|
|
| |
|
| |
Security
By Jake Edge
April 25, 2012
Good sources of random numbers are sometimes hard to come by. Random
numbers need to be, well, random, which is something that
random number tests can measure, but they also need to be readily
available—in enormous quantities if at all possible. The recently announced
Quantum Random Number Generator from the Australian National University (ANU)
fits that bill nicely. It is, according
to ScienceDaily, the fastest random number generator in the world.
The researchers have derived "true" random numbers by measuring the
fluctuations in a quantum vacuum and providing them on a web site for
anyone to use. True random numbers are those that come from a completely
unpredictable physical process, as opposed to the more frequently
encountered pseudo-random numbers
generated by computer algorithms. The site describes the measurements used
as follows:
Traditionally, a vacuum is considered as a space that is empty of matter or
photons. Quantum mechanically, however, that same space resembles a sea of
virtual particles appearing and disappearing all the time. This results in
the fact that the vacuum does not possess a zero-point energy, and
consequently the [electro]-magnetic field describing this vacuum possesses
random fluctuations in phase and amplitude at all frequencies. By carefully
measuring these fluctuations, we are able to generate ultra-high bandwidth
random numbers.
The apparatus used is capable of generating 5.7 gigabits of random numbers
per second, but the site doesn't stream random bits at that rate due to
network bandwidth constraints. As the FAQ points out, there is no actual
guarantee that the numbers are truly random, but the statistics (many of
which are available on the site) show that the output is "consistent
with true randomness". While any measured physical process could
have some unexpected bias, the only way to detect such a thing is via
statistical measurements of the output. That's true whether you are
flipping a coin 5.7 billion times a second or measuring a quantum vacuum.
So what can one do with such a source of (seemingly) true randomness? The
ANU researchers have developed a few amusing examples, including a
Matrix-like display driven by the random number
stream, but there are practical uses as well. While Linux random numbers
are generated using an algorithm (thus, pseudo-random), the entropy pool
that feeds the algorithm is filled from (hopefully) unpredictable hardware
events (e.g. keyboard, mouse, disk, and network). In some cases,
especially for servers or embedded devices, many of the sources of entropy
are not available. One could conceivably add entropy from a source of true
randomness, either locally via a hardware random number generator or by
retrieving some bits from afar.
In his "Wielding the ANU
Quantum Random Number Generator" blog post, Luke Macken presents some
code to use the stream. There are three parts to his quantumrandom project,
a command-line tool to retrieve random data, a Python API for use in
programs, and a character devices in user space
(CUSE) based /dev/qrandom device. The latter will start three
threads (by default) to fetch random numbers from the server, which can
then be read from the device.
This isn't the first online source of true random numbers, nor will it be
the last, presumably. Also, hardware random number generators are becoming more
common, though they may not be producing data at anywhere near the rate of
the ANU generator. Doing so would likely be serious overkill for a device
targeted
at a single system anyway.
As Macken points out, though, there is a potential problem lurking in ANU
random numbers. Currently, there is no way to get them via an
encrypted connection, which means that a man-in-the-middle adversary could
gain access to the random bits. Depending on the application, that may not
really be a problem. One could certainly take a suitably small random
sample from a giant chunk of the random numbers supplied. Of course,
choosing the random number for where to take the sample had better not be
predictable either. Maybe a simulated lottery draw could help
with that.
There is another question that should at least be considered: how
trustworthy can random numbers downloaded from a server really be? One
hopes that the researchers are on the level, but the security of the server
itself
may be in question. Since it is difficult to gather a large enough sample
to preclude the possibility that some attacker has tampered with the
data—by replaying chunks from a big static file of random numbers for
example—that possibility exists. The fact that the data "looks"
random from the outside is not any kind of guarantee. Caveat "emptor".
Comments (13 posted)
Brief items
I don't believe the second paragraph.
We haven't had six terror plots between 2010 and today. And even if we did, how would the auditors know? But I'm sure the first paragraph is correct: the behavioral detection program is 0% effective at preventing terrorism.
The rest of the article is pretty depressing. The TSA refuses to back down on any of its security theater measures. At the same time, its budget is being cut and more people are flying. The result: longer waiting times at security.
-- Bruce Schneier comments on a US Government Accountability
Office report
This collaboration with the security research community has far surpassed
our expectations: we have received over 780 qualifying vulnerability
reports that span across the hundreds of Google-developed services, as well
as the software written by fifty or so companies that we have acquired. In
just over a year, the program paid out around $460,000 to roughly 200
individuals. We’re confident beyond any doubt the program has made Google
users safer.
-- Google
ups its security bounties
The backdoor, which cannot be disabled, is found in all versions of the
Rugged Operating System made by RuggedCom, according to independent
researcher Justin W. Clarke who works in the energy sector. The login
credentials for the backdoor include a static username, “factory,” that was
assigned by the vendor and can’t be changed by customers, and a dynamically
generated password that is based on the individual MAC address, or media
access control address, for any specific device.
-- Kim
Zetter in Wired
What's particularly insidious about this situation is that users' systems could be infected with DNS Trojan for long periods, which resulted in their Internet activity being diverted through compromised DNS servers and opening up vulnerabilities to even more infections, without users even being aware of what was happening.
When the related server systems were seized, it created a quandary. If the servers were simply disconnected, all user systems currently infected with the trojan would no longer resolve Internet domain names to addresses, and would for all practical purposes be "cut off" from the Internet.
-- Lauren Weinstein on the DNS Charger trojan
Comments (none posted)
This
ars technica article looks at a paper [PDF]
describing an interesting technique for stealing data input on Android
devices. " TapLogger,
as their proof-of-concept application for phones running Google's Android
operating system is called, masquerades as a benign game that challenges
the end user to identify identical icons from a collection of
similar-looking images. In the background, the trojan monitors readings
returned by the phone's built-in accelerometer, gyroscope, and orientation
sensors to infer phone numbers and other digits entered into the
device. This then surreptitiously uploads them to a computer under the
control of the attackers."
Comments (17 posted)
CERT has announced
the release of version 1.0 of its "triage tools" for Linux. At its core,
it is a Python-based GDB extension called "exploitable" that be used to determine the
severity of a given vulnerability.
Comments (3 posted)
New vulnerabilities
asterisk: privilege escalation
| Package(s): | asterisk |
CVE #(s): | CVE-2012-2414
CVE-2012-2415
|
| Created: | April 25, 2012 |
Updated: | May 7, 2012 |
| Description: |
From the Debian advisory:
CVE-2012-2414:
David Woolley discovered a privilege escalation in the Asterisk
manager interface.
CVE-2012-2415:
Russell Bryant discovered a buffer overflow in the Skinny driver. |
| Alerts: |
|
Comments (none posted)
cobbler: privilege escalation
| Package(s): | cobbler |
CVE #(s): | CVE-2011-4953
|
| Created: | April 23, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the SUSE advisory:
privilege escalation via unsafe call
to yaml.load instead of yaml.safe_load |
| Alerts: |
|
Comments (none posted)
cobbler: code execution
| Package(s): | cobbler |
CVE #(s): | CVE-2011-4952
CVE-2011-4954
|
| Created: | April 24, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the openSUSE advisory:
Specially crafted YAML could allow attackers to execute
arbitrary code due to the use of yaml.load instead of
yaml.safe_load. |
| Alerts: |
|
Comments (none posted)
csound: multiple vulnerabilities
| Package(s): | csound |
CVE #(s): | CVE-2012-2106
CVE-2012-2107
CVE-2012-2108
|
| Created: | April 23, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the Novell bugzilla [1], [2], [3]:
[1] csound: buffer overflow in pv_import
[2] buffer overflow in lpc_import
[3] Stack-based buffer overflow in lpc_import |
| Alerts: |
|
Comments (none posted)
dropbear: code execution
| Package(s): | dropbear |
CVE #(s): | CVE-2012-0920
|
| Created: | April 25, 2012 |
Updated: | August 13, 2012 |
| Description: |
From the Debian advisory:
Danny Fullerton discovered a use-after-free in the Dropbear SSH daemon,
resulting in potential execution of arbitrary code. Exploitation is
limited to users, who have been authenticated through public key
authentication and for which command restrictions are in place. |
| Alerts: |
|
Comments (none posted)
gallery2: cross-site scripting
| Package(s): | gallery2 |
CVE #(s): | CVE-2012-1113
|
| Created: | April 23, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the CVE entry:
Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Alerts: |
|
Comments (none posted)
kernel: multiple vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2012-2123
CVE-2012-2121
CVE-2012-2119
|
| Created: | April 24, 2012 |
Updated: | June 1, 2012 |
| Description: |
From the Red Hat bugzilla [1], [2], [3]:
[1] Reported by Steve Grubb, if a process increases permissions using fcaps all of the dangerous personality flags which are cleared for suid apps should also be cleared. Thus programs given priviledge with fcaps will continue to have address space randomization enabled even if the parent tried to disable it to make it easier to attack. (CVE-2012-2123)
[2] Currently we do not validate the vector length before calling
get_user_pages_fast(), host stack could be easily overflowed by malicious guest driver who gives us a descriptors with length greater than MAX_SKB_FRAGS.
A privileged guest user could use this flaw to induce stack overflow on the
host with attacker non-controlled data (some bits can be guessed, as it will be pointers to kernel memory) but with attacker controlled length. (CVE-2012-2119)
[3] KVM uses memory slots to track and map guest regions of memory. When device assignment is used, the pages backing these slots are pinned in memory using get_user_pages and mapped into the iommu. The problem is that when a memory slot is destroyed the pages for the associated memory slot are neither unpinned nor unmapped from the iommu.
The problem is that those pages are now never unpinned and continue to have an increased reference count. This is therefore a potential page leak from the kvm kernel module. (CVE-2012-2121) |
| Alerts: |
|
Comments (none posted)
mozilla: multiple vulnerabilities
| Package(s): | firefox, thunderbird |
CVE #(s): | CVE-2012-0467
CVE-2012-0470
CVE-2012-0471
CVE-2012-0477
CVE-2012-0479
|
| Created: | April 25, 2012 |
Updated: | July 23, 2012 |
| Description: |
From the CVE entries:
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. (CVE-2012-0467)
Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems." (CVE-2012-0470)
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set. (CVE-2012-0471)
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set. (CVE-2012-0477)
Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. (CVE-2012-0479) |
| Alerts: |
|
Comments (none posted)
mozilla: multiple vulnerabilities
| Package(s): | firefox, thunderbird |
CVE #(s): | CVE-2012-0468
CVE-2012-0469
CVE-2012-0472
CVE-2012-0473
CVE-2012-0474
CVE-2012-0478
|
| Created: | April 25, 2012 |
Updated: | June 13, 2012 |
| Description: |
From the CVE entries:
The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function. (CVE-2012-0468)
Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data. (CVE-2012-0469)
The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. (CVE-2012-0472)
The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call. (CVE-2012-0473)
Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)." (CVE-2012-0474)
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page. (CVE-2012-0478) |
| Alerts: |
|
Comments (none posted)
mysql: multiple vulnerabilities
| Package(s): | mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 |
CVE #(s): | |
| Created: | April 24, 2012 |
Updated: | April 25, 2012 |
| Description: |
Multiple security issues were discovered in MySQL.
See the MySQL documentation for version 5.1.62 and version 5.0.96. |
| Alerts: |
|
Comments (none posted)
openssl: exploitable vulnerability
| Package(s): | openssl |
CVE #(s): | CVE-2012-2110
|
| Created: | April 19, 2012 |
Updated: | May 10, 2012 |
| Description: |
A rather unhelpful description from the OpenSSL advisory:
A potentially exploitable vulnerability has been discovered in the OpenSSL
function asn1_d2i_read_bio.
Any application which uses BIO or FILE based functions to read untrusted DER
format data is vulnerable. Affected functions are of the form d2i_*_bio or
d2i_*_fp, for example d2i_X509_bio or d2i_PKCS12_fp. |
| Alerts: |
|
Comments (none posted)
openssl: exploitable vulnerability
| Package(s): | openssl0.9.8 |
CVE #(s): | CVE-2012-2131
|
| Created: | April 24, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the Mandriva advisory:
It was discovered that the fix for CVE-2012-2110 [an exploitable vulnerability] was not sufficient to correct the issue for OpenSSL 0.9.8.
|
| Alerts: |
|
Comments (none posted)
php5: directory traversal attack
| Package(s): | php5 |
CVE #(s): | CVE-2012-1172
|
| Created: | April 23, 2012 |
Updated: | July 2, 2012 |
| Description: |
From the openSUSE advisory:
Scripts that accept multiple file uploads in a single request were potentially vulnerable to a directory traversal attack. |
| Alerts: |
|
Comments (none posted)
quagga: multiple vulnerabilities
| Package(s): | quagga |
CVE #(s): | CVE-2012-0249
CVE-2012-0250
CVE-2012-0255
|
| Created: | April 23, 2012 |
Updated: | September 14, 2012 |
| Description: |
From the CVE entries:
Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header. (CVE-2012-0249)
Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. (CVE-2012-0250)
The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). (CVE-2012-0255) |
| Alerts: |
|
Comments (none posted)
typo3-src: cross-site scripting
| Package(s): | typo3-src |
CVE #(s): | CVE-2012-2112
|
| Created: | April 23, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the Debian advisory:
Helmut Hummel of the typo3 security team discovered that typo3, a web
content management system, is not properly sanitizing output of the
exception handler. This allows an attacker to conduct cross-site
scripting attacks if either third-party extensions are installed that do
not sanitize this output on their own or in the presence of extensions
using the extbase MVC framework which accept objects to controller actions. |
| Alerts: |
|
Comments (none posted)
wicd: local privilege escalation
| Package(s): | wicd |
CVE #(s): | CVE-2012-2095
|
| Created: | April 24, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the Fedora advisory:
The wicd daemon suffered from a local privilege escalation flaw
due to incomplete input sanitization. A local attacker sould use this to inject arbitrary code
through the D-Bus interface. |
| Alerts: |
|
Comments (none posted)
wireshark: multiple vulnerabilities
| Package(s): | wireshark |
CVE #(s): | CVE-2012-1595
CVE-2012-1596
|
| Created: | April 19, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the Red Hat Bugzilla [1, 2]:
CVE-2012-1595: An integer underflow, subsequently leading to request to allocate a large
amount of memory was found in the way pcap and pcap-ng file parsers of
Wireshark, a network traffic analyzer, processed Extension and / or
Multi-Channel header information in ERF files. A remote attacker could provide
a specially-crafted packet capture file (with size of full pseudoheader being
greater than the packet size), which once opened by a local unsuspecting user
would lead to wireshark executable abort.
CVE-2012-1596: A memory allocation flaw was found in the way the MP2T dissector of Wireshark,
a network traffic analyzer, processed capture files containig invalid pointer
values used for packet length specification. A remote attacker could provide a
specially-crafted packet capture file (causing unsigned length value to be
reduced by more than its value, resulting into it being a very large value and
attempt to allocate large amount of memory when reassembling the packet tvbuff
to the requested length), which once opened by a local unsuspecting user would
lead to wireshark executable abort. |
| Alerts: |
|
Comments (none posted)
wireshark: multiple vulnerabilities
| Package(s): | wireshark |
CVE #(s): | CVE-2012-1593
CVE-2012-1594
|
| Created: | April 19, 2012 |
Updated: | April 25, 2012 |
| Description: |
From the Red Hat Bugzilla [1, 2]:
CVE-2012-1593: A NULL pointer dereference flaw was found in the way ANSI A dissector of the
Wireshark, a network traffic analyzer, processed certain capture files (those
causing wireshark to pass NULL packet information via a global variable to the
call_dissector() routine). A remote attacker could provide a specially-crafted
packet capture file, which once opened by a local unsuspecting user would lead
to wireshark executable crash.
CVE-2012-1594: A denial of service flaw was found in the way IEEE 802.11 dissector of
Wireshark, a network traffic analyzer, processed certain capture files (16-bit
integers were used as counters during loading of capture files for certain
protocols). A remote attacker could provide a specially-crafted packet capture
file, which once opened by a local unsuspecting user would lead to situation,
where wireshark executable would never finish loading of such capture file
(infinite loop). |
| Alerts: |
|
Comments (none posted)
Page editor: Jake Edge
Next page: Kernel development>>
|
|
|