November 21, 2008

SecurityFocus Vulnerabilities

Bugtraq: DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal

DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal

21 November 2008 @ 06:10 PM

Yahoo! News: Security News

Pentagon bans computer flash drives (AP)

AP - The Pentagon has banned, at least temporarily, the use of external computer flash drives because of a virus threat officials detected on Defense Department networks.

21 November 2008 @ 06:00 PM

US Congress warned of Chinese cyber, space threats (AFP)

Chinese policemen surf the Internet in Beijing. China has developed a sophisticated cyber warfare program and stepped up its capacity to penetrate US computer networks to extract sensitive information, a US congressional panel has warned.(AFP/File/Chai Hin Goh)AFP - China has developed a sophisticated cyber warfare program and stepped up its capacity to penetrate US computer networks to extract sensitive information, a US congressional panel warned.


21 November 2008 @ 05:26 PM

Computerworld Blogs - Security

Is this hardware for real? Prove it!

I can understand how the government is seeking to have vendors verify that the equipment they’re selling the government is authentic. According to Gautham Nagesh’s article, hundreds of pieces of hardware being used by the government (and later seized) was in fact, counterfeit. Those products are usually inferior and can wind up being very costly – especially when they result in network failures and data loss. Nagesh notes for example, that the FBI seized over 400 pieces of bogus Cisco network hardware.

read more


Add to digg Add to StumbleUpon Add to Twitter Add to Slashdot

21 November 2008 @ 05:12 PM

SecurityFocus Vulnerabilities

Bugtraq: OpenSSH security advisory: cbc.adv

OpenSSH security advisory: cbc.adv

21 November 2008 @ 05:10 PM

Bugtraq: KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit

KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit

21 November 2008 @ 05:10 PM

Bugtraq: ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability

ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability

21 November 2008 @ 05:10 PM

Latest Secunia Security Advisories

[4/5] Apple iPhone / iPod touch Multiple Vulnerabilities

Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system.

http://secunia.com/Advisories/32756/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 04:03 PM

[3/5] vBulletin Visitor Messages Script Insertion Vulnerability

Mx has reported a vulnerability in vBulletin, which can be exploited by malicious people to conduct script insertion attacks.

http://secunia.com/Advisories/32782/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 04:03 PM

Computerworld Blogs - Security

Global News Update: Friday, November 21, 2008

In today's podcast: Verizon suspends employees for snooping Obama's phone records; Dell has a good quarter in Asia; CES hotels cut room rates; and the space station gets an electronic nose.

read more


Add to digg Add to StumbleUpon Add to Twitter Add to Slashdot

21 November 2008 @ 03:53 PM

1 Raindrop

Confidentiality, Integrity, Availability - Pick Any Two

Under Worm Assault, Military Bans Disks, USB Drives


The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.


The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect "immediately." Similar notices went out to the other military services.

In some organizations, the ban would be only a minor inconvenience. But the military relies heavily on such drives to store information. Bandwidth is often scarce out in the field. Networks are often considered unreliable. Takeaway storage is used constantly as a substitute.


Its almost like we built out a bunch of systems and then connected them to huge networks without building security into the software or something.

21 November 2008 @ 03:51 PM

Paul Robichaux

Ohio State vs Michigan is cancelled

This year's edition of the annual Ohio State-Michigan game has been cancelled. The Wolverines were on their team bus headed down to Columbus, but unfortunately they couldn't get past Toledo. (But hey, neither could the Marines, so don't feel bad, UM fans!) All kidding aside, the boys and I will be watching tomorrow, probably with a plate of boudin in front of us. Go Bucs! (oh yeah, then LSU plays, and then the Saints are on Monday night!)

21 November 2008 @ 03:49 PM

Yahoo! News: Security News

'High School Musical'-themed malware hits the Net (CNET)

CNET - Teens and young adults interested in downloading High School Musical-related music and video on peer-to-peer networks should be wary of malware, warns Panda Security.

21 November 2008 @ 02:04 PM

SecuriTeam Blogs

Communication of product security Issues.

Chad Dougherty of the CERT Vulnerability Analysis team posted an article on some guidelines the vendor can follow so that their product vulnerability can be communicate to them. Security Experts always try to stick to responsible Full Disclosure rules before making any vulnerability public. So if they are unable to contact the vendor for a long period of time, the vulnerability is made public which can in turn affect it’s many users. To brief the recommendations:

1. Vendor must provide an easily identifiable role email address specifically for product security issues such as “product-security@”, “security-team@”, “security-response@”. Use of standard email addresses such as “info@”, “support@”, and “webmaster@” for the security point of contact as these email ids may be receiving other generic mails too and critical vulnerability information can easily be overlooked or mishandled.

2. Providing a web-based reporting form can help to maintain the vulnerability information in well structured manner that can later be reffered too.

Sample vulnerability reporting form can be found here.

3. Since the vulnerabilities contain sensitive information, it is recommended to encrypt the vulnerability details while generating reports or sending mails to concerned person.

4. Vendor must provide a web-page at “/security” like in “www.product.com/security” which will contain security related issues regarding the product. This can be the information base of all security documents and known security issues pertaining to the product.

5. Send out “signed” email to customers/partners regarding the vulnerability and the patch details which can help them mitigate the issue.

The article concludes with

Vendors’ attention to product security is receiving increased scrutiny in security and IT communities.  Presenting organized methods for communicating product security information is an important element to demonstrating to customers (both current and potential), security researchers, the media, and the general public that you have at least some awareness of and commitment to security. 

DiggRedditSlashdotTwitThisSphinnStumbleUpondel.icio.usFacebookGoogleTechnoratiE-mail this story to a friend!

-

Is your site safe from SQL Injection? Website Security Audit is the way to protect your network!

21 November 2008 @ 02:01 PM

NetSec

Internet Law Update: Court Sharply Limits Patentability of Business Methods Patents: In re Bilski, Case No. 2007-1130

21 November 2008 @ 01:49 PM

I heard of the issue regarding USB devices spreading viruses a while back and feel compelled to say that this is not a technical problem, it is a human problem... a stupid human problem. In the past, some have treated my suggestion of epoxy as an permanent fix for this issue as apostasy. "What???? Ban USB devices??? That's crazy!"

21 November 2008 @ 01:38 PM

NetWitness Investigator (Free)

21 November 2008 @ 01:35 PM

Hex blog

IDA and MIPS

If you analyze MIPS binaries, you may find useful the following addition to IDA:

http://www.binary-art.net/?p=1002

This is MIPS emulator for Linux. It can generate an IDC script after emulation, which then can be applied to the database and make it more readable.

21 November 2008 @ 01:27 PM

SANS Internet Storm Center, InfoCON: green

To USB or not to USB, well not in the DoD - what do you do?, (Fri, Nov 21st)

To most of you this is no longer news. The DOD issued orders that USB drives and other removable dev ...(more)...

21 November 2008 @ 01:16 PM

F-Secure Antivirus Research Weblog

Search-and-Destroy

Some rogue antivirus applications are overtly malicious. XP Antivirus 2008 and XP Antivirus 2009 have numerous affiliates utilizing rootkits and plenty of other nasty techniques in order to get themselves installed (and purchased). They're a real pain in the… neck.

As an interesting aside – XP Antivirus 2008 and XP Antivirus 2009 are actually produced by two different gangs. Variants of one sometimes attempt to uninstall and disable the other.

Then there are some "rogues" that are just kind of sad… we're tempted to call them lame-ware rather than scareware.

Last week, someone calling himself "Mirando" submitted this to our moderated comment system:

Search-and-Destroy Antispyware

What are the odds that such a comment, promoting a dubious application, will be approved by us? Not likely.

This is how the search-and-destroy .com site appears:

Search-and-Destroy

The site just uses a simple Flash graphic for basic animation; there are no fake "scans" that attempt to scare the visitor. It's all very quiet, relying perhaps on its name.

This application, search-and-destroy, should not of course be confused with Spybot Search & Destroy, a well known and respected antispyware application.

We downloaded and tested the Search-and-Destroy Antispyware application.

First it prompted a warning that there were zero risks.

Startup Risk

Then we performed the scan and there were 159 "problems" discovered. All 159 were not fixable in the trial version.

Scan Finished

Within the "malicious threats" that were discovered, were invalid shortcuts.

Threat Details

True, the links were invalid, but that's hardly a threat.

So we uninstalled the application, and it left behind a registry key:

After Uninstall

Typical. The scan warned us about invalid shorts, and then leaves behind an invalid registry key.

Mirando has posted to other forums as well.

Comments

Based on the IP address used when posting to our comments system, Mirando lives in New Delhi, India. We suspect that he's young and that these posts are early attempts at making money via an affiliate program.

We hope that he'll consider quiting while he's ahead, and doesn't move on to the hard-rogues.

On 21/11/08 At 12:07 PM

21 November 2008 @ 01:10 PM

Latest Secunia Security Advisories

[2/5] SemanticScuttle Cross-Site Scripting Vulnerabilities

Some vulnerabilities have been reported in SemanticScuttle, which can be exploited by malicious people to conduct cross-site scripting attacks.

http://secunia.com/Advisories/32722/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 01:01 PM

[3/5] Easyedit CMS Multiple SQL Injection Vulnerabilities

d3v1l has reported some vulnerabilities in Easyedit CMS, which can be exploited by malicious people to conduct SQL injection attacks.

http://secunia.com/Advisories/32822/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 01:01 PM

[4/5] Fedora update for thunderbird

Fedora has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to disclose sensitive information, or to potentially compromise a user's system.

http://secunia.com/Advisories/32786/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 01:01 PM

Internet Security and Programming

London Hospital back online after computer virus shutdown

On the mend
Computer systems at three major London hospitals are largely back online on Friday morning, three days after a major computer virus outbreak forced staff to disconnect the network.…

Read more…

21 November 2008 @ 12:41 PM

Schneier on Security

When Sky Marshals Do Bad Things

They're not even close to perfect:

Since 9/11, more than three dozen federal air marshals have been charged with crimes, and hundreds more have been accused of misconduct, an investigation by ProPublica, a non-profit journalism organization, has found. Cases range from drunken driving and domestic violence to aiding a human-trafficking ring and trying to smuggle explosives from Afghanistan.

The meta-problem is that the kind of person who wants to be federal air marshal is the exact kind of person we don't want for the job.

Before 9/11, the Air Marshal Service was a nearly forgotten force of 33 agents with a $4.4 million annual budget. Now housed in the Transportation Security Administration, the agency has a $786 million budget and an estimated 3,000 to 4,000 air marshals, although the official number is classified.

And 3,000 to 4,000 is a lot of people to hire quickly; it's hard to weed out the bad eggs.

21 November 2008 @ 12:23 PM

Latest Secunia Security Advisories

[2/5] IBM Workplace Web Content Management Cross-Site Scripting Vulnerabilities

Some vulnerabilities have been reported in IBM Workplace Content Management, which can be exploited by malicious people to conduct cross-site scripting attacks.

http://secunia.com/Advisories/32763/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 12:02 PM

heise Security News

Security update for xt:commerce Shop system

This update is intended to eliminate an SQL injection vulnerability in xt. This has been actively exploited, in order to obtain access to webshop databases and obtain the administrator's login data and MD5 passport hash

21 November 2008 @ 11:05 AM

Latest Secunia Security Advisories

[4/5] BitDefender Antivirus PDF Processing Memory Corruption Vulnerability

ProTeuS has discovered a vulnerability in BitDefender Antivirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.

http://secunia.com/Advisories/32789/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 11:03 AM

LinuxSecurity.com - Latest News

Plaintext Recovery Attack Against SSH

LinuxSecurity.com: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, we are unable to properly assess its impact. Have you heard about the latest reported attack on the SSH protocol version 2? Do you think the SSH team made the right decision in not doing an emergency release? If you are interested in ways to prevent this attack, please read on...

21 November 2008 @ 10:19 AM

Latest Secunia Security Advisories

[3/5] xt:Commerce SQL Injection Vulnerability

A vulnerability has been reported in xt:Commerce, which can be exploited by malicious people to conduct SQL injection attacks.

http://secunia.com/Advisories/32830/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 10:03 AM

[2/5] Softbiz Classifieds Script "msg" Cross-Site Scripting Vulnerability

Vahid Ezraeil has reported a vulnerability in Softbiz Classifieds Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

http://secunia.com/Advisories/32828/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 10:03 AM

[1/5] Checkpoint VPN-1 Information Disclosure Vulnerability

Tim Brown and Mark Lowe have reported a vulnerability in Checkpoint VPN-1 products, which can be exploited by malicious people to disclose certain system information.

http://secunia.com/Advisories/32728/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 10:03 AM

[3/5] Avaya CMS Solaris "sadmind" Buffer Overflow Vulnerability

Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to compromise a vulnerable system.

http://secunia.com/Advisories/32812/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 10:03 AM

[3/5] EMC Control Center SAN Manager Multiple Vulnerabilities

Some vulnerabilities have been reported in EMC Control Center SAN Manager, which can be exploited by malicious people to disclose potentially sensitive information or compromise a vulnerable system.

http://secunia.com/Advisories/32801/

NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/

21 November 2008 @ 10:03 AM

heise Security News

iPhone dials by remote control

The Fraunhofer Institute for Secure Information Technology (SIT) has found a security hole in the iPhone which allows a web page to make the mobile phone dial arbitrary phone numbers

21 November 2008 @ 09:51 AM

LinuxSecurity.com - Security Advisories

Fedora 8 Update: thunderbird-2.0.0.18-1.fc8

LinuxSecurity.com: This update update upgrades thunderbird packages to upstream version 2.0.0.18, which fixes multiple security issues detailed in upstream security advisories:

21 November 2008 @ 05:57 AM

Infosec Writers Latest Security Papers

A Successful CIO: More Leadership, Less Technical Jargon

This paper, written by Nicholas Purcell, examines the role of the CIO and the challenges they face, as well as the officers themselves moving beyond their chosen role in order to help better relate to their employees.

21 November 2008 @ 05:00 AM

CIO.com - Security

Confidential Customer Details Exposed on Qantas Site

Qantas' online booking site today breached the privacy at least two of its customers, with their personal details revealed to another party when they attempted to access flight check-in information online.

21 November 2008 @ 05:00 AM

Internet Security and Programming

Peculiar Patch Pits iPhone Security vs. Safari

Earlier this year, Security Fix criticizedApple for making iPhone users wait for security updates that Apple had fixed in its other products four months earlier. Now, it appears that iPhone users may have received a patch for a critical security hole four months before Apple fixed the flaw in its other products. Taking a look at the vulnerability summary from the update Apple released last week to fix critical vulnerabilities in Mac and Windows versions of its Safari browser, we can see that Apple corrected a serious flaw in WebKit, the rendering engine used by Safari on Mac OS X, Windows and the iPhone: WebKit CVE-ID: CVE-2008-2303 Available for: Mac OS X v10.4.11, Mac OS X v10.5.5, Windows XP or Vista Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue in Safari’s handling of JavaScript array indices may

Read more…

21 November 2008 @ 01:50 AM

Professional Security Testers resources warehouse

Under worm attack, US Army bans USB drives

Zero Day
Ryan Naraine, Dancho Danchev & Adam O'Donnell
November 20th, 2008
Posted by Ryan Naraine @ 10:34 am


Under sustained attack from what is described as a rapidly spreading network worm, the U.S. army has banned the use of USB sticks, CDs, flash media cards, and all other removable data storage devices, according to internal e-mail messages seen by Wired’s Noah Shachtman.

According to the article, service members have been ordered to “cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware.”  Eventually, some government-approved drives will be allowed back under certain “mission-critical,” but unclassified,  circumstances.

“Personally owned or non-authorized devices” are “prohibited” from here on out, according to the e-mails.

The USB device ban was handed down by the commander of U.S. Strategic Command and includes everything from external hard drives to “floppy disks. It takes effect immediately.

To make sure troops and military civilians are observing the suspension, government security teams “will be conducting daily scans and running custom scripts on NIPRNET and SIPRNET to ensure the commercial malware has not been introduced,” an e-mail says.

“Any discovery of malware will result in the opening of a security incident report and will be referred to the appropriate security officer for action.” 

The threat from malware that spreads via removable media has been on a steady rise with some estimates showing a 10 percent increase in detections this year.

Original story at:  http://blogs.zdnet.com/security/?p=2206&tag=nl.e589

21 November 2008 @ 12:13 AM