Information Security all in one place!

Posts tagged “gaming

Wireless Dual Band USB Adapter; offering 5GHz upgrade


 TP-LINK, a global provider of networking products, today announced its new Wireless Dual Band USB Adapter, enabling users to instantly add a 5GHz upgrade to their notebook or desktop computer without disrupting the existing network. With wireless speeds of up to 300Mbps at 2.4GHz and at 5GHz, this dual band USB adapter is the best companion when upgrading PC or laptop wireless capabilities, specifically when using the 5GHz band to avoid potential interference over the 2.4GHz band.

N600 Wireless Dual Band USB Adapter (TL-WDN3200) – $29.99 – Product Available End of April 2012

  • Compatible with IEEE 802.11b/g/n 2.4GHz and IEEE 802.11a/n 5GHz devices
  • Maximum speed up to 2.4GHz 300Mbps and 5GHz 300Mbps
  • USB 2.0 interface
  • Supports ad-hoc and infrastructure mode
  • Easy wireless security encryption at a push of the WPS button
  • Supports Windows XP 32/64bit, Vista 32/64bit, Windows 7 32/64bit
  • Easy Wireless Configuration Utility

http://www.ereleases.com/pic/TP-LINK.png
http://www.ereleases.com/pic/TP-LINK-2.jpg

Advertisements

CA ARCServe: DoS Vulnerability


CA ARCserve

CA Technologies is warning that some versions of CA ARCserve Backup for Windows contain a security vulnerability (CVE-2012-1662) that could be exploited by a remote attacker to cause a denial-of-service (DoS) condition to disable network services. According to the company, the bug occurs due to insufficient validation of certain types of network requests.

Versions r12.0, r12.0 SP1, r12.0 SP2, r12.5, r12.5 SP1, r15, r15 SP1 and r16 are affected. CA ARCserve Backup for Windows r12.5 SP2 and r16 SP1 are not vulnerable. Fixes have been released to close the hole.

Further information about the problem, including instructions on how to determine if an installation is affected and download links to patches, can be found in the company’s security advisory.

 

More can be found here from the vendor: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B983E3A52-8374-410A-82BD-B8788733C70F%7D


Polycom: Web Management Interface; Multiple Vulnerabilities


Path Traversal on Polycom Web Management Interface:

System affected: Polycom Web Management Interface
Model: G3/HDX 8000 HD, among others
Software Version: Durango 2.6.0 Release – build #4740

Embedded Linux: Polycom Linux Development Platform v2.14.g3

Other versions or models may also be affected.

Successful exploitation of this vulnerability may allow an attacker to view content of any arbitrary file on Polycom operating system.

Detailed description:

The web management interface on the Polycom device allows users todownload two log files (“system log” and “error log“). This feature is available through the following menus:

 Diagnostics –> System Log –> Download Logs

The access to these log files is provided by the script “a_getlog.cgi”, which receives the name of the log file (“messages” or “error”) to be downloaded through URL parameter “name”, as shown on the above URL:

http://<affected_device>/a_getlog.cgi?name=messages

The Path Traversal vulnerability occurs due to lack of proper input validation on user supplied data.

This vulnerability allows the attacker to navigate in the directory structure, thus enabling access to arbitrary files in Polycom’s operating system.

As a proof-of-concept, it’s possible to download “/etc/passwd” file accessing the following URL:

http://<affected_device>/a_getlog.cgi?name=../../../etc/passwd

To fix this vulnerability, Polycom Web Management Interface should perform proper input validation, sanitizing all user supplied data before it’s used elsewhere on the web application or in the underlying operating system.

Also, Polycom Web Management Interface should not allow itself to be accessed without proper configuration of a strong administrative password.

You can read more here about this vulnerabilitiy:  http://www.tempest.com.br/advisories/tsi-adv-1201/

Customers can download version 3.0 and newer at the link provided below:

http://support.polycom.com/PolycomService/support/us/support/video/hdx_series/

Polycom Web Management Interface O.S. Command Injection

System affected: Polycom Web Management Interface

Model: G3/HDX 8000 HD
Software Version: Durango 2.6.0 Release – build #4740
Embedded Linux: Polycom Linux Development Platform v2.14.g3

Other versions or models may also be affected.

Impact: Successful exploitation of this vulnerability may allow an attacker to execute arbitrary commands on Polycom operating system.

The web management interface on the Polycom device allows users to execute troubleshooting network tests by sending an ICMP echo request to user supplied hosts. This feature is available through the following menus:

 Diagnostics –> Network –> PING

This feature receives user supplied input and uses it as a parameter to the ‘ping’ command, returning the average round-trip time. For example: if the user inserts the value ‘127.0.0.1’ in the form, the system will execute the command “ping -c 1 127.0.0.1” followed by an stdout redirection to a random generated filename on /tmp directory.

The Command Injection vulnerability occurs due to lack of proper input validation on user supplied data.

UNIX based systems provide the possibility to execute multiple commands by using the semi-colon (;) character (causing the system to run all commands consecutively), thus allowing the attacker to submit a specially crafted parameter to run arbitrary commands on the underlying operating system.

The stdout redirection can be easily bypassed by adding a comment (#) symbol after the trailling command submitted by the attacker, as shown in the following example:

127.0.0.1 ; ps -ef > /tmp/command_injection.txt #

The above parameter will result in the execution of two commands:

 (#1) ping -c 1 127.0.0.1
   (#2) ps -ef > /tmp/command_injection.txt # <…>

Any command inserted by Polycom’s web management interface after user supplied input will be disabled by the comment symbol, thus allowing the attacker to precisely control what she wants to execute and where its output will be stored.

To fix this vulnerability, Polycom Web Management Interface should perform proper input validation, sanitizing all user supplied data before it’s used elsewhere on the web application or in the underlying operating system.

Also, Polycom Web Management Interface should not allow itself to be accessed without proper configuration of a strong administrative password.

Still according to Polycom, customers will be able to download version 3.0.4 by the end of March, 2012, at the link provided below:

– http://support.polycom.com/PolycomService/support/us/support/video/hdx_series/


Adobe: Out of Band Flash Player Fixes


From SophosLabs: on March 6, 2012 

Adobe has released a critical update for Flash Player versions 11.1.102.62 and earlier for Windows, OS X, Linux and Solaris and versions 11.1.115.6/11.1.111.6 and earlier for Android.

The patch addresses two CVEs in Flash Player, CVE-2012-0768 and CVE-2012-0769, both reported to Adobe by Google researchers.

Chrome users should restart their browser as soon as possible as Google has automatically provided the fix in the latest Chrome update.

Non-Chrome browser users can get the latest version (11.1.102.63) by surfing to http://get.adobe.com/flash and running the installer for your platform.

Android users should visit the Android Marketplace and search for Adobe Flash Player. iOS users don’t need to worry as Apple devices don’t work with Flash :)

CVE-2012-0768 is a memory corruption vulnerability that could lead to remote code execution by exploiting a flaw in Matrix3D.

CVE-2012-0769 is an information disclosure vulnerability as a result of integer errors in Flash Player.

As always we recommend deploying these updates as soon as possible. While we do not have any evidence of these flaws being exploited in the wild, past patterns indicate it won’t be long.

More Here: http://nakedsecurity.sophos.com/2012/03/06/adobe-ships-critical-out-of-band-flash-player-update/


Anonymous: Tricked Members Infected by Trojan DDOS Utility


The enemy of my enemy is my friend, right?

Victims of the various cyber-attacks by members of the hacktivist group Anonymous are undoubtedly enjoying a bit of schadenfreude this weekend, as a new report from Symantec indicates that some Anonymous members have been tricked into downloading and running a fairly unpleasant Trojan alongside one of their distributed denial-of-service tools.

“In these DDoS attacks, supporters using the Low Orbit Ion Cannon denial-of-service (DoS) tool would voluntarily include their computer in a botnet for attacks in support of Anonymous,” Symantec writes.

Image representing Symantec as depicted in Cru...

“In the wake Anonymous member arrests this week, it is worth highlighting how Anonymous supporters have been deceived into installing Zeus botnet clients purportedly for the purpose of DoS attacks. The Zeus client does perform DoS attacks, but it doesn’t stop there. It also steals the users’ online banking credentials, webmail credentials, and cookies.”

The Trojan problem’s a fairly recent occurrence, as it allegedly popped up the day after Anonymous members launched online counter-offensives in retaliation for the loss of the site Megaupload (and the international arrest of its key management). An anonymous user changed a download link on January 20 within one of the Pastebin-based “How to use Slowloris” tutorials, one of Anonymous’ DOS utilities, and pointed it to a Zeus botnet client instead.

 

 

 

 

 

 

 

 

 

 

Read More Here: http://www.pcmag.com/article2/0,2817,2401121,00.asp


Cracked CAPTCHAs and lost ISS codes


Too short for news, too good to lose; Lost+Found is a round up of useful security news. Today: cracking video CAPTCHAs, control codes for the International Space Station, a new version of the Network Security Toolkit and live chat banking malware.

  • Unencrypted command codes used to control the International Space Station (IIS) were on a laptop stolen from NASA in March 2011 according to recently released written testimony by NASA Inspector General Paul K. Martin. Other lost or stolen notebooks and mobile devices – 48 in total between April 2009 and April 2011 – contained employee Social Security numbers and sensitive data on NASA’s Constellation and Orion programs. Martin also noted that, while a 2010 report showed that the Government-wide encryption rate of these types of devices was 54% in 2010, as of 1 February 2012 only one per cent of NASA’s portable devices have been encrypted.

More on th H-Online here: http://www.h-online.com/security/news/item/Lost-Found-Cracked-CAPTCHAs-and-lost-ISS-codes-1446984.html

Also read more here: http://elie.im/blog/security/how-we-broke-the-nucaptcha-video-scheme-and-what-we-propose-to-fix-it/