Author Archives: Rajiv D

Search Msdn: Dr. Z’s Blog – Bits and Bytes that Matter to Developers

Search all blogs. Search this blog. Sign in. Dr. Z's Blog Dr. Z's Blog Bits and Bytes that Matter to Developers. Most Recent Most Comments. How to Add a New Visual Studio Solution to an Existing VSTS Repository. You can follow instructions outlined in two articles below to create a new Git repo and run basic Git commands. Create a new Git repo ...

Search Msdn

Packet Storm: IPSet List 3.7.2

ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.

Packet Storm

Packet Storm: Red Hat Security Advisory 2019-0349-01

Red Hat Security Advisory 2019-0349-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.14, 1.1.11, 2.1.8, and 2.2.2. Issues addressed include a domain spoofing vulnerability.

Packet Storm

Packet Storm: Red Hat Security Advisory 2019-0348-01

Red Hat Security Advisory 2019-0348-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.142. Issues addressed include an information leakage vulnerability.

Packet Storm

DataBreachToday.com RSS Syndication: Deciphering HHS’ Proposed Information Blocking Rules

Proposed rules released this week by the Department of Health and Human Services aim to define and discourage inappropriate blocking of the secure sharing of health information, Elise Sweeney Anthony of the Office of the National Coordinator for Health IT explains in an interview at the HIMSS19 conference.

DataBreachToday.com RSS Syndication

Packet Storm: GNU Privacy Guard 2.2.13

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Packet Storm

Packet Storm: CA Privileged Access Manager Information Disclosure / Modification

CA Technologies Support is alerting customers to a potential risk with CA Privileged Access Manager. A vulnerability exists that can allow a remote attacker to access sensitive information or modify configuration. CA published solutions to address the vulnerabilities. CVE-2019-7392 describes a vulnerability resulting from inadequate access controls for the components jk-manager and jk-status web service allowing a remote attacker to access the CA PAM Web-UI without authentication. Affected versions include 3.2.1 and below, 3.1.2 and below, and 3.0.x releases.

Packet Storm

Packet Storm: Nokia 8810 Denial Of Service

A denial of service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.

Packet Storm

Packet Storm: Red Hat Security Advisory 2019-0342-01

Red Hat Security Advisory 2019-0342-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include stack overflow vulnerabilities.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3889-1

Ubuntu Security Notice 3889-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3890-1

Ubuntu Security Notice 3890-1 - It was discovered that Django incorrectly handled formatting certain numbers. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

Packet Storm

Packet Storm: Debian Security Advisory 4390-1

Debian Linux Security Advisory 4390-1 - It was discovered that Flatpak, an application deployment framework for desktop apps, insufficiently restricted the execution of "apply_extra" scripts which could potentially result in privilege escalation.

Packet Storm

Packet Storm: snapd 2.37 (Ubuntu) dirty_sock Local Privilege Escalation

This exploit bypasses access control checks to use a restricted API function (POST /v2/snaps) of the local snapd service. This allows the installation of arbitrary snaps. Snaps in "devmode" bypass the sandbox and may include an "install hook" that is run in the context of root at install time. dirty_sockv2 leverages the vulnerability to install an empty "devmode" snap including a hook that adds a new user to the local system. This user will have permissions to execute sudo commands. As opposed to version one, this does not require the SSH service to be running. It will also work on newer versions of Ubuntu with no Internet connection at all, making it resilient to changes and effective in restricted environments. This exploit should also be effective on non-Ubuntu systems that have installed snapd but that do not support the "create-user" API due to incompatible Linux shell syntax. Some older Ubuntu systems (like 16.04) may not have the snapd components installed that are required for sideloading. If this is the case, this version of the exploit may trigger it to install those dependencies. During that installation, snapd may upgrade itself to a non-vulnerable version. Testing shows that the exploit is still successful in this scenario. This is the second of two proof of concepts related to this issue. Versions below 2.37.1 are affected.

Packet Storm

DataBreachToday.com RSS Syndication: Battling Big Breaches: Are We Getting Better?

Bad News, Based on the 5 Biggest Breaches in the Past 5 Years
What if organizations' information security practices have gotten so good that they're finally repelling cybercriminals and nation-state attackers alike? Unfortunately, the five biggest corporate breaches of the past five years - including Yahoo, Marriott and Equifax - suggest otherwise.

DataBreachToday.com RSS Syndication

Packet Storm: IPSet List 3.7.1

ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3887-1

Ubuntu Security Notice 3887-1 - Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access privileged socket APIs and obtain administrator privileges. On Ubuntu systems with snaps installed, snapd typically will have already automatically refreshed itself to snapd 2.37.1 which is unaffected.

Packet Storm

Packet Storm: Red Hat Security Advisory 2019-0315-01

Red Hat Security Advisory 2019-0315-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.

Packet Storm

Packet Storm: Debian Security Advisory 4377-2

Debian Linux Security Advisory 4377-2 - The update for rssh issued as DSA 4377-1 introduced a regression that blocked scp of multiple files from a server using rssh. Updated packages are now available to correct this issue.

Packet Storm

Packet Storm: Debian Security Advisory 4389-1

Debian Linux Security Advisory 4389-1 - Christian Reitter discovered that libu2f-host, a library implementing the host-side of the U2F protocol, failed to properly check for a buffer overflow. This would allow an attacker with a custom made malicious USB device masquerading as a security key, and physical access to a computer where PAM U2F or an application with libu2f-host integrated, to potentially execute arbitrary code on that computer.

Packet Storm

DataBreachToday.com RSS Syndication: No-Deal Brexit Threatens British Crime-Fighting

Police Say Data-Sharing Alternatives 'Will Not Be As Efficient Or Effective'
British police say they're doing their best to cope with the possibility that the U.K. will crash out of the EU in 45 days and lose access to joint policing resources. But Richard Martin of the Met Police says replacements "will not be as efficient or effective as the tools we currently use."

DataBreachToday.com RSS Syndication

Search Msdn: Don Castelino – blogs.msdn.microsoft.com

Hello all, Recently I had worked on a requirement of achieving high availability for asp.net sessions. This blog post focuses on using SQL Server as the session state mode and use In-memory OLTP and AlwaysOn technology as the storage option for session data and achieve high availability.

Search Msdn

Packet Storm: Mandos Encrypted File System Unattended Reboot Utility 1.8.3

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Packet Storm

Packet Storm: Skyworth GPON HomeGateways / Optical Network Stack Overflow

A stack overflow vulnerability has been identified in multiple Skyworth GPON HomeGateways and Optical Network terminals. Affected products include 1.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 2.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 3.DT721-cb GPON uplink home gateway (GPON+2FE+1POTS), 4.DT721-cb GPON Uplink Home Gateway (GPON+2FE+1POTS), 5.DT741-cb GPON uplink home gateway (GPON+4FE+1POTS+WIFI+USB), 6.DT741-cb GPON Uplink Home Gateway (GPON+4FE+1POTS+WIFI+USB), and 7.DT741-cbGPON uplink home gateway DT741-cb.

Packet Storm

Packet Storm: Red Hat Security Advisory 2019-0304-01

Red Hat Security Advisory 2019-0304-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Issues addressed include an overwrite vulnerability.

Packet Storm

Packet Storm: Debian Security Advisory 4387-1

Debian Linux Security Advisory 4387-1 - Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities are in found in the scp client implementing the SCP protocol.

Packet Storm

Search Msdn: Home of the Microsoft SQL Server AlwaysOn Support Team

Home of the Microsoft SQL Server AlwaysOn Support Team This site uses cookies for analytics, personalized content and ads. ... Search MSDN. Search all blogs. Search this blog. Sign in. AlwaysOn Professional AlwaysOn Professional Home of the Microsoft SQL Server AlwaysOn Support Team. Most Recent Most Comments. Analyze Synchronous Commit Impact ...

Search Msdn

Search Msdn: Chiranth’s Blog – blogs.msdn.microsoft.com

Chiranth's Blog Chiranth's Blog Most Recent Most Comments. 403.7 and 500 Client Certificate Authentication Errors-IIS. ... In my previous blogs I had mentioned how we can use URL rewrite without ARR in picture. In the next series of upcoming blogs I will be discussing how we can leverage ARR and URL rewrite with ARR. ARR is an out of band ...

Search Msdn

Search Msdn: Developer Blog FAQs | The Visual Studio Blog

Our blogs are soon moving to a new platform with a whole new design! We will be changing a few things and hopefully improve a lot. We’ll use this page to keep you up-to-date with the bugs that have been updated, how you can discover content in the new layout, and what our team is currently working on.

Search Msdn

Packet Storm: Ubuntu Security Notice USN-3871-5

Ubuntu Security Notice 3871-5 - Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3878-2

Ubuntu Security Notice 3878-2 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.

Packet Storm

Packet Storm: Red Hat Security Advisory 2019-0212-01

Red Hat Security Advisory 2019-0212-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site scripting vulnerability.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3885-1

Ubuntu Security Notice 3885-1 - Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output.

Packet Storm

Packet Storm: Evince CBT File Command Injection

This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book `.cbt` files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited space is available for the payload.

Packet Storm

Packet Storm: Falco 0.14.0

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3883-1

Ubuntu Security Notice 3883-1 - It was discovered that LibreOffice incorrectly handled certain document files. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. It was discovered that LibreOffice incorrectly handled embedded SMB connections in document files. If a user were tricked in to opening a specially crafted document, a remote attacker could possibly exploit this to obtain sensitive information. Various other issues were also addressed.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3882-1

Ubuntu Security Notice 3882-1 - Wenxiang Qian discovered that curl incorrectly handled certain NTLM authentication messages. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. Wenxiang Qian discovered that curl incorrectly handled certain NTLMv2 authentication messages. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. Various other issues were also addressed.

Packet Storm

Packet Storm: FreeBSD Security Advisory – FreeBSD-SA-19:02.fd

FreeBSD Security Advisory - FreeBSD 12.0 attempts to handle the case where the receiving process does not provide a sufficiently large buffer for an incoming control message containing rights. In particular, to avoid leaking the corresponding descriptors into the receiving process' descriptor table, the kernel handles the truncation case by closing descriptors referenced by the discarded message. The code which performs this operation failed to release a reference obtained on the file corresponding to a received right. This bug can be used to cause the reference counter to wrap around and free the file structure. A local user can exploit the bug to gain root privileges or escape from a jail.

Packet Storm

Packet Storm: FreeBSD Security Advisory – FreeBSD-SA-19:01.syscall

FreeBSD Security Advisory - The callee-save registers are used by kernel and for some of them (%r8, %r10, and for non-PTI configurations, %r9) the content is not sanitized before return from syscalls, potentially leaking sensitive information. Typically an address of some kernel data structure used in the syscall implementation, is exposed.

Packet Storm

Packet Storm: Debian Security Advisory 4385-1

Debian Linux Security Advisory 4385-1 - halfdog discovered an authentication bypass vulnerability in the Dovecot email server. Under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. If there is no additional password verification, this allows the attacker to login as anyone else in the system. Only installations using.

Packet Storm

Packet Storm: Ubuntu Security Notice USN-3881-2

Ubuntu Security Notice 3881-2 - USN-3881-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users. Various other issues were also addressed.

Packet Storm