DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal
November 21, 2008
SecurityFocus Vulnerabilities
Bugtraq: DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal
Yahoo! News: Security News
Pentagon bans computer flash drives (AP)
AP - The Pentagon has banned, at least temporarily, the use of external computer flash drives because of a virus threat officials detected on Defense Department networks.
US Congress warned of Chinese cyber, space threats (AFP)
AFP - China has developed a sophisticated cyber warfare program and stepped up its capacity to penetrate US computer networks to extract sensitive information, a US congressional panel warned.
Computerworld Blogs - Security
Is this hardware for real? Prove it!
I can understand how the government is seeking to have vendors verify that the equipment they’re selling the government is authentic. According to Gautham Nagesh’s article, hundreds of pieces of hardware being used by the government (and later seized) was in fact, counterfeit. Those products are usually inferior and can wind up being very costly – especially when they result in network failures and data loss. Nagesh notes for example, that the FBI seized over 400 pieces of bogus Cisco network hardware.
SecurityFocus Vulnerabilities
Bugtraq: OpenSSH security advisory: cbc.adv
OpenSSH security advisory: cbc.adv
Bugtraq: KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit
KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit
Bugtraq: ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability
ZDI-08-076: EMC Control Center SAN Manager SST_SENDFILE Remote File Retrieval Vulnerability
Latest Secunia Security Advisories
[4/5] Apple iPhone / iPod touch Multiple Vulnerabilities
Some weaknesses, security issues, and vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, disclose potential sensitive information, conduct spoofing attacks, to cause a DoS (Denial of Service), or potentially compromise a user's system.
http://secunia.com/Advisories/32756/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
[3/5] vBulletin Visitor Messages Script Insertion Vulnerability
Mx has reported a vulnerability in vBulletin, which can be exploited by malicious people to conduct script insertion attacks.
http://secunia.com/Advisories/32782/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
Computerworld Blogs - Security
Global News Update: Friday, November 21, 2008
In today's podcast: Verizon suspends employees for snooping Obama's phone records; Dell has a good quarter in Asia; CES hotels cut room rates; and the space station gets an electronic nose.
1 Raindrop
Confidentiality, Integrity, Availability - Pick Any Two
Under Worm Assault, Military Bans Disks, USB Drives
The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.
The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect "immediately." Similar notices went out to the other military services.
In some organizations, the ban would be only a minor inconvenience. But the military relies heavily on such drives to store information. Bandwidth is often scarce out in the field. Networks are often considered unreliable. Takeaway storage is used constantly as a substitute.
Its almost like we built out a bunch of systems and then connected them to huge networks without building security into the software or something.
Paul Robichaux
Ohio State vs Michigan is cancelled
This year's edition of the annual Ohio State-Michigan game has been cancelled. The Wolverines were on their team bus headed down to Columbus, but unfortunately they couldn't get past Toledo. (But hey, neither could the Marines, so don't feel bad, UM fans!) All kidding aside, the boys and I will be watching tomorrow, probably with a plate of boudin in front of us. Go Bucs! (oh yeah, then LSU plays, and then the Saints are on Monday night!)
Yahoo! News: Security News
'High School Musical'-themed malware hits the Net (CNET)
CNET - Teens and young adults interested in downloading High School Musical-related music and video on peer-to-peer networks should be wary of malware, warns Panda Security.
SecuriTeam Blogs
Communication of product security Issues.
Chad Dougherty of the CERT Vulnerability Analysis team posted an article on some guidelines the vendor can follow so that their product vulnerability can be communicate to them. Security Experts always try to stick to responsible Full Disclosure rules before making any vulnerability public. So if they are unable to contact the vendor for a long period of time, the vulnerability is made public which can in turn affect it’s many users. To brief the recommendations:
1. Vendor must provide an easily identifiable role email address specifically for product security issues such as “product-security@”, “security-team@”, “security-response@”. Use of standard email addresses such as “info@”, “support@”, and “webmaster@” for the security point of contact as these email ids may be receiving other generic mails too and critical vulnerability information can easily be overlooked or mishandled.
2. Providing a web-based reporting form can help to maintain the vulnerability information in well structured manner that can later be reffered too.
Sample vulnerability reporting form can be found here.
3. Since the vulnerabilities contain sensitive information, it is recommended to encrypt the vulnerability details while generating reports or sending mails to concerned person.
4. Vendor must provide a web-page at “/security” like in “www.product.com/security” which will contain security related issues regarding the product. This can be the information base of all security documents and known security issues pertaining to the product.
5. Send out “signed” email to customers/partners regarding the vulnerability and the patch details which can help them mitigate the issue.
The article concludes with
Vendors’ attention to product security is receiving increased scrutiny in security and IT communities. Presenting organized methods for communicating product security information is an important element to demonstrating to customers (both current and potential), security researchers, the media, and the general public that you have at least some awareness of and commitment to security.
-
Is your site safe from SQL Injection? Website Security Audit is the way to protect your network!
NetSec
Internet Law Update: Court Sharply Limits Patentability of Business Methods Patents: In re Bilski, Case No. 2007-1130
I heard of the issue regarding USB devices spreading viruses a while back and feel compelled to say that this is not a technical problem, it is a human problem... a stupid human problem. In the past, some have treated my suggestion of epoxy as an permanent fix for this issue as apostasy. "What???? Ban USB devices??? That's crazy!"
Hex blog
IDA and MIPS
If you analyze MIPS binaries, you may find useful the following addition to IDA:
http://www.binary-art.net/?p=1002
This is MIPS emulator for Linux. It can generate an IDC script after emulation, which then can be applied to the database and make it more readable.
SANS Internet Storm Center, InfoCON: green
To USB or not to USB, well not in the DoD - what do you do?, (Fri, Nov 21st)
To most of you this is no longer news. The DOD issued orders that USB drives and other removable dev ...(more)...
F-Secure Antivirus Research Weblog
Search-and-Destroy
Some rogue antivirus applications are overtly malicious. XP Antivirus 2008 and XP Antivirus 2009 have numerous affiliates utilizing rootkits and plenty of other nasty techniques in order to get themselves installed (and purchased). They're a real pain in the… neck.
As an interesting aside – XP Antivirus 2008 and XP Antivirus 2009 are actually produced by two different gangs. Variants of one sometimes attempt to uninstall and disable the other.
Then there are some "rogues" that are just kind of sad… we're tempted to call them lame-ware rather than scareware.
Last week, someone calling himself "Mirando" submitted this to our moderated comment system:
What are the odds that such a comment, promoting a dubious application, will be approved by us? Not likely.
This is how the search-and-destroy .com site appears:
The site just uses a simple Flash graphic for basic animation; there are no fake "scans" that attempt to scare the visitor. It's all very quiet, relying perhaps on its name.
This application, search-and-destroy, should not of course be confused with Spybot Search & Destroy, a well known and respected antispyware application.
We downloaded and tested the Search-and-Destroy Antispyware application.
First it prompted a warning that there were zero risks.
Then we performed the scan and there were 159 "problems" discovered. All 159 were not fixable in the trial version.
Within the "malicious threats" that were discovered, were invalid shortcuts.
True, the links were invalid, but that's hardly a threat.
So we uninstalled the application, and it left behind a registry key:
Typical. The scan warned us about invalid shorts, and then leaves behind an invalid registry key.
Mirando has posted to other forums as well.
Based on the IP address used when posting to our comments system, Mirando lives in New Delhi, India. We suspect that he's young and that these posts are early attempts at making money via an affiliate program.
We hope that he'll consider quiting while he's ahead, and doesn't move on to the hard-rogues.
On 21/11/08 At 12:07 PM
Latest Secunia Security Advisories
[2/5] SemanticScuttle Cross-Site Scripting Vulnerabilities
Some vulnerabilities have been reported in SemanticScuttle, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/Advisories/32722/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
[3/5] Easyedit CMS Multiple SQL Injection Vulnerabilities
d3v1l has reported some vulnerabilities in Easyedit CMS, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/Advisories/32822/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
[4/5] Fedora update for thunderbird
Fedora has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to disclose sensitive information, or to potentially compromise a user's system.
http://secunia.com/Advisories/32786/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
Internet Security and Programming
London Hospital back online after computer virus shutdown
On the mend
Computer systems at three major London hospitals are largely back online on Friday morning, three days after a major computer virus outbreak forced staff to disconnect the network.…
Schneier on Security
When Sky Marshals Do Bad Things
They're not even close to perfect:
Since 9/11, more than three dozen federal air marshals have been charged with crimes, and hundreds more have been accused of misconduct, an investigation by ProPublica, a non-profit journalism organization, has found. Cases range from drunken driving and domestic violence to aiding a human-trafficking ring and trying to smuggle explosives from Afghanistan.
The meta-problem is that the kind of person who wants to be federal air marshal is the exact kind of person we don't want for the job.
Before 9/11, the Air Marshal Service was a nearly forgotten force of 33 agents with a $4.4 million annual budget. Now housed in the Transportation Security Administration, the agency has a $786 million budget and an estimated 3,000 to 4,000 air marshals, although the official number is classified.
And 3,000 to 4,000 is a lot of people to hire quickly; it's hard to weed out the bad eggs.
Latest Secunia Security Advisories
[2/5] IBM Workplace Web Content Management Cross-Site Scripting Vulnerabilities
Some vulnerabilities have been reported in IBM Workplace Content Management, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/Advisories/32763/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
heise Security News
Security update for xt:commerce Shop system
This update is intended to eliminate an SQL injection vulnerability in xt. This has been actively exploited, in order to obtain access to webshop databases and obtain the administrator's login data and MD5 passport hash
Latest Secunia Security Advisories
[4/5] BitDefender Antivirus PDF Processing Memory Corruption Vulnerability
ProTeuS has discovered a vulnerability in BitDefender Antivirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
http://secunia.com/Advisories/32789/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
LinuxSecurity.com - Latest News
Plaintext Recovery Attack Against SSH
LinuxSecurity.com: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, we are unable to properly assess its impact. Have you heard about the latest reported attack on the SSH protocol version 2? Do you think the SSH team made the right decision in not doing an emergency release? If you are interested in ways to prevent this attack, please read on...
Latest Secunia Security Advisories
[3/5] xt:Commerce SQL Injection Vulnerability
A vulnerability has been reported in xt:Commerce, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/Advisories/32830/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
[2/5] Softbiz Classifieds Script "msg" Cross-Site Scripting Vulnerability
Vahid Ezraeil has reported a vulnerability in Softbiz Classifieds Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/Advisories/32828/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
[1/5] Checkpoint VPN-1 Information Disclosure Vulnerability
Tim Brown and Mark Lowe have reported a vulnerability in Checkpoint VPN-1 products, which can be exploited by malicious people to disclose certain system information.
http://secunia.com/Advisories/32728/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
[3/5] Avaya CMS Solaris "sadmind" Buffer Overflow Vulnerability
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/Advisories/32812/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
[3/5] EMC Control Center SAN Manager Multiple Vulnerabilities
Some vulnerabilities have been reported in EMC Control Center SAN Manager, which can be exploited by malicious people to disclose potentially sensitive information or compromise a vulnerable system.
http://secunia.com/Advisories/32801/
NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about exploit and patch availability, new and in depth research, and all other details that are relevant. Learn more about receiving complete and customised Secunia advisory information:
http://secunia.com/advisories/business_solutions/
heise Security News
iPhone dials by remote control
The Fraunhofer Institute for Secure Information Technology (SIT) has found a security hole in the iPhone which allows a web page to make the mobile phone dial arbitrary phone numbers
LinuxSecurity.com - Security Advisories
Fedora 8 Update: thunderbird-2.0.0.18-1.fc8
LinuxSecurity.com: This update update upgrades thunderbird packages to upstream version 2.0.0.18, which fixes multiple security issues detailed in upstream security advisories:
Infosec Writers Latest Security Papers
A Successful CIO: More Leadership, Less Technical Jargon
This paper, written by Nicholas Purcell, examines the role of the CIO and the challenges they face, as well as the officers themselves moving beyond their chosen role in order to help better relate to their employees.
CIO.com - Security
Confidential Customer Details Exposed on Qantas Site
Qantas' online booking site today breached the privacy at least two of its customers, with their personal details revealed to another party when they attempted to access flight check-in information online.
Internet Security and Programming
Peculiar Patch Pits iPhone Security vs. Safari
Earlier this year, Security Fix criticizedApple for making iPhone users wait for security updates that Apple had fixed in its other products four months earlier. Now, it appears that iPhone users may have received a patch for a critical security hole four months before Apple fixed the flaw in its other products. Taking a look at the vulnerability summary from the update Apple released last week to fix critical vulnerabilities in Mac and Windows versions of its Safari browser, we can see that Apple corrected a serious flaw in WebKit, the rendering engine used by Safari on Mac OS X, Windows and the iPhone: WebKit CVE-ID: CVE-2008-2303 Available for: Mac OS X v10.4.11, Mac OS X v10.5.5, Windows XP or Vista Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue in Safari’s handling of JavaScript array indices may
Professional Security Testers resources warehouse
Under worm attack, US Army bans USB drives
Zero Day
Ryan Naraine, Dancho Danchev & Adam O'Donnell
November 20th, 2008
Posted by Ryan Naraine @ 10:34 am
Under sustained attack from what is described as a rapidly spreading network worm, the U.S. army has banned the use of USB sticks, CDs, flash media cards, and all other removable data storage devices, according to internal e-mail messages seen by Wired’s Noah Shachtman.
According to the article, service members have been ordered to “cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware.” Eventually, some government-approved drives will be allowed back under certain “mission-critical,” but unclassified, circumstances.
“Personally owned or non-authorized devices” are “prohibited” from here on out, according to the e-mails.
The USB device ban was handed down by the commander of U.S. Strategic Command and includes everything from external hard drives to “floppy disks. It takes effect immediately.
To make sure troops and military civilians are observing the suspension, government security teams “will be conducting daily scans and running custom scripts on NIPRNET and SIPRNET to ensure the commercial malware has not been introduced,” an e-mail says.
“Any discovery of malware will result in the opening of a security incident report and will be referred to the appropriate security officer for action.”
The threat from malware that spreads via removable media has been on a steady rise with some estimates showing a 10 percent increase in detections this year.
Original story at: http://blogs.zdnet.com/security/?p=2206&tag=nl.e589
Planet Security
Planet Security is an aggregation of security related blogs.The opinions expressed in these weblogs and hence this aggregation are those of the original authors.
Blogs
- 1 Raindrop
- A Day in the Life of an Information Security Investigator
- Abner Stories
- Andreas Sterbenz's Blog
- Anil John
- AntiSource
- Arun Perinkolam's Weblog
- Blue Box: The VoIP Security Podcast
- Bowulf Network Admin Blog
- C skills
- CERIAS Combined Feed
- CERIAS Weblogs
- CGISecurity
- CIO.com - Security
- Casper Dik's Weblog
- Computerworld Blogs - Security
- Cox Crow
- Cynical Security
- Dana Epp's ramblings at the Sanctuary
- Darknet - The Darkside
- Determina Security Blog
- Digg / Security
- Dominic White's .tHE pRODUCT
- Emergent Chaos
- Errata Security
- F-Secure Antivirus Research Weblog
- Fergie's Tech Blog
- Fortify Software
- Fred Avolio's Musings
- Freedom to Tinker
- Google Online Security Blog
- Hex blog
- IPTAblog
- IT Digest - Ingenious Tejas's Digest Blog
- InfoWorld: Security
- Information Manager Journal
- Infosec Writers Latest Security Papers
- Insights into Information Security
- Internet Security and Programming
- Invisible Things
- Jeff Jones Security Blog
- Jon Udell
- Justice League
- Kasperky Lab Weblog
- Kernel Wars
- Kim Cameron's Identity Weblog
- LAWTECH GURU BLOG by Jeff Beard
- Larry Osterman's WebLog
- Latest Secunia Security Advisories
- Light Blue Touchpaper
- LinuxSecurity.com - Feature Stories
- LinuxSecurity.com - Latest News
- LinuxSecurity.com - Security Advisories
- Liudvikas Bukys
- Mal-Aware.org
- Matasano Chargen
- Michael Howard's Web Log
- Minding the Planet
- NI3
- NetSec
- Network & Infrastructure Blogs
- Network Security Blog
- Network World on Security
- Not Bad For a Cubicle
- O'Reilly Network Articles and Weblogs: Anton Chuvakin
- Operation n
- PHP Security Blog
- Paul Robichaux
- PaulDotCom's Web Site
- Pedram Amini - Blog
- Perilocity
- Professional Security Testers resources warehouse
- Rick Kingslan - Will Hack 4 Food
- SABRE Blog
- SANS Information Security Reading Room
- SANS Internet Storm Center, InfoCON: green
- Schneier on Security
- Secure Programming News
- Secureme
- SecuriTeam Blogs
- SecuriTeam.com
- Security Blog
- Security Briefs
- Security Curve Weblog
- Security Manifest
- Security Response Weblog
- Security musings (reflectorium)
- SecurityBullshit.com
- SecurityFocus News
- SecurityFocus Vulnerabilities
- Sergey Simakov blog
- Skype Security Blog
- Steve Riley on Security
- Sun Security Announcements
- SunbeltBLOG
- The Art of Software Security Assessment
- The Identity Corner
- The Security Blanket
- TheSecure.Net
- Tim Rains' WebLog
- US-CERT Cyber Security Alerts
- US-CERT Recently Published Vulnerability Notes
- US-CERT Technical Cyber Security Alerts
- Usable Security
- Voice of VOIPSA
- Voice over Wireless LAN
- WNN Europe
- Web Security Blog
- Windows Vista Security
- Wireless Unleashed
- YEE YEEEEEE ! I RIDE THE YELLOW BUS !
- Yahoo! News: Security News
- [ Zer0Kn0ck's Blog ]
- antlab
- bannedit's blog
- eEye Digital Security - Research Blog
- eSecurity Planet News
- eWEEK Security
- ha.ckers
- heise Security News
- honeyblog
- leastprivilege.com
- nzight
- worm blog
Last updated:
21 November 2008 @ 06:10 PM
All times are UTC.
