Tagged: vulnerability

Best Practices to Protect You, Your Network, and Your Information 0

Best Practices to Protect You, Your Network, and Your Information

Original release date: July 31, 2015 The National Cybersecurity and Communications Integration Center (NCCIC) and its partners responded to a series of data breaches in the public and private sector over the last year, helping organizations through incident response actions, conducting damage assessments, and implementing restoration and mitigation actions. During NCCIC’s recent work, following best practices proved extremely effective in protecting networks, the information residing on them, and the equities of information owners. The recently updated National Institute of Standards and Technology Cybersecurity Framework highlights best practices

VU#360431: Chiyu Technology fingerprint access control contains multiple vulnerabilities 0

VU#360431: Chiyu Technology fingerprint access control contains multiple vulnerabilities

Vulnerability Note VU#360431 Chiyu Technology fingerprint access control contains multiple vulnerabilities Original Release date: 31 Jul 2015 | Last revised: 31 Jul 2015 Overview Multiple models of Chiyu Technology fingerprint access control devices contain a cross-site scripting (XSS) vulnerability and an authentication bypass vulnerability. Description CWE-80 : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) – CVE-2015-2870 According to the reporter, tags are not filtered out of a URL passed to the device, allowing an attacker to perform a reflected XSS attack

VU#577140: BIOS implementations fail to properly set UEFI write protections after waking from sleep mode 0

VU#577140: BIOS implementations fail to properly set UEFI write protections after waking from sleep mode

Vulnerability Note VU#577140 BIOS implementations fail to properly set UEFI write protections after waking from sleep mode Original Release date: 30 Jul 2015 | Last revised: 30 Jul 2015 Overview Multiple BIOS implementations fail to properly set write protections after waking from sleep, leading to the possibility of an arbitrary BIOS image reflash. Description According to Cornwell, Butterworth, Kovah, and Kallenberg, who reported the issue affecting certain Dell client systems (CVE-2015-2890): There are a number of chipset mechanisms on Intel x86-based computers that provide protection of the BIOS from arbitrary reflash with attacker-controlled data. One of these is the BIOSLE and BIOSWE pair of bits found in the BIOS_CNTL register in the chipset.

Internet Systems Consortium (ISC) Releases Security Updates for BIND 0

Internet Systems Consortium (ISC) Releases Security Updates for BIND

Original release date: July 28, 2015 ISC has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition. Updates available include: BIND 9-version 9.9.7-P2 BIND 9-version 9.10.2-P3 Users and administrators are encouraged to review ISC Knowledge Base Article AA-01272 and apply the necessary updates.

‘Stagefright’ Android Vulnerability 0

‘Stagefright’ Android Vulnerability

Original release date: July 28, 2015 Android devices running Android versions 2.2 through 5.1.1_r4 contain vulnerabilities in the Stagefright media playback engine. Exploitation of these vulnerabilities may allow an attacker to access multimedia files or potentially take control of a vulnerable device. Users and administrators are encouraged to review Vulnerability Note VU#924951 for more information

VU#924951: Android Stagefright contains multiple vulnerabilities 0

VU#924951: Android Stagefright contains multiple vulnerabilities

Vulnerability Note VU#924951 Android Stagefright contains multiple vulnerabilities Original Release date: 28 Jul 2015 | Last revised: 28 Jul 2015 Overview Stagefright is the media playback service for Android, introduced in Android 2.2 (Froyo). Stagefright contains multiple vulnerabilities, including several integer overflows, which may allow a remote attacker to execute code on the device. Description According to a Zimperium zLabs blog post , Android’s Stagefright engine contains multiple vulnerabilities, including several integer overflows, allowing a remote attacker to access files or possibly execute code on the device.

Fiat Chrysler Automobiles (FCA) Uconnect Vulnerability 0

Fiat Chrysler Automobiles (FCA) Uconnect Vulnerability

Original release date: July 27, 2015 A vulnerability affecting the Uconnect software from FCA has been reported. Exploitation of this vulnerability may allow an unauthorized user to take remote control of an affected vehicle, but the attack requires access to Sprint’s cellular network, which connects FCA vehicles to the Internet

SB15-208: Vulnerability Summary for the Week of July 20, 2015 0

SB15-208: Vulnerability Summary for the Week of July 20, 2015

Original release date: July 27, 2015 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information.

VU#857948: Honeywell Tuxedo Touch Controller contains multiple vulnerabilities 0

VU#857948: Honeywell Tuxedo Touch Controller contains multiple vulnerabilities

Vulnerability Note VU#857948 Honeywell Tuxedo Touch Controller contains multiple vulnerabilities Original Release date: 24 Jul 2015 | Last revised: 24 Jul 2015 Overview All versions of Honeywell Tuxedo Touch Controller are vulnerable to authentication bypass and cross-site request forgery (CSRF). Description CWE-603 : Use of Client-Side Authentication – CVE-2015-2847 The Honeywell Tuxedo Touch Controller web interface uses JavaScript to check for client authentication and redirect unauthorized users to a login page. By intercepting and dropping requests containing the string USERACCT=USERNAME:_,PASSWORD:_, an unauthenticated user may bypass authentication and access restricted pages