Vulnerability Note VU#685996 GNU wget Arbitrary Filesystem Access through FTP Symlinks Original Release date: 28 Oct 2014 | Last revised: 28 Oct 2014 Overview GNU wget 1.15 allows arbitrary filesystem access when using symlinks in FTP. Description CWE-59: CWE-59: Improper Link Resolution Before File Access (‘Link Following’) Wget is a common Unix utility to retrieve a remote file. When wget 1.15 is running in recursive mode (the -m or -r switch) with a FTP server as the destination, it is vulnerable to a link following attack
Original release date: October 27, 2014 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT).
Continuing our theme of False Positives this month, Id like to talk about the process of managing false positives we encounter in the course of analysis. False positives will almost always show at some point during a security analysis, which leads to unwanted additional work on the part of either the sysadmins, security teams, or both. Even worse, continued false positives can lead to complacency during analysis, where things are assumed”> “> Managing false positives in our testing and analysis is part of the overall security process, which can be used to identify and eliminate false positives.
This video shows configuration steps and a test scenario with McAfee Next Generation Firewall and McAfee Advance Threat Defense.
Vulnerability Note VU#184540 Incorrect implementation of NAT-PMP in multiple devices Original Release date: 23 Oct 2014 | Last revised: 23 Oct 2014 Overview Many NAT-PMP devices are incorrectly configured, allowing them to field requests received on external network interfaces or map forwarding routes to addresses other than that of the requesting host, making them potentially vulnerable to information disclosure and malicious port mapping requests. Description CWE-200 : Information Exposure NAT-PMP is a port-mapping protocol in which a network address translation (NAT) device, typically a router, is petitioned by a trusted local network host to forward traffic between the external network and the petitioning host. As specified in RFC 6886 , “The NAT gateway MUST NOT accept mapping requests destined to the NAT gateway’s external IP address or received on its external network interface.” Additionally, mapping requests “must” be mapped to the source address of the internal requesting host.
Original release date: October 23, 2014 Apple has released QuickTime 7.7.6 for Windows 7, Vista, XP SP2 or later to address multiple vulnerabilities, some of which may allow remote attackers to execute arbitrary code or cause a denial of service. Users and administrators are encouraged to review Apple Support Article HT6493 and apply any necessary updates
In this video, you will see how to imanage and configure policies for McAfee Virus Scan Enterprise (VSE) for Linux For more information about the McAfee VirusScan Enterprise for Linux, visit…
In this video, you will see how to install configure and test McAfee MOVE multiplatform. For more information about McAfee MOVE Antivirus, visit the product page at: http://www.mcafee.com/us/prod…