{"id":3242,"date":"2013-08-22T16:18:51","date_gmt":"2013-08-22T19:18:51","guid":{"rendered":"https:\/\/www.kwell.net\/kwell_blog\/?p=3242"},"modified":"2013-08-22T16:18:56","modified_gmt":"2013-08-22T19:18:56","slug":"security-vulnerability-alert-usuarios-tecnicos","status":"publish","type":"post","link":"https:\/\/www.kwell.net\/kwell_blog\/?p=3242","title":{"rendered":"Security Vulnerability Alert (usuarios t\u00e9cnicos)"},"content":{"rendered":"

NOTABLE RECENT SECURITY ISSUES<\/p>\n

SELECTED BY THE SOURCEFIRE VULNERABILITY RESEARCH TEAM<\/p>\n

Title: Recent Java exploits rapidly weaponizing in the wild<\/strong><\/p>\n

Description: Exploit code for a group of Java vulnerabilities patched in Oracle’s June 2013 patch release has been made public over the last two weeks by the PacketStorm bug bounty program, and exploit kit authors and other malicious actors have been quick to weaponize the code and begin using it in the wild. Noted exploit kit researcher Kaffeine has already confirmed the presence of one or both exploits in half a dozen distinct kits, a particularly rapid uptake rate for an already-patched set of bugs. As always, administrators are urged to ensure that all systems under their control are properly patched.<\/p>\n

Reference:<\/p>\n

http:\/\/packetstormsecurity.com\/files\/122865\/<\/a><\/p>\n

http:\/\/packetstormsecurity.com\/files\/122806\/<\/a><\/p>\n

http:\/\/malware.dontneedcoffee.com\/2013\/08\/cve-2013-2465-integrating-exploit-kits.html<\/a><\/p>\n

Snort SID: 27621, 27622, 27672 – 27677, 27691 – 27694<\/p>\n

ClamAV: Java.Exploit.CVE_2013_2465, Java.Exploit.CVE_2013_2459<\/p>\n

 <\/p>\n

Title: Denial of service in BIND in the wild<\/strong><\/p>\n

Description: A recently announced vulnerability in the popular BIND DNS service is being exploited in the wild, according to notes in the ISC vulnerability announcement included with their official patches. The issue, which can be exploited with a single packet, impacts the entire version 9 code base, and will hit default configurations there.<\/p>\n

Administrators should patch immediately, or upgrade to BIND 10 if possible, as several versions of the BIND 9 code base are past end-of-life and will not be patched against this issue.<\/p>\n

Reference:<\/p>\n

https:\/\/kb.isc.org\/article\/AA-01015<\/a><\/p>\n

Snort SID: 27666<\/p>\n

ClamAV: N\/A<\/p>\n

 <\/p>\n

Title: New attacks against security of TLS announced<\/strong><\/p>\n

Description: Researchers presenting at the 22nd annual USENIX security symposium last week announced a pair of partial plaintext recovery attacks against TLS. While the issues require rapidly repeated original plaintext in order to work, the researchers showed practical cases where necessary conditions would occur, though stopped short of providing any proof-of-concept code. Given this and related attacks discovered over the course of the last few years, such as the BEAST attack, developers of web applications secured by TLS should consider adding randomization to their plaintext messages as a proactive security measure against further attacks in this vein.<\/p>\n

Reference:<\/p>\n

https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity13\/sec13-paper_alfardan.pdf<\/a><\/p>\n

Snort SID: N\/A<\/p>\n

ClamAV: N\/A<\/p>\n

============================================================<\/p>\n

USEFUL EXPLANATIONS OF HOW NEW ATTACKS WORK<\/p>\n

Alice in Warningland: A large-scale field study of browser security warning effectiveness:<\/p>\n

http:\/\/static.googleusercontent.com\/external_content\/untrusted_dlcp\/research.google.com\/en\/us\/pubs\/archive\/41323.pdf<\/a><\/p>\n

 <\/p>\n

A study in bots: Bitbot:<\/p>\n

http:\/\/cylance.com\/techblog\/A-Study-in-Bots-Bitbot.shtml<\/a><\/p>\n

 <\/p>\n

Vulnerabilities that just won’t die: compression bombs:<\/p>\n

http:\/\/blog.cyberis.co.uk\/2013\/08\/vulnerabilities-that-just-wont-die.html<\/a><\/p>\n

 <\/p>\n

Bypassing AirWatch root restriction:<\/p>\n

https:\/\/www.netspi.com\/blog\/entryid\/192\/bypassing-airwatch-root-restriction<\/a><\/p>\n

 <\/p>\n

A closer look: Perkle Android malware kit:<\/p>\n

http:\/\/krebsonsecurity.com\/2013\/08\/a-closer-look-perkele-android-malware-kit\/<\/a><\/p>\n

 <\/p>\n

Using patched QEMU and IDA pro to debug bootroms:<\/p>\n

http:\/\/www.droid-developers.org\/wiki\/QEMU<\/a><\/p>\n

 <\/p>\n

So you think your domain controller is secure?<\/p>\n

http:\/\/scripthappens.azurewebsites.net\/?p=1<\/a><\/p>\n

 <\/p>\n

UXSS: Internet Explorer EUC-JP parsing bug:<\/p>\n

http:\/\/insert-script.blogspot.co.at\/2013\/08\/uxss-internet-explorer-euc-jp-parsing.html<\/a><\/p>\n

 <\/p>\n

Hacker posts Facebook bug report on Zuckerberg’s wall:<\/p>\n

http:\/\/rt.com\/news\/facebook-post-exploit-hacker-zuckerberg-621\/#.UhA62dulSpE.twitter<\/a><\/p>\n

 <\/p>\n

Jekyll on iOS: when benign apps become evil:<\/p>\n

https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity13\/sec13-paper_wang_2.pdf<\/a><\/p>\n

 <\/p>\n

ByeBye shell and the targeting of Pakistan:<\/p>\n

https:\/\/community.rapid7.com\/community\/infosec\/blog\/2013\/08\/19\/byebye-and-the-targeting-of-pakistan<\/a><\/p>\n

 <\/p>\n

ZFS forensics – recovering files from a destroyed Zpool:<\/p>\n

http:\/\/www.joyent.com\/blog\/zfs-forensics-recovering-files-from-a-destroyed-zpool<\/a><\/p>\n

 <\/p>\n

Mitigating the LdrHotPatchRoutine DEP\/ASLR bypass with MS13-063:<\/p>\n

http:\/\/blogs.technet.com\/b\/srd\/archive\/2013\/08\/12\/mitigating-the-ldrhotpatchroutine-dep-aslr-bypass-with-ms13-063.aspx<\/a><\/p>\n

 <\/p>\n

Trust in computing survey, part 2: less than half of developers use a security development process:<\/p>\n

http:\/\/blogs.technet.com\/b\/security\/archive\/2013\/07\/12\/trust-in-computing-survey-part-2-less-than-half-of-developers-use-a-security-development-process.aspx<\/a><\/p>\n

 <\/p>\n

=========================================================<\/p>\n

RECENT VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE COMPILED BY THE QUALYS VULNERABILITY RESEARCH TEAM<\/p>\n

This is a list of recent vulnerabilities for which exploits are available. System administrators can use this list to help in prioritization of their remediation activities. The Qualys Vulnerability Research Team compiles this information based on various exploit frameworks, exploit databases, exploit kits and monitoring of internet activity.<\/p>\n

ID:\u00a0\u00a0\u00a0\u00a0 Not Available<\/p>\n

Title: \u00a0\u00a0\u00a0\u00a0 Joomla! Unauthorised Uploads<\/strong><\/p>\n

Vendor: Joomla!<\/p>\n

Description: Inadequate filtering leads to the ability to bypass file type upload restrictions.<\/p>\n

Affects Joomla! version 2.5.13 and earlier 2.5.x versions; and version<\/p>\n

3.1.4 and earlier 3.x versions<\/p>\n

CVSS v2 Base Score: 10.0 (AV:N\/AC:L\/Au:N\/C:C\/I:C\/A:C)<\/p>\n

 <\/p>\n

ID:\u00a0\u00a0\u00a0\u00a0 CVE-2013-2465<\/p>\n

Title: \u00a0\u00a0\u00a0\u00a0 Java storeImageArray() Invalid Array Indexing Vulnerability<\/strong><\/p>\n

Vendor: Oracle<\/p>\n

Description: Unspecified vulnerability in the Java Runtime Environment<\/p>\n

(JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to “Incorrect image channel verification” in 2D.<\/p>\n

CVSS v2 Base Score: 10.0 (AV:N\/AC:L\/Au:N\/C:C\/I:C\/A:C)<\/p>\n

 <\/p>\n

ID:\u00a0\u00a0\u00a0\u00a0 CVE-2013-1690<\/p>\n

Title: \u00a0\u00a0\u00a0\u00a0 Mozilla Firefox JavaScript Runtime Vulnerability<\/strong><\/p>\n

Vendor: Mozilla<\/p>\n

Description: Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before<\/p>\n

17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.<\/p>\n

CVSS v2 Base Score: 9.3 (AV:N\/AC:M\/Au:N\/C:C\/I:C\/A:C)<\/p>\n

 <\/p>\n

ID:\u00a0\u00a0\u00a0\u00a0 CVE-2013-2251<\/p>\n

Title: \u00a0\u00a0\u00a0\u00a0 Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution<\/strong><\/p>\n

Vendor: Apache<\/p>\n

Description: Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.<\/p>\n

CVSS v2 Base Score: 9.3 (AV:N\/AC:M\/Au:N\/C:C\/I:C\/A:C)<\/p>\n

 <\/p>\n

ID:\u00a0\u00a0\u00a0\u00a0 CVE-2013-2460<\/p>\n

Title: \u00a0\u00a0\u00a0\u00a0 Java Applet ProviderSkeleton Insecure Invoke Method<\/strong><\/p>\n

Vendor: Oracle<\/p>\n

Description: Unspecified vulnerability in the Java Runtime Environment<\/p>\n

(JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to “insufficient access checks” in the tracing component.<\/p>\n

CVSS v2 Base Score: 9.3 (AV:N\/AC:M\/Au:N\/C:C\/I:C\/A:C)<\/p>\n

Comparte esto:<\/h3>