to lure users into downloading malicious content,” said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor BitDefender. “By eliminating the update wizard, users will likely get more difficult to con on the pretext of a legitimate update required by an application they trust.”

Unfortunately, this silent update model can’t be applied to all applications, Botezatu said. He gave the example of Internet Explorer 6, which Microsoft is trying to phase out, but that companies still widely use because their business applications are dependent on it and don’t work on newer versions.

Adobe is doing its part to convince users to move away from Internet Explorer 6 by dropping support for the browser from upcoming Flash Player versions. “We will no longer include testing on Internet Explorer 6 in our certification process and strongly encourage users to upgrade to the newest version of Internet Explorer,” Uhley said.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1de731e0/l/0Lnews0Btechworld0N0Csecurity0C33478370Cflash0Eplayer0E1120Efixes0Ecritical0Evulnerabilities0Eadds0Esilent0Eupdates0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Tibet.A malware for OS X uses Flashback Java vulnerabilities

One recent malware program for OS X that has caused concern has been the Flashback Trojan, which in its latest variants has taken advantage of Java security holes to embed code in programs or user accounts that will launch the malware when Web browsers are used. Once run, the malware tries taking screenshots and otherwise collect information to upload to remote servers.

Apparently the Java exploit used in this malware is catching on, and other malware have been developing that uses the same route of attack. Recently Intego reported on a new Trojan horse called Tibet.A (in its first revision), which downloads a Java applet when you visit a malicious Web page (URLs to such are apparently being sent via e-mail spam links), and installs a backdoor program. This malware works on Windows PCs and OS X. Apparently the Web page involved will determine the platform being used and will send the appropriate binaries to the computer.

As with the Flashback malware, since this vulnerability only requires access to the user’s account, no password is required to run or install it, provided users are running older versions of Java and have Java enabled on their browsers. The malware is similar in other respects to the Flashback threat; however, both can be easily thwarted by disabling Java on systems that are not updated (simply unchecking Java in the
Safari security preferences will do this), or by using Software Update to update the systems.

Putting the
Mac Malware scene into perspective, this threat is not known to be widespread and appears to be used in a direct attack that targets Tibetan businesses and organizations. It is also a single addition to the small group of malware that has currently been developed for OS X, which at less than 70 variants is minuscule in comparison to the millions developed yearly for Windows PCs. Additionally, this and the vast majority of known malware for OS X are Trojan horse based threats, and are not viral in nature, meaning they do not spread uncontrollably on their own and require tricking the user (in this case with spam) to install.

So far, the spam e-mails, including links to the malicious Web pages, have only been sent to the Tibetan organizations; however, it is possible that they could be issued elsewhere. Despite this possibility, the chances that this will affect the average user are slim, especially if you follow some simple (and perhaps understood) guidelines:

  1. Update your system
    If your system is updated, then you have nothing to worry about, so be sure to regularly run Software Update and keep your system updated.
  2. Avoid e-mail links
    E-mail clients by themselves will not open links unless you specify them to, and therefore if you get an e-mail from an unknown source (especially if it contains misspellings, requests to click links, and other requests for information), then avoid it; simply delete the message. If you are uncertain how to identify spam e-mails, then do a Web search for “How to spot spam e-mail” or similar string, and get numerous pages outlining handy tips on the details to look for.
  3. Turn off unnecessary features
    While in some cases Java, Web plug-ins like Flash, and similar features are used quite regularly, if you do not use them regularly then turn them off. You can do this for Safari in its Security preferences by unchecking the “Enable Java” feature, and in other Web browsers such as
    Firefox you have access to many Plug-in management tools (which Safari unfortunately lacks at the moment), where you can enable or disable individual plug-ins. If you ultimately need a plug-in or Java, then the Web page you are visiting will notify you of this, and you can quickly enable it to view the content you are trying to see.

    While keeping plug-ins and other features disabled until needed does add a touch of inconvenience to Web browsing, it overall closes possible avenues for attack.

Overall, while this malware is new, its route of attack is not and if you have already taken measures to safeguard your system by updating it, then you are well protected from this malware. If you still have concerns, then you can block this malware further by installing a malware scanner such as Intego’s VirusBarrier X6, Sophos, or numerous others, but you do not need to go overboard and have these programs continually scan your system and block all services. Above all, as with any computer system, safe browsing practices and regular updates are the easiest way to ensure you cover your bases.


Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.

Article source: http://reviews.cnet.com/8301-13727_7-57405449-263/tibet.a-malware-for-os-x-uses-flashback-java-vulnerabilities/?part=rss&subj=software&tag=title

View full post on National Cyber Security » Virus/Malware/Worms

libzip securitty vulnerabilities

<!– libzip securitty vulnerabilities –>

 
news /
advisories /
forum /
software /
advertising /
search /
exploits

 

<!–
google_ad_client = “pub-9080155680222782″;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484”;
google_color_border = “333333”;
google_color_bg = “0D0030″;
google_color_link = “AAAAAA”;
google_color_text = “999999”;
google_color_url = “C0C0C0″;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>

BUGTRAQSecurityVulns ID:12285Type:LIBZIP : libzip 0.10CVE:CVE-2012-1163 CVE-2012-1162Original documentMANDRIVA, [ MDVSA-2012:034 ] libzip (25.03.2012)Discuss:Read or add your comments to this news (0 comments)



test server

Article source: http://securityvulns.com/news/libzip/1203.html

View full post on National Cyber Security

Page 5 of 9« First...«34567»...Last »

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!