Information Security all in one place!

Posts tagged “enterprise-it

Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability


 

 

Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786.

Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-smartinstall

 

 

Advertisements

University Accredited Certificate Program Launch; First of it’s Kind


Security Innovation and University of Central Florida Launch Secure Software Development (SSD) Certificate Program

Image representing Security Innovation as depi...

–(Business Wire)– Security Innovation and the University of Central Florida (UCF) today announced the Secure Software Development (SSD) Certificate Program as part of the university’s Continuing Education curriculum. This computer-based certification and training program offered by UCF is the first of its kind offered by a US higher education institution, and is targeted at professionals and students looking to improve their application securityskills with a recognizable certification from an accredited university.

University of Central Florida

University of Central Florida

The SSD Certificate Program is comprised of 15 courses from Security Innovation’s computer-based training curriculum product TeamProfessor, the most comprehensive application security training program in the industry. This partnership provides students with a practical set of courses that will provide the foremost expertise in the application security discipline, complete with technical support for all users. UCF has constructed the program to feature three levels of certification: Foundation, Advanced and Expert.

More on this article here:

More on the program can be found here:

CA ARCServe: DoS Vulnerability


CA ARCserve

CA Technologies is warning that some versions of CA ARCserve Backup for Windows contain a security vulnerability (CVE-2012-1662) that could be exploited by a remote attacker to cause a denial-of-service (DoS) condition to disable network services. According to the company, the bug occurs due to insufficient validation of certain types of network requests.

Versions r12.0, r12.0 SP1, r12.0 SP2, r12.5, r12.5 SP1, r15, r15 SP1 and r16 are affected. CA ARCserve Backup for Windows r12.5 SP2 and r16 SP1 are not vulnerable. Fixes have been released to close the hole.

Further information about the problem, including instructions on how to determine if an installation is affected and download links to patches, can be found in the company’s security advisory.

 

More can be found here from the vendor: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B983E3A52-8374-410A-82BD-B8788733C70F%7D


Cyberoam Unified Threat Management: Insecure Password Handling


CybeRoam Unified Threat Management appliances offer assured security, connectivity and productivity to Small Office-Home Office (SOHO) and Remote Office-Branch Office (ROBO) users by allowing user identity-based policy controls.

Cyberoam UTM integrates with Active Directory. In order to query data from a configured AD, domain credentials are stored within the device. These credentials are retrievable by an authenticated user.

Domain credentials are stored on the device and passed to web clients on a diagnostic page (Identity –> Authentication –> Authentication Server –> /Select Configured AD/ ).  Authenticated clients can thus easily access stored credentials.

A trivial check for this follows (replace cookie value):

curl -s -b “JSESSIONID=u2ur76lhy4qt” -H “Referer: blah”
http:///corporate/webpages/identity/ActiveDirectoryEdit.jsp?__RequestType=ajax&&objectID=1&pageid=pagePopupForm1″|egrep
‘(adminusername|passwdvalue)’

The vulnerability allows a malicious user to access potentially privileged domain credentials. Should default passwords not be changed, then this is a trivial entry point onto a Windows domain.

Systems affected: Severity High

Cyberoam CR50ia 10.01.0 build 678


Joomla! 2.5 Security Update Fixes Vulnerabilities


The Joomla! project has released version 2.5.3 of its open source content management system (CMS). This is a security update that addresses two “High Priority” vulnerabilities.

The first of these is caused by an unspecified programming error which could have allowed a malicious user to gain escalated privileges. The other hole is an error in random number generation when resetting passwords that could be exploited by an attacker to change a user’s password.

Versions 2.5.0 to 2.5.2 as well as all 1.7.x and 1.6.x releases are affected. The developers advise all users to upgrade to 2.5.3 to fix these problems. More details about the update can be found in the official release announcement and in the security advisories. Joomla! 2.5.3 is available to download from the project’s site and is licensed under the GPL.

 

Complete details here: http://www.h-online.com/security/news/item/Joomla-2-5-update-fixes-security-vulnerabilities-1476632.html


Aruba Networks: OS command injection in RAP web interface and 802.1X EAP-TLS user authentication


offical logo of Aruba Networks

 

An OS command injection vulnerability has been discovered in the Aruba Remote Access Point’s Diagnostic Web Interface. When running the diagnostic web interface, arbitrary system commands can be executed as the root user on the Remote device by an unauthenticated attacker.

The Remote Access Point provides a web interface to facilitate initial provisioning of the device. This web interface provides functionality to run some basic network diagnostics and enter configuration parameters necessary for successful provisioning. An OS command injection vulnerability has been discovered in this web interface where malicious user input can be injected via form elements and run arbitrary system commands on the device as root user. This diagnostic web interface can be disabled after initial provisioning of the device.

An unauthenticated attacker can run arbitrary system commands on the device as root user. This could lead to a full compromise of the device’s operating system.

This vulnerability applies only to the Aruba Remote Access Point and other Aruba devices are not affected.

Aruba Networks recommends not allowing access to the Aruba Remote Access
Point’s diagnostic web interface after initial provisioning by applying an
access list (acl) to block HTTP and HTTPS protocol to its local IP. This
restricted acl needs to be in the highest position of the acl rules for
each user-role that should not have access to the diagnostic web
interface.

Example restricted IP access list added to a user-role called guest:

ip access-list session local_debug_restricted
user localip svc-http deny
user localip svc-https deny

user-role guest
access-list session local_debug_restricted
access-list session dns-acl
access-list session dhcp-acl
access-list session icmp-acl
access-list session http-acl
access-list session https-acl

Aruba Networks recommends that all customers apply the appropriate
patch(es) as soon as practical.

The following patches have the fix (any newer patch will also have the
fix):

– – – ArubaOS 5.0.4.2
– – – ArubaOS 6.0.2.1
– – – ArubaOS 6.1.2.4


NSA: Ultimate Internet Spy Center


The NSA‘s new spy center will see everything

Imagine a massive supercomputer in the desert, watched around the clock by armed guards, capable of intercepting and decrypting virtually every piece of information in the world. Sounds like science fiction doesn’t it? Well, according to Wired, the NSA is in the process of building just such a place, and they’ve madeleaps and bounds of progress at breaking the standard AES encryption algorithm that keeps your emails and other private information secure.

This new surveillance center is being constructed in the Utah desert, near a town called Bluffdale. When it’s finished, you’ll be able to fit five US Capitols inside, and most of that space will be occupied by supercomputers capable of storing more data than you can even imagine (you can imagine a lot, can’t you?). Your private emails, Google searches, receipts, travel information – pretty much ever scrap of data generated – will be stored here, while sophisticated software sifts through it in search of anything remotely suspicious.

More on this interesting story here: http://www.neowin.net/news/the-nsas-new-spy-center-will-see-everything