US CERT Current Activity
The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Firefox ESR, and Thunderbird, some of which may allow attackers to execute arbitrary code.
The following updates are available:
- Firefox 31
- Thunderbird 31
- Firefox ESR 24.7
- Thunderbird 24.7
The United Kingdom's Centre for the Protection of National Infrastructure (CPNI) has released a report on its “Improving Defenses Against Targeted Attack" (iDATA) cyber research program. The report contains descriptions and outcomes from a number of projects aimed at addressing threats posed by nation states and state-sponsored actors. CPNI is the government authority for providing protective security advice to businesses and organizations across the UK’s national infrastructure.
Recently disclosed vulnerabilities in the LZO and LZ4 compression libraries could allow remote code execution under certain circumstances. While these libraries are used by a large number of platforms and applications, not all programs may be vulnerable to exploitation.
Users and administrators should apply software security updates as they become available.
Cisco has released an advisory to address a vulnerability in the web server used in multiple Wireless Residential Gateway products that could allow an unauthenticated, remote attacker to crash the web server and execute arbitrary code with elevated privileges.
- Cisco products affected by this vulnerability include:
- Cisco DPC3212 VoIP Cable Modem
- Cisco DPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway
- Cisco EPC3212 VoIP Cable Modem
- Cisco EPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway
- Cisco Model DPC3010 DOCSIS 3.0 8x4 Cable Modem
- Cisco Model DPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA
- Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA
- Cisco Model EPC3010 DOCSIS 3.0 Cable Modem
- Cisco Model EPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA
Users and administrators are encouraged to review the Cisco Advisory and apply the necessary updates.
Oracle has released its Critical Patch Update for July 2014 to address 113 vulnerabilities across multiple products.
This update contains the following security fixes:
- 5 for Oracle Database Server
- 29 for Oracle Fusion Middleware
- 7 for Oracle Hyperion
- 1 for Oracle Enterprise Manager Grid Control
- 5 for the Oracle E-Business Suite
- 3 for Oracle Supply Chain Products Suite
- 5 for Oracle PeopleSoft Products
- 6 for Oracle Siebel CRM
- 1 for Oracle Communications Applications
- 3 for Oracle Retail Applications
- 20 for Oracle Java SE
- 3 for Oracle and Sun Systems Products Suite
- 15 for Oracle Virtualization
- 10 for Oracle MySQL
US-CERT encourages users and administrators to review the Oracle July 2014 Critical Patch Update and apply the necessary updates.
Microsoft has released a security advisory to address improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.
Users and administrators are encouraged to review Microsoft Security Advisory 2982792 and apply the necessary updates.
Multiple Cisco products include an implementation of Apache Struts 2 which contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions and execute arbitrary commands on a targeted system.
Cisco products affected by this vulnerability include:
- Cisco Business Edition 3000 Series
- Cisco Identity Services Engine (ISE)
- Cisco Media Experience Engine (MXE) 3500 Series
- Cisco Unified Contact Center Enterprise (Cisco Unified CCE)
US-CERT encourages users and administrators to review the Cisco Advisory and apply the necessary updates.
Adobe has released security updates to address multiple vulnerabilities in Flash Player and Air. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system.
The following updates are available:
- Adobe Flash Player 220.127.116.11 for Windows, Macintosh and Linux
- Adobe Flash Player 18.104.22.1684 for Linux
- Adobe AIR 22.214.171.124 for Windows, Macintosh and Android
- Adobe AIR SDK and Compiler 126.96.36.199 for Windows, Macintosh, Android and iOS
- Adobe AIR SDK 188.8.131.52 for Windows, Macintosh, Android and iOS
Users and administrators are encouraged to review Adobe Security Bulletin APSB14-17 and determine which updates should be applied.
Microsoft has released updates to address vulnerabilities in Windows, Internet Explorer, and Microsoft Service Bus for Windows Server as part of the Microsoft Security Bulletin Summary for July 2014. Some of these vulnerabilities could allow remote code execution, elevation of privilege, or denial of service.
US-CERT encourages users and administrators to review the bulletin and apply the necessary updates.
WordPress 3.8.2 has been released to address multiple vulnerabilities, one of which could allow an attacker to gain unauthorized access using forged authentication cookies. WordPress 3.7.1 users will be updated to 3.7.2, which contains the same security fixes as 3.8.2. Users operating older, unsupported versions of WordPress are encouraged to upgrade to 3.8.2.
US-CERT recommends users and administrators review the WordPress Maintenance and Security Release blog and apply the necessary updates.
Avisos Tecnicos INTECO (España)
- Defecto de la opción EDNS de BIND causa denegación de servicio.
- Denegación de servicio con paquetes IPv6 en Cisco IOS XR Software
- Boletines de seguridad de Microsoft de junio de 2014
- Elevación de privilegios y denegación de servicio en kernel de linux
- Credenciales embebidas en Daktronics Vanguard
- Nuevas versiones de OpenSSL resuelven múltiples vulnerabilidades
- Validación incorrecta de datos de entrada en DNP3 de COPA-DATA
- Múltiples vulnerabilidades en Cogent Datahub
- Consumo incontrolado de recursos en Triangle MicroWorks
- Escalada de privilegios en varios productos de VMware
- UsCert - TA13-051A: Oracle Java Multiple Vulnerabilities
- Hispasec - El sitio es el oficial, pero ¿y el archivo que estoy descargando?
- Hispasec - Elevación de privilegios en sudo (en multitud de distribuciones)
- Hispasec - Denegación de servicio en Samba
- Hispasec - Solucionadas dos vulnerabilidades en Asterisk
- Hispasec - Nuevos troyanos Spyeye orientados exclusivamente a entidades de Panamá y Honduras
- Hispasec - Nueva versión de PHP corrige dos vulnerabilidades
- Hispasec - Diversas vulnerabilidades en Wireshark
- Hispasec - Microsoft, ¿No quedamos en dejar de utilizar MD5? (y II)
- Hispasec - Ejecución remota de comandos en Apache Struts