ESISS

Archive for the ‘General’ Category

Following reports of the PcAnywhere product source code stolen, its parent company Symantec have released a security advisory stating user of version 12.0, 12.1 and 12.5 are at an ‘increased risk’ and also includes recommendations on how to potentially mitigate the risks. This advisory can be found here and the security recommendations document is available here

Code has been released which exploits a vulnerability in linux kernel version >=2.6.39 which can give a local user root level access.

The code exploits the following vulnerability, announced on the 18th January 2012.

CVE-2012-0056 kernel: proc: /proc//mem mem_write insufficient permission checking

Details of the exploit and full write up can be found here:

http://blog.zx2c4.com/749

A vulnerability has been found for all versions of xorg 1.11 whereby anyone can unlock a locked screen by pressing ctrl,alt and the * key from the number pad.

We have tested this on a few systems and can confirm that revisions of xorg 1.11.x do seem to be vulnerable.

The original report can be seen here:

http://seclists.org/oss-sec/2012/q1/191

Knowthenet.org.uk are reporting about a scam targeting domain name registrants.

In the scam, registrants are contacted by telephone, by someone claiming to have 3rd party ownership of the registrant’s domain. They then make a demand for money or they will sell the domain on.

Be aware of unsolicited calls regarding your domain names and if in doubt contact your registrar directly.

Original article can be found here

Two zero day vulnerabilities affecting Adobe flash have been reported which could be exploited to compromise a users machine. The version affected are < 11.1.102.55 and has been classified as highly critical.

The vulnerability can be exploited using specially crafted .swf fils so it is advisable not to browse flash content from untrusted websites.

Further information on this advisory can be found here:

https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html (Original Advisory)

http://secunia.com/advisories/47161

Adobe have released a warning about a zero day vulnerability in adobe reader versions affected are:
Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh
Adobe Reader 9.4.6 and earlier 9.x versions for UNIX
Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh.

This is being actively exploited in the wild.

Adobe plan to ship an emergency patch for Adobe Reader and Acrobat 9.x for Windows “no later than the week of December 12, 2011.”

original advisory here:

https://www.adobe.com/support/security/advisories/apsa11-04.html

As ever be careful what attachments you open!