Category: Research & Alerts

"Misfortune Cookie" Broadband Router Vulnerability 0

"Misfortune Cookie" Broadband Router Vulnerability

Original release date: December 20, 2014 Broadband routers employing the Allegro RomPager firmware prior to versions 4.34 contain a vulnerability in HTTP cookie processing code. Exploitation of this vulnerability could allow a remote attacker to take control of an affected device.

Which NTP Servers do You Need to Patch?, (Sat, Dec 20th) 0

Which NTP Servers do You Need to Patch?, (Sat, Dec 20th)

While people generally know where their real NTP servers are, all to often they dont know that theyve got a raft of accidental NTP servers – boxes that have NTP enabled without the system maintainers knowing about it. Common servers on the network like routers or switches (often when these are NTP clients, they are also NTP servers), PBXs and VOIP gateways, mail servers, certificate authorities and so on

Vulnerabilities Identified in Network Time Protocol Daemon 0

Vulnerabilities Identified in Network Time Protocol Daemon

Original release date: December 19, 2014 NTP has released an update that addresses multiple vulnerabilities in the Network Time Protocol daemon. Exploitation of these vulnerabilities may allow a remote attacker to execute malicious code. US-CERT encourages users and administrators to review Vulnerability Note VU#852879 and update to NTP 4.2.8 if necessary.

FTC Releases "Package Delivery" Themed Scam Alert 0

FTC Releases "Package Delivery" Themed Scam Alert

Original release date: December 19, 2014 The Federal Trade Commission (FTC) has released a Scam Alert addressing a “Package Delivery” themed phishing campaign regarding package delivery notifications from the U.S. Postal Service.  Scam operators often use false information linked to reputable organizations to imply the email is legitimate. Users are encouraged to review the FTC Scam Alert for details, and refer to the Recognizing and Avoiding Email Scams Publication for information on email scams.

VU#561444: Multiple broadband routers use vulnerable versions of Allegro RomPager 0

VU#561444: Multiple broadband routers use vulnerable versions of Allegro RomPager

Vulnerability Note VU#561444 Multiple broadband routers use vulnerable versions of Allegro RomPager Original Release date: 19 Dec 2014 | Last revised: 19 Dec 2014 Overview Multiple broadband routers use vulnerable versions of Allegro RomPager in current firmware releases. Description Many home and office/home office (SOHO) routers have been found to be using vulnerable versions of the Allegro RomPager embedded web server. Allegro RomPager versions prior to 4.34 contain a vulnerability in cookie processing code that can be leveraged to grant attackers administrative privileges on the device.

Bridging Datacenters for Disaster Recovery – Virtually, (Fri, Dec 19th) 0

Bridging Datacenters for Disaster Recovery – Virtually, (Fri, Dec 19th)

Its been a while since we talked about Disaster Recovery issues – the last diary I posted on this was on using L2TPv3 to bridge your Datacenter / Server VLAN to the same VLAN at a DR site, over an arbitrary Layer 3 network ( https://isc.sans.edu/diary/8704 ) Since then, things have changed. Theres a real push to move DR sites from a rack in a remote office location to recognized IaaS cloud locations