Jan282010

Multiple Vulnerabilities in Cisco Unified MeetingPlace

Published by hirantha at 5:37 AM under Cisco | Security

these patches released today: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml

This affects Cisco Unified MeetingPlace versions 5, 6, and 7.



  [Twitter] [Digg] [Facebook] [Google] [StumbleUpon]

Tags: ,

 

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Responses

Nov242009

Microsoft Security Advisory 977981 - IE 6 and IE 7

Published by hirantha at 7:47 AM under Microsoft | Internet Explorer | Security

Microsoft has released Security Advisory 977981.  It details vulnerabilities in Internet Explorer 6 and 7 on various operating systems.  The advisory does not provide any patches or new versions at this point, but does provide several recommendations for mitigation.



  [Twitter] [Digg] [Facebook] [Google] [StumbleUpon]

Tags: , ,

 

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Responses

Nov122009

Apple Safari 4.0.4 Released

Published by hirantha at 5:53 AM under Apple | Security

Safari 4.0.4 was released yesterday for download, affecting both OS X and Windows versions.

Multiple security issues are addressed in this version, including remote code execution, process termination and disclosure of information issues.  Also one fix for a specific coss-site request forgery (CSRF)

http://support.apple.com/kb/HT3949



  [Twitter] [Digg] [Facebook] [Google] [StumbleUpon]

Tags: , ,

 

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Responses

Nov092009

First iPhone worm discovered

Published by hirantha at 6:19 AM under Apple | Security

Apple iPhone owners in Australia have reported that their smart phones have been infected by a worm that has changed their wallpaper to an image of 1980s pop crooner Rick Astley.

The worm, which could have spread to other countries although there are no confirmed reports outside Australia, is capable of breaking into jail broken iPhones if their owners have not changed the default password after installing SSH. Once in place, the worm appears to attempt to find other iPhones on the mobile phone network that are similarly vulnerable, and installs itself again

On each installation, the worm - written by a hacker calling themselves "ikex" - changes the lock background wallpaper to an image of Rick Astley with the message:

ikee is never going to give you up

What's clear is that if you have jail broken your iPhone or iPod Touch, and installed SSH, then you must always change your root user password to something different than the default, "alpine". In fact, it would be a good idea if you didn't use a dictionary word at all.

The worm will not affect users who have not jail broken their iPhones or who have not installed SSH.

SophosLabs is analyzing the worm's code, which suggests that at least four variants have been written so far. One of the attributes of the latest variant (labeled the "D" version) is that it tries to hide its presence by using a file path suggestive of the Cydia application.

Presently it appears that the worm does nothing more malicious than spread and change the infected user's lock screen wallpaper. However, that doesn't mean that attacks like this can be considered harmless.



  [Twitter] [Digg] [Facebook] [Google] [StumbleUpon]

Tags: , ,

 

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Responses

Nov062009

TLS Man-in-the-middle on renegotiation vulnerability made public

Published by hirantha at 7:32 AM under Security

TLS 1.0+ and SSL 3.0+ (known from among others "https") is vulnerable to a protocol weakness where a man in the middle attack could be worked in during the renegotiation phase in modern versions of the protocol.

While the details had been offered in a meeting with the IETF, vendors and the open source implementers of SSL privately, it appears an IETF mailing list came to finding it again. That seems to have prompted the original finders to offer up their finding publicly.

 

There does not seem to be much you can do till the protocol is fixed. The main problem seems to be with clients using certificate authentication.

Exploiting this requires the attacker to be able to intercept the traffic.



  [Twitter] [Digg] [Facebook] [Google] [StumbleUpon]

Tags: ,

 

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Responses