Home > Uncategorized > Security News #0x50

Security News #0x50

  • Ars Technica has a nice summary of the Apple sudo vulnerability that has been the talk of the town this past week. This is a significant flaw, as it allows privilege escalation to root on Apple systems, and it currently unpatched for OSX from 10.7 through 10.8.4. On the other hand, exploiting the issue is constrained, as a number of preconditions need to be met before the exploit can be used. The core issue is a problem (CVE 2013-1775) with sudo reported earlier in the year that also affects Linux systems. The catch on Apple systems is that, unlike Linux systems, root access is not required to update the system time, and this modification of the system time is used in the current attack. As might be expected, the folks at Metasploit now have a module, although that may be overkill, as the entire exploit fits in a tweet.
  • PacketStorm has another Java vulnerability, similar to the one announced on August 19. This one affects ByteComponentRaster.verify(), rather than BytePackedRaster.verify(). As before, PoC code is available.
  • What would a list of exploits be without something affecting a fun consumer product? Core Labs has a proof of concept attack on DVRs from AVTech.
  • Learning More
    • If you have (Windows) password hashes on a network, and want to know how to leverage them for additional access, you may wish to take a look at the recent post from Chris Truncer.
    • I am a big fan of the use of ModSecurity to protect web sites. The folks over at the SpiderLabs blog have a cool demonstration of a novel way to use ModSecurity by creating a honeytrap. In particular, they show how ModSecurity can add fictitious entries to a robots.txt file, and then check to see if attackers try to access these nonexistent web pages.
    • Ars Technica discusses how password cracking attacks are expanding to attack passphrases.
    • The Carnal0wnage blog has list of hackme challenges and the like for Android applciations.
    Industry News
    • Threatpost has a nice summary of the attack last week against the New York Times. One interesting angle mentioned in the piece was the fact that the attackers could have used the same technique to re-direct email rather than the web site.
    • It looks like someone has been able to reverse engineer the DropBox client. You may also want to take a look at Threatpost’s take.
    • BuzzFeed reports that there is a security flaw in army computers that allow unauthenticated logons after logoffs.
    • Let’s end as we began, by discussing more Apple Awesomesauce. It turns out that apps on both OSX and iOS will crash hard if they read a particular string of Arabic text.
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: