Original release date: February 17, 2016 GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Vulnerability Note VU#457759 and the glibc Project Notification for additional details and to refer to their respective Linux or Unix-based OS vendor for an appropriate patch
Monthly Archive: February 2016
VU#923388: Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password
Vulnerability Note VU#923388 Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password Original Release date: 17 Feb 2016 | Last revised: 17 Feb 2016 Overview Swann network video recorder (NVR) devices contain a hard-coded password and do not require authentication to view the video feed when accessing from specific URLs. Description CWE-259 : Use of Hard-coded Password – CVE-2015-8286 According to the researcher, the Swann SRNVW-470LCD and Swann SWNVW-470CAM contain a hard-coded passwords allowing administrative or root access.
Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names
Vulnerability Note VU#899080 Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials Original Release date: 17 Feb 2016 | Last revised: 18 Feb 2016 Overview Digital Video Recorders (DVRs), security cameras, and possibly other devices from multiple vendors use a firmware derived from Zhuhai RaySharp that contains a hard-coded root password. Description CWE-259 : Use of Hard-coded Password – CVE-2015-8286 According to the reporter, DVR devices based on the Zhuhai RaySharp firmware contain a hard-coded root password
Vulnerability Note VU#457759 glibc vulnerable to stack buffer overflow in DNS resolver Original Release date: 17 Feb 2016 | Last revised: 18 Feb 2016 Overview GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code. Description CWE-121 : Stack-based Buffer Overflow – CVE-2015-7547 According to a Google security blog post : “The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.” According to glibc developers, the vulnerable code was initially added in May 2008 as part of the development for glibc 2.9.
VU#507216: Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default
Vulnerability Note VU#507216 Hirschmann “Classic Platform” switches reveal administrator password in SNMP community string by default Original Release date: 16 Feb 2016 | Last revised: 16 Feb 2016 Overview Hirschmann “Classic Platform” switches contain a password sync feature that syncs the switch administrator password with the SNMP community password, exposing the administrator password to attackers on the local network. Description CWE-257 : Storing Passwords in a Recoverable Format For all Hirschmann (part of Belden) “Classic Platform” switches (which includes the MACH series workgroup switches, among others), by default, the switch administrator password is used to construct an SNMP community string that allows remote management of some switch configuration
More psychological research on our reaction to terrorism and mass violence: The researchers collected posts on Twitter made in response to the 2012 shooting attack at Sandy Hook Elementary School in Newtown, Connecticut. They looked at tweets about the school shooting over a five-and-a-half-month period to see whether people used different language in connection with the event depending on how geographically close they were to Newtown, or how much time had elapsed since the tragedy. The analysis showed that the further away people were from the tragedy in either space or time, the less they used words related to sadness ( loss, grieve, mourn ), suggesting that feelings of sorrow waned with growing psychological distance.
ISC Stormcast For Tuesday, February 16th 2016 http://isc.sans.edu/podcastdetail.html?id=4869, (Tue, Feb 16th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Although a lot has been written about SQL injection vulnerabilities, they can still be found relatively often. In most of the cases Ive seen in last couple of years, I had to deal with blind SQL injection vulnerabilities