headers
Mohit Kumar | 1 Nov 2011 02:10
Picon

The Hacker News (THN) 1st Anniversary Celebration

It has been a wonderful “HACK” filled year as we disseminated security and hacking information around the world. We are grateful for our loyal readership and welcome new readers and contributors.

Let’s face it. Hacking isn’t going away and growing security concerns are an issue we all need to stay on top of. Being informed about the latest and newest in security measures and the work of hackers to break into these means is a global issue with tremendous consequences.

Hacking and security violations affect us all. Not only big corporations which store your information but the health and welfare of your personal PC’s.

The Hacker news has tracked the events of the last year and we are amazed and the talent and finesse of techy people who can break into the most complicated and sophisticated systems. You can depend on us for breaking news in the area of computer security. Keep reading and keep checking our daily web news.

In case you did not know, The Hacker News (THN), first established in 2010, has become a leading resource in providing information and resources to security experts and hackers worldwide. Initially begun as a Cyber-Awareness Program, The Hacker News has evolved to work closely with and within the cyber security communities in an effort to make the internet more secure. We have worked with various organizations to manage their security risks and secure their infrastructure by analyzing, designing and implementing the best cost-effective security processes.

In addition to providing up-to-date news and resources, The Hacker News now provides Ethical Hacking Training, Workshops, Seminars, Security Testing Services and Security Certifications at our on-ground institution in India. This customized and rigorous program offers comprehensive practical and advanced training which can open up a broad spectrum of career opportunities in the international IT security market.


THN is dedicated to making your learning a valuable experience by enhancing the depth of your knowledge through real-time, hands-on work experience. Guided by a team of professionals and faculty, you will be faced with real IT-related problems and scenarios. These valuable skills will help pave the way for your success in the field of information security.

We believe that knowledge grows when shared. We want to share it all with you.
Thanks for a GREAT year! Here’s to our next……….

--
Regards,
Owner,
Truth is the most Powerful weapon against Injustice.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 0 comments |
headers
Alex Legler | 1 Nov 2011 11:01
Picon
Favicon

[ GLSA 201111-01 ] Chromium, V8: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201111-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High
    Title: Chromium, V8: Multiple vulnerabilities
     Date: November 01, 2011
     Bugs: #351525, #353626, #354121, #356933, #357963, #358581,
           #360399, #363629, #365125, #366335, #367013, #368649,
           #370481, #373451, #373469, #377475, #377629, #380311,
           #380897, #381713, #383251, #385649, #388461
       ID: 201111-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been reported in Chromium and V8, some of
which may allow execution of arbitrary code and local root privilege
escalation.

Background
==========

Chromium is an open-source web browser project. V8 is Google's open
source JavaScript engine.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  www-client/chromium       < 15.0.874.102         >= 15.0.874.102 
  2  dev-lang/v8                < 3.5.10.22              >= 3.5.10.22 
    -------------------------------------------------------------------
     2 affected packages
    -------------------------------------------------------------------

Description
===========

Multiple vulnerabilities have been discovered in Chromium and V8.
Please review the CVE identifiers and release notes referenced below
for details.

Impact
======

A local attacker could gain root privileges (CVE-2011-1444, fixed in
chromium-11.0.696.57).

A context-dependent attacker could entice a user to open a specially
crafted web site or JavaScript program using Chromium or V8, possibly
resulting in the execution of arbitrary code with the privileges of the
process, or a Denial of Service condition. The attacker also could
obtain cookies and other sensitive information, conduct
man-in-the-middle attacks, perform address bar spoofing, bypass the
same origin policy, perform Cross-Site Scripting attacks, or bypass
pop-up blocks.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Chromium users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102"

All V8 users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22"

References
==========

[  1 ] CVE-2011-2345
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345
[  2 ] CVE-2011-2346
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346
[  3 ] CVE-2011-2347
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347
[  4 ] CVE-2011-2348
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348
[  5 ] CVE-2011-2349
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349
[  6 ] CVE-2011-2350
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350
[  7 ] CVE-2011-2351
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351
[  8 ] CVE-2011-2834
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834
[  9 ] CVE-2011-2835
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835
[ 10 ] CVE-2011-2837
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837
[ 11 ] CVE-2011-2838
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838
[ 12 ] CVE-2011-2839
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839
[ 13 ] CVE-2011-2840
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840
[ 14 ] CVE-2011-2841
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841
[ 15 ] CVE-2011-2843
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843
[ 16 ] CVE-2011-2844
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844
[ 17 ] CVE-2011-2845
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845
[ 18 ] CVE-2011-2846
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846
[ 19 ] CVE-2011-2847
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847
[ 20 ] CVE-2011-2848
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848
[ 21 ] CVE-2011-2849
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849
[ 22 ] CVE-2011-2850
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850
[ 23 ] CVE-2011-2851
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851
[ 24 ] CVE-2011-2852
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852
[ 25 ] CVE-2011-2853
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853
[ 26 ] CVE-2011-2854
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854
[ 27 ] CVE-2011-2855
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855
[ 28 ] CVE-2011-2856
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856
[ 29 ] CVE-2011-2857
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857
[ 30 ] CVE-2011-2858
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858
[ 31 ] CVE-2011-2859
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859
[ 32 ] CVE-2011-2860
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860
[ 33 ] CVE-2011-2861
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861
[ 34 ] CVE-2011-2862
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862
[ 35 ] CVE-2011-2864
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864
[ 36 ] CVE-2011-2874
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874
[ 37 ] CVE-2011-3234
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234
[ 38 ] CVE-2011-3873
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873
[ 39 ] CVE-2011-3875
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875
[ 40 ] CVE-2011-3876
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876
[ 41 ] CVE-2011-3877
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877
[ 42 ] CVE-2011-3878
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878
[ 43 ] CVE-2011-3879
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879
[ 44 ] CVE-2011-3880
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880
[ 45 ] CVE-2011-3881
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881
[ 46 ] CVE-2011-3882
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882
[ 47 ] CVE-2011-3883
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883
[ 48 ] CVE-2011-3884
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884
[ 49 ] CVE-2011-3885
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885
[ 50 ] CVE-2011-3886
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886
[ 51 ] CVE-2011-3887
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887
[ 52 ] CVE-2011-3888
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888
[ 53 ] CVE-2011-3889
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889
[ 54 ] CVE-2011-3890
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890
[ 55 ] CVE-2011-3891
       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891
[ 56 ] Release Notes 10.0.648.127
       http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html
[ 57 ] Release Notes 10.0.648.133
       http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
[ 58 ] Release Notes 10.0.648.205
       http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
[ 59 ] Release Notes 11.0.696.57
       http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html
[ 60 ] Release Notes 11.0.696.65
       http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html
[ 61 ] Release Notes 11.0.696.68
       http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html
[ 62 ] Release Notes 11.0.696.71
       http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html
[ 63 ] Release Notes 12.0.742.112
       http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html
[ 64 ] Release Notes 12.0.742.91
       http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html
[ 65 ] Release Notes 13.0.782.107
       http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
[ 66 ] Release Notes 13.0.782.215
       http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html
[ 67 ] Release Notes 13.0.782.220
       http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html
[ 68 ] Release Notes 14.0.835.163
       http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html
[ 69 ] Release Notes 14.0.835.202
       http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html
[ 70 ] Release Notes 15.0.874.102
       http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
[ 71 ] Release Notes 8.0.552.237
       http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html
[ 72 ] Release Notes 9.0.597.107
       http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html
[ 73 ] Release Notes 9.0.597.84
       http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html
[ 74 ] Release Notes 9.0.597.94
       http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 http://security.gentoo.org/glsa/glsa-201111-01.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security <at> gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 0 comments |
headers
asish agarwalla | 1 Nov 2011 05:42
Picon

Adobe Web-Site Persistence XSS

Title:
======
Adobe Web-Site Persistence XSS

Status:
========
Unpatched


Details:
========

1. Signin to adobe.com
2. Go to My information
3. Change Screen Name to >'><script>alert("xss");  or '><script>alert("xss");
4. Go to My adobe


<at> Asish (asishagarwalla <at> gmail.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 0 comments |
headers
mutiny | 1 Nov 2011 01:54
Favicon

Re: Facebook Attach EXE Vulnerability

The main thing is that the security division at facebook probably runs 
the bug hunting page (as with everywhere else, which does make a decent 
bit of sense).  And, if you spot bugs before they do, then that looks 
bad on them (internally at the company and externally to the world).  
So, it is not in their interest to openly acknowledge your bugs, 
especially by paying you cash money (not to mention, accounting is going 
to hate them if they see bucks leaving the company for any reason, 
instead of coming in).  Not to forget, it is in their interest to 
downplay your bug to the rest of the company and the world (for those 
same reasons).

If you're doing research /for your own interest/, I recommend 
maintaining full-disclosure.  Embrace the bazaar and burn down the 
cathedral.

If you're interested in making money, the smart route is through script 
kiddies or whoever (but realize, you'll probably need to go ahead and 
write a reliable exploit, to see any real cash).  Script kiddies (and 
agents of various governments) often have tons of money to throw around 
to either bolster their own image (and eventually get arrested) or make 
money from your bug (especially if you're providing a reliable 
exploit).  Not to mention, the actual damage that will be caused by the 
majority of these "black hats" is nothing compared to what those 
companies are going to have done, before they eventually crash.

You could also monetize your security research by taking an 
administration, research or QA position.  But, too often, you're only 
ensuring that you'll never be interested in any of the work that crosses 
your desk, ever again.

You'll laugh, if you ever end up taking a "real job" doing security 
research, when you see heads getting butted between research teams and 
QA teams.  Most security companies, for example, do not look at their 
own products (imagine at HP, QA teams for various products would be 
screaming their heads off at Tipping Point, if they went bug hunting in 
HP products - often when it's publicly disclosed, those research teams 
will *still* stay away from it, so the QA teams can tackle it and avoid 
the headache).

It often feels like the first person to market a firewall/IDS/IPS/etc.. 
pulled off the greatest exploitation, of a security vulnerability (and 
the most common/reliable vulnerability, social engineering), of all time.

In short, what your father didn't tell you is: If you're trying to make 
money, by doing *independent* security research, *shop around* for a 
buyer.  (Describe the impact to the buyer, to receive a bid, before 
releasing anything beyond generic details.  If they do not make a 
serious bid, take your ball and go home.  If you have the right friends, 
or enough spare money, involve a lawyer.)

And, most importantly, forget what any of these cunts try to tell you 
about morals or ethics.  They're only pushing their point-of-view on 
you.  It's best to, at least, consider all of the view points and make a 
decision on what works for you/matters to you/etc...  None of these 
people, including myself, can tell you what is morally or ethically 
wrong.  And, don't let them heap shame on you, ever.

Releasing a remote root/system vulnerability (even if you include a 
reliable exploit) to full-disclosure, conspiring with a 
company/individual to keep secrets for X amount of time and selling an 
exploit to an anonymous bidder should add no more weight to your 
shoulders than you already carry.  Just be sure that *you* are happy 
with your decision.

  - sedition

On 10/31/2011 6:11 PM, xD 0x41 wrote:
> Oh hey, 3k is great!
> I saw that they just made it look abit cheap... no wrath but, it is
> still a MULTI billion now, dollar company, so they shoukld be trying
> to make SURE they can out bi ANY underground payers.. thats all i had
> to question.
> thanks for clearing it up, but sure, if theyre paying better now thats
> cool, i should have said to, it is atleast a step in the right
> direction :s  Still, they ARE*** a mutil frigging million dollar
> company lol, so why wouldnt they give say, 1k minimum and make sure
> they get people more than interested but even fuzzing for bugs wich
> could potentially be in use already... this is something theyre not
> covering atall really with 500bux.
> It is tho, a start...
> cheers for clearing up theyre rce payout, wow, so they maybe read
> googles hall of fame and did it in accordance ? Maybe im wrong but....
> this company, is not really the same thing as a google, and i guess a
> bug on this site, would be actually worth 5million pcs to anyone
> buying it... im just saying for them being so rish, they could do
> better, and definately, the comapnies who offer nothing, should get
> nothing back, simple, thats why blackhats sometimes are blackhats,
> they got rooted around tryin to help some pig headed company who makes
> millions yet will screw you around so badly, you do realise they tried
> to reproduce the bug YOU made even, in order to _NOT_ pay you shit.
> remeber that.
> But then again, your in theyre pocket now, and really CANT do shit now
> but say yes sir no sir two bags half fkn full sir.
> am i rite.
> cheers tho.
> FB still sux hairy ones.
>
>
>
> On 31 October 2011 16:44, Chris Evans<scarybeasts <at> gmail.com>  wrote:
>> On Sat, Oct 29, 2011 at 2:33 PM, xD 0x41<secn3t <at> gmail.com>  wrote:
>>> Bounty, another nice way to say *screw you but here anyhow...*
>>> I am shocked they offer so little ($500 usd for remote-code injection) ,
>> Actually, it's $500 _or more_. I've lost the reference, but I think
>> they paid about $3000 for one case. Perhaps an RCE? Anyway, your
>> assumption is off.
>>
>>> one remote code injection bug for FB in a security environment wich is
>>> not white, and may sell the bug for upto more than 5000,
>> You can't compare whitehat vs. blackhat programs. In the latter, you
>> cross moral and legal lines. Most people aren't willing to be such a
>> dick.
>>
>> Perhaps you should reserve your wrath for companies that offer
>> $fuckall for good bugs? :)
>>
>>
>> Cheers
>> Chris
>>
>>> because if a
>>> RCE or other was there, something wich was 'seadable' or wormable,
>>> then theyre bounty should be far higher, because that doesnt even
>>> match up to what many 0days would sell for.
>>> If someone had a rce for this and were to worm it, now thats a million
>>> dollar botnet... that would be for those who could make from it
>>> something and there is no shortage of spammers all to happy to take
>>> control of 2million or more pcs...
>>> Thats just one scenarion, in wich they could loose somuch data and
>>> info, and in exchange offer 500bux.
>>> What a slap in the face, FB should be ashamed of that price and bump
>>> it up atleast for more serious stuff.
>>> EXE attachment would be medium to high risk, they would be able to now
>>> patch it, after first they did not acknowledge, but also did not have
>>> the bounty also... only recently they have added this, with what, a
>>> crappy 500 bux, multi million dollar enterprises, wich are saved by
>>> these disclosures, and they are paying pittance.
>>> SHAME ON YOU FACEBOOK.COM , Shame...
>>>
>>> Welcome to the Shame-Files FB, your a disgrace to the good people who
>>> are helping you.
>>> Nice bug, and, atleast you worked with them to reproduce, you realise
>>> they would have gave you 0 $ if they had repoduced this, so again,
>>> shame on them for only acknowledging this when they failed at
>>> repruction.
>>> Theat 'bounty' page screams to me of the actual owners writing, and, I
>>> bet he even probably hand wrote that, because he is a TIGHT FTSTED
>>> pr**k , someone should put a /blackhat/ folder there, but then, its
>>> not worth the time :) (no bug payout rofl...)
>>> Notice also, D0S is not part of this, well then this would be funny if
>>> one were to find a 0dayer in FB (ala apache d0s byterange style) ,
>>> well dont bother disclosing it , just run it on a loop from theyre own
>>> pages, afterall, whats the use to disclose such a shitty thing (yes
>>> this is true it is shitty but, is all cases same...)
>>> So summary is, Remote code injection or other, will get ya 500$ ,but,
>>> if you goto an UG blackhat site, you might get 5k and up :P
>>> xheers and again, thanks for being a good person and helping the
>>> citizens of FB, really tho, you have, probably saved me even, 20
>>> removals from my sisters PC :P
>>> So, yes, I thank you and FD surely would thank you but, FB dont give a damn :P
>>> If they have anyone on this list who is also in theyre secteam well,
>>> you really have a 'suck-ass' bounty, wich should be looked over,
>>> because seriously, what worth would be it to give you anything, when
>>> it is directly cheaper from wqebsites to buy it, and not have any
>>> disclosure atall.
>>> I guess this is something YOU need to ponder, not me, and im glad for
>>> that, and Im glad again, i dont use the shitty service, and never
>>> will.
>>> Enjoy, have a great day!
>>>
>>>
>>>
>>> On 30 October 2011 05:12, Nathan Power<np <at> securitypentest.com>  wrote:
>>>> That was the original program I was participating in.  Facebook has agreed
>>>> to pay me a bounty for this bug.
>>>>
>>>> Nathan Power
>>>> www.securitypentest.com
>>>>
>>>> On Fri, Oct 28, 2011 at 7:17 PM, Ulises2k<ulises2k <at> gmail.com>  wrote:
>>>>> You know this?  ;)
>>>>> https://www.facebook.com/whitehat/bounty/
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Oct 28, 2011 at 17:49, Nathan Power<np <at> securitypentest.com>
>>>>> wrote:
>>>>>> I would also like to note this vulnerability was reported responsibly in
>>>>>> regards to full disclosure.
>>>>>> http://en.wikipedia.org/wiki/Full_disclosure
>>>>>>
>>>>>> Nathan Power
>>>>>> www.securitypentest.com
>>>>>> On Fri, Oct 28, 2011 at 1:38 PM, Nathan Power<np <at> securitypentest.com>
>>>>>> wrote:
>>>>>>> I was basically told that Facebook didn't see it as an issue and I was
>>>>>>> puzzled by that. Ends up the Facebook security team had issues reproducing
>>>>>>> my work and that's why they initially disgarded it. After publishing, the
>>>>>>> Facebook security team re-examined the issue and by working with me they
>>>>>>> seem to have been able to reproduce the bug.
>>>>>>>
>>>>>>> Nathan Power
>>>>>>> www.securitypentest.com
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Oct 28, 2011 at 11:18 AM, Pablo Ximenes<pablo <at> ximen.es>  wrote:
>>>>>>>> Not fixed yet. At least not yesterday when I checked.
>>>>>>>> Nathan, didn't Facebook ask for some time to fix this bug after they
>>>>>>>> have acknowledged it?
>>>>>>>>
>>>>>>>> Pablo Ximenes
>>>>>>>> http://ximen.es/
>>>>>>>> http://twitter.com/pabloximenes
>>>>>>>> Em 27/10/2011, às 19:29, Joshua Thomas<rappercrazzy <at> gmail.com>
>>>>>>>> escreveu:
>>>>>>>>
>>>>>>>> can't believe such was on FB  .... wahahaha !!! lol ....rofl ...
>>>>>>>>
>>>>>>>> When was this discovered and fixed ?
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Oct 27, 2011 at 1:02 AM, Nathan Power<np <at> securitypentest.com>
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------------------
>>>>>>>>> 1. Summary:
>>>>>>>>> When using the Facebook 'Messages' tab, there is a feature to attach
>>>>>>>>> a file.
>>>>>>>>> Using this feature normally, the site won't allow a user to attach an
>>>>>>>>> executable file.
>>>>>>>>> A bug was discovered to subvert this security mechanisms. Note, you
>>>>>>>>> do NOT have
>>>>>>>>> to be friends with the user to send them a message with an
>>>>>>>>> attachment.
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------------------
>>>>>>>>> Read the rest of this advisory here:
>>>>>>>>>
>>>>>>>>> http://www.securitypentest.com/2011/10/facebook-attach-exe-vulnerability.html
>>>>>>>>>
>>>>>>>>> Enjoy :)
>>>>>>>>>
>>>>>>>>> Nathan Power
>>>>>>>>> www.securitypentest.com
>>>>>>>>> _______________________________________________
>>>>>>>>> Full-Disclosure - We believe in it.
>>>>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>>>> _______________________________________________
>>>>>>>> Full-Disclosure - We believe in it.
>>>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>>
>>>>>> _______________________________________________
>>>>>> Full-Disclosure - We believe in it.
>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 4 comments |
headers
Ferenc Kovacs | 1 Nov 2011 14:00
Picon
Gravatar

Re: Facebook Attach EXE Vulnerability

nice speculation, but imo it would make them look more bad, if they turn down the reports, because it will come back to them (either via the publication like in this case, or just simply someone exploiting it).

so while I don't have personal experience working with the facebook security team, but at least they have a dedicated channel for reporting security related bugs and even a bounty program.
thats more than the 99% of the sites/companies offer.
btw: someone mentioned that 500 bucks isn't worth the efforts, but imo the same people would tell the same about $1000, or $5000 even.


On Tue, Nov 1, 2011 at 1:54 AM, mutiny <mutiny <at> kevinbeardsucks.com> wrote:
The main thing is that the security division at facebook probably runs
the bug hunting page (as with everywhere else, which does make a decent
bit of sense).  And, if you spot bugs before they do, then that looks
bad on them (internally at the company and externally to the world).
So, it is not in their interest to openly acknowledge your bugs,
especially by paying you cash money (not to mention, accounting is going
to hate them if they see bucks leaving the company for any reason,
instead of coming in).  Not to forget, it is in their interest to
downplay your bug to the rest of the company and the world (for those
same reasons).

If you're doing research /for your own interest/, I recommend
maintaining full-disclosure.  Embrace the bazaar and burn down the
cathedral.

If you're interested in making money, the smart route is through script
kiddies or whoever (but realize, you'll probably need to go ahead and
write a reliable exploit, to see any real cash).  Script kiddies (and
agents of various governments) often have tons of money to throw around
to either bolster their own image (and eventually get arrested) or make
money from your bug (especially if you're providing a reliable
exploit).  Not to mention, the actual damage that will be caused by the
majority of these "black hats" is nothing compared to what those
companies are going to have done, before they eventually crash.

You could also monetize your security research by taking an
administration, research or QA position.  But, too often, you're only
ensuring that you'll never be interested in any of the work that crosses
your desk, ever again.

You'll laugh, if you ever end up taking a "real job" doing security
research, when you see heads getting butted between research teams and
QA teams.  Most security companies, for example, do not look at their
own products (imagine at HP, QA teams for various products would be
screaming their heads off at Tipping Point, if they went bug hunting in
HP products - often when it's publicly disclosed, those research teams
will *still* stay away from it, so the QA teams can tackle it and avoid
the headache).

It often feels like the first person to market a firewall/IDS/IPS/etc..
pulled off the greatest exploitation, of a security vulnerability (and
the most common/reliable vulnerability, social engineering), of all time.

In short, what your father didn't tell you is: If you're trying to make
money, by doing *independent* security research, *shop around* for a
buyer.  (Describe the impact to the buyer, to receive a bid, before
releasing anything beyond generic details.  If they do not make a
serious bid, take your ball and go home.  If you have the right friends,
or enough spare money, involve a lawyer.)

And, most importantly, forget what any of these cunts try to tell you
about morals or ethics.  They're only pushing their point-of-view on
you.  It's best to, at least, consider all of the view points and make a
decision on what works for you/matters to you/etc...  None of these
people, including myself, can tell you what is morally or ethically
wrong.  And, don't let them heap shame on you, ever.

Releasing a remote root/system vulnerability (even if you include a
reliable exploit) to full-disclosure, conspiring with a
company/individual to keep secrets for X amount of time and selling an
exploit to an anonymous bidder should add no more weight to your
shoulders than you already carry.  Just be sure that *you* are happy
with your decision.

 - sedition

On 10/31/2011 6:11 PM, xD 0x41 wrote:
> Oh hey, 3k is great!
> I saw that they just made it look abit cheap... no wrath but, it is
> still a MULTI billion now, dollar company, so they shoukld be trying
> to make SURE they can out bi ANY underground payers.. thats all i had
> to question.
> thanks for clearing it up, but sure, if theyre paying better now thats
> cool, i should have said to, it is atleast a step in the right
> direction :s  Still, they ARE*** a mutil frigging million dollar
> company lol, so why wouldnt they give say, 1k minimum and make sure
> they get people more than interested but even fuzzing for bugs wich
> could potentially be in use already... this is something theyre not
> covering atall really with 500bux.
> It is tho, a start...
> cheers for clearing up theyre rce payout, wow, so they maybe read
> googles hall of fame and did it in accordance ? Maybe im wrong but....
> this company, is not really the same thing as a google, and i guess a
> bug on this site, would be actually worth 5million pcs to anyone
> buying it... im just saying for them being so rish, they could do
> better, and definately, the comapnies who offer nothing, should get
> nothing back, simple, thats why blackhats sometimes are blackhats,
> they got rooted around tryin to help some pig headed company who makes
> millions yet will screw you around so badly, you do realise they tried
> to reproduce the bug YOU made even, in order to _NOT_ pay you shit.
> remeber that.
> But then again, your in theyre pocket now, and really CANT do shit now
> but say yes sir no sir two bags half fkn full sir.
> am i rite.
> cheers tho.
> FB still sux hairy ones.
>
>
>
> On 31 October 2011 16:44, Chris Evans<scarybeasts <at> gmail.com>  wrote:
>> On Sat, Oct 29, 2011 at 2:33 PM, xD 0x41<secn3t <at> gmail.com>  wrote:
>>> Bounty, another nice way to say *screw you but here anyhow...*
>>> I am shocked they offer so little ($500 usd for remote-code injection) ,
>> Actually, it's $500 _or more_. I've lost the reference, but I think
>> they paid about $3000 for one case. Perhaps an RCE? Anyway, your
>> assumption is off.
>>
>>> one remote code injection bug for FB in a security environment wich is
>>> not white, and may sell the bug for upto more than 5000,
>> You can't compare whitehat vs. blackhat programs. In the latter, you
>> cross moral and legal lines. Most people aren't willing to be such a
>> dick.
>>
>> Perhaps you should reserve your wrath for companies that offer
>> $fuckall for good bugs? :)
>>
>>
>> Cheers
>> Chris
>>
>>> because if a
>>> RCE or other was there, something wich was 'seadable' or wormable,
>>> then theyre bounty should be far higher, because that doesnt even
>>> match up to what many 0days would sell for.
>>> If someone had a rce for this and were to worm it, now thats a million
>>> dollar botnet... that would be for those who could make from it
>>> something and there is no shortage of spammers all to happy to take
>>> control of 2million or more pcs...
>>> Thats just one scenarion, in wich they could loose somuch data and
>>> info, and in exchange offer 500bux.
>>> What a slap in the face, FB should be ashamed of that price and bump
>>> it up atleast for more serious stuff.
>>> EXE attachment would be medium to high risk, they would be able to now
>>> patch it, after first they did not acknowledge, but also did not have
>>> the bounty also... only recently they have added this, with what, a
>>> crappy 500 bux, multi million dollar enterprises, wich are saved by
>>> these disclosures, and they are paying pittance.
>>> SHAME ON YOU FACEBOOK.COM , Shame...
>>>
>>> Welcome to the Shame-Files FB, your a disgrace to the good people who
>>> are helping you.
>>> Nice bug, and, atleast you worked with them to reproduce, you realise
>>> they would have gave you 0 $ if they had repoduced this, so again,
>>> shame on them for only acknowledging this when they failed at
>>> repruction.
>>> Theat 'bounty' page screams to me of the actual owners writing, and, I
>>> bet he even probably hand wrote that, because he is a TIGHT FTSTED
>>> pr**k , someone should put a /blackhat/ folder there, but then, its
>>> not worth the time :) (no bug payout rofl...)
>>> Notice also, D0S is not part of this, well then this would be funny if
>>> one were to find a 0dayer in FB (ala apache d0s byterange style) ,
>>> well dont bother disclosing it , just run it on a loop from theyre own
>>> pages, afterall, whats the use to disclose such a shitty thing (yes
>>> this is true it is shitty but, is all cases same...)
>>> So summary is, Remote code injection or other, will get ya 500$ ,but,
>>> if you goto an UG blackhat site, you might get 5k and up :P
>>> xheers and again, thanks for being a good person and helping the
>>> citizens of FB, really tho, you have, probably saved me even, 20
>>> removals from my sisters PC :P
>>> So, yes, I thank you and FD surely would thank you but, FB dont give a damn :P
>>> If they have anyone on this list who is also in theyre secteam well,
>>> you really have a 'suck-ass' bounty, wich should be looked over,
>>> because seriously, what worth would be it to give you anything, when
>>> it is directly cheaper from wqebsites to buy it, and not have any
>>> disclosure atall.
>>> I guess this is something YOU need to ponder, not me, and im glad for
>>> that, and Im glad again, i dont use the shitty service, and never
>>> will.
>>> Enjoy, have a great day!
>>>
>>>
>>>
>>> On 30 October 2011 05:12, Nathan Power<np <at> securitypentest.com>  wrote:
>>>> That was the original program I was participating in.  Facebook has agreed
>>>> to pay me a bounty for this bug.
>>>>
>>>> Nathan Power
>>>> www.securitypentest.com
>>>>
>>>> On Fri, Oct 28, 2011 at 7:17 PM, Ulises2k<ulises2k <at> gmail.com>  wrote:
>>>>> You know this?  ;)
>>>>> https://www.facebook.com/whitehat/bounty/
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Oct 28, 2011 at 17:49, Nathan Power<np <at> securitypentest.com>
>>>>> wrote:
>>>>>> I would also like to note this vulnerability was reported responsibly in
>>>>>> regards to full disclosure.
>>>>>> http://en.wikipedia.org/wiki/Full_disclosure
>>>>>>
>>>>>> Nathan Power
>>>>>> www.securitypentest.com
>>>>>> On Fri, Oct 28, 2011 at 1:38 PM, Nathan Power<np <at> securitypentest.com>
>>>>>> wrote:
>>>>>>> I was basically told that Facebook didn't see it as an issue and I was
>>>>>>> puzzled by that. Ends up the Facebook security team had issues reproducing
>>>>>>> my work and that's why they initially disgarded it. After publishing, the
>>>>>>> Facebook security team re-examined the issue and by working with me they
>>>>>>> seem to have been able to reproduce the bug.
>>>>>>>
>>>>>>> Nathan Power
>>>>>>> www.securitypentest.com
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Oct 28, 2011 at 11:18 AM, Pablo Ximenes<pablo <at> ximen.es>  wrote:
>>>>>>>> Not fixed yet. At least not yesterday when I checked.
>>>>>>>> Nathan, didn't Facebook ask for some time to fix this bug after they
>>>>>>>> have acknowledged it?
>>>>>>>>
>>>>>>>> Pablo Ximenes
>>>>>>>> http://ximen.es/
>>>>>>>> http://twitter.com/pabloximenes
>>>>>>>> Em 27/10/2011, às 19:29, Joshua Thomas<rappercrazzy <at> gmail.com>
>>>>>>>> escreveu:
>>>>>>>>
>>>>>>>> can't believe such was on FB  .... wahahaha !!! lol ....rofl ...
>>>>>>>>
>>>>>>>> When was this discovered and fixed ?
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Oct 27, 2011 at 1:02 AM, Nathan Power<np <at> securitypentest.com>
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------------------
>>>>>>>>> 1. Summary:
>>>>>>>>> When using the Facebook 'Messages' tab, there is a feature to attach
>>>>>>>>> a file.
>>>>>>>>> Using this feature normally, the site won't allow a user to attach an
>>>>>>>>> executable file.
>>>>>>>>> A bug was discovered to subvert this security mechanisms. Note, you
>>>>>>>>> do NOT have
>>>>>>>>> to be friends with the user to send them a message with an
>>>>>>>>> attachment.
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------------------
>>>>>>>>> Read the rest of this advisory here:
>>>>>>>>>
>>>>>>>>> http://www.securitypentest.com/2011/10/facebook-attach-exe-vulnerability.html
>>>>>>>>>
>>>>>>>>> Enjoy :)
>>>>>>>>>
>>>>>>>>> Nathan Power
>>>>>>>>> www.securitypentest.com
>>>>>>>>> _______________________________________________
>>>>>>>>> Full-Disclosure - We believe in it.
>>>>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>>>> _______________________________________________
>>>>>>>> Full-Disclosure - We believe in it.
>>>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>>
>>>>>> _______________________________________________
>>>>>> Full-Disclosure - We believe in it.
>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



--
Ferenc Kovács
<at> Tyr43l - http://tyrael.hu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 2 comments |
headers
foofus | 1 Nov 2011 14:05
Favicon

Re: printer attacks?

> Is this stuff for real?
>
> http://www.foofus.net/?p=468

Yes indeed.

https://media.defcon.org/dc-19/video/DEF%20CON%2019%20Hacking%20Conference%20Presentation%20By%20-%20Deral%20Heiland%20-%20From%20Printer%20To%20Pwnd%20Leveraging%20Multifunction%20Printers%20During%20Penetration%20Testing%20-%20Slides.m4v

--Foofus.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 1 comment |
headers
Mikhail A. Utin | 1 Nov 2011 14:03
Favicon

Re: Facebook Attach EXE Vulnerability

Face Book is trying to save its face. It's typical.
I got the same answer from SonicWALL one year ago when discovered that simple internal network scanning
(Nessus, Nmap, etc.) brings down entire network. The firewall internal TCP connections stack was
overloaded within a few seconds (IPS is not enabled, thus was not accepting new connections.

Mikhail A. Utin, CISSP
Information Security Analyst

-----Original Message-----
From: full-disclosure-bounces <at> lists.grok.org.uk
[mailto:full-disclosure-bounces <at> lists.grok.org.uk] On Behalf Of full-disclosure-request <at> lists.grok.org.uk
Sent: Tuesday, November 01, 2011 8:00 AM
To: full-disclosure <at> lists.grok.org.uk
Subject: Full-Disclosure Digest, Vol 81, Issue 1

Send Full-Disclosure mailing list submissions to
	full-disclosure <at> lists.grok.org.uk

To subscribe or unsubscribe via the World Wide Web, visit
	https://lists.grok.org.uk/mailman/listinfo/full-disclosure
or, via email, send a message with subject or body 'help' to
	full-disclosure-request <at> lists.grok.org.uk

You can reach the person managing the list at
	full-disclosure-owner <at> lists.grok.org.uk

When replying, please edit your Subject line so it is more specific than "Re: Contents of Full-Disclosure digest..."

Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you.

Today's Topics:

   1. Re: Facebook Attach EXE Vulnerability (Charles Morris)

Message: 1
Date: Mon, 31 Oct 2011 10:40:24 -0400
From: Charles Morris <cmorris <at> cs.odu.edu>
Subject: Re: [Full-disclosure] Facebook Attach EXE Vulnerability
To: Nathan Power <np <at> securitypentest.com>
Cc: Full Disclosure <full-disclosure <at> lists.grok.org.uk>
Message-ID:
	<CABgawuYGTu1=eG2NEsD9g_n_aaPWE1myQzrZNc0TDZ5sqsb2VQ <at> mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

Nathan, It IS an issue, don't let their foolishness harsh your mellow.

Although it's a completely ridiculous, backwards, and standards-relaxing "security" mechanism, the
fact is they implemented it, and you subverted it.

In my book that's Pentester 1 :: Fail Vendor 0

I've had large vendors (read:Microsoft) reply to issues with the same kind of garbage, where they take a
situation where there wasn't a threat, create a "security" mechanism to counter the nonexistent threat,
then implement it incorrectly, thus creating either a vulnerability in the system itself or a false sense
of security for the user.

Fail: "Hello user, you can add attachments now! Look at our amazing
1997 web technology!!"

User: "Oh neat, I can't wait to send my friend this random file (read:
give up your rights and control of your random file to facebook) your through your excessive, unnecessary,
inefficient, insecure, closed-source tool"

Fail: "I am blocking exe attachments 'for your security' so feel free to just run attachments without a
second thought, don't even bother to waste 100ns of your time to practice normal security"

User: "Wait, what about .bat, .cmd, .vbs, .ws, .pif, .inx, .lnk etc etc? What about the extensions that I set
up? Can I really just spam clicks all over the place?"

Fail: "Oh those, well you shouldn't be clicking those. What, we can't be held responsible if you don't
practice normal security!! P.S. You know when we said we were blocking .exe files? Well--- we aren't.
Enjoy."

</rant>

On Fri, Oct 28, 2011 at 1:38 PM, Nathan Power <np <at> securitypentest.com> wrote:
> I was?basically?told that Facebook didn't see it as an issue and I was 
> puzzled by that. Ends up the Facebook security team had issues 
> reproducing my work and?that's?why they?initially?disgarded it. After 
> publishing, the Facebook security team re-examined the issue and by 
> working with me they seem to have been able to reproduce the bug.
>

*********************************
CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential 
and privileged information for the use of the designated recipients named above. If you are 
not the intended recipient, you are hereby notified that you have received this communication 
in error and that any review, disclosure, dissemination, distribution or copying of it or its 
contents is prohibited. If you have received this communication in error, please reply to the 
sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication 
and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, 
please visit our Internet web site at http://www.commonwealthcare.org.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 2 comments |
headers
security | 1 Nov 2011 16:39

[ MDVSA-2011:162 ] kdelibs4


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:162
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : kdelibs4
 Date    : November 1, 2011
 Affected: 2010.1, 2011.
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities was discovered and corrected in kdelibs4:

 KDE KSSL in kdelibs does not properly handle a \&#039;\0\&#039; (NUL)
 character in a domain name in the Subject Alternative Name field of
 an X.509 certificate, which allows man-in-the-middle attackers to
 spoof arbitrary SSL servers via a crafted certificate issued by a
 legitimate Certification Authority, a related issue to CVE-2009-2408
 (CVE-2009-2702).

 An input sanitization flaw was found in the KSSL (KDE SSL Wrapper)
 API. An attacker could supply a specially-crafted SSL certificate
 (for example, via a web page) to an application using KSSL, such
 as the Konqueror web browser, causing misleading information to be
 presented to the user, possibly tricking them into accepting the
 certificate as valid (CVE-2011-3365).

 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3365
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 8c6545c176b2716248c33e52135a3e2d  2010.1/i586/kdelibs4-core-4.4.5-0.4mdv2010.2.i586.rpm
 e54c7a21386ff85f46471fda6135ff6c  2010.1/i586/kdelibs4-devel-4.4.5-0.4mdv2010.2.i586.rpm
 243c4d3db4a9e95a393f97e74818488e  2010.1/i586/libkde3support4-4.4.5-0.4mdv2010.2.i586.rpm
 2b62c63d46a66adf26667731ddca4a06  2010.1/i586/libkdecore5-4.4.5-0.4mdv2010.2.i586.rpm
 025038d3783371e8f46d11eaf204e65f  2010.1/i586/libkdefakes5-4.4.5-0.4mdv2010.2.i586.rpm
 9a3bfa3d242e1d45194c4f55f812c67d  2010.1/i586/libkdesu5-4.4.5-0.4mdv2010.2.i586.rpm
 e9c69b97be0d6c7adcf7233c1d590dc6  2010.1/i586/libkdeui5-4.4.5-0.4mdv2010.2.i586.rpm
 1ecfc8e228818bf267979da7428ba24a  2010.1/i586/libkdewebkit5-4.4.5-0.4mdv2010.2.i586.rpm
 2be64f84a3a0160d353eaf4a66c88b1c  2010.1/i586/libkdnssd4-4.4.5-0.4mdv2010.2.i586.rpm
 44fc6a0928497b64217bc06637ecc219  2010.1/i586/libkfile4-4.4.5-0.4mdv2010.2.i586.rpm
 e148b42fa8180b02aa3c7c54089cd16e  2010.1/i586/libkhtml5-4.4.5-0.4mdv2010.2.i586.rpm
 c17229d3aff113fee855eb647b2ee891  2010.1/i586/libkimproxy4-4.4.5-0.4mdv2010.2.i586.rpm
 19876055e3b367010fd3a156a86a36ad  2010.1/i586/libkio5-4.4.5-0.4mdv2010.2.i586.rpm
 5090009d080971d3ab92f788f18f1e26  2010.1/i586/libkjs4-4.4.5-0.4mdv2010.2.i586.rpm
 8c2065a0cb35e2cc182b6bd0db267d62  2010.1/i586/libkjsapi4-4.4.5-0.4mdv2010.2.i586.rpm
 ed3966642b6a5d54ecffb6fc9a8b6290  2010.1/i586/libkjsembed4-4.4.5-0.4mdv2010.2.i586.rpm
 008fe65285eaf4ba2d9f7c0655230c52  2010.1/i586/libkmediaplayer4-4.4.5-0.4mdv2010.2.i586.rpm
 001fbc71b4da46f199b505c58e0c6228  2010.1/i586/libknewstuff2_4-4.4.5-0.4mdv2010.2.i586.rpm
 672553fad8848265e1ba408f43bf7781  2010.1/i586/libknewstuff34-4.4.5-0.4mdv2010.2.i586.rpm
 13cf045179be91975700fa3310a0fc70  2010.1/i586/libknotifyconfig4-4.4.5-0.4mdv2010.2.i586.rpm
 3752242079665a17a3a35ac4c05484bd  2010.1/i586/libkntlm4-4.4.5-0.4mdv2010.2.i586.rpm
 af471317415306fdfbb5ff9d3c49ceea  2010.1/i586/libkparts4-4.4.5-0.4mdv2010.2.i586.rpm
 8d3c2e7c7ba723e56bc090786d1bf96c  2010.1/i586/libkpty4-4.4.5-0.4mdv2010.2.i586.rpm
 b5648f3780cdc55c57a0d03d3fb7cc97  2010.1/i586/libkrosscore4-4.4.5-0.4mdv2010.2.i586.rpm
 ea771f370b730efa9c4019c8ceac1c22  2010.1/i586/libkrossui4-4.4.5-0.4mdv2010.2.i586.rpm
 44dc92b4ff070db13c9dfb4954dcfa75  2010.1/i586/libktexteditor4-4.4.5-0.4mdv2010.2.i586.rpm
 926b45cc828f8f53d63a6030d278e5bd  2010.1/i586/libkunitconversion4-4.4.5-0.4mdv2010.2.i586.rpm
 4fd1c96ffa938806a5d055a4b61c3845  2010.1/i586/libkunittest4-4.4.5-0.4mdv2010.2.i586.rpm
 99a712d56d383e91b17ac560a109d9ce  2010.1/i586/libkutils4-4.4.5-0.4mdv2010.2.i586.rpm
 5db891d08fcfbe866da4a2cfc2c101ed  2010.1/i586/libnepomuk4-4.4.5-0.4mdv2010.2.i586.rpm
 853dc3a02d9783bc7d4ed5586271f82a  2010.1/i586/libnepomukquery4-4.4.5-0.4mdv2010.2.i586.rpm
 0b4d63fd1d8edd42a74ae1832694ef84  2010.1/i586/libplasma3-4.4.5-0.4mdv2010.2.i586.rpm
 fb356f0eb954f2871f0bd91ef4981f74  2010.1/i586/libsolid4-4.4.5-0.4mdv2010.2.i586.rpm
 ee166bc5ab6785306f330e4e13b59938  2010.1/i586/libthreadweaver4-4.4.5-0.4mdv2010.2.i586.rpm 
 a3bd1963ad774911ef4d1902ce33aec9  2010.1/SRPMS/kdelibs4-4.4.5-0.4mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 e4f1f7f8407938fae5eee9be6daf6463  2010.1/x86_64/kdelibs4-core-4.4.5-0.4mdv2010.2.x86_64.rpm
 afc1815bfb3e5c1b17a5e774a86d8262  2010.1/x86_64/kdelibs4-devel-4.4.5-0.4mdv2010.2.x86_64.rpm
 acabd29c100952c3a8268f6e48ae729c  2010.1/x86_64/lib64kde3support4-4.4.5-0.4mdv2010.2.x86_64.rpm
 4496e00fc526e1b331d5f7553ad759ab  2010.1/x86_64/lib64kdecore5-4.4.5-0.4mdv2010.2.x86_64.rpm
 9f6dfb1b7af9299fb96941926e7d69e9  2010.1/x86_64/lib64kdefakes5-4.4.5-0.4mdv2010.2.x86_64.rpm
 2e682ce762d8a60cc4322370567b5f6c  2010.1/x86_64/lib64kdesu5-4.4.5-0.4mdv2010.2.x86_64.rpm
 acd07b647db525427550f6763b936a7a  2010.1/x86_64/lib64kdeui5-4.4.5-0.4mdv2010.2.x86_64.rpm
 4fb64c5e05fb52b0b2c5eb1a92fdb3d1  2010.1/x86_64/lib64kdewebkit5-4.4.5-0.4mdv2010.2.x86_64.rpm
 4176fd87a0b92f2ee7d088f3d4a774d0  2010.1/x86_64/lib64kdnssd4-4.4.5-0.4mdv2010.2.x86_64.rpm
 eed83cf3b32bd23a0b16fce8d2834e9d  2010.1/x86_64/lib64kfile4-4.4.5-0.4mdv2010.2.x86_64.rpm
 d66febf0bb7e273fb687c144a36ac138  2010.1/x86_64/lib64khtml5-4.4.5-0.4mdv2010.2.x86_64.rpm
 174ac58c7dc86ee4458526b5a2480662  2010.1/x86_64/lib64kimproxy4-4.4.5-0.4mdv2010.2.x86_64.rpm
 b7c162555f547ae0d9edbf71bfe04f0d  2010.1/x86_64/lib64kio5-4.4.5-0.4mdv2010.2.x86_64.rpm
 5d89a4e23e342dee305e2107bfdc8c0e  2010.1/x86_64/lib64kjs4-4.4.5-0.4mdv2010.2.x86_64.rpm
 d2df6f4275de4ff6407188ada2785094  2010.1/x86_64/lib64kjsapi4-4.4.5-0.4mdv2010.2.x86_64.rpm
 50ed7da9bcd068acb4819139eebb9026  2010.1/x86_64/lib64kjsembed4-4.4.5-0.4mdv2010.2.x86_64.rpm
 ad3c77de9a052f9b2612b15fb82be03f  2010.1/x86_64/lib64kmediaplayer4-4.4.5-0.4mdv2010.2.x86_64.rpm
 b9a8fbcdc54c359415075cf449ef6e4f  2010.1/x86_64/lib64knewstuff2_4-4.4.5-0.4mdv2010.2.x86_64.rpm
 6d6c9151d9a634ca423770e919179b50  2010.1/x86_64/lib64knewstuff34-4.4.5-0.4mdv2010.2.x86_64.rpm
 fe7c248a30318f755bd0fe1b11f98fe4  2010.1/x86_64/lib64knotifyconfig4-4.4.5-0.4mdv2010.2.x86_64.rpm
 888e7081a5be8ac0e1cbd7b47fd13ae7  2010.1/x86_64/lib64kntlm4-4.4.5-0.4mdv2010.2.x86_64.rpm
 5c5e89cc9cd02ebf9267b7ee5faf1278  2010.1/x86_64/lib64kparts4-4.4.5-0.4mdv2010.2.x86_64.rpm
 6c6bb95f61e8c26cc50902024303b3fe  2010.1/x86_64/lib64kpty4-4.4.5-0.4mdv2010.2.x86_64.rpm
 22d1c3f2d8345743f1d834ecccd069d4  2010.1/x86_64/lib64krosscore4-4.4.5-0.4mdv2010.2.x86_64.rpm
 502fb43a0a37496f2c11616d07fbbcbe  2010.1/x86_64/lib64krossui4-4.4.5-0.4mdv2010.2.x86_64.rpm
 d4fbf824ea3c54a902dc1e18e13756d0  2010.1/x86_64/lib64ktexteditor4-4.4.5-0.4mdv2010.2.x86_64.rpm
 927ed8af9b7e7c575c9e7984f4e80a89  2010.1/x86_64/lib64kunitconversion4-4.4.5-0.4mdv2010.2.x86_64.rpm
 12cd248453e3a3791de5f87f988eb430  2010.1/x86_64/lib64kunittest4-4.4.5-0.4mdv2010.2.x86_64.rpm
 2f9420a8dadfb08821bd911a3adb7b3f  2010.1/x86_64/lib64kutils4-4.4.5-0.4mdv2010.2.x86_64.rpm
 b9c9f1d4e0c8a51fd5d081b05b362def  2010.1/x86_64/lib64nepomuk4-4.4.5-0.4mdv2010.2.x86_64.rpm
 e80871c0e9b5b0c72a3ea2b2f86e64d1  2010.1/x86_64/lib64nepomukquery4-4.4.5-0.4mdv2010.2.x86_64.rpm
 29b23d3b31f4db91dc73f6a37ea02db1  2010.1/x86_64/lib64plasma3-4.4.5-0.4mdv2010.2.x86_64.rpm
 c2ba7f9a9f2202330a1c7bf46004f41d  2010.1/x86_64/lib64solid4-4.4.5-0.4mdv2010.2.x86_64.rpm
 8a0ec353667253b3e3899c6980052999 
2010.1/x86_64/lib64threadweaver4-4.4.5-0.4mdv2010.2.x86_64.rpm 
 a3bd1963ad774911ef4d1902ce33aec9  2010.1/SRPMS/kdelibs4-4.4.5-0.4mdv2010.2.src.rpm

 Mandriva Linux 2011:
 44421dc86e6c96eb9f4a1b835c40006d  2011/i586/kdelibs4-core-4.6.5-9.1-mdv2011.0.i586.rpm
 31ef78219ce113dc91ba2d45ca166276  2011/i586/kdelibs4-devel-4.6.5-9.1-mdv2011.0.i586.rpm
 c72c7b24079aab97ce0923f5dd0bdf24  2011/i586/libkatepartinterfaces4-4.6.5-9.1-mdv2011.0.i586.rpm
 882b577dc3c6a9b9f1c7872046cbffb4  2011/i586/libkcmutils4-4.6.5-9.1-mdv2011.0.i586.rpm
 b1cdc2769a17e075b43a2d1e49eb4efb  2011/i586/libkde3support4-4.6.5-9.1-mdv2011.0.i586.rpm
 2aa0a579e90ea8b0015bcbccdeb4077e  2011/i586/libkdecore5-4.6.5-9.1-mdv2011.0.i586.rpm
 105f203a2470d8d3aaf4381ba47f4a20  2011/i586/libkdefakes5-4.6.5-9.1-mdv2011.0.i586.rpm
 3ad287cab02d774df12b8f5cedd2b7cb  2011/i586/libkdesu5-4.6.5-9.1-mdv2011.0.i586.rpm
 4d4dcdf956ca0194bc2da5d901e14910  2011/i586/libkdeui5-4.6.5-9.1-mdv2011.0.i586.rpm
 c5d8b2ced514be22ff42c8a610dea367  2011/i586/libkdewebkit5-4.6.5-9.1-mdv2011.0.i586.rpm
 89d3df52d5659ba172b5021aaa0800ba  2011/i586/libkdnssd4-4.6.5-9.1-mdv2011.0.i586.rpm
 6f6e7b50cc22c4d0efec46ad85c52145  2011/i586/libkemoticons4-4.6.5-9.1-mdv2011.0.i586.rpm
 f9e7fb1a985fee36db209259643e3d43  2011/i586/libkfile4-4.6.5-9.1-mdv2011.0.i586.rpm
 ce0c07b3ab9ffb23074e3dcfd311251f  2011/i586/libkhtml5-4.6.5-9.1-mdv2011.0.i586.rpm
 3e4bcd7edf1e6ddb2d2a75a563e83362  2011/i586/libkidletime4-4.6.5-9.1-mdv2011.0.i586.rpm
 bc4ad21bf5df0428897249edc07ee139  2011/i586/libkimproxy4-4.6.5-9.1-mdv2011.0.i586.rpm
 86d9aa7a95e0b3c8c3736bced5030529  2011/i586/libkio5-4.6.5-9.1-mdv2011.0.i586.rpm
 42894f5fef6b3955f4cc7cdc39a9b8b6  2011/i586/libkjs4-4.6.5-9.1-mdv2011.0.i586.rpm
 5293f2f284c1df6466a84cfd33426b21  2011/i586/libkjsapi4-4.6.5-9.1-mdv2011.0.i586.rpm
 600ac620222614c9240c56e35061dd5f  2011/i586/libkjsembed4-4.6.5-9.1-mdv2011.0.i586.rpm
 e6b032340b8f8b45f5e3dea24d4b795e  2011/i586/libkmediaplayer4-4.6.5-9.1-mdv2011.0.i586.rpm
 a9e4510933f71ee9354d41dc7f5c21f9  2011/i586/libknewstuff2_4-4.6.5-9.1-mdv2011.0.i586.rpm
 4fffe4a09ab06dbb13e19ef552c765d3  2011/i586/libknewstuff3_4-4.6.5-9.1-mdv2011.0.i586.rpm
 6176f21ff0870d298cad30f19cbc5985  2011/i586/libknotifyconfig4-4.6.5-9.1-mdv2011.0.i586.rpm
 aaca814c82291a16831052da452b072a  2011/i586/libkntlm4-4.6.5-9.1-mdv2011.0.i586.rpm
 38441eea27e26fded337b55d1c7187b8  2011/i586/libkparts4-4.6.5-9.1-mdv2011.0.i586.rpm
 e1d9a6f2b3cf3546fffca8b3092b96d7  2011/i586/libkprintutils4-4.6.5-9.1-mdv2011.0.i586.rpm
 78764e6b917983c8e337c69ac99d17f4  2011/i586/libkpty4-4.6.5-9.1-mdv2011.0.i586.rpm
 8b727fc309bbb81de1d8ace536351303  2011/i586/libkrosscore4-4.6.5-9.1-mdv2011.0.i586.rpm
 051aa118fdbcc20755754c2a4a45fdba  2011/i586/libkrossui4-4.6.5-9.1-mdv2011.0.i586.rpm
 c135b1698036881db6ab90cb448c265b  2011/i586/libktexteditor4-4.6.5-9.1-mdv2011.0.i586.rpm
 f7526412295bd86a3fdf26ad6bc8e962  2011/i586/libkunitconversion4-4.6.5-9.1-mdv2011.0.i586.rpm
 603c837536ad6ca871ffe589c747c0f5  2011/i586/libkunittest4-4.6.5-9.1-mdv2011.0.i586.rpm
 e4c09f0fcb6f28bf768d337c62686eac  2011/i586/libkutils4-4.6.5-9.1-mdv2011.0.i586.rpm
 ac93402de1c9e45b65944aaeb8e425bf  2011/i586/libnepomuk4-4.6.5-9.1-mdv2011.0.i586.rpm
 ea8ba57a4f5e91529a074b3b5ddafb63  2011/i586/libnepomukquery4-4.6.5-9.1-mdv2011.0.i586.rpm
 a1ca1f682adaea8192cdf17082179790  2011/i586/libnepomukutils4-4.6.5-9.1-mdv2011.0.i586.rpm
 beb7c3df35c4208608541faba3e3cff1  2011/i586/libplasma3-4.6.5-9.1-mdv2011.0.i586.rpm
 76cf8c65bc34fd9981ebd776fae7dd6b  2011/i586/libsolid4-4.6.5-9.1-mdv2011.0.i586.rpm
 4dbe0bea09b0efcb77e4f97af52ee554  2011/i586/libthreadweaver4-4.6.5-9.1-mdv2011.0.i586.rpm 
 9cda5c5ab321d1d77cad4b273a8227a3  2011/SRPMS/kdelibs4-4.6.5-9.1.src.rpm

 Mandriva Linux 2011/X86_64:
 a416f173f6fee7f10e01e940622b03c7  2011/x86_64/kdelibs4-core-4.6.5-9.1-mdv2011.0.x86_64.rpm
 fdc8c171954de23a0161faec669953a3  2011/x86_64/kdelibs4-devel-4.6.5-9.1-mdv2011.0.x86_64.rpm
 389d42165fcb6c8853bda9f8fe352438  2011/x86_64/lib64katepartinterfaces4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 553e0d225fdc7335afd7571bc404b808  2011/x86_64/lib64kcmutils4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 1b073a351c1e5d2c350a908e361afde7  2011/x86_64/lib64kde3support4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 8a10b775f1dc843404e518eb1dd15263  2011/x86_64/lib64kdecore5-4.6.5-9.1-mdv2011.0.x86_64.rpm
 98b3c619dab6bcf91ebaea35dc59f24e  2011/x86_64/lib64kdefakes5-4.6.5-9.1-mdv2011.0.x86_64.rpm
 3035d04055ef41dc710a9a5cfa15f48f  2011/x86_64/lib64kdesu5-4.6.5-9.1-mdv2011.0.x86_64.rpm
 4bb1aade6cbc696aa298a0053a2778aa  2011/x86_64/lib64kdeui5-4.6.5-9.1-mdv2011.0.x86_64.rpm
 05593647a56638371c4b06f8eec04199  2011/x86_64/lib64kdewebkit5-4.6.5-9.1-mdv2011.0.x86_64.rpm
 9a61f92a25556635fdf01bd629079c05  2011/x86_64/lib64kdnssd4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 ebb20032192f17c4d8d46d7a117d6186  2011/x86_64/lib64kemoticons4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 7c16488a8271d8e0440f886a1e7a3e59  2011/x86_64/lib64kfile4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 f2b43f9f213e29c69f9bcf1fe30a0f91  2011/x86_64/lib64khtml5-4.6.5-9.1-mdv2011.0.x86_64.rpm
 e01dd3d898e30c921275e9e3fd7fe8a0  2011/x86_64/lib64kidletime4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 bf2a67810c9530f7d06584fe92a086cd  2011/x86_64/lib64kimproxy4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 3dc38dd2200e7765178b756d18355c5e  2011/x86_64/lib64kio5-4.6.5-9.1-mdv2011.0.x86_64.rpm
 479d0258813eb4ce2112efa290ac992f  2011/x86_64/lib64kjs4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 5821bd4cb36e6ae484fed3f3b178f64c  2011/x86_64/lib64kjsapi4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 97d0a7073257b5d38ebd89608b230cb2  2011/x86_64/lib64kjsembed4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 b8201d7c86d380f53a747569c86cc125  2011/x86_64/lib64kmediaplayer4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 a7470e5a2f9f1c2802a70386d94734d9  2011/x86_64/lib64knewstuff2_4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 d10cff1d4ae24594f65017681b351aa4  2011/x86_64/lib64knewstuff3_4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 40625fb25f84a66747bfdb5e8c33397f  2011/x86_64/lib64knotifyconfig4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 7a58f4dad0d080ad1bb4f9d0b7b55721  2011/x86_64/lib64kntlm4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 216f06e8c9bc940a7c1bc96c0be60c85  2011/x86_64/lib64kparts4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 d2bf6a48431bfa87b20274b6a916ed07  2011/x86_64/lib64kprintutils4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 17e748ccf383dcd76bf54370bae5b60b  2011/x86_64/lib64kpty4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 2980ae5e1eb2df517b9ac30f815e2b86  2011/x86_64/lib64krosscore4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 a3daeac9197c566f3112a0efc2a20440  2011/x86_64/lib64krossui4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 0eb6aa884c8725aa2cc7cc5947f10fce  2011/x86_64/lib64ktexteditor4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 e58f316e4fe7ec5412c6f24b263f61d8  2011/x86_64/lib64kunitconversion4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 a07e9a42d9d34450fcdaa4a81fee7e1b  2011/x86_64/lib64kunittest4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 34610271f7de5ba3c6226d857831162f  2011/x86_64/lib64kutils4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 ddf3eb523f5b29dd49b937b63d3efce7  2011/x86_64/lib64nepomuk4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 eacd8f03c285571b4724f93b4f80525c  2011/x86_64/lib64nepomukquery4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 9fc98f8e2958ad971b73a887ecc25d75  2011/x86_64/lib64nepomukutils4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 b66922bbe21ba37ab38a362eb279b399  2011/x86_64/lib64plasma3-4.6.5-9.1-mdv2011.0.x86_64.rpm
 412dee5f9cbf514d0cc8e7b6c4bb7036  2011/x86_64/lib64solid4-4.6.5-9.1-mdv2011.0.x86_64.rpm
 ed8eb7bd7d026d75615bda14538fe6af 
2011/x86_64/lib64threadweaver4-4.6.5-9.1-mdv2011.0.x86_64.rpm 
 9cda5c5ab321d1d77cad4b273a8227a3  2011/SRPMS/kdelibs4-4.6.5-9.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
Permalink | Reply | 0 comments |
headers
Peter Dawson | 1 Nov 2011 16:56
Picon

Re: Facebook Attach EXE Vulnerability

Yes to a certain degree its all about " Saving FACE". .. however FB's 30member integrity team is only bothered about how to manage the vectors that have been primed to protect. 
 
FB is the  largest network "protected" .. (YES big word Protected !! / they have over 25B checks per day and reaching upto 65K/sec at peak.  Building an Immune System as large as FB's takes time, but its only on known vectors. The unknown is never realized unless one is willing to collaborate and confirm with user/community.   Large Org's have the syndrome if living in the "ivory tower" and that is the biggest downfall.
 
What could have happened if a zero day was filed and alternative markets were sought with this bug ?  Yes, alternative markets pay better !.. but just saying. .what  was damage ratios to users ?
 
 
/pd

On Tue, Nov 1, 2011 at 9:03 AM, Mikhail A. Utin <mutin <at> commonwealthcare.org> wrote:
Face Book is trying to save its face. It's typical.
I got the same answer from SonicWALL one year ago when discovered that simple internal network scanning (Nessus, Nmap, etc.) brings down entire network. The firewall internal TCP connections stack was overloaded within a few seconds (IPS is not enabled, thus was not accepting new connections.

Mikhail A. Utin, CISSP
Information Security Analyst

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 1 comment |
headers
Valdis.Kletnieks | 1 Nov 2011 16:58
Picon
Favicon

Re: Facebook Attach EXE Vulnerability

On Tue, 01 Nov 2011 14:00:42 BST, Ferenc Kovacs said:
> nice speculation, but imo it would make them look more bad, if they turn
> down the reports, because it will come back to them (either via the
> publication like in this case, or just simply someone exploiting it).

So exactly how big a hit did Sony's stock price take from the PSN pwnage?

https://www.google.com/finance?chdnp=1&chdd=1&chds=1&chdv=1&chvs=maximized&chdeh=0&chfdeh=0&chdet=1320177600000&chddm=98923&chls=IntervalBasedLine&q=NYSE:SNE&ntsp=0&fct=big

Look for the big dip in April when they got hacked.  Notice there *is* no big
dip in April/May - just the same continual slide that started all the way back
at the end of February. (For bonus points, figure out what happened the week of
March 8-15).


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Permalink | Reply | 1 comment |

Gmane