Global Security Mag Online

Vigil@nce - Xen: denial of service via VT-d MSI

Vigil@nce — 2013-05-17T15:30:26Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker, who is located in a guest system, can remap interruptions of a device, in order to trigger a denial of service.

Impacted products: XenServer, Debian, Fedora, Unix (platform)

Severity: 2/4

Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

A system using an Intel VT-d processor, can use the PCI Passthrough feature, so a device supporting Bus Mastering is accessible for guest systems.

However, in this configuration, the origin of interruption remapping queries is not checked.

An attacker, who is located in a guest system, can therefore remap interruptions of a device, in order to trigger a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/X...

Vigil@nce - Cisco IOS XR: denial of service via SNMP

Vigil@nce — 2013-05-17T15:22:36Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can send malformed SNMP packets to Cisco IOS XR, in order to trigger a denial of service.

Impacted products: IOS XR

Severity: 2/4

Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

An attacker can send malformed SNMP packets to Cisco IOS XR, in order to trigger a denial of service.

Technical details are unknown.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/C...

Vigil@nce - Cisco Prime Central for Hosted Collaboration Solution: multiple vulnerabilities

Vigil@nce — 2013-05-17T13:25:20Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of Cisco Prime Central for Hosted Collaboration Solution.

Impacted products: Cisco Prime
Severity: 2/4
Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in Cisco Prime Central for Hosted Collaboration Solution.

An attacker can traverse a directory, in order to read a file. [severity:2/4; BID-59702, CSCud51034, CVE-2013-1156]

An attacker can trigger a Cross Site Scripting of ITM Java Servlet Container, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-59632, CSCud51068, CVE-2013-1157]

An attacker can trigger a Cross Site Scripting in ITM Help Menus, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-59635, CSCud54397, CVE-2013-1158]

An attacker can trigger a Cross Site Scripting in NCI Web Menus, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-59697, CSCud56706, CVE-2013-1159]

An attacker can trigger a Cross Site Scripting in OpenView Web Menus, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-59696, CSCud56743, CVE-2013-1160]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/C...

Vigil@nce - Cisco Prime, Secure ACS: privilege escalation

Vigil@nce — 2013-05-17T12:44:34Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can format special commands for Cisco Prime and Secure ACS, in order to escalate his privileges.

Impacted products: Cisco Prime, Secure ACS
Severity: 2/4
Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

An attacker can format special commands for Cisco Prime and Secure ACS, in order to escalate his privileges.

Technical details are unknown.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/C...

G&D Supplies Europe's First Electronic Passports Featuring the New SAC Protocol to the Republic of Kosovo

Marc Jacob — 2013-05-17T12:32:14Z

Giesecke & Devrient has been chosen by the Republic of Kosovo to supply the latest generation of electronic passports for the next three years. In addition to the total order of 800,000 of these passports, G&D is supplying a state-of-the-art system solution to personalize them. Altogether this turnkey solution utilizes the latest security technologies, which will allow the Republic of Kosovo to protect the identity of its citizens even better in future. By deciding to adopt the new passports, the Republic of Kosovo is setting a new standard in Europe: these passports are the first to feature Supplemental Access Control (SAC), the new digital access protocol that all new European travel documents issued from December 2014 are obliged to support.

The first of the new passports are scheduled to be issued to Kosovo's Ministry of Internal Affairs just four weeks following signing of the agreement. Each passport will contain a contactless microprocessor storing its owner's personal and biometric data, as well as a representation of the individual's fingerprints. The Extended Access Control (EAC) protocol protects these data against any unauthorized access.

“By implementing STARCOS® 3.5 – our operating system designed specifically for biometric passports – we are supplying the Republic of Kosovo with Europe's most up-to-date electronic passport solution,” says Hans Wolfgang Kunz, Head of the Government Solutions business unit at G&D. “The new generation of passports gives the Republic of Kosovo a form of travel document that is both highly secure and future-proof.”

The solution is based on G&D's leading high-performance STARCOS 3.5 operating system – the only operating system in the world today that is security-certified to handle both PACE and EAC.

Kosovo's next-generation passports are the first European ID documents to feature the new Supplemental Access Control (SAC) digital protocol. SAC is based on the PACE (Password Authenticated Connection Establishment) cryptographic protocol and is counted among the most secure technologies currently available. From December 2014, all travel documents issued by EU countries will be required to support the SAC protocol.

Another new feature of these passports is that they will be the world's first to have a Card Access Number (CAN) printed on them. Scanning or manually entering the CAN enables the tap-proof PACE protocol to access data stored on the document. This process makes it easier to maintain security levels in the mobile reading of biometric data, for example using portable identity verification readers. And with the help of the CAN and an NFC-enabled smartphone equipped with the required ID app, citizens will be able to check the accuracy of the data stored on their own passports.

Vigil@nce - libtiff: buffer overflow of tiff2pdf t2p_write_pdf_page

Vigil@nce — 2013-05-17T12:18:30Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can invite the victim to open a malicious TIFF image with tiff2pdf, in order to create a denial of service or to execute code.

Impacted products: Fedora, Unix (platform)
Severity: 2/4
Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

The tiff2pdf tool of the libtiff suite is used to convert a TIFF image to a PDF document.

The t2p_write_pdf_page() function of the tiff2pdf.c file generates a PDF Page object. The PDF MediaBox field defines the page area containing data. Its values are generated using the sprintf() function which writes in a 16 bytes array. However, if the TIFF image uses large sizes, a buffer overflow occurs.

An attacker can therefore invite the victim to open a malicious TIFF image with tiff2pdf, in order to create a denial of service or to execute code.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/l...

Vigil@nce - libtiff: buffer overflow of tiff2pdf t2_process_jpeg_strip

Vigil@nce — 2013-05-17T12:11:08Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can invite the victim to open a malicious TIFF image with tiff2pdf, in order to create a denial of service or to execute code.

Impacted products: Fedora, Unix (platform)
Severity: 2/4
Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

The tiff2pdf tool of the libtiff suite is used to convert a TIFF image to a PDF document.

The t2_process_jpeg_strip() function of the tiff2pdf.c file processes the strip encoding of image data. However, if the TIFF image uses invalid values, a buffer overflow occurs.

An attacker can therefore invite the victim to open a malicious TIFF image with tiff2pdf, in order to create a denial of service or to execute code.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/l...

Emulex Appoints Todd Palmer as Head of Worldwide Sales for Endace Division

Marc Jacob — 2013-05-17T10:00:38Z

Emulex Corporation announced the appointment of Todd Palmer as head of worldwide sales for the Company's Endace division. Palmer brings more than a decade of experience from NetApp and Computer Associates (CA) in building and executing multi-channel go-to-market strategies to grow market share, achieve profit goals and accelerate growth.

Palmer is responsible for driving worldwide sales of the Endace division and will have a particular focus on growing channel go-to-market strength, through channel expansion initiatives and new incentive programs.

Most recently, Palmer served as the vice president of channel sales at NetApp, focused on channel enablement and initiatives to drive profitable growth for NetApp and their partners. Prior to NetApp, Palmer worked at CA as the vice president of the worldwide channel marketing and partner program and in various sales managerial roles. Todd Palmer holds a Bachelor of Science degree in political science and marketing from the University of Arizona.

Vigil@nce - Nagios: file corruption via nagios.upgrade_to_v3.sh

Vigil@nce — 2013-05-17T09:22:59Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

When the administrator runs the nagios.upgrade_to_v3.sh script, a local attacker can create a symbolic link, in order to corrupt a file with root privileges.

Impacted products: Nagios Open Source

Severity: 2/4

Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

The nagios.upgrade_to_v3.sh script is installed by some Linux distributions, in order to migrate Nagios to a recent version.

However, this script uses a predictable filename (/tmp/nagioscfg.$$.tmp) to store the configuration.

When the administrator runs the nagios.upgrade_to_v3.sh script, a local attacker can therefore create a symbolic link, in order to corrupt a file with root privileges.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/N...

TUNISIANA and Orange Tunisia sign partnership agreement with Interoute for the deployment of submarine cable "Didon" connecting Tunisia to Europe

Marc Jacob — 2013-05-17T09:21:37Z

TUNISIANA and Orange Tunisia announced the signing of a partnership agreement with Interoute, the owner operator of Europe's largest next generation network, for the commissioning of a submarine cable, called Didon, connecting the city of Kélibia, Tunisia to Interoute's pan European fiber optic network, via its landing station in Mazara del Vallo, Siciliy, Italy. Didon, Tunisia's first private submarine cable will cover nearly 170 km of optical fiber and be a real force for social development and economic growth for the country. The commissioning of the Didon cable is planned for April 2014 and its capacity will reach eight Terabit per second and per operator.

The signing of this agreement is part of the national initiative to support and strengthen the ICT sector and offer Tunisians additional access to international broadband networks and at reduced rates.

The new cable connection will use Alcatel-Lucent's submarine technology and will be capable of handling data speeds of 100 gigabits-per-second, and will help address the fast-growing demand for fixed and mobile broadband services in Tunisia and throughout the region, and increase the reliability of the system dramatically. The submarine cable will provide the highest quality of service to subscribers of the two Tunisian operators by improving the capabilities of their existing international networks and providing better throughput to support continued growth in data traffic. The aim is also to provide more capacity and security for Internet users.

Tunisia has one of the most modern broadband infrastructures in the Mediterranean basin with high-speed terrestrial and undersea links providing a fully digitalized network that provides an international gateway to broader global networks. Tunisiana and Orange Tunisia offer a wide range of mobile and fixed applications ranging from Internet-on-the-go-to information and entertainment services for more than 9 million subscribers.

With this investment partnership TUNISIANA and Orange Tunisia once again demonstrate their willingness to provide their consumers and business customers services in accordance with international quality standards. All this with controlled costs, allowing them to have substantial capacity voice and data and expanding opportunities in terms of connectivity, sharing data and information with the world.

Cassidian awarded contract by UK Parliamentary ICT

Marc Jacob — 2013-05-17T09:17:06Z

Cassidian, the security and defence arm of EADS, has been awarded a contract by the British Parliament for ICT (information communication technology) security provision aimed at protecting the parliamentary ICT environment against cyber attack.

The contract was awarded at the beginning of April and will run initially for 3 years.

This is one of the first contracts awarded to an approved supplier of cybersecurity and network services from the PSN (Public Services Network) framework, indicating the UK public sector's intent to procure services through a transparent, consistent process to deliver best value for money.

Cassidian was chosen in 2012 by CESG (the Information Assurance arm of GCHQ - Government Communications Headquarters) and CPNI (Centre for the Protection of National Infrastructure) as one of four commercial cybersecurity organisations to work with the National Authorities in the on-going Cyber Incident Response pilot. Cassidian has a proven track record over many years providing network security services for the defence network infrastructure.

Palo Alto Networks Achieves Rigorous Common Criteria EAL4+ Certification

Marc Jacob — 2013-05-17T08:51:09Z

Palo Alto Networks® announced that Palo Alto Networks firewalls have achieved Common Criteria certification at Evaluation Assurance Level 4+ (EAL4+), the highest level of globally recognized certification for the firewall category.

This achievement marks the completion of a rigorous third-party evaluation and testing process. It proves that Palo Alto Networks firewalls are third-party validated security platforms for the most critical infrastructures, ranging from national governments to enterprise and financial institution networks.

This achievement expands Palo Alto Networks growing list of technical credentials, which include recognition by ICSA Labs (Network firewall certification), Telcordia (NEBS) and NIST (FIPS 140-2), among others.

Vigil@nce - IBM Lotus Notes: injection of Java and JavaScript in emails

Vigil@nce — 2013-05-17T08:42:08Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can send an email containing malicious Java, LiveConnect or JavaScript code, so it is executed when the victim open his IBM Lotus Notes mailbox.

Impacted products: Notes
Severity: 2/4
Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

The Lotus Notes client displays HTML emails, and enables by default :
Java applets
LiveConnect
JavaScript code

However, for example, if a vulnerable version of the JRE is installed on the system, the Lotus Notes client can be used as an attack vector.

An attacker can therefore send an email containing malicious Java, LiveConnect or JavaScript code, so it is executed when the victim open his IBM Lotus Notes mailbox.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/I...

Vigil@nce - Fortinet FortiClient: Man-in-the-middle attack

Vigil@nce — 2013-05-17T08:17:21Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use a Man-in-the-middle attack, in order to capture the password of the Fortinet FortiClient VPN Client user.

Impacted products: FortiClient

Severity: 2/4

Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

The Fortinet FortiClient VPN Client product connects to the firewall, in order to establish a secured tunnel.

It checks the firewall X.509 certificate, to ensure it connects to the legitimate server. However, if the server changed, an error message is displayed, but it nevertheless sends user's login and password to the new server.

An attacker can therefore use a Man-in-the-middle attack, in order to capture the password of the Fortinet FortiClient VPN Client user.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/F...

Vigil@nce - Drupal: Cross Site Scripting of Filebrowser

Vigil@nce — 2013-05-17T07:50:38Z

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can trigger a Cross Site Scripting in Filebrowser of Drupal, in order to execute JavaScript code in the context of the web site.

Impacted products: Drupal

Severity: 2/4

Creation date: 02/05/2013

DESCRIPTION OF THE VULNERABILITY

The Filebrowser module is used to browse a directory.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in Filebrowser of Drupal, in order to execute JavaScript code in the context of the web site.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/D...

IDC Recognizes Covertix as a “Cool” Information Security Vendor to Watch

IDC — 2013-05-17T07:40:23Z

Covertix, an innovative provider of file-level protection and intelligence solutions, today announced that the company has been recognized for its innovative approach for controlling and securing sensitive files by the analyst firm IDC in the recently published report titled Tall and Small — Smart or Cool, April 2013: An IDC Assessment of Security Vendors to Watch in Europe (Document #IS52V, April 2013).

IDC created this report for CIOs, CISCOs and other IT executives to stay current with information security vendors that are positively disrupting existing security approaches and are proactively addressing security concerns with revolutionary methods previously unseen. In the report, IDC labels Covertix as a “cool” information security vendor and acknowledges the company for its extremely innovative approach for protecting confidential documents and information assets.

“What's cool about Covertix is its robust ability to control and secure files anywhere, even beyond the network perimeter in the cloud and with third parties,” explained Kevin Bailey, Research Director for Security Software at IDC. “It is always difficult to get a 360-degree view of protection on files, both when they are visible and also in archival and offline situations. Architecting keys to stay with files not only ensures correct accessibility but also addresses some of the concerns with retaining key management availability in the future.”

Covertix answers the growing need for information leakage prevention and sensitive data security by providing enterprise organizations with independent file-level security, surveillance and protection. The company's flagship product, SmartCipher, is a file-level loss prevention and rights management application that secures and monitors confidential documents and sensitive data by traveling with the file inside and outside the organization. By doing so, Covertix provides enterprise organizations with the business agility to confidently share confidential information without being exposed to the risks of information abuse.