Assorted[chips] Security Vulnerabilities

DRAM Rowhammer vulnerability Leads to Kernel Privilege Escalation

Security researchers have find out ways to hijack the Intel-compatible PCs running Linux by exploiting the physical weaknesses in certain varieties of DDR DRAM (double data rate dynamic random-access memory) chips and gaining higher kernel privileges on the system. The technique, dubbed...

Exploiting the DRAM rowhammer bug to gain kernel privileges

Rowhammer blog post (draft) Posted by Mark Seaborn, sandbox builder and breaker, with contributions by Thomas Dullien, reverse engineer [This guest post continues Project Zero’s practice of promoting excellence in security research on the Project Zero blog] Overview “Rowhammer” is a problem with...

BadUSB Vulnerabilities in ICS Gear

CANCUN – BadUSB was the hot hack of the summer of 2014. Noted researcher Karsten Nohl delivered a talk at Black Hat during which he explained how USB controller chips in peripheral devices that connect over USB can be reprogrammed. The result is a completely compromised device hosting undetectable....

Examining the Risks and Advantages of Biohacking

CANCUN – Hannes Sjoblad of the Swedish Biohacking Association throws a mean implant party, the latest of which was held today on stage at the Security Analyst Summit. Povel Torudd, head of European PR at Kaspersky Lab, bravely volunteered to have a NFC implant the side of a grain of rice shot into....

Entangled Photons on Silicon Chip: Secure Communications & Ultrafast Computers

With the rise in technology, the need of ultrafast quantum computer has also increased that can work on huge numbers and calculations at the same time. Quantum technology has long been a scientific dream, but now it is a step closer to becoming a reality after a team of scientists has figured out.....

Court Rules Banks May Proceed with Target Lawsuits

A Minnesota District Court ruling this week related to the 2013 Target data breach has opened the door for banks to pursue damages from retailers victimized by a data breach. Judge Paul A. Magnuson ruled that Target was negligent in ignoring and, in some cases, turning off security features that...

Half of Leading USB Controller Chips Vulnerable to BadUSB

BadUSB hasn’t gone from bad to worse necessarily, but it sure has reached a new state of confusion for security experts and consumers in the crosshairs. Researcher Karsten Nohl, who warned the world during Black Hat last summer that the controller chips in most USB devices could be reprogrammed to....

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed: * CVE-2014-1739: The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9746 / 9749 / 9751)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed : The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Number 9750)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed : The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed: * CVE-2014-1739: The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does...

Hacking Smart Electricity Meters To Cut Power Bills

Smart devices are growing at an exponential pace with the increase in connecting devices embedded in cars, retail systems, refrigerators, televisions and countless other things people use in their everyday life, but security and privacy are the key issues for such applications, which still face...

Karsten Nohl BadUSB Patch Fall Short of a Fix

Two researchers who released code that can be used to exploit a critical weakness in most USB drives followed that up Sunday with their version of a patch for the problem. The attack code and subsequent patch is a response to the BadUSB research released during Black Hat this summer, yet, the fix.....

TinyShop修复不当再次注入（全版本）

简要描述： 在修复http://www.wooyun.org/bugs/wooyun-2014-068153漏洞时候，处理不当，治标不治本。 详细说明： public static function getIP() { if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))$ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; elseif (isset($_SERVER["HTTP_CLIENT_IP"])) $ip = $_SERVER["HTTP_CLIENT_IP"]; ...

tinyshop cookie注入

简要描述： cookie没有过滤导致sql注入 详细说明： 首先看cookie的加密： ///加解密算法 private static function code($string, $op="decode", $key='', $expiry=0) ///加密算法调用： $value = Crypt::encode($value,self::getSafeCode()); ///解密算法的调用： $cookie= Crypt::decode($cryptCookie,self::getSafeCode()); 这里的关键就是self::getSafeCode() public static....

Oracle Linux 5 : kernel (ELSA-2014-1143-1)

From Red Hat Security Advisory 2014:1143 : Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base...

CentOS 5 : kernel (CESA-2014:1143)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating,....

Oracle Linux 5 : kernel (ELSA-2014-1143)

From Red Hat Security Advisory 2014:1143 : Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140903)

An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system. ...

kernel security update

CentOS Errata and Security Advisory CESA-2014:1143 The kernel packages contain the Linux kernel, the core of any Linux operating system. An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local,.....

RHEL 5 : kernel (RHSA-2014:1143)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating,....

(RHSA-2014:1143) Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak...

Backoff Sinkhole Reveals Sorry Point-of-Sale Security

Kaspersky Lab researchers say that a recent analysis of two Backoff malware command and control servers paints “a very bleak picture of the state of point-of-sale security.” Kaspersky Lab sinkholed two of the malware’s command and control servers. In just two days, nearly 100 infected systems,...

HashCat Introduction: Break That Hash

When the Bitcoin mining craze hit its peak, people felt the tug to join this new community and make some easy money. The Concepts behind Bitcoin mining intrigued me, in particular the new use of graphics processors (GPUs). With a moderately expensive video card, you could bring in enough money to.....

Expert Warns of Chip-and-PIN Pitfalls

LAS VEGAS – The inevitable changeover from magnetic strip-based payment cards to EMV, or chip-and-PIN, is coming for consumers and merchants in the United States. And coming along with it are a raft of weaknesses and real-world attacks that shoot holes in the presumption that EMV will remedy...

Harnessing the Power of an Android Cluster for Security Research

When the topic of mobile security comes up, users and researchers often discuss Android as if it’s one monolithic operating system like iOS is. But the fact is that there are nearly as many versions of Android as there are Android devices, which has led to plenty of confusion when it’s time to fix....

TinyShop Sql Injection 1（无视GPC）

简要描述： TinyShop Sql Injection 1（无视GPC） 详细说明： 后台登陆界面存在检查功能，不安全取值导致的SQL注入。 ``` /controller/controller_class.php public function check() { $this->safebox = Safebox::getInstance(); $this->title='后台登录'; $code = $this->safebox->get($this->captchaKey); if($code !=...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed: * CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed: * CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed: * CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 Real Time Extension kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed: * CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 Real Time Extension kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed: * CVE-2012-2372: The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9488 / 9491 / 9493)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. The following security bugs have been fixed : The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel...

WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal

No description provided by...

Linux Kernel 2.0.x/2.2.x/2.4.x,FreeBSD 4.x Network Device Driver Frame Padding Information Disclosure

No description provided by...

openSUSE Security Update : kernel (openSUSE-SU-2014:0840-1)

The Linux kernel was updated to fix security issues and bugs. Security issues fixed: CVE-2014-3153: The futex_requeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted...

kernel: security and bugfix update (important)

The Linux kernel was updated to fix security issues and bugs. Security issues fixed: CVE-2014-3153: The futex_requeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted...

Intel Developing RFID Tracking and Remote Controlled 'Kill Switch' for Laptops

Kill Switch - the ability to render devices non-operational to prevent theft - has become a hot topic nowadays. The ability to remotely destroy data of the device lost or stolen has been available for quite some time now, but Kill switch not only remotely destroy the devices’ data but also the...

BMC Vulnerability Exposes Admin Password of 32,000 Servers in Plaintext on the Internet

A Flaw has been discovered in the motherboards manufactured by the server manufacturer Supermicro, has left more than 30,000 servers vulnerable to hackers that could allow them to remotely compromise the management interface of unpatched servers. The vulnerability actually resides in the Baseboard....

openSUSE Security Update : kernel (openSUSE-SU-2011:0416-1)

The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-1493: In the rose networking stack, when parsing the FAC_NATIONAL_DIGIS facilities field, it was possible for a remote host to provide more digipeaters than....

openSUSE Security Update : kernel (openSUSE-SU-2011:0399-1)

The openSUSE 11.3 kernel was updated to 2.6.34.8 to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-1493: In the rose networking stack, when parsing the FAC_NATIONAL_DIGIS facilities field, it was possible for a remote host to provide more digipeaters than....

Chip and PIN EMV Protocol security vulnerabilities found

Chip-and-PIN payment cards are coming to the United States after a long head start as a standard card-present payment method in Europe and Asia. Already, retailer Target accelerated its plan to move its branded debit and credit cards to chip-and-PIN, also known as EMV (Europay, MasterCard and...

Pre-Play Vulnerability Allows Chip-and-PIN Payment Card Cloning

In March this year, we reported that the major card distributor companies, VISA and Mastercard are migrating to EMV chip cards, also known as PIN-and-Chip cards. Unlike traditional magnetic stripe payment cards, EMV chip cards generates a unique code for every transaction, making it nearly*...

Researchers: Accelerometers Perfect for Pervasive Tracking

Minute manufacturing imperfections in popular accelerometers cause that hardware to emit uniquely identifiable data that could give third parties the ability to single out specific mobile devices, regardless of any privacy protections deployed on them. In a paper published by the University of...

Desktop Viruses Coming to Your TV and Connected Home Appliances

Smart Devices are growing at an exponential rate and so are the threats to them. After your Computers, Servers, Routers, Mobiles and Tablets, now hackers are targeting your Smart TVs, warns Eugene Kaspersky the co-founder and chief executive of Kaspersky Lab. As the increase in the manufactures...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 RealTime Extension kernel has been updated to fix various bugs and security issues. ------------ WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 (revision 0x13), 5520...

Security update for Linux kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. ------------ WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or X58...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9102 / 9104 / 9105)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues. WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or X58 (revisions 0x12, 0x13, 0x22),...

Security update for Linux Kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix various bugs and security issues. ------------ WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or X58...

SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9047 / 9050 / 9051)

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix various bugs and security issues. WARNING: If you are running KVM with PCI pass-through on a system with one of the following Intel chipsets: 5500 (revision 0x13), 5520 (revision 0x13) or X58 (revisions 0x12, 0x13, 0x22),...