91 matches found
Throwback Barnaby Jack: Jackpotting ATMs
Barnaby Jack always seemed to find a way to make the process of banging away on an application–or a pacemaker or an ATM–look like the most fun anyone has ever had. And he wanted all of his friends to join in the fun. Jack, a respected and much-admired security researcher at IOActive, died on July...
EAS Devices Shipping with Compromised Root SSH Key
UPDATE – Firmware images for the application servers that distribute messages for the Emergency Alert System in the United States were shipping with a private root SSH key that has been disclosed. Hackers who have this key can access one of these servers and interrupt or manipulate an EAS message...
FreeBSD : xorg -- protocol handling issues in X Window System client libraries (2eebebff-cd3b-11e2-8f09-001b38c3836c)
freedesktop.org reports : Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most...
[SECURITY] [DSA 2693-1] libx11 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2693-1 [email protected] http://www.debian.org/security/ Raphael Geissert May 24, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2679-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2677-1] libxrender security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2677-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2691-1] libxinerama security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2691-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
Hard-Coded Credentials Found in TURCK ICS Devices
Hard-coded credentials are a longstanding security no-no, but they’re also an ever-present reality because of developers and IT managers who require remote access to networks and systems for troubleshooting purposes. The level of risk in such cases depends on the system in question. But one thing...
Debian DSA-2691-1 : libxinerama - several vulnerabilities
Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...
[SECURITY] [DSA 2690-1] libxxf86dga security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2690-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2689-1] libxtst security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2689-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2685-1] libxp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2685-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2683-1] libxi security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2683-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2682-1] libxext security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2682-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2680-1] libxt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2680-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2679-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2677-1 (libxrender - several vulnerabilities)
Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...
Debian Security Advisory DSA 2685-1 (libxp - several vulnerabilities)
Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...
Debian Security Advisory DSA 2682-1 (libxext - several vulnerabilities)
Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...
Debian Security Advisory DSA 2674-1 (libxv - several vulnerabilities)
Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...