Security Flaws & Fixes - W/E - 062317
Cisco Advises on Multiple Vulnerabilities Across Product Lines (06/22/2017)
Cisco released multiple advisories on June 21 to address security vulnerabilities across its product lines. Three of the advisories have been rated as highly critical.
Cisco released multiple advisories on June 21 to address security vulnerabilities across its product lines. Three of the advisories have been rated as highly critical.
Drupal Releases Maintenance Versions to Update Security (06/22/2017)
Drupal versions 8.3.4 and 7.56 have been released as maintenance versions due to various security issues.
Drupal versions 8.3.4 and 7.56 have been released as maintenance versions due to various security issues.
DVRs with Weak Security Mechanisms Could Be Exploited by Botnets (06/21/2017)
The scientists at Pen Test Partners analyzed more than 30 brands of DVRs and uncovered a range of vulnerabilities that leave the devices widely exposed to botnets like Mirai. Although Mirai and other botnets did not exploit these specific vulnerabilities, the researchers say that they could do so in the future. The team found, among other things, that the non-standard telnet port 12323 is used by some of the DVRs and is vulnerable to Mirai's default credentials.
The scientists at Pen Test Partners analyzed more than 30 brands of DVRs and uncovered a range of vulnerabilities that leave the devices widely exposed to botnets like Mirai. Although Mirai and other botnets did not exploit these specific vulnerabilities, the researchers say that they could do so in the future. The team found, among other things, that the non-standard telnet port 12323 is used by some of the DVRs and is vulnerable to Mirai's default credentials.
Facebook Exposed Its Content Moderators to Possible Terrorists (06/19/2017)
Facebook accidentally exposed its content moderators to suspected terrorists due to a bug in its software, the Guardian has reported. The bug, discovered in late 2016, exposed 1,000 employees in 22 departments who used Facebook's content management software to check for inappropriate material. Of those 1,000 employees, 40 worked in the company's counter terrorism unit and six were considered "high priority" by Facebook. It is likely that these six people had their profiles viewed by possible terrorists, and at least one of the moderators who was exposed has gone into hiding. The bug leaked the details of the moderators who had booted group administrators for posting inappropriate content to the new administrators who had taken over their group pages.
Facebook accidentally exposed its content moderators to suspected terrorists due to a bug in its software, the Guardian has reported. The bug, discovered in late 2016, exposed 1,000 employees in 22 departments who used Facebook's content management software to check for inappropriate material. Of those 1,000 employees, 40 worked in the company's counter terrorism unit and six were considered "high priority" by Facebook. It is likely that these six people had their profiles viewed by possible terrorists, and at least one of the moderators who was exposed has gone into hiding. The bug leaked the details of the moderators who had booted group administrators for posting inappropriate content to the new administrators who had taken over their group pages.
Google Releases Updates for Chrome (06/19/2017)
Google released Chrome 59.0.3071.104 for Windows, Mac, and Linux. This update includes five security fixes.
Google released Chrome 59.0.3071.104 for Windows, Mac, and Linux. This update includes five security fixes.
Highly Critical Privilege Escalation Vulnerability Affects Linux Systems (06/20/2017)
An issue was discovered in the size of the stack guard page on Linux. Specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). References in a vulnerability alert offer insight into this local privilege escalation bug as well as a list of possible remedies. Qualys discovered the vulnerability which affects Linux, OpenBSD, NetBSD, FreeBSD, and Solaris, on i386 and AMD64.
An issue was discovered in the size of the stack guard page on Linux. Specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). References in a vulnerability alert offer insight into this local privilege escalation bug as well as a list of possible remedies. Qualys discovered the vulnerability which affects Linux, OpenBSD, NetBSD, FreeBSD, and Solaris, on i386 and AMD64.
Mozilla Updates Thunderbird (06/19/2017)
Mozilla has fixed various security issues in Thunderbird with the release of version 52.2. Updates are required to mitigate risks.
Mozilla has fixed various security issues in Thunderbird with the release of version 52.2. Updates are required to mitigate risks.
Multiple Security Vulnerabilities Affect HPE SiteScope (06/20/2017)
A note provides details that HPE's SiteScope is vulnerable to several cryptographic issues, insufficiently protected credentials, and is missing authentication. An unauthenticated, remote attacker may be able to access arbitrary files from the system running SiteScope, or obtain credentials to SiteScope. Although patches haven't been released, workarounds have been listed in the vulnerability note to mitigate risks.
A note provides details that HPE's SiteScope is vulnerable to several cryptographic issues, insufficiently protected credentials, and is missing authentication. An unauthenticated, remote attacker may be able to access arbitrary files from the system running SiteScope, or obtain credentials to SiteScope. Although patches haven't been released, workarounds have been listed in the vulnerability note to mitigate risks.
New Version of Samsung Magician Defeats Security Vulnerability (06/19/2017)
According to an alert, Samsung Magician 5.1 addresses a security issue in which the management utility fails to check for and retrieve updates, which an allow an authenticated attacker to execute arbitrary code with administrator privileges. Magician is a management utility for Samsung SSDs.
According to an alert, Samsung Magician 5.1 addresses a security issue in which the management utility fails to check for and retrieve updates, which an allow an authenticated attacker to execute arbitrary code with administrator privileges. Magician is a management utility for Samsung SSDs.
RCE Could Occur in Older Versions of Ecava IntegraXor (06/21/2017)
A SQL injection is affecting Ecava's IntegraXor, a Web SCADA/HMI solution, an advisory from ICS-CERT details. This vulnerability can lead to a remote code execution. Ecava recommends that users of affected IntegraXor versions should update to version 6.0.522.1 or newer.
A SQL injection is affecting Ecava's IntegraXor, a Web SCADA/HMI solution, an advisory from ICS-CERT details. This vulnerability can lead to a remote code execution. Ecava recommends that users of affected IntegraXor versions should update to version 6.0.522.1 or newer.
Report: NSA Fails to Effectively Secure Systems, Reduce Privileged Access (06/21/2017)
The National Security Agency (NSA) remains challenged in its strategy to secure Internet systems from outside threats, according to a redacted August 2016 report obtained as a result of a Freedom of Information Act request by The New York Times. The report, from the Department of Defense's (DOD) inspector general, noted that the NSA failed to secure servers that stored classified data and lock data center rooms. The NSA was supposed to alleviate the number of individuals, both contractors and officials, who were allowed to download and send classified documents, and the number of people who had privileged access to the agency's most critical systems. Neither task was completed.
The National Security Agency (NSA) remains challenged in its strategy to secure Internet systems from outside threats, according to a redacted August 2016 report obtained as a result of a Freedom of Information Act request by The New York Times. The report, from the Department of Defense's (DOD) inspector general, noted that the NSA failed to secure servers that stored classified data and lock data center rooms. The NSA was supposed to alleviate the number of individuals, both contractors and officials, who were allowed to download and send classified documents, and the number of people who had privileged access to the agency's most critical systems. Neither task was completed.
Researcher: Expired Domain Left Samsung Devices Exposed to Attackers (06/19/2017)
Millions of older Samsung smartphones were left exposed after the company allowed a domain that controlled a stock app on the devices to expire, Motherboard reported. Security researcher Joao Gouveia discovered that the domain used to control the S Suggest stock app had expired so he took control of the domain on June 12. According to Gouveia, the expired domain could have enabled thieves to gain a foothold inside of the devices and then push out malicious apps. Samsung has said that Gouveia is wrong and that taking control of the domain doesn't allow anyone to push out malware or access user devices.
Millions of older Samsung smartphones were left exposed after the company allowed a domain that controlled a stock app on the devices to expire, Motherboard reported. Security researcher Joao Gouveia discovered that the domain used to control the S Suggest stock app had expired so he took control of the domain on June 12. According to Gouveia, the expired domain could have enabled thieves to gain a foothold inside of the devices and then push out malicious apps. Samsung has said that Gouveia is wrong and that taking control of the domain doesn't allow anyone to push out malware or access user devices.
Security Issues Detected with Acronis True Image (06/19/2017)
Acronis True Image, a disk backup utility for Windows and Mac systems, fails to securely check for and retrieve updates, which an allow an authenticated attacker to execute arbitrary code with administrator privileges. This information comes from an alert which states that a remedy has not yet been provided.
Acronis True Image, a disk backup utility for Windows and Mac systems, fails to securely check for and retrieve updates, which an allow an authenticated attacker to execute arbitrary code with administrator privileges. This information comes from an alert which states that a remedy has not yet been provided.
Update Fixes Vulnerabilities in Cambium's ePMP Products (06/19/2017)
Cambium Networks has reported that improper access control and improper privilege management vulnerabilities affect its ePMP Network Access Control products. Users have been instructed to update to firmware version 3.4-RC7 or newer, according to an ICS-CERT advisory.