USN-2613-1: Linux kernel (Trusty HWE) vulnerabilities

Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network LAN could potential exploit this flaw to cause a denial of service system crash of targeted system. CVE-2014-9715 Jan Beulic...

Eraseme Backdoor analysis-vulnerability warning-the black bar safety net

0×0 0 summary This is@neteagle capture a sample of this, curious to ask to come and see, a simple analysis for a moment; this is one with the infection function of backdoors. Due to its propagation name eraseme%d%d%d%d%d.exe so we called Eraseme the back door. This is my first analysis report,...

OracleVM 3.3 : kernel-uek (OVMSA-2015-0060)

The remote OracleVM system is missing necessary patches to address critical security updates : - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438...

Medium: kernel

Issue Overview: A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a...

CVE-2015-1672

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service recursion and performance degradation via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability."...

Denial of service

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service recursion and performance degradation via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability."...

CVE-2015-1672

The CVE refers to a DoS vulnerability in Microsoft .NET Framework caused by improper handling of XML encrypted data. A remote attacker can trigger recursion during XML decryption, leading to performance degradation or denial of service. Affected products include .NET Framework 2.0 SP2, 3.5, 3.5.1...

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-68.2.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 3.8.13-68.2.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.250.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077389 CVE-2015-3331 2.6.39-400.250.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807440 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...

Firefox 38 Fixes 13 Flaws, Ships With DRM Support

Mozilla has fixed 13 security flaws in Firefox 38, including five critical vulnerabilities. The new version of the browser also includes a feature that enables the use of DRM-enabled video content in Firefox, a decision that comes with some controversy. DRM digital rights management, the generic...

Angler Exploit Kit Pushing New, Unnamed Ransomware

Attackers are using the infamous Angler exploit kit to disseminate a new, yet unnamed variant of the TeslaCrypt and AlphaCrypt ransomware, according to Rackspace security researcher Brad Duncan. Duncan analyzed the threat on the SANS Internet Storm Center, saying that the malware presents its...

New Utility Decrypts Files Lost to TeslaCrypt Ransomware

Crypto-ransomware variants have enterprises on edge because of the threat of irreversibly damaged files. Some organizations, including most recently the Tewksbury, Ma., police department have gone as far as to pay hundreds of dollars in ransom for the recovery key. Some technology companies are...

Debian DLA-198-1 : wireshark security update

The following vulnerabilities were discovered in the Squeeze's Wireshark version : CVE-2015-2188 The WCP dissector could crash CVE-2015-0564 Wireshark could crash while decypting TLS/SSL sessions CVE-2015-0562 The DEC DNA Routing Protocol dissector could crash CVE-2014-8714 TN5250 infinite loops...

[slackware-security] gnupg

New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/gnupg-1.4.19-i486-1slack14.1.txz: Upgraded. Use ciphertext blinding for Elgamal decryption CVE-2014-3591. See...

Ransomware Teslacrypt Still Targeting Gamers

Teslacrypt, the fairly new strain of ransomware that’s been targeting gamers, is continuing to make the rounds online. Researchers have spotted exploit kits like Sweet Orange and Angler dropping the malware on machines over the past few months. This week, Brad Duncan, a handler over at the SANS...

CoinVault Ransomware Decryption Tool Released

Are you one of those Windows users who have found themselves as victims of the CoinVault Ransomware? If Yes, then we have a Good news for you: Victims of CoinVault ransomware can now decrypt their files encrypted by malware using a free tool released by Kaspersky Lab. With the Help of The Nationa...

Debian DLA-190-1 : libgcrypt11 security update

Multiple vulnerabilities were discovered in libgcrypt : CVE-2014-3591 The Elgamal decryption routine was susceptible to a side-channel attack discovered by researchers of Tel Aviv University. Ciphertext blinding was enabled to counteract it. Note that this may have a quite noticeable impact on...

PostgreSQL -- minor security problems.

PostgreSQL project reports: This update fixes three security vulnerabilities reported in PostgreSQL over the past few months. Nether of these issues is seen as particularly urgent. However, users should examine them in case their installations are vulnerable:. CVE-2015-3165 Double "free" after...

DLA-190-1 libgcrypt11 - security update

Bulletin has no description...

openssl: Divide-and-conquer session key recovery in SSLv2

It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle...