Home > Uncategorized > Security News #0x4A

Security News #0x4A

  • Apache Struts versions 2.0.0 through 2.3.15 are vulnerable to remote code execution attacks. The underlying vulnerability is labelled CVE 2013-2251.
  • Samsung television sets are vulnerable to a remote DoS attack, caused by an overlarge GET request to a web server it is running. No really, I am serious here. No, I don’t know why you would put a web server on a TV. Maybe because they thought adding a popcorn maker would simply be silly? The attack is due to Malik Mesellem, and I saw it on Packetstorm. The underlying vulnerability is CVE 2013-2890. You can even watch a YouTube video of the hack on your TV. If is still working.
  • You can also hack into the FOSCAM IP-Camera. Corelabs announced on Bugtraq that they can browse the /log (and /tmpfs) subdirectories without authentication.
Learning More
  • Jay Freeman (saurik) has a pair of nice articles on the recently announced Android signing vulnerabilities. These are full of the technical details for the problem, and includes some detailed methods on hot to exploit the issue.
  • Vupen has some technical details for the EPATHOBJ::pprFlattenRec() privilege escalation exploit of MS13-053 (CVE 2013-3660) originally found by Tavis Ormandy.
  • The folks at the Sucuri Blog have a great dissection of an attack that was made on a WordPress 3.5.2 honeypot; the attack was launched via a brute-force attack on the wp-admin password. What is somewhat more interesting is what the attackers did after they gained access to the system. Well worth a look.
Industry News
  • The Ubuntu Forums were attacked, and password hashes compromised. If you have an account there, be sure that you have changed your password(s)! Ars Technica reports that 1.82 million hashes were compromised; apparently they used MD5 with a per-user salt.
  • And while we are talking about breaches, TechCrunch reports that Apple’s iOS Developer Center was breached as well. Be sure to read the comment section though, as there Ibrahim Balic takes credit for the attack. The response from Securosis could not be more apt. You may also want to check out The Guardian’s take; they also report that 275,000 accounts were compromised.
  • The Economist describes how Nordstrom apparently used wi-fi networks to track shoppers in their stores. The article goes on to discuss the kinds of information that could be leaked through this approach.
  • The folks at SRLabs announced a way to potentially clone as many as 500 million SIM cards. The folks at Naked Security have some perspective.
  • In Maryland news, the local company Sourcefire, developers of Snort has been bought by Cisco.
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: