Security
Reliably generating good passwords
Passwords are used everywhere in our modern life. Between your email account and your bank card, a lot of critical security infrastructure relies on "something you know", a password. Yet there is little standard documentation on how to generate good passwords. There are some interesting possibilities for doing so; this article will look at what makes a good password and some tools that can be used to generate them.
There is growing concern that our dependence on passwords poses a fundamental security flaw. For example, passwords rely on humans, who can be coerced to reveal secret information. Furthermore, passwords are "replayable": if your password is revealed or stolen, anyone can impersonate you to get access to your most critical assets. Therefore, major organizations are trying to move away from single password authentication. Google, for example, is enforcing two factor authentication for its employees and is considering abandoning passwords on phones as well, although we have yet to see that controversial change implemented.
Yet passwords are still here and are likely to stick around for a long time until we figure out a better alternative. Note that in this article I use the word "password" instead of "PIN" or "passphrase", which all roughly mean the same thing: a small piece of text that users provide to prove their identity.
What makes a good password?
A "good password" may mean different things to different people. I will assert that a good password has the following properties:
- high entropy: hard to guess for machines
- transferable: easy to communicate for humans or transfer across various protocols for computers
- memorable: easy to remember for humans
High entropy means that the password should be unpredictable to an attacker, for all practical purposes. It is tempting (and not uncommon) to choose a password based on something else that you know, but unfortunately those choices are likely to be guessable, no matter how "secret" you believe it is. Yes, with enough effort, an attacker can figure out your birthday, the name of your first lover, your mother's maiden name, where you were last summer, or other secrets people think they have.
The only solution here is to use a password randomly generated with enough randomness or "entropy" that brute-forcing the password will be practically infeasible. Considering that a modern off-the-shelf graphics card can guess millions of passwords per second using freely available software like hashcat, the typical requirement of "8 characters" is not considered enough anymore. With proper hardware, a powerful rig can crack such passwords offline within about a day. Even though a recent US National Institute of Standards and Technology (NIST) draft still recommends a minimum of eight characters, we now more often hear recommendations of twelve characters or fourteen characters.
A password should also be easily "transferable". Some characters, like
& or !, have special meaning on the web or
the shell and can wreak
havoc when transferred. Certain software also has policies of
refusing (or requiring!) some special characters exactly for that
reason. Weird characters also make it harder for humans to communicate
passwords across voice channels or different cultural backgrounds. In
a more extreme example, the popular Signal software even resorted to
using only digits
to transfer key fingerprints. They outlined that numbers are "easy to
localize" (as opposed to words, which are language-specific) and
"visually distinct".
But the critical piece is the "memorable" part: it is trivial
to generate a random string of characters, but those passwords are
hard for humans to remember. As
xkcd noted, "through 20 years of effort,
we've successfully trained everyone to use passwords that are hard for
human to remember but easy for computers to guess
". It
explains how a series of words is a better password than a single word
with some characters replaced.
Obviously, you should not need to remember all passwords. Indeed, you may store some in password managers (which we'll look at in another article) or write them down in your wallet. In those cases, what you need is not a password, but something I would rather call a "token", or, as Debian Developer Daniel Kahn Gillmor (dkg) said in a private email, a "high entropy, compact, and transferable string". Certain APIs are specifically crafted to use tokens. OAuth, for example, generates "access tokens" that are random strings that give access to services. But in our discussion, we'll use the term "token" in a broader sense.
Notice how we removed the "memorable" property and added the "compact" one: we want to efficiently convert the most entropy into the shortest password possible, to work around possibly limiting password policies. For example, some bank cards only allow 5-digit security PINs and most web sites have an upper limit in the password length. The "compact" property applies less to "passwords" than tokens, because I assume that you will only use a password in select places: your password manager, SSH and OpenPGP keys, your computer login, and encryption keys. Everything else should be in a password manager. Those tools are generally under your control and should allow large enough passwords that the compact property is not particularly important.
Generating secure passwords
We'll look now at how to generate a strong, transferable, and memorable password. These are most likely the passwords you will deal with most of the time, as security tokens used in other settings should actually never show up on screen: they should be copy-pasted or automatically typed in forms. The password generators described here are all operated from the command line. Password managers often have embedded password generators, but usually don't provide an easy way to generate a password for the vault itself.
The previously mentioned xkcd cartoon is probably a common cultural reference in the security crowd and I often use it to explain how to choose a good passphrase. It turns out that someone actually implemented xkcd author Randall Munroe's suggestion into a program called xkcdpass:
$ xkcdpass
estop mixing edelweiss conduct rejoin flexitime
In verbose mode, it will show the actual entropy of the generated passphrase:
$ xkcdpass -V
The supplied word list is located at /usr/lib/python3/dist-packages/xkcdpass/static/default.txt.
Your word list contains 38271 words, or 2^15.22 words.
A 6 word password from this list will have roughly 91 (15.22 * 6) bits of entropy,
assuming truly random word selection.
estop mixing edelweiss conduct rejoin flexitime
Note that the above password has 91 bits of entropy, which is about what a fifteen-character password would have, if chosen at random from uppercase, lowercase, digits, and ten symbols:
log2((26 + 26 + 10 + 10)^15) = approx. 92.548875
It's also interesting to note that this is closer to the entropy of a fifteen-letter base64 encoded password: since each character is six bits, you end up with 90 bits of entropy. xkcdpass is scriptable and easy to use. You can also customize the word list, separators, and so on with different command-line options. By default, xkcdpass uses the 2 of 12 word list from 12 dicts, which is not specifically geared toward password generation but has been curated for "common words" and words of different sizes.
Another option is the diceware system. Diceware works by having a word list in which you look up words based on dice rolls. For example, rolling the five dice "1 4 2 1 4" would give the word "bilge". By rolling those dice five times, you generate a five word password that is both memorable and random. Since paper and dice do not seem to be popular anymore, someone wrote that as an actual program, aptly called diceware. It works in a similar fashion, except that passwords are not space separated by default:
$ diceware
AbateStripDummy16thThanBrock
Diceware can obviously change the output to look similar to xkcdpass, but can also accept actual dice rolls for those who do not trust their computer's entropy source:
$ diceware -d ' ' -r realdice -w en_orig
Please roll 5 dice (or a single dice 5 times).
What number shows dice number 1? 4
What number shows dice number 2? 2
What number shows dice number 3? 6
[...]
Aspire O's Ester Court Born Pk
The diceware software ships with a few word lists, and the default list has been deliberately created for generating passwords. It is derived from the standard diceware list with additions from the SecureDrop project. Diceware ships with the EFF word list that has words chosen for better recognition, but it is not enabled by default, even though diceware recommends using it when generating passwords with dice. That is because the EFF list was added later on. The project is currently considering making the EFF list be the default.
One disadvantage of diceware is that it doesn't actually show how much entropy the generated password has — those interested need to compute it for themselves. The actual number depends on the word list: the default word list has 13 bits of entropy per word (since it is exactly 8192 words long), which means the default 6 word passwords have 78 bits of entropy:
log2(8192) * 6 = 78
Both of these programs are rather new, having, for example, entered Debian only after the last stable release, so they may not be directly available for your distribution. The manual diceware method, of course, only needs a set of dice and a word list, so that is much more portable, and both the diceware and xkcdpass programs can be installed through pip. However, if this is all too complicated, you can take a look at Openwall's passwdqc, which is older and more widely available. It generates more memorable passphrases while at the same time allowing for better control over the level of entropy:
$ pwqgen
vest5Lyric8wake
$ pwqgen random=78
Theme9accord=milan8ninety9few
For some reason, passwdqc restricts the entropy of passwords between
the bounds of 24 and 85 bits. That tool is also much less customizable
than the other two: what you see here is pretty much what you get. The
4096-word list is also hardcoded in the C source code; it comes from a Usenet
sci.crypt posting from 1997.
A key feature of xkcdpass and diceware is that you can craft your own word list, which can make dictionary-based attacks harder. Indeed, with such word-based password generators, the only viable way to crack those passwords is to use dictionary attacks, because the password is so long that character-based exhaustive searches are not workable, since they would take centuries to complete. Changing from the default dictionary therefore brings some advantage against attackers. This may be yet another "security through obscurity" procedure, however: a naive approach may be to use a dictionary localized to your native language (for example, in my case, French), but that would deter only an attacker that doesn't do basic research about you, so that advantage is quickly lost to determined attackers.
One should also note that the entropy of the password doesn't depend on which word list is chosen, only its length. Furthermore, a larger dictionary only expands the search space logarithmically; in other words, doubling the word-list length only adds a single bit of entropy per word in the password. It is actually much better to add a word to your password than words to the word list that generates it.
Generating security tokens
As mentioned before, most password managers feature a way to generate strong security tokens, with different policies (symbols or not, length, etc). In general, you should use your password manager's password-generation functionality to generate tokens for sites you visit. But how are those functionalities implemented and what can you do if your password manager (for example, Firefox's master password feature) does not actually generate passwords for you?
pass, the
standard UNIX password manager,
delegates this task to the widely known
pwgen
program. It turns out
that pwgen has a pretty bad track record for security issues,
especially in the default "phoneme" mode, which generates non-uniformly
distributed passwords. While pass uses the more "secure"
-s mode,
I figured it was worth removing that option to discourage the use
of pwgen in the default mode. I made a trivial patch to pass so that
it generates passwords correctly on its own. The gory details are in
this email. It
turns out that there are lots of ways to skin this particular cat. I
was suggesting the following pipeline to generate the password:
head -c $entropy /dev/random | base64 | tr -d '\n='
The above command reads a certain number of bytes from the kernel (head -c
$entropy /dev/random) encodes that using the base64
algorithm and
strips out the trailing equal sign and newlines (for large passwords).
This is what Gillmor described as a "high-entropy compact
printable/transferable string". The priority, in this case, is to have a token
that is as compact as possible with the given entropy, while at the
same time using a character set that should cause as little trouble
as possible on sites that restrict the characters you can use. Gillmor is
a co-maintainer of the Assword
password manager, which chose base64 because it is widely available
and understood and only takes up 33% more space than the original
8-bit binary encoding. After a lengthy discussion, the pass
maintainer, Jason A. Donenfeld, chose the following pipeline:
read -r -n $length pass < <(LC_ALL=C tr -dc "$characters" < /dev/urandom)
The above is similar, except it uses tr to directly to read characters
from the kernel, and selects a certain set of characters
($characters) that is defined earlier as consisting of
[:alnum:] for letters and digits and [:graph:] for symbols,
depending on the user's configuration. Then the read command
extracts the chosen number of characters from the output and stores
the result in the pass variable. A participant on the mailing list,
Brian Candler, has
argued
that this wastes entropy as the use of tr discards bits from
/dev/urandom
with
little gain in entropy
when compared to base64. But in the end, the maintainer
argued
that reading "reading from /dev/urandom has no [effect] on
/proc/sys/kernel/random/entropy_avail on Linux
" and dismissed the
objection.
Another password manager, KeePass uses its own routines to generate tokens, but the procedure is the same: read from the kernel's entropy source (and user-generated sources in case of KeePass) and transform that data into a transferable string.
Conclusion
While there are many aspects to password management, we have focused
on different techniques for users and developers to generate secure
but also usable passwords. Generating a strong yet memorable password is
not a trivial problem as the security vulnerabilities of the pwgen
software showed. Furthermore, left to their own devices, users will
generate passwords that can be easily guessed by a skilled attacker,
especially if they can profile the user. It is therefore essential we
provide easy tools for users to generate strong passwords and
encourage them to store secure tokens in password managers.
Brief items
Security quotes of the week
“The normal reaction time for a human is about a quarter of a second, which is why they do that,” says Allison, who is also the founder of the annual World Game Protection Conference. The timed spins are not always successful, but they result in far more payouts than a machine normally awards: Individual scammers typically win more than $10,000 per day. (Allison notes that those operatives try to keep their winnings on each machine to less than $1,000, to avoid arousing suspicion.) A four-person team working multiple casinos can earn upwards of $250,000 in a single week.
Unfortunately, the anonymisation format specifier is case sensitive… Using a lowercase “k”, like the code above, causes the code above to output the pointer without applying the anonymisation offered by “%pK” (perhaps this serves as a good example of how fragile KASLR [kernel address-space layout randomization] is). Regardless, this allows us to simply read the contents of pm_qos, and subtract the pointer’s value from it’s known offset from the kernel’s base address, thus giving us the value of the KASLR slide.
Dz: Seccomp sandboxing not enabled for acme-client
In the acme-client-portable repository at GitHub, developer Kristaps Dz has a rather stinging indictment of trying to use seccomp sandboxing for the portable version of acme-client, which is a client program for getting Let's Encrypt certificates. He has disabled seccomp filtering in the default build for a number of reasons. "So I might use mmap, but the system call is mmap2? Great. This brings us to the second and larger problem. The C library. There are several popular ones on Linux: glibc, musl, uClibc, etc. Each of these is free to implement any standard function (like mmap, above) in any way. So while my code might say read, the C library might also invoke fstat. Great. In general, section 2 calls (system calls) map evenly between system call name and function name. (Except as noted above... and maybe elsewhere...) However, section 3 is all over the place. The strongest differences were between big functions like getaddrinfo(2). Then there's local modifications. And not just between special embedded systems. But Debian and Arch, both using glibc and both on x86_64, have different kernels installed with different features. Great. Less great for me and seccomp." (Thanks to Paul Wise.)
The grsecurity "RAP" patch set
The grsecurity developers have announced the first release of the "Reuse Attack Protector" (RAP) patch set, aimed at preventing return-oriented programming and other attacks. "RAP is our patent-pending and best-in-breed defense mechanism against code reuse attacks. It is the result of years of research and development into Control Flow Integrity (CFI) technologies by PaX. The version of RAP present in the test patch released to the public today under the GPLv2 is now feature-complete."
New vulnerabilities
bzrtp: man-in-the-middle vulnerability
| Package(s): | bzrtp | CVE #(s): | CVE-2016-6271 | ||||
| Created: | February 2, 2017 | Updated: | February 8, 2017 | ||||
| Description: | From the openSUSE advisory:
CVE-2016-6271: missing HVI check on DHPart2 packet reception may have allowed man-in-the-middle attackers to conduct spoofing attacks | ||||||
| Alerts: |
| ||||||
calibre: information leak
| Package(s): | calibre | CVE #(s): | CVE-2016-10187 | ||||||||||||
| Created: | February 8, 2017 | Updated: | February 13, 2017 | ||||||||||||
| Description: | From the Red Hat bugzilla:
A vulnerability was found in Calibre. It was found that a javascript present in the book can access files on the computer using XMLHttpRequest. | ||||||||||||||
| Alerts: |
| ||||||||||||||
epiphany: multiple vulnerabilities
| Package(s): | epiphany | CVE #(s): | |||||||||
| Created: | February 6, 2017 | Updated: | February 13, 2017 | ||||||||
| Description: | From the Fedora advisory:
Update to 3.22.6: * Fix minor memory leak [#682723] * Fix serious password extraction sweep attack on password manager [#752738] * Fix adblocker blocking too much stuff, breaking Twitter [#777714] | ||||||||||
| Alerts: |
| ||||||||||
gnome-boxes: password disclosure
| Package(s): | gnome-boxes | CVE #(s): | |||||||||
| Created: | February 8, 2017 | Updated: | February 10, 2017 | ||||||||
| Description: | From the Fedora advisory:
gnome-boxes 3.22.4 release, fixing a possible security issue with storing the express installation password in clear text. - Store the user password in the keyring during an express installation. | ||||||||||
| Alerts: |
| ||||||||||
GraphicsMagick: multiple vulnerabilities
| Package(s): | GraphicsMagick | CVE #(s): | CVE-2016-10048 CVE-2016-10050 CVE-2016-10051 CVE-2016-10052 CVE-2016-10068 CVE-2016-10070 | ||||||||
| Created: | February 6, 2017 | Updated: | February 8, 2017 | ||||||||
| Description: | From the openSUSE advisory:
This update for GraphicsMagick fixes several issues.
| ||||||||||
| Alerts: |
| ||||||||||
GraphicsMagick: multiple vulnerabilities
| Package(s): | GraphicsMagick | CVE #(s): | CVE-2016-10059 CVE-2016-10064 CVE-2016-10065 CVE-2016-10069 | ||||
| Created: | February 6, 2017 | Updated: | February 8, 2017 | ||||
| Description: | From the openSUSE advisory:
This update for GraphicsMagick fixes several issues.
| ||||||
| Alerts: |
| ||||||
gst-plugins-bad: two vulnerabilities
| Package(s): | gst-plugins-bad | CVE #(s): | CVE-2017-5843 CVE-2017-5848 | ||||||||||||
| Created: | February 6, 2017 | Updated: | February 21, 2017 | ||||||||||||
| Description: | From the Arch Linux advisory:
- CVE-2017-5843 (arbitrary code execution): A double-free issue has been found in gstreamer before 1.10.3, in gst_mxf_demux_update_essence_tracks. - CVE-2017-5848 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm. | ||||||||||||||
| Alerts: |
| ||||||||||||||
gst-plugins-base-libs: multiple vulnerabilities
| Package(s): | gst-plugins-base-libs | CVE #(s): | CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 | ||||||||||||
| Created: | February 6, 2017 | Updated: | February 21, 2017 | ||||||||||||
| Description: | From the Arch Linux advisory:
- CVE-2017-5837 (denial of service): A floating point exception issue has been found in gstreamer before 1.10.3, in gst_riff_create_audio_caps. - CVE-2017-5839 (denial of service): An endless recursion issue leading to stack overflow has been found in gstreamer before 1.10.3, in gst_riff_create_audio_caps. - CVE-2017-5842 (arbitrary code execution): An off-by-one write has been found in gstreamer before 1.10.3, in html_context_handle_element. - CVE-2017-5844 (denial of service): A floating point exception issue has been found in gstreamer before 1.10.3, in gst_riff_create_audio_caps. | ||||||||||||||
| Alerts: |
| ||||||||||||||
gst-plugins-good: multiple vulnerabilities
| Package(s): | gst-plugins-good | CVE #(s): | CVE-2016-10198 CVE-2016-10199 CVE-2017-5840 CVE-2017-5841 CVE-2017-5845 | ||||||||||||
| Created: | February 6, 2017 | Updated: | February 21, 2017 | ||||||||||||
| Description: | From the Arch Linux advisory:
- CVE-2016-10198 (denial of service): An invalid memory read flaw has been found in gstreamer before 1.10.3, in gst_aac_parse_sink_setcaps. - CVE-2016-10199 (denial of service): An out of bounds read has been found in gstreamer before 1.10.3, in qtdemux_tag_add_str_full. - CVE-2017-5840 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in qtdemux_parse_samples. - CVE-2017-5841 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt. - CVE-2017-5845 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt. | ||||||||||||||
| Alerts: |
| ||||||||||||||
gst-plugins-ugly: two vulnerabilities
| Package(s): | gst-plugins-ugly | CVE #(s): | CVE-2017-5846 CVE-2017-5847 | ||||||||
| Created: | February 6, 2017 | Updated: | February 20, 2017 | ||||||||
| Description: | From the Arch Linux advisory:
- CVE-2017-5846 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_asf_demux_process_ext_stream_props. - CVE-2017-5847 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_asf_demux_process_ext_content_desc. | ||||||||||
| Alerts: |
| ||||||||||
gstreamer: denial of service
| Package(s): | gstreamer | CVE #(s): | CVE-2017-5838 | ||||||||
| Created: | February 6, 2017 | Updated: | February 21, 2017 | ||||||||
| Description: | From the Arch Linux advisory:
An out of bounds read has been found in gstreamer before 1.10.3, in gst_date_time_new_from_iso8601_string. | ||||||||||
| Alerts: |
| ||||||||||
iio-sensor-proxy: authentication bypass
| Package(s): | iio-sensor-proxy | CVE #(s): | |||||||||
| Created: | February 6, 2017 | Updated: | February 10, 2017 | ||||||||
| Description: | The 2.1 iio-sensor-proxy release contains this commit fixing a problem whereby any process in the system could make calls to processes intended to be accessible only by root. | ||||||||||
| Alerts: |
| ||||||||||
irssi: memory leak
| Package(s): | irssi | CVE #(s): | |||||||||
| Created: | February 8, 2017 | Updated: | February 13, 2017 | ||||||||
| Description: | From the SUSE bug report:
Joseph Bisch has detected a remote memory leak in some cases where a hostile server would send certain incomplete SASL replies. According to his calculations, the server would need to send 13 times the amount of memory it wants to leak. The issue is a missing free of the base64 data. | ||||||||||
| Alerts: |
| ||||||||||
iucode-tool: code execution
| Package(s): | iucode-tool | CVE #(s): | CVE-2017-0357 | ||||
| Created: | February 2, 2017 | Updated: | February 8, 2017 | ||||
| Description: | From the Ubuntu advisory:
It was discovered that iucode-tool incorrectly handled certain microcodes when using the -tr loader. If a user were tricked into processing a specially crafted microcode, a remote attacker could use this issue to cause iucode-tool to crash, resulting in a denial of service, or possibly execute arbitrary code. | ||||||
| Alerts: |
| ||||||
jasper: code execution
| Package(s): | jasper | CVE #(s): | CVE-2016-9583 | ||||||||
| Created: | February 2, 2017 | Updated: | February 8, 2017 | ||||||||
| Description: | From the jasper advisory:
The vulnerability is introduced from version 2.0.0 and affects all later versions. The vulnerability is a heap buffer overflow vulnerability (out-of-bound read) and can be changed to a Null-pointer-dereference vulnerability by updating one byte of the PoC file. The related code was used to check for potential overflow and becomes useless due to the vulnerability, i.e. it is possible to trigger other overflow by bypassing the check. The vulnerability is probably caused by a programming mistake. It can cause Denial-of-Service and maybe cause other impact if other overflow is triggered. | ||||||||||
| Alerts: |
| ||||||||||
kernel: two vulnerabilities
| Package(s): | kernel | CVE #(s): | CVE-2016-10147 CVE-2016-10150 | ||||||||||||||||||||
| Created: | February 3, 2017 | Updated: | February 8, 2017 | ||||||||||||||||||||
| Description: | From the Ubuntu advisory:
Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10147) It was discovered that a use-after-free existed in the KVM susbsystem of the Linux kernel when creating devices. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10150) | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
kernel: denial of service
| Package(s): | kernel | CVE #(s): | CVE-2017-2596 | ||||||||
| Created: | February 7, 2017 | Updated: | February 8, 2017 | ||||||||
| Description: | From the Red Hat bugzilla:
Linux kernel built with the KVM virtualisation support(CONFIG_KVM), with nested virtualisation(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. A L1 guest user could use this flaw to leak host memory potentially resulting in DoS. | ||||||||||
| Alerts: |
| ||||||||||
kernel: information leak
| Package(s): | kernel | CVE #(s): | CVE-2017-2584 | ||||||||||||||||||||||||
| Created: | February 7, 2017 | Updated: | February 8, 2017 | ||||||||||||||||||||||||
| Description: | From the CVE entry:
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt. | ||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||
moodle: multiple vulnerabilities
| Package(s): | moodle | CVE #(s): | CVE-2016-8642 CVE-2016-8643 CVE-2016-8644 CVE-2017-2576 CVE-2017-2578 | ||||||||
| Created: | February 2, 2017 | Updated: | February 8, 2017 | ||||||||
| Description: | From the Red Hat bugzilla entry:
CVE-2016-8642: Question engine allows access to files that should not be available CVE-2016-8643: Non-admin site managers may accidentally edit admins via web services CVE-2016-8644: Capability to view course notes is checked in the wrong context From the Red Hat bugzilla entry: Incorrect sanitation of attributes in forums - CVE-2017-2576 XSS in assignment submission page - CVE-2017-2578 | ||||||||||
| Alerts: |
| ||||||||||
mupdf: three vulnerabilities
| Package(s): | mupdf | CVE #(s): | CVE-2016-10132 CVE-2016-10133 CVE-2016-10141 | ||||||||
| Created: | February 3, 2017 | Updated: | February 8, 2017 | ||||||||
| Description: | From the openSUSE advisory:
CVE-2016-10132: Null pointer dereference in regexp because of a missing check after allocating memory allowing for DoS CVE-2016-10133: Heap buffer overflow write in js_stackoverflow allowing for DoS or possible code execution CVE-2016-10141: An integer overflow vulnerability triggered by a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition | ||||||||||
| Alerts: |
| ||||||||||
ntfs-3g: privilege escalation
| Package(s): | ntfs-3g | CVE #(s): | CVE-2017-0358 | ||||||||||||||||
| Created: | February 2, 2017 | Updated: | February 20, 2017 | ||||||||||||||||
| Description: | From the Debian advisory:
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
php: multiple vulnerabilities
| Package(s): | php | CVE #(s): | CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 | ||||||||||||||||||||||||||||
| Created: | February 6, 2017 | Updated: | February 9, 2017 | ||||||||||||||||||||||||||||
| Description: | From the CVE entries:
The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1. (CVE-2016-10158) Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive. (CVE-2016-10159) Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. (CVE-2016-10160) The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call. (CVE-2016-10161) | ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
phpmyadmin: multiple vulnerabilities
| Package(s): | phpMyAdmin | CVE #(s): | CVE-2015-8980 | ||||||||||||||||
| Created: | February 3, 2017 | Updated: | February 8, 2017 | ||||||||||||||||
| Description: | From the openSUSE advisory:
- CVE-2015-8980: php-gettext code execution (PMASA-2017-2) | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
rabbitmq-server: denial of service
| Package(s): | rabbitmq-server | CVE #(s): | CVE-2015-8786 | ||||
| Created: | February 2, 2017 | Updated: | February 8, 2017 | ||||
| Description: | From the Red Hat advisory:
A resource-consumption flaw was found in RabbitMQ Server, where the lengths_age or lengths_incr parameters were not validated in the management plugin. Remote, authenticated users with certain privileges could exploit this flaw to cause a denial of service by passing values which were too large. (CVE-2015-8786) | ||||||
| Alerts: |
| ||||||
rtmpdump: multiple vulnerabilities
| Package(s): | rtmpdump | CVE #(s): | |||||
| Created: | February 6, 2017 | Updated: | February 8, 2017 | ||||
| Description: | From the Gentoo advisory:
The following is a list of vulnerabilities fixed:
A remote attacker could entice a user to open a specially crafted media flash file using RTMPDump. This could possibly result in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. | ||||||
| Alerts: |
| ||||||
spice: two vulnerabilities
| Package(s): | spice | CVE #(s): | CVE-2016-9577 CVE-2016-9578 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | February 6, 2017 | Updated: | February 21, 2017 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | From the Red Hat advisory:
* A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) * A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
svgsalamander: server-side request forgery
| Package(s): | svgsalamander | CVE #(s): | CVE-2017-5617 | ||||||||
| Created: | February 3, 2017 | Updated: | February 8, 2017 | ||||||||
| Description: | From the Debian-LTS advisory:
Luc Lynx discovered a Server-Side Request Forgery in svgSalamander allowing access to the trusted network with specially crafted SVG files. | ||||||||||
| Alerts: |
| ||||||||||
tiff: regression in previous update
| Package(s): | tiff | CVE #(s): | |||||
| Created: | February 7, 2017 | Updated: | February 8, 2017 | ||||
| Description: | From the Debian LTS advisory:
Version 4.0.2-6+deb7u7 introduced changes that resulted in libtiff being unable to write out tiff files when the compression scheme in use relies on codec-specific TIFF tags embedded in the image. This problem manifested itself with errors like those: $ tiffcp -r 16 -c jpeg sample.tif out.tif _TIFFVGetField: out.tif: Invalid tag "Predictor" (not supported by codec). _TIFFVGetField: out.tif: Invalid tag "BadFaxLines" (not supported by codec). tiffcp: tif_dirwrite.c:687: TIFFWriteDirectorySec: Assertion `0' failed. | ||||||
| Alerts: |
| ||||||
wavpack: multiple vulnerabilities
| Package(s): | wavpack | CVE #(s): | CVE-2016-10172 CVE-2016-10171 CVE-2016-10170 CVE-2016-10169 | ||||||||||||||||
| Created: | February 3, 2017 | Updated: | February 21, 2017 | ||||||||||||||||
| Description: | From the Fedora advisory:
CVE-2016-10172 wavpack: Heap out of bounds read in read_new_config_info / open_utils.c https://bugzilla.redhat.com/show_bug.cgi?id=1417853 CVE-2016-10171 wavpack: Heap out of bounds read in unreorder_channels / wvunpack.c https://bugzilla.redhat.com/show_bug.cgi?id=1417852 CVE-2016-10170 wavpack: Heap out of bounds read in WriteCaffHeader / caff.c https://bugzilla.redhat.com/show_bug.cgi?id=1417851 CVE-2016-10169 wavpack: Global buffer overread in read_code / read_words.c https://bugzilla.redhat.com/show_bug.cgi?id=1417850 | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
wireshark: two denial of service flaws
| Package(s): | wireshark | CVE #(s): | CVE-2017-5596 CVE-2017-5597 | ||||||||||||
| Created: | February 2, 2017 | Updated: | February 10, 2017 | ||||||||||||
| Description: | From a Wireshark advisory:
The ASTERIX dissector could go into an infinite loop. Discovered by Antti Levomäki and Christian Jalio, Forcepoint. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. From a Wireshark advisory: The DHCPv6 dissector could go into a large loop. Discovered by Antti Levomäki and Christian Jalio, Forcepoint. Impact It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. | ||||||||||||||
| Alerts: |
| ||||||||||||||
Page editor: Jake Edge
Next page:
Kernel development>>