Security News #0x4A
- Apache Struts versions 2.0.0 through 2.3.15 are vulnerable to remote code execution attacks. The underlying vulnerability is labelled CVE 2013-2251.
- Samsung television sets are vulnerable to a remote DoS attack, caused by an overlarge GET request to a web server it is running. No really, I am serious here. No, I don’t know why you would put a web server on a TV. Maybe because they thought adding a popcorn maker would simply be silly? The attack is due to Malik Mesellem, and I saw it on Packetstorm. The underlying vulnerability is CVE 2013-2890. You can even watch a YouTube video of the hack on your TV. If is still working.
- You can also hack into the FOSCAM IP-Camera. Corelabs announced on Bugtraq that they can browse the
/tmpfs) subdirectories without authentication.
- Jay Freeman (saurik) has a pair of nice articles on the recently announced Android signing vulnerabilities. These are full of the technical details for the problem, and includes some detailed methods on hot to exploit the issue.
- Vupen has some technical details for the EPATHOBJ::pprFlattenRec() privilege escalation exploit of MS13-053 (CVE 2013-3660) originally found by Tavis Ormandy.
- The folks at the Sucuri Blog have a great dissection of an attack that was made on a WordPress 3.5.2 honeypot; the attack was launched via a brute-force attack on the wp-admin password. What is somewhat more interesting is what the attackers did after they gained access to the system. Well worth a look.
- The Ubuntu Forums were attacked, and password hashes compromised. If you have an account there, be sure that you have changed your password(s)! Ars Technica reports that 1.82 million hashes were compromised; apparently they used MD5 with a per-user salt.
- And while we are talking about breaches, TechCrunch reports that Apple’s iOS Developer Center was breached as well. Be sure to read the comment section though, as there Ibrahim Balic takes credit for the attack. The response from Securosis could not be more apt. You may also want to check out The Guardian’s take; they also report that 275,000 accounts were compromised.
- The Economist describes how Nordstrom apparently used wi-fi networks to track shoppers in their stores. The article goes on to discuss the kinds of information that could be leaked through this approach.
- The folks at SRLabs announced a way to potentially clone as many as 500 million SIM cards. The folks at Naked Security have some perspective.
- In Maryland news, the local company Sourcefire, developers of Snort has been bought by Cisco.