Assessing the security of a portable router: a look inside its hardware

Network administrators should perform security assessments of hardware that they will provide their users, or particularly paranoid users might want to poke at their devices just to be extra sure. In this blog post, we will demonstrate the techniques used to assess security on a generic portable...

PT-2018-1607 · Atlantis · Atlantis Word Processor

Name of the Vulnerable Software and Affected Versions: Atlantis Word Processor version 3.2.5.0 Description: The issue is related to an uninitialized pointer vulnerability in the Office Open XML parser. It can be triggered by a specially crafted document, causing an uninitialized pointer to be...

PT-2018-1609 · Atlantis · Atlantis Word Processor

Name of the Vulnerable Software and Affected Versions: Atlantis Word Processor versions 3.0.2.3 through 3.0.2.5 Description: An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor. A specially crafted document can prevent the application fro...

PT-2018-1608 · Atlantis · Atlantis Word Processor

Name of the Vulnerable Software and Affected Versions: Atlantis Word Processor versions 3.0.2.3 through 3.0.2.5 Description: The issue is caused by an uninitialized length vulnerability in the Word document-parser of the Atlantis Word Processor. A specially crafted document can lead to a buffer...

Multiple vulnerabilities in Red Hat glusterfs server RPC request processor component

Red Hat glusterfs server is an open source distributed file system from Red Hat Red Hat. The system is mainly for media streaming , data analysis and other data and bandwidth intensive tasks to create large-scale distributed storage solutions. Multiple vulnerabilities exist in the 'gfs3lookupreq'...

Red Hat glusterfs server RPC request processor component path traversal vulnerability

Red Hat glusterfs server is an open source distributed file system from Red Hat Red Hat. The system is mainly for media streaming , data analysis and other data and bandwidth intensive tasks to create large-scale distributed storage solutions. A path traversal vulnerability exists in the...

Rosenbridge - Hardware Backdoors In Some X86 CPUs

project:rosenbridge reveals a hardware backdoor in some desktop, laptop, and embedded x86 processors. The backdoor allows ring 3 userland code to circumvent processor protections to freely read and write ring 0 kernel data. While the backdoor is typically disabled requiring ring 0 execution to...

openssl: bn_sqrx8x_internal carry bug on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

[SECURITY] [DLA 1481-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.110-3+deb9u4deb8u1 CVE ID : CVE-2018-3620 CVE-2018-3646 Debian Bug : 906769 Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of...

[SECURITY] Fedora 28 Update: qemu-2.11.2-2.fc28

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] Fedora 27 Update: qemu-2.10.2-1.fc27

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] [DSA 4279-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4279-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 20, 2018 https://www.debian.org/security/faq -...

Debian DSA-4279-1 : linux - security update (Foreshadow)

Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary...

MGASA-2018-0347 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX...

This Week in Security News: Banks and Botnets

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the FBI warned U.S. banks of a wide-scale cybercrime campaign called “ATM cash-out,” in which hackers use cloned ATM cards for fraudulent...

Speculation Attack Against Intel's SGX

Another speculative-execution attack against Intel's SGX. At a high level, SGX is a new feature in modern Intel CPUs which allows computers to protect users' data even if the entire system falls under the attacker's control. While it was previously believed that SGX is resilient to speculative...

SUSE-SU-2018:2363-1 Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606482 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

HPE 3PAR Service Processor Access Bypass Vulnerability

HPE 3PAR Service Processor SP is a suite of virtual service processors deployed on the VMware vSphere hypervisor from Hewlett Packard Enterprise HPE, USA. An access bypass vulnerability exists in previous versions of HPE 3PAR SP SP-4.4.0.GA-110 MU7, which can be exploited by remote attackers to...

HPE 3PAR Service Processor Cross-Site Request Forgery Vulnerability

HPE 3PAR Service Processor SP is a suite of virtual service processors deployed on the VMware vSphere hypervisor from Hewlett Packard Enterprise HPE, USA. A cross-site request forgery vulnerability exists in versions prior to HPE 3PAR SP SP-4.4.0.GA-110 MU7. A remote attacker could exploit this...

HPE 3PAR Service Processor Local Privileged Information Disclosure Vulnerability

HPE 3PAR Service Processor SP is a suite of virtual service processors deployed on the VMware vSphere hypervisor from Hewlett Packard Enterprise HPE, USA. A security vulnerability exists in versions prior to HPE 3PAR SP SP-4.4.0.GA-110 MU7. A remote attacker could exploit the vulnerability to...