Archive for category Vulnerabilities
Block New & Emerging Threats with SECURITY DATABASE
Posted by Mourad Ben Lakhoua in Pentesting, Vulnerabilities on February 23, 2010
Ensuring security of the modern computer network with a large number of system and devices consumes a big effort. Keeping track all new gaps becomes more and more difficult.Here I wanted to present a very good Infosec source.
Security-Database.com is an online computer security portal .provide free comprehensive and complete information about product vulnerabilities and tools for penetration testing based on open international standards.
The most important is that the creator of Security-database managed to provide visitors with latest vulnerability alerts, by taking in consideration the CVE identifier number with a brief description of this vulnerability. Including report references if offered by the vendor.
That’s not all because all these alerts are in accordance to several international information security standards including OVAL ID, CWE ID, CAPEC ID, and SAINTexploitID.
I really like the Fact that this website helps auditor to find all their needs to perform Auditing tasks by providing the best security tools with a short description and a link to the product. It also gives visitors the possibility to participate at the portal by submitting new security tools so they feel that they play a big role in achieving portal success.
At the Top of the page, visitor can find several tabs to make search for the desired vulnerability. Under the alert you can choose the vendor and it will brings you all vulnerabilities related to the concerned vendor. You can filter what you are searching for by Year, Month, day, Severity or Categories.
As you can see information obtained from Security-Database.com is vital for any system administrator looking to prevent and manage threats on the Information system. All the warnings are recorded in the database and are available at any time.
make sure you subscribe to my RSS feed!
Adobe Apologized for a 16 month-old-Bug
Posted by Mourad Ben Lakhoua in News, Software Security, Vulnerabilities, Vulnerabilities & attacks, Web Security on February 9, 2010
Adobe Company has officially apologized for the flash player 16 month old vulnerability that is still not fixed.
According to Adobe the bug has been eliminated in the beta flash player 10.1, but there still not yet a stable version for this release.
The bug officially was reported on the 22nd of September 2008 and all Flash player plug-in since the 9th version are affected. Many hackers used this gap to inject malicious code on victim’s machine.
Currently Adobe experts provided a special web page to check this vulnerability. The exploit really work you can test it following this link but before clicking you should make sure that you have another page open on the same browser.
Adobe Product Manager Emmy Huang promised that on the next Flash player 10.1 releases the vulnerability will be fixed without giving any sign on the final version date.
you can install the Adobe Flash Player 10.1 from Here.
make sure you subscribe to my RSS feed!
Microsoft prepares 13 patches for Next Tuesday
Posted by Mourad Ben Lakhoua in Operating System, Software Security, Vulnerabilities on February 5, 2010
Microsoft announce that they are about to release a 13 security updates on next Tuesday, these new security patches are issued to fix 26 security vulnerabilities in windows operating system and Microsoft office suite.
According to the Advanced Notification five updates are critical and the 8 others are important. While we can find 11 of 13 patches are issued to fix vulnerabilities in one or more operating systems, and the remaining two patches are for Office XP and Office 2003 for windows and Office 2004 for Mac.
Among the patches we can find a fix for a 17 year old Bug in 32-bit windows version, and will close the loophole that involves the venerable DOS operating system. Internet Explorer two recent critical vulnerabilities will not be patched for this Tuesday updates.
You can find Microsoft Security Bulletin Advance Notification for February 2010 Here.
make sure you subscribe to my RSS feed!
Hewlett-Packard Fixes a Bunch of OpenView Vulnerabilities
Posted by Mourad Ben Lakhoua in Vulnerabilities, Vulnerabilities & attacks on December 11, 2009
Hewlett-Packard Company has released several patches for a bunch of vulnerability on OpenView Software products. HP advises administrators to install the patches immediately to mitigate the risk.
OpenView Network Node Manager (OV NNM) is affected by 12 critical bugs that attackers could use to execute remote arbitrary code and gain control over the system.
The vulnerable versions are OV NNM 7.01 and 7.35 running on HP-UX, Linux, Solaris and Microsoft Windows. But here it is important to note that fixes are released only to version 7.53 so to install the patches for all previous versions Admin are required to upgrade to the latest one and then install the updates.
About eleven of the twelve bugs are detected by TippingPoint and the last bug is reported by researcher from IBM X-Force unit.
So go a head To review the Support Communication –Security Bulletin and act upon as soon as possible.
make sure you subscribe to my RSS feed!
Microsoft to Fix 12 Vulnerabilities On Tuesday, While Sophos Alerts of fake Microsoft updates coming through email
Posted by Mourad Ben Lakhoua in News, Software Security, Vulnerabilities, Vulnerabilities & attacks on December 5, 2009
On this Tuesday we are going to have the regular monthly update by Microsoft the release will include a set of patches to fix 12 problem, we can find among the patches a fix to Internet Explorer 8 vulnerability.
These releases are issued for windows 2000, XP, Vista, Windows 7, Windows Server 2003, 2008 as well as IE 8, Office XP and Office 2003. Three patches status are critical, this means that the impact allows a hacker to use these bugs to run an arbitrary command remotely.
Internet Explorer 8 vulnerability will also be among the patches this bug can allow attacker to run malicious software on the system like Trojan or rootkit to steal credential and data authentication, Microsoft already warned of an existing exploit for this bug and recommends all customers to prevent this attack by keeping antivirus up to date, using a good Pc Firewall and installing all previous patches.
On the other hand Sophos security lab alerted of a fake email message that includes a link to an executable file Windows-KBxxxxx-ENU.exe which contains malware Mal/EncPK-LL here you can find the email image:
The source of the message appears coming directly from Steve Lipner, Microsoft’s Director of Security Assurance, it is here important to be careful and not follow direct links to executable files and make sure that you are updating your system from a trusted sources.
make sure you subscribe to my RSS feed!
Attack Hitting Virtual Private Networks & How to Protect Yourself
Posted by Mourad Ben Lakhoua in Cloud Computing Security, News, Vulnerabilities on December 1, 2009
Virtual private network (VPN) software from Cisco, Juniper and other multiple vendors are concerned for a new vulnerability that makes a big number of customers at Risk this is according to a Monday report issued by US-CERT.
Clientless SSL VPN is used to provide internal network access over web browser to several resources such as corporate email server or application servers. The Bug allows an attacker to obtain VPN session tokens and read or modify content (including cookies, script, or HTML content), monitor keystrokes of more than 90 + companies including Cisco, Juniper, SafeNet, and Sonic Wall.
Currently there is no solution to this problem but to mitigate the risk we can do the following:
1- Limit URL rewriting to trusted domains If supported by the VPN server, URLs should only be rewritten for trusted internal sites.
All other sites and domains should not be accessible through the VPN server.Since an attacker only needs to convince a user to visit web page being viewed through the VPN to exploit this vulnerability, this workaround is likely to be less effective if there are a large number of hosts or domains that can be accessed through the VPN server. When deciding which sites can be visited through use of the VPN server, it is important to remember that all allowed sites will operate within the same security context in the web browser.
2- Limit VPN server network connectivity to trusted domains It may be possible to configure the VPN device to only access specific network domains. This restriction may also be possible by using firewall rules.
3- Disable URL hiding featuresObfuscating URLs hides the destination page from the end user. This feature can be used by an attacker to hide the destination page of any links they send. For example, https://
On the other hand It is very important to contact the vendor to ask if the gap already exist and if there is a patch to apply for this Bug.
US-CERT report can be found here.
make sure you subscribe to my RSS feed!
iPhone Next up for Hackers
Posted by Mourad Ben Lakhoua in News, Vulnerabilities on November 8, 2009
Botnets is becoming the biggest threat and arrived to all system in the globe even mobile devices, I don’t think that there is a person have not been a victim to Botnet, there is many people thinks that the operator is responsible of spamming their customers but this is not true.
Security professionals are always expecting the damage before it happens and try to solve the serious issue; today hackers have changed their landscape to get more benefit from there Cybercrimes.
The first important point to note that modern phones have wireless adapters. This can make them always online and vulnerable to such attack. Here I wanted to list some technical specification to demonstrate the benefits from implementing mobile-phone zombies comparing to classical infected machines:
1. Fast IP-address changing.
2. Low connection speed.
3. Ability to receive commands from the GSM network without the Internet (SMS..).
4. No Antivirus and Antispyware on the device.
5. No traffic control by the owner.
6. Storing personal data in the phone (credit card numbers, PINs, accounts, addresses, and so on.).
7. Calls and sending SMS.
8. Locator on the map GSM or GPS (if your phone has a controller).
9. Recorder (as a listening device).
As you can see here are 9 features that can serve Hackers perfectly to do their job. And by the way the list can be extended.
Now what is the tactic that hackers perform to implement botnets?
Usually they start by scanning the network searching for vulnerable hosts. The computers are identified by IP address but for the iphone it is identified by the IMEI a unique code issued by the manufacture. This code is also used to identify a stolen phone so if you lost your phone the Cellular operator can find it on the network using this ID. However the same IMEI are used for identifying the phone for the Zombies network.
After identifying the phone a Trojan should be executed by an infected website or any other way and this Trojan acts as a back door and opens a port on the local phone for connections. To get the instruction from a remote host and here the phone will act as the attacker desire sending spam for advertisement changing the wallpaper or Listening to the conversations. While there is no AV and no traffic control as a firewall… this phone will remain part of botnet.
Here is the First iPhone worm discovered and reported today by sophos.
The good news here is that this Bot network is not very big but we should be very careful about the iPhone sources and what we install on it (games, applications…).
make sure you subscribe to my RSS feed!
Adobe Fixes Five Critical Vulnerabilities in Shockwave
Posted by Mourad Ben Lakhoua in News, Vulnerabilities on November 6, 2009
New set of patches have been released by Adobe to fix 5 critical vulnerabilities in the Shockwave player.
Adobe invites all shockwave users to update immediately there flash players, Four of these five bugs allows an attacker to execute a malicious code remotely which have been discovered by VUPEN security researchers.
According to the research lab, the Adobe vulnerability includes a violation in the memory information integrity, pointers and wrong indexing when a malicious content processed. All these errors can be used by an attacker to compromise a vulnerable system and exploit it when visiting a customized website regardless of your browser (IE or Firefox).
This is concerning the first four bugs while the last one is related to the boundary conditions Issues and can be used to cause a DoS-attack. here you can find the Security bulletin by Adobe.
make sure you subscribe to my RSS feed!
Snow Leopard Bug Erases all User Data
Posted by Mourad Ben Lakhoua in News, Operating System, Vulnerabilities on October 13, 2009
A new serious problem has faced Mac OS X users with a strange errors face all new Apple operating system, this error is called Snow Leopard and can destroy all personal data on the OS.
According to Apple support site the problem exists when a user open the system as a guest and after closing the session he tries to enter his own personal account, at this case all OS settings will be reset to default and content, personal folders, documents, photos and music files will be destroyed.
This error appears in computers that have been updated there system from any previous version to the recent Mac OS X Snow Leopard Operating system. Currently the only way to recover the lost files is to restore them from Backup. On the other hand many users have lost their work document, personal files, videos and other files by this simple manipulation.
Apple has not yet commented on these Issue and they temporary advice as a workaround users to disable the guest account.
So you should never keep your sensitive information hang in the wind, a disaster can ever sleeps and can strike at any time. Security is a VERY important Issue, try to make your backup on regular bases.
Secure your Stuff and Keep Working!
make sure you subscribe to my RSS feed!
Bugspy.net: Opensource Bug Tracking Website
Posted by Mourad Ben Lakhoua in Search Engine, Software Security, Vulnerabilities on October 4, 2009
Bug is a word that means an error in a certain program, usually Bugs are located and removed in the program testing or debugging phase.
Globally there is a big number of testing labs that are on a daily bases looking for discovering new Bugs and alerting on them, here I wanted to mention this site http://www.bugspy.net this site is dedicated to alert of the latest vulnerabilities in the open source applications.
Bugspy is a search engine that crawls the web looking for bugs from different sources. There are thousands of open source software projects but the site objective is to make it easy for security professional to identify the bugs in a quick way and to provide details on the severity of this vulnerability, this is very important to protect the open source resources.
The vulnerability description provided on text and statistically deciding whether this bug might pose a security threat and the level of this threat so if it’s critical a fix should be applied to mitigate the risk.
Here you can find some technical details about the site:
Crawler development language: Python
Web site development language: Python + Django framework
Database: PostgreSQL
Number of open bugs indexed: ~225,000 bugs and going up
Number of products indexed: ~ 7500 products and going up
Exploitable Bugs Detector: Developed with the aid genetic algorithms (pyevelove http://pyevolve.sourceforge.net)
The targeted visitors: IT Security experts, developers, sw project managers, and anyone who wants to be regularly updated about new bugs in OSS.
make sure you subscribe to my RSS feed!
-
You are currently browsing the archives for the Vulnerabilities category.
SUBSCRIBE
