Linux Hacks & Cracks - Page 77 - Results from #1520

Discover Hacks/Cracks News

Virtualization Users Should Expect More Attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

VMware's recent release of a large number of patches for its virtualization offerings is likely to be the first of many, as hackers increasingly focus their attention on virtualized environments. That is according to security vendor, Fortify Software, which is urging caution among those companies looking to adopt virtualization technology. This article looks into the recent security patches for VMware's virtualization software. Do you still trust VMware as a secure platform after this?

LinuxSecurity.com Team
Sep 08, 2008

New Firefox Plug-In Double-Checks So-Called Unsafe Sites

Like other new browsers, the latest version of Firefox has made security a top priority, and it will alert the user if a site you're about to click on appears to be a hacker's hook. However, the way it and other browsers go about determining that sometimes results in false positives. A new Firefox plug-in adds an additional layer of verification.Intercepting Internet traffic and spying on the communication Improve customer service and productivity with Avaya Unified Communications. between two computers is a gold mine for hackers. Now Carnegie Mellon University researchers hope software they've built will make it harder for criminals to hit that jackpot. This article looks at a new plug-in for Firefox that is designed to prevent users from going to malicious websites. Have you testing this plug-in out, if so what do you think about it? Does it have too many false negatives?

LinuxSecurity.com Team
Sep 04, 2008

Attacking PHP Weak PRNGs: mt_srand and "Random Numbers"

PHP comes with two random number generators named rand() and mt_rand(). The first is just a wrapper around the libc rand() function and the second one is an implementation of the Mersenne Twister pseudo random number generator. Both of these algorithms are seeded by a single 32 bit dword when they are first used in a process or one of the seeding functions srand() or mt_srand() is called. This is a great article by Stefan Esser on attacking php PRNG. He explains the attack in such a way that it's easy to understand.

LinuxSecurity.com Team
Aug 20, 2008

Google Calendar a New Target for Phishing

It seems like the Phishing crews at trying to get some new ideas on how to con people into giving away their credentials and leaking info. It seems to the same old style as normal e-mail phishing but utilising the Google Calendar interface. It comes bundled with the usual spelling and grammatical errors that plague phishing e-mails. I found this to be a interesting article about how e-mail phishing is on utilizing Google Calendar. What do you thin, is there any way that Google can combat this?

LinuxSecurity.com Team
Jul 03, 2008

JavaScript Code Flow Manipulation

We recently researched an interesting DOM-based XSS vulnerability in Adobe Flex 3 applications that exploits a scenario in which two frames (parent & son) interact with each other, without properly validating their execution environment. In our research, we have seen that in some cases, it is possible to manipulate JavaScript code flow, by controlling the environment in which it runs. Specifically, we managed to return hacker-controlled boolean values to conditional statements, and by that force the application to be vulnerable to an existing DOM-based XSS, which was otherwise unexploitable.

LinuxSecurity.com Team
Jun 24, 2008

The Extended HTML Form Attack Revisited

"HTML forms (i.e. form) are one of the features in HTTP that allows users to send data to HTTP servers. An often overlooked feature is that due to the nature of HTTP, the web browser has no way of identifying between an HTTP server and one that is not an HTTP server. Therefore web browsers may send this data to any open port, regardless of whether the open port belongs to an HTTP server or not. Apart from that, many web browsers will simply render any data that is returned from the server. Have you ever heard about the extended HTML form attack? What can web developer do? This article looks into this attack and how attackers can use it.

LinuxSecurity.com Team
Jun 20, 2008

Security Holes in Linux Kernel Closed

The Linux kernel developers have fixed security flaws in version 2.6.25.5 published last Friday that affect the CIFS and SNMP-NAT modules (nf_nat_snmp_basic). Crafted packets can cause a buffer overflow remotely in the BER decoder used by the ASN.1 parser. The kernel then crashes, and it may even be possible to inject and execute code in the process. What you think will be the impact of these kernel security flaws? How many people will update their systems kernel?

LinuxSecurity.com Team
Jun 11, 2008

Hacker Hijacks Website of Hacking Tool Maker

Monday morning, Metasploit.com was temporarily hijacked using an attack on the local area network of Metasploit's hosting provider. Using what is technically known as ARP spoofing, the attacker was able to intercept visitors to Metasploit.com, and instead serve them up a page saying the site had been "hacked by sunwear ! just for fun. Users were then redirected to a Chinese forum with an image of the hack.

LinuxSecurity.com Team
Jun 04, 2008

Exploited bug doesn't exist in latest version of Flash

On Thursday, Adobe said "Despite various reports that have been circulating, the Flash Player Standalone 9.0.124.0 and Linux Player 9.0.124.0 are NOT vulnerable to the exploits discussed in conjunction with the previously disclosed vulnerability Symantec posted on 5/27/08. Symantec originally believed this to be a zero-day, unpatched vulnerability, but as their latest update on their Threatcon page indicates, they have now confirmed this issue does not affect any versions of Flash Player 9.0.124.0." This is a good example of why any computer user needs to keep their software updated. But, why did this Flash vulnerability get some much attention when it was a flaw in an older version of the software?

LinuxSecurity.com Team
Jun 02, 2008

Bypassing URL Authentication and Authorization with HTTP Verb Tampering

Many URL authentication and authorization mechanisms make security decisions based on the HTTP verb in the request. Many of these mechanisms work in a counter-intuitive way. This fact, in combination with some oddities in the way that both web and application servers handle unexpected HTTP verbs causes the rules dictated by those mechanisms to be bypassable. This article goes into detail discussing this vulnerability and how the various vendors are affected. What do you think about this attack do you think we should be concerned?

LinuxSecurity.com Team
Jun 02, 2008

sqlninja 0.2.3 released - Advanced Automated SQL Injection Tool for MS-SQL

Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered. Being able to upload 'netcat.exe' as 100% plain ASCII GET/POST requests and no FTP? Evasion techniques, code obfuscation, and DNS-tunneld pseudo shells? Sounds like an SQL Injection tool to check out!

LinuxSecurity.com Team
May 30, 2008

Samba Dinged by

Researchers at Secunia have flagged a

LinuxSecurity.com Team
May 29, 2008

Apache Debates the Apache UTF-7 XSS

There is a great debate on the bugtraq mailing list regarding the apache utf7 xss issue. In this debate William Rowe (Apache) discusses why the Apache utf7 vulnerability is in fact not a vulnerability in Apache but in Internet Explorer for not following specifications properly. William first posted to bugtraq http://seclists.org/bugtraq/2008/May/0166.html with the following "Internet Explorer's autodetection of UTF-7 clearly violates this specification, introducing the opportunity for myriad similar attacks. These are literally everywhere on the web today, we can trust the kids to continue to explore this vector until it is fixed by Microsoft." What do you think about this debate? Who should be responsible in fixing this vulnerability? This article looks at both side of the debate, letting you decide.

LinuxSecurity.com Team
May 27, 2008

Tools circulate that crack Debian, Ubuntu keys

A recently disclosed vulnerability in widely used Linux distributions can be exploited by attackers to guess cryptographic keys, possibly leading to the forgery of digital signatures and theft of confidential information, a noted security researcher said today. As a tie-in to previous stories posted about Debian's SSL flaws, this article reveals reknown security expert HD Moore's views on the situation. He also provides suggestions on how to properly respond to the flaw and gives advice on whom should be concerned and what patches should be applied.

LinuxSecurity.com Team
May 16, 2008

Debian: New Openssl Packages Fix Predictable Random Number Generator

Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable. For anyone using Debian-based systems, please read on for further information on this important matter. 'Predictable' is one word you never want to use to describe OpenSSL.

LinuxSecurity.com Team
May 13, 2008

Firefox Infects Vietnamese Users With Trojan Code

Mozilla, the maker of the open source Firefox browser, is redoubling its efforts to check user created add-ons for viruses and Trojans after it discovered that a language pack on its official add-on page had been infected for months with rogue code, the organization reported Wednesday. Anyone who has installed the Vietnamese language pack for Firefox could be in danger of having malicious code in their system. Be sure to uninstall this add-on pack if you have recently installed it - unless you enjoy banner ads and opening up your system for future exploits.

LinuxSecurity.com Team
May 08, 2008

GCC and Pointer Overflows

On April 4, CERT put out a scary advisory about the GNU Compiler Collection (GCC). This advisory raises some interesting issues on when such advisories are appropriate, what programmers must do to write secure code, and whether compilers should perform optimizations which could open up security holes in poorly-written code. Are you a c programmer? This article shows you how to make your code a little more secure. It's a very an important skill to have so take a look.

LinuxSecurity.com Team
Apr 30, 2008

Targeted Attacks Using Malicious PDF Files

Dating back to the end of February, we have been tracking test runs of malicious PDF messages to very specific targets. These PDF files exploit the recent vulnerability CVE-2008-0655. Ever since the end of March, beginning of April, the amount of samples seen in the wild has significantly increased. Interestingly enough, there is almost no "public, widespread" exploitation. All reports are limited to very specific, targeted attacks. However, due to the wide scope of these attacks, and the number of targets we know of, we feel a diary entry was in order. Remember the old saying of "if it ain't broke, don't fix it"? It appears this exploit seems very focused on targeting not only the vulnerability mentioned in the article, but the very facet of sticking with stable software. Nothing is apparently "broken" about Adobe Acrobat v7, however as you can tell by the diary entry, updating is the key to preventing "it ain't broke" software from having to be "fixed" due to exploits such as this one.

LinuxSecurity.com Team
Apr 25, 2008

Malicious Microprocessor Opens New Doors for Attack

For years, hackers have focused on finding bugs in computer software that give them unauthorized access to computer systems, but now there's another way to break in: Hack the microprocessor. On Tuesday, researchers at the University of Illinois at Urbana-Champaign demonstrated how they altered a computer chip to grant attackers back-door access to a computer. It would take a lot of work to make this attack succeed in the real world, but it would be virtually undetectable. It's actually kind of funny that they decided to mention that this system was "running the Linux operating system". Regardless of the OS, a hardware level exploit such as this poses such a bigger threat than just OS security. Although this type of exploit is much harder to deploy rather than software, this article poses interesting situations on how exactly it can be carried out.

LinuxSecurity.com Team
Apr 16, 2008

Open Source Conference for Chicago Hackers

This goes out to all the web hackers out there. If you're a proud user of a web application framework and you think it's superior to all others, we invite you to prove it. Flourish is having a web application framework showdown and we need you to come defend yours. There will be food and the site you build goes to a deserving non-profit. So far, we've got someone for Ruby on Rails, CakePHP and web2py. Send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. e-mail address is being protected from spam bots, you need JavaScript enabled to view it if you want to participate. Do you have a favorite web application framework? Do you use it because you think it's secure. This conference seems to be a good test to see how secure web application frameworks are.

LinuxSecurity.com Team
Mar 27, 2008

Linux Hacks & Cracks - Page 77

U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors

FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems

The Infiltration of Supply Chain Attacks in Open-Source Software Management