Tag Archives: cve

Dnsmasq 的安全性漏洞

Posted on October 3, 2017 by Gea-Suan Lin

Google 這次出手炸的好痛:「Behind the Masq: Yet more DNS, and DHCP, vulnerabilities」。 當需要在 client 端處理 DNS 的事情,有蠻多開發者都會選擇用 Dnsmasq 處理,這次直接拉出七個 CVE (編號 CVE-2017-13704 與 CVE-2016-{14491-14496}),其中三個是 RCE: 看了一下,Ubuntu 也推出更新了,接下來有一堆機器要升級 Dnsmasq... :o

Posted in Computer, DNS, Murmuring, Network, Security, Service, Software | Tagged , , , , , , , , , , | Leave a comment

Apache 的 Optionsbleed

Posted on September 27, 2017 by Gea-Suan Lin

Apache 也出了類似 Heartbleed 的包:「Apache bug leaks contents of server memory for all to see—Patch now」,原文出自「Optionsbleed - HTTP OPTIONS method can leak Apache's server memory」。 這掛上 CVE-2017-9798 了,影響版本包括了: This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. 發生在對 … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Security, Service, Software, WWW | Tagged , , , , , , , , , , | Leave a comment

在 Git/Mercurial/Subversion 上 "-" 發生的問題

Posted on August 16, 2017 by Gea-Suan Lin

在「[ANNOUNCE] Git v2.14.1, v2.13.5, and others」這邊看到 - 開頭產生的問題: These contain a security fix for CVE-2017-1000117, and are released in coordination with Subversion and Mercurial that share a similar issue. CVE-2017-9800 and CVE-2017-1000116 are assigned to these systems, respectively, for issues … Continue reading

Posted in Computer, Murmuring, Network, Security, Software | Tagged , , , , , , , , , , , , , | Leave a comment

最近 OpenVPN 的安全性漏洞...

Posted on June 28, 2017 by Gea-Suan Lin

看到「The OpenVPN post-audit bug bonanza」這個只有苦笑啊... 作者在 OpenVPN 經過一連串的安全加強後 (包括 harden 計畫與兩個外部單位的程式碼稽核找到不少問題),決定出手挖看看: After a hardening of the OpenVPN code (as commissioned by the Dutch intelligence service AIVD) and two recent audits 1 2, I thought it was now time for some … Continue reading

Posted in Computer, Murmuring, Network, Security, Software, VPN | Tagged , , , , , , , , , , , , , , | Leave a comment

iOS 透過無線網路的 RCE...

Posted on April 4, 2017 by Gea-Suan Lin

在「About the security content of iOS 10.3.1」這邊的說明: Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip … Continue reading

Posted in Computer, Hardware, Murmuring, Network, Security, Software | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

分析現在還有多少不安全的 JavaScript Library 被使用

Posted on March 11, 2017 by Gea-Suan Lin

在「Thou shalt not depend on me: analysing the use of outdated JavaScript libraries on the web」這邊看到對 JavaScript Library 的研究。 jQuery 沒有什麼疑問的還是最大宗,查了一下應該是 CVE-2011-4969 的影響,對 jQuery 1.6、1.6.1、1.6.2 三個版本有影響。 另外也提到了 hosting 的部份,可以看到 Google Hosted Libraries 還是佔有最高的比率。

Posted in CDN, Cloud, Computer, Murmuring, Network, Programming, Security, Software | Tagged , , , , , , , | Leave a comment

cURL 接下來的安全性更新...

Posted on October 22, 2016 by Gea-Suan Lin

cURL 的維護老大放話要大家注意接下來的安全性更新:「An alert on the upcoming 7.51.0 release」。 最少 11 個安全性更新: This release will bundle no less than _eleven_ security advisories and their associated fixes (unless we get more reported in the time we have left). 由於這些 security issue 的特性,會採取不公開的 … Continue reading

Posted in Computer, Murmuring, Network, Security, Software | Tagged , , , , , , , , | Leave a comment

Cisco 與 Fortinet 防火牆的 RCE 漏洞

Posted on August 20, 2016 by Gea-Suan Lin

NSA 使用這些漏洞來大量監聽企業的流量:「Leaked Exploits are Legit and Belong to NSA: Cisco, Fortinet and Snowden Docs Confirm」。 Cisco 已經確認這個安全性漏洞了,全系列包括已經停產的 Cisco PIX、上個世代的 Cisco ASA 5500 (但還有些型號還在賣),以及目前主力的 Cisco ASA 5500-X,另外還包括了安全模組系列也中獎:「Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability」。 Cisco ASA 5500 Series Adaptive Security … Continue reading

Posted in Computer, Hardware, Murmuring, Network, Political, Security, Social, VPN, WWW | Tagged , , , , , , , , , , , , , , , , | Leave a comment

Libgcrypt 與 GnuPG 的安全性問題

Posted on August 20, 2016 by Gea-Suan Lin

在「Security fixes for Libgcrypt and GnuPG 1.4 [CVE-2016-6316]」這邊看到這個歷史悠久的 bug: Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of Technology found a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the … Continue reading

Posted in Computer, Murmuring, Security, Software | Tagged , , , , , , , , , , , | Leave a comment

OpenSSL 的 DSA 被 Side-channel attack 打爆

Posted on June 16, 2016 by Gea-Suan Lin

在「Make Sure DSA Signing Exponentiations Really are Constant-Time」這篇文章裡面,直接透過 end-to-end 的 timing attack 打爆 (也就是透過 internet 觀察攻擊),而不需要在同一台機器上對 cache 之類的區域攻擊: A unique feature of our work is that we target common cryptographic protocols. Previous works that demonstrate cache-timing key-recovery attack only target … Continue reading

Posted in Computer, Murmuring, Network, Security, Software | Tagged , , , , , , , , , , , , , | Leave a comment