Tag Archives: vulnerability

Shooting: It’s Not Just for Zombies, It’s for Other Trouble Too…

Posted on by
Reply

A few months back my car’s flaky ignition switch gave out and literally fell out of the steering column. The replacement works great, but it has a quirk that you have to turn to exactly the right spot to take the key out without leaving the radio on. A few days ago, while traveling for work, I did this part of the procedure wrong and left the radio playing all night. When I came out the next morning to go to the office, my keychain buttons didn’t respond and I could hear the radio playing from ten feet away. My immediate assumption is that the battery would be too dead to start the big engine. I sat down, put the key in, turned, and the car just wheezed without turning at all. Clearly my initial assumption was correct, so I dialed up roadside assistance and waited.

How many times have you picked up your VoIP phone and not had a dialtone and said, “damnit, service is out again.” I can’t count the number of tech calls I have been a part of or heard about where a piece of equipment suddenly stopped working and the user declared, with passion generally reserved for Samuel L. Jackson and Al Paccino at the climax of a movie, that they were positive it was plugged in and it just stopped working. After a long line of troubleshooting, unplugging and replugging it in miraculously cures the ailment, clearly a function of some latent factory problem.

Since purchasing my 1994 car some three years ago, I have on three different occasions forgotten that it has a kill switch on the ignition. If it sits for some small period of time, the kill switch engages and the engine won’t turn over. Lights work, radio works, but trying to start it results in a non-response. If the ignition is not fully disengaged, for instance if it is slightly on and leaves the radio playing, pushing the unlock will not disengage the kill switch. After forty-five minutes of non-response from Verizon’s roadside assistance, I walked out to the car, pressed the unlock button, heard the familiar “BEEP BEEP”, started the car and drove to the office. Even the pros sometimes forget to follow the basic troubleshooting steps and end up falling into the assumption ravine.

Two minutes of stepping back, forgetting that I know everything, and following a basic checklist would have saved me a lot of time and embarrassment.

Rackspace WordPress Sites Under Attack

Posted on by
4

Fanatical Support

Got Rackspace? Got WordPress? If so… you may just have a problem.

We’ve been getting calls today from Rackspace clients (hosting WordPress sites) that have been compromised similarly to the GoDaddy hack a few weeks back. The Unmask Parasites Blog has an excellent article on the attack posted on their, well, their blog.

There are some huge sites that have been hit, and some not-so-large as well (we personally were hit by an earlier attack). In the “Is Cloud the answer” debates, this will surely become an example of how a compromise in the cloud, can devastate an entire farm.

Update 6/19/2010

Shortly after this article was initially posted, Rackspace via their Rackcloud Twitter account posted the following message: Continue reading

FreePBX Security Vulnerability

Posted on by
3

I do love their logo.

Ward Mundy, of Nerd Vittles / PBX in a Flash fame, warns of a FreePBX Security Vulnerability allowing a system to be compromised simply by displaying a CDR report in the FreePBX browser.

There is a very serious security vulnerability that needs to be patched by loading the very latest version of FreePBX Framework as soon as it becomes available for your version of FreePBX. Just displaying a CDR report in the FreePBX browser could compromise your system.

The 2.5 and 2.6 patches already have been released and probably 2.7 as well. Load this patch IMMEDIATELY!!!

Setup, Module Admin, Check for Updates on Line, Upgrade All

2.5.2.3: #4223 Security Vulnerability
2.6.0.2: #3805, #3707, #4188, #4223 Security Vulnerability

For more information, check out the PBX in a Flash Forum.

Firefox Security Vulnerability (Not an April Fool’s Joke)

Posted on by
4

Upgrade Me

On 01 APR 2010, the Mozilla Foundation announced a critical update for it’s popular Firefox web browser (we say popular, since 80% of you reading this are using it). The update corrects a critical security hole accessible from arbitrary code sent to the browser.

Mozilla Foundation Security Advisory 2010-25

Title: Re-use of freed object due to scope confusion
Impact: Critical
Announced: April 1, 2010
Reporter: Nils (MWR InfoSecurity)
Products: Firefox
Title: Re-use of freed object due to scope confusion

Fixed In: Firefox 3.6.3

Description

A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint’s Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object.

Note: The contest winning exploit only affects Firefox 3.6 and not earlier versions. We will be patching Firefox 3.5 in an upcoming release just in case there is an alternate way of triggering the bug.

References

This update follows another critical security hole less than 2 weeks earlier. The product can be downloaded from their website or by using the Check for Updates feature of the software (it’s a very quick update).

Cisco SIP Denial of Service Vulnerabilities

Posted on by
2

Cisco recently announced a Denial of Service vulnerability within the SIP implementation of the Cisco IOS Software. Cisco devices running affected Cisco IOS Software versions that are configured to process SIP messages are affected. The vulnerability allows a remote attacker to reload a device and/or execute remote code.

Cisco recommends removing SIP support unless needed. “If the affected Cisco IOS device requires SIP for VoIP services, SIP cannot be disabled, and no workarounds are available. Users are advised to apply mitigation techniques to help limit exposure to the vulnerabilities. Mitigation consists of allowing only legitimate devices to connect to affected devices. To increase effectiveness, the mitigation must be coupled with anti-spoofing measures on the network edge. This action is required because SIP can use UDP as the transport protocol.”

The full advisory is reprinted below: Continue reading