Hackin9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

We received the following vulnerability advisory for a remote code execution vuln identified and reported in Ciscos Ironport WSA Telnetd.

Vendor: Cisco
Product web page: http://www.cisco.com
Affected version: Cisco Ironport WSA - AsyncOS 8.0.5 for Web build 075
Date: 22/05/2014
Credits: Glafkos Charalambous
CVE: CVE-2011-4862
CVSS Score: 7.6
Impact: Unauthenticated Remote Code Execution with elevated privileges
Description: The Cisco Ironport WSA virtual appliances are vulnerable to an old FreeBSD telnetd encryption Key ID buffer overflow which allows remote attackers to execute arbitrary code (CVE-2011-4862).
Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
http://www.freebsd.org/security/advisories/FreeBSD-SA-11:08.telnetd.asc
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport

Nice work by Glafkos but what you cant see is me shaking my head. *sigh*
Ill repeat the facepalm-inspiring statement again: Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.
Still, with the telnets? And on by default?
From the related FreeBSD advisory:
The FreeBSD telnet daemon, telnetd(8), implements the server side of the
TELNET virtual terminal protocol. It has been disabled by default in
FreeBSD since August 2001, and due to the lack of cryptographic security
in the TELNET protocol, it is strongly recommended that the SSH protocol
be used instead.">Trying 192.168.0.160...
Connected to 192.168.0.160.
Escape character is ^]">| font-family: ">@holisticinfosec

) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Apple Mac OS X QuickTime CVE-2014-4351 'm4a' File Handling Buffer Overflow Vulnerability
 
Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
 

A new security feature for Google’s services will help users better protect their data by requiring that they insert a USB security key to log in to their account.

Announced on Tuesday, the optional Security Key technology requires that a Chrome user take two additional steps to sign in to their Google account: plug a small key into the USB port on their computer and tap a button. The process is a simpler and more secure version of the 2-Step Verification process that Google offers to security-conscious users. With 2-Step Verification, users receive a code from Google on their phone or in e-mail that they must enter into Google’s site to complete the login process.

Users that opt for the Security Key technology will have to purchase a special USB key, which typically costs less than $20.

Read 10 remaining paragraphs | Comments

 
Linux Kernel 'ext4/file.c' Local Denial of Service Vulnerability
 
Bugzilla CVE-2014-1571 Information Disclosure Vulnerability
 
Bugzilla 'realname' Parameter Security Bypass Vulnerability
 
Drupal Site Banner Module Cross Site Scripting Vulnerability
 
Drupal Marketo MA Module Multiple Cross Site Scripting Vulnerabilities
 
Splunk 'Referer' Header Cross Site Scripting Vulnerability
 
Drupal TableField Module Cross Site Scripting Vulnerability
 

Profile of Matt Hartley
Dark Reading
Matt Hartley has held a variety of responsibilities at iSIGHT Partners including leading government programs, managing technology partnerships, and leading a team launching new service offerings. Previously, he was a Senior Program Manager of ...

 
The National Institute of Standards and Technology (NIST) has published the final version of the US Government Cloud Computing Technology Roadmap, Volumes I and II. The roadmap focuses on strategic and tactical objectives to support the ...
 
LinuxSecurity.com: Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in the Linux kernel: The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, [More...]
 
LinuxSecurity.com: Updated bugzilla packages fix security vulnerabilities: If a new comment was marked private to the insider group, and a flag was set in the same transaction, the comment would be visible to flag recipients even if they were not in the insider group (CVE-2014-1571). [More...]
 
LinuxSecurity.com: Updated perl and perl-Data-Dumper packages fixes security vulnerability: The Dumper method in Data::Dumper before 2.154, allows context-dependent attackers to cause a denial of service (stack [More...]
 
LinuxSecurity.com: Updated mediawiki packages fix security vulnerability: MediaWiki before 1.23.4 is vulnerable to cross-site scripting due to JavaScript injection via CSS in uploaded SVG files (CVE-2014-7199). [More...]
 
LinuxSecurity.com: Updated python packages fix security vulnerability: Python before 2.7.8 is vulnerable to an integer overflow in the buffer type (CVE-2014-7185). [More...] _______________________________________________________________________
 
LinuxSecurity.com: Updated rsyslog packages fix security vulnerability: Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted [More...]
 
LinuxSecurity.com: New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. [More Info...]
 
LinuxSecurity.com: Updated qemu-kvm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
 
LinuxSecurity.com: Updated rsyslog5 and rsyslog packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security [More...]
 
LinuxSecurity.com: Security Report Summary
 
File Manager v4.2.10 iOS - Code Execution Vulnerability
 
iFunBox Free v1.1 iOS - File Include Vulnerability
 

BRS Labs to Bring Ground Breaking Artificial Intelligence Analytics to AAPA's ...
Business Wire (press release)
The AISight Everywhere™ platform is a centralized system with modules for big data, intelligent video analytics, SCADA, InfoSec, and other core business functions. BRS Labs is headquartered in Houston, with offices in Washington DC, London, Sao Paulo, ...

and more »
 

NCA Touts for New Recruits to Cyber Crime Unit
Infosecurity Magazine
However, Brian Honan, independent security consultant and advisor to Europol's European Cybercrime Center (EC3), argued that the NCA could actually offer “a lot of other opportunities” for infosec professionals. “Firstly they are probably one of the ...

and more »
 

Study: C-suite putting more pressure on infosec staff
SC Magazine UK
A new survey of IT decision makers reveals the drawback of high-level executive awareness of security issues. As high-level executives become more aware of information security issues and vulnerabilities, they are pressuring their IT departments to ...

 
FreeBSD Security Advisory FreeBSD-SA-14:23.openssl
 
FreeBSD Security Advisory FreeBSD-SA-14:21.routed
 
FreeBSD Security Advisory FreeBSD-SA-14:20.rtsold
 
FreeBSD Security Advisory FreeBSD-SA-14:22.namei
 
Wireshark CUPS Dissector CVE-2014-6425 Denial of Service Vulnerability
 
Wireshark HIP Dissector CVE-2014-6426 Remote Denial of Service Vulnerability
 

Posted by InfoSec News on Oct 22

http://gcn.com/articles/2014/10/21/nist-hypervisor-security.aspx

By GCN Staff
Oct 21, 2014

The National Institute of Standards and Technology released a draft of
SP-800-125 A, Security Recommendations for Hypervisor Deployment, for
public comment. Because of widespread growth in server virtualization for
hosting enterprise applications and providing cloud services,
recommendations for secure deployment of hypervisor platforms are needed,...
 

Posted by InfoSec News on Oct 22

http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/21/personal-information-of-almost-100000-people-exposed-through-flaw-on-site-for-transcripts/

By Ashkan Soltani, Julie Tate and Ellen Nakashima
The Washington Post
October 21, 2014

The personal information of almost 100,000 people seeking their high
school transcripts was recently exposed on a Web site that helps students
obtain their records.

The site, NeedMyTranscript.com,...
 

Posted by InfoSec News on Oct 22

http://www.computerworld.com/article/2836722/microsoft-warns-of-windows-zero-day-hackers-serve-exploits-in-powerpoint-files.html

By Gregg Keizer
Computerworld
Oct 21, 2014

Microsoft on Tuesday warned Windows users that cyber criminals are
exploiting a zero-day vulnerability using malicious PowerPoint documents
sent as email attachments.

In an advisory, Microsoft outlined the bug and provided a one-click tool
from its "Fixit" line...
 

Posted by InfoSec News on Oct 22

http://www.theregister.co.uk/2014/10/22/android_can_be_tricked_into_loading_malware_obfuscated_in_pngs/

By Richard Chirgwin
The Register
22 Oct 2014

Someone's found (yet) another nasty security flaw in Android, by crafting
a way to pack malicious software to look like images.

The good news is that disclosure was kept back until Google had put a fix
in place; the bad news is, of course, the huge number of phone-owners who
never update...
 

Posted by InfoSec News on Oct 22

http://247wallst.com/retail/2014/10/21/why-data-breach-at-staples-may-not-matter/

By Paul Ausick
247wallst.com
October 21, 2014

Office supply store Staples Inc. (NASDAQ: SPLS) confirmed on Monday that
it is investigating a breach of payment card data at some of its locations
in the northeast United States. The company has said little else except
that it takes protecting customer data “very seriously” and reminds
customers that they are...
 

BRS Labs to Bring Ground Breaking Artificial Intelligence Analytics to AAPA's ...
SYS-CON Media (press release)
The AISight Everywhere™ platform is a centralized system with modules for big data, intelligent video analytics, SCADA, InfoSec, and other core business functions. BRS Labs is headquartered in Houston, with offices in Washington DC, London, Sao Paulo, ...

and more »
 
Internet Storm Center Infocon Status