matthias.deeg | 31 Oct 08:15 2014
Picon

[SYSS-2014-008] McAfee File and Removable Media Protection (FRP/EEFF/EERM) - Use of a One-Way Hash with a Predictable Salt (CVE-2014-8565)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Advisory ID: SYSS-2014-008
Product(s): McAfee Endpoint Encryption for Files and Folders (EEFF)
            McAfee File and Removable Media Protection (FRP)
Vendor: McAfee, Inc. 
Affected Version(s): EEFF 3.2.x, 4.0.x, 4.1.x, 4.2.x; FRP 4.3.0.x
Tested Version(s): 4.2.0.164
Vulnerability Type: Insufficient Entropy (CWE-331)
                    Use of a One-Way Hash with a Predictable Salt (CWE-760)
Risk Level: Medium
Solution Status: Vendor hotfix available
Vendor Notification: 2014-08-11
Solution Date: 2014-10-27
Public Disclosure: 2014-10-31
CVE Reference: CVE-2014-8565
Author of Advisory: Matthias Deeg (SySS GmbH)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Overview:

The software encryption tool McAfee Endpoint Encryption for Removable Media
(EERM) which is part of the data protection software McAfee Endpoint Encryption 
for Files and Folders (EEFF) uses a static and thus predictable salt for
generating password hashes using the password-based key derivation function 2
(PBKDF2).

Due to the use of a predictable, hard-coded salt, it is possible for an attacker
(Continue reading)

security-alert | 31 Oct 02:02 2014
Picon

[security bulletin] HPSBUX03162 SSRT101767 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Man-in-the-Middle (MitM) Attack


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04492722

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04492722
Version: 1

HPSBUX03162 SSRT101767 rev.1 - HP-UX Running OpenSSL, Remote Denial of
Service (DoS), Unauthorized Access, Man-in-the-Middle (MitM) Attack

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-10-28
Last Updated: 2014-10-28

Potential Security Impact: Remote Denial of Service (DoS), unauthorized
access, man-in-the-middle (MitM) attack

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running
OpenSSL. These vulnerabilities could be exploited remotely to create a Denial
of Service (DoS), allow unauthorized access, or a man-in-the-middle (MitM)
attack.

(Continue reading)

security-alert | 30 Oct 20:18 2014
Picon

[security bulletin] HPSBPI03147 rev.1 - Certain HP Color LaserJet Printers, Remote Unauthorized Access, Denial of Service (DoS)


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04483249

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04483249
Version: 1

HPSBPI03147 rev.1 - Certain HP Color LaserJet Printers, Remote Unauthorized
Access, Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-10-30
Last Updated: 2014-10-30

Potential Security Impact: Remote unauthorized access to data, Denial of
Service (DoS)

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with certain HP Color
LaserJet printers. The vulnerability could be exploited remotely to gain
unauthorized access to data or to create a Denial of Service (DoS).

References:
(Continue reading)

ML | 30 Oct 13:36 2014
Picon

Call for Papers - WorldCIST'15 - Azores, Deadline: November 23

------
WorldCIST'15 - 3rd World Conference on Information Systems and Technologies 
Ponta Delgada, Azores *, Portugal
1 - 3 April 2015
http://www.aisti.eu/worldcist15/
------
* Azores is ranked as the second most beautiful archipelago in the world by National Geographic.
------------

SCOPE

The WorldCIST'15 - 3rd World Conference on Information Systems and Technologies, to be held at Ponta
Delgada, São Miguel, Azores, Portugal, 1 - 3 April 2015, is a global forum for researchers and
practitioners to present and discuss the most recent innovations, trends, results, experiences and
concerns in the several perspectives of Information Systems and Technologies.

Azores is ranked as the second most beautiful archipelago in the world by National Geographic. Consisting
of nine distinct islands, each of them special, is in fact a place in the world to be visited.

We are pleased to invite you to submit your papers to WorldCISTI'15. All submissions will be reviewed on the
basis of relevance, originality, importance and clarity.

THEMES

Submitted papers should be related with one or more of the main themes proposed for the Conference:

A) Information and Knowledge Management (IKM);
B) Organizational Models and Information Systems (OMIS);
C) Intelligent and Decision Support Systems (IDSS);
D) Big Data Analytics and Applications (BDAA);
(Continue reading)

Slackware Security Team | 29 Oct 20:00 2014

[slackware-security] wget (SSA:2014-302-01)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  wget (SSA:2014-302-01)

New wget packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/wget-1.14-i486-3_slack14.1.txz:  Rebuilt.
  This update fixes a symlink vulnerability that could allow an attacker
  to write outside of the expected directory.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
  (* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
(Continue reading)

security-alert | 29 Oct 19:58 2014
Picon

[security bulletin] HPSBUX03159 SSRT101785 rev.2 - HP-UX kernel, Local Denial of Service (DoS)


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04491186

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04491186
Version: 2

HPSBUX03159 SSRT101785 rev.2 - HP-UX kernel, Local Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-10-28
Last Updated: 2014-10-28

Potential Security Impact: Local Denial of Service (DoS)

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified in the HP-UX kernel.
This vulnerability could allow local users to create a Denial of Service
DoS).

References:

CVE-2014-7877 (SSRT101785)
(Continue reading)

Moritz Muehlenhoff | 29 Oct 19:25 2014
Picon

[SECURITY] [DSA 3059-1] dokuwiki security update


-------------------------------------------------------------------------
Debian Security Advisory DSA-3059-1                   security <at> debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
October 29, 2014                       http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package        : dokuwiki
CVE ID         : CVE-2014-8761 CVE-2014-8762 CVE-2014-8763 CVE-2014-8764

Two vulnerabilities have been discovered in dokuwiki. Access control in
the media manager was insufficiently restricted and authentication could
be bypassed when using Active Directory for LDAP authentication.

For the stable distribution (wheezy), these problems have been fixed in
version 0.0.20120125b-2+deb7u1.

For the unstable distribution (sid), these problems have been fixed in
version 0.0.20140929.a-1.

We recommend that you upgrade your dokuwiki packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce <at> lists.debian.org
research | 29 Oct 16:02 2014

CVE-2014-8399 SQL Injection in NuevoLabs flash player for clipshare

Nuevolabs Nuevoplayer for clipshare SQL Injection
=======================================================================

:: ADVISORY SUMMARY ::
Title:     Nuevolabs Nuevoplayer for clipshare Sql Injection
Vendor:    NUEVOLABS (www.nuevolabs.com)
Product:   NUEVOPLAYER for clipshare
Credits:   Cory Marsh - protectlogic.com
Discovery: 2014-10-10
Release:   2014-10-28

Nueovplayer is a popular flash video player with integration into multiple popular video sharing suites. 
The most notable is Clipshare (clip-share.com).  Nuevoplayer provides flash video playing
capabilities to third party video sharing suites.

:: VULNERABILITY ::
Type:     SQL Injection and Privilege Escalation
Category: Remote
Severity: High
CVSS2:    7.7
CVSS2:    (AV:N/AC:L/Au:N/C:P/I:P/A:C/E:F/RL:TF/RC:C)
CVE-ID:	  CVE-2014-8339

:: AFFECTED PRODUCT VERSIONS ::
NUEVOLABS NUEVOPLAYER for clipshare version 8.0 and possibly earlier.

nuevolabs.com
clip-share.com

:: VULNERABILITY DETAILS ::
(Continue reading)

Multiple vulnerabilities in EspoCRM

Advisory ID: HTB23238
Product: EspoCRM
Vendor: http://www.espocrm.com
Vulnerable Version(s): 2.5.2 and probably prior
Tested Version: 2.5.2
Advisory Publication:  October 8, 2014  [without technical details]
Vendor Notification: October 8, 2014 
Vendor Patch: October 10, 2014 
Public Disclosure: October 29, 2014 
Vulnerability Type: PHP File Inclusion [CWE-98], Improper Access Control [CWE-284], Cross-Site
Scripting [CWE-79]
CVE References: CVE-2014-7985, CVE-2014-7986, CVE-2014-7987
Risk Level: High 
CVSSv2 Base Scores: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C), 5 (AV:N/AC:L/Au:N/C:N/I:N/A:P), 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory/ ) 

-----------------------------------------------------------------------------------------------

Advisory Details:

High-Tech Bridge Security Research Lab discovered multiple high-risk vulnerabilities in EspoCRM,
which can be exploited by remote attacker to execute arbitrary PHP code on a vulnerable system, reinstall
the application from scratch, and compromise the entire system as the result. EspoCRM is also vulnerable
to less critical Cross-Site Scripting attacks.

1. PHP File Inclusion in EspoCRM: CVE-2014-7985

The vulnerability exists due to absence of sanitization of input data passed via the "action" HTTP GET
(Continue reading)

security | 29 Oct 09:10 2014

[ MDVSA-2014:212 ] wget


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:212
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : wget
 Date    : October 29, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated wget package fixes security vulnerability:

 Wget was susceptible to a symlink attack which could create arbitrary
 files, directories or symbolic links and set their permissions when
 retrieving a directory recursively through FTP (CVE-2014-4877).

 The default settings in wget have been changed such that wget no longer
 creates local symbolic links, but rather traverses them and retrieves
 the pointed-to file in such a retrieval. The old behaviour can be
 attained by passing the --retr-symlinks=no option to the wget command.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
 http://advisories.mageia.org/MGASA-2014-0431.html
(Continue reading)

security | 29 Oct 08:56 2014

[ MDVSA-2014:211 ] wpa_supplicant


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:211
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : wpa_supplicant
 Date    : October 29, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated wpa_supplicant packages fix security vulnerability:

 A vulnerability was found in the mechanism wpa_cli and hostapd_cli use
 for executing action scripts. An unsanitized string received from a
 remote device can be passed to a system() call resulting in arbitrary
 command execution under the privileges of the wpa_cli/hostapd_cli
 process (which may be root in common use cases) (CVE-2014-3686).

 Using the wpa_supplicant package, systems are exposed to the
 vulnerability if operating as a WPS registrar.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
 http://advisories.mageia.org/MGASA-2014-0429.html
(Continue reading)


Gmane