Vulnerabilities of Interest:
- VUPEN is reporting that a vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a dangling pointer in the Microsoft HTML Viewer (mshtml.dll) when retrieving certain CSS/STYLE objects via the “getElementsByTagName()” method, which could allow attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a malicious web page.
- NTP ‘ntpq’ Stack Buffer Overflow Vulnerability – The ‘ntpq’ command is prone to a stack-based buffer-overflow vulnerability. Successful exploits will crash the affected utility. Code execution may also be possible, but has not been confirmed.
- Cisco VPN Client “cvpnd” Service Local Denial of Service – A vulnerability has been reported in Cisco VPN Client, which can be exploited by malicious, local users to cause a DoS (Denial of Serivce). The vulnerability is caused due to an improper error handling within the cvpnd.exe binary, which can be exploited to terminate the cvpnd service with all active VPN sessions. The vulnerability is reported in versions prior to 5.0.06.0100. The solutions is to update to version 5.0.06.0100.
- Linux Kernel ‘NFS filename’ Local Denial of Service Vulnerability – The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to trigger a kernel oops, resulting in a denial-of-service condition.
- Linux Kernel ‘exit_notify()’ CAP_KILL Verification Local Privilege Escalation Vulnerability – The Linux kernel is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with superuser privileges, resulting in a complete compromise of the affected computer.Versions prior to Linux kernel 2.6.29-git14 are vulnerable. An exploit is available in the Wild.
- Linux Kernel CIFS Remote Buffer Overflow Vulnerability – The Linux Kernel is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. The issue affects Linux Kernel 2.6.29; other versions may also be vulnerable.
- Linux Kernel nfsd ‘CAP_MKNOD’ Unauthorized Access Vulnerability – The Linux Kernel is prone to an unauthorized-access vulnerability that can occur when users with certain capabilities connect to the ‘nfsd’ service. Attacker with authenticated access to the affected application can exploit this issue to perform privileged operations on a vulnerable computer; this may aid in further attacks. Can be exploited by using readily available tools.
- ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability – ISC BIND is prone to a remote denial-of-service vulnerability because the software fails to properly handle specially crafted dynamic update requests. Successfully exploiting this issue allows remote attackers to crash affected DNS servers, denying further service to legitimate users. Other attacks are also possible. Versions prior to BIND 9.4.3-P3, 9.5.1-P3, and 9.6.1-P3 are vulnerable. This issue is being actively exploited in the wild.
- Sun Solaris OpenSSL TLS Session Renegotiation Plaintext Injection Vulnerability - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to manipulate certain data. A final resolution is pending completion.
News Items of Interest:
News item 1: (http://www.v3.co.uk/v3/news/2253708/insurers-found-facebook)
News item 2: (http://www.itworldcanada.com/news/reputation-based-security-to-dominate/139392)
News item 3: (http://www.theregister.co.uk/2009/11/20/snow_leopard_atom_support/)
A custom version of OS 10.6.2 distributed here. More about how to install the patch is available from this forum at Insanely Mac.
News item 4: (http://blogs.zdnet.com/green/?p=8783)
News item 5: (http://news.cnet.com/8301-13860_3-10402783-56.html?part=rss&subj=news&tag=2547-1_3-0-20)
News item 6: (http://www.sciencedaily.com/releases/2009/11/091118160627.htm)
News item 6: (http://news.softpedia.com/news/Comcast-Domain-Hijackers-Indicted-127635.shtml)
Tech Segment:
Linkrot scans a site for inaccessible links (http error 404, 500, etc.) and saves a log with bad links that you can open in Excel. It’s a Windows console application developed in C# (.NET 2.0 stack). Simple, single thread crawling for dead links, broken links, dangling links.
C:\Users\rhayes\Downloads>linkrot
Finds inaccessible links in a website (single thread version).
All links are written to Links.txt.
Bad links are written to Error.txt.
Use: linkrot.exe <url>
Example: linkrot.exe http://www.linkrot.be/
Example: linkrot.exe http://www.linkrot.be/ >> logfile.txt
Error level -1: Parameter fault, given url is not accessible.
Error level 0: All went well, no bad links found.
Error level 1: Bad links found, see error log for details.
Comments to info@patrick.nl, www.patrick.nl.
C:\Users\rhayes\Downloads>linkrot http://www.irongeek.com >>logfile.txt
logfile.txt:
Resolved http://www.irongeek.com/
Resolved http://www.dreamhost.com/r.cgi?155413
Resolved http://www.irongeek.com/i.php
Resolved http://www.irongeek.com/i.php?page=security/hackingillustrated
Resolved http://www.irongeek.com/i.php?page=security/security
Resolved http://www.irongeek.com/i.php?page=mobile-device-hacking
Resolved http://www.irongeek.com/i.php?page=security/code
Resolved http://www.irongeek.com/i.php?page=reviews/reviews
Resolved http://feedproxy.google.com/IrongeeksSecuritySite
Resolved http://www.irongeek.com/browserinfo.php
Resolved http://www.irongeek.com/security-podcasts.php
Resolved http://www.irongeek.com/i.php?page=hoosier
Resolved http://www.irongeek.com/newscat.php
Resolved http://www.irongeek.com/i.php?page=links
Resolved http://www.irongeek.com/i.php?page=contact
Resolved http://www.irongeek.com/i.php?page=forum/index
Resolved http://www.irongeek.com/i.php?page=workout/workout
Resolved http://www.irongeek.com/i.php?page=fitness/nutrition
Resolved http://www.irongeek.com/i.php?page=fitness/supplements
Resolved http://www.irongeek.com/i.php?page=humor/humor
Resolved http://www.irongeek.com/i.php?page=advertise
Resolved http://www.irongeek.com/i.php?page=hire-adrian-for-security-or-tech-w
Resolved http://www.irongeek.com/i.php?page=campuses-that-use-irongeek-for-tea
Resolved http://www.irongeek.com/fed-watch.php
Links.txt
Status Found on page Link Milliseconds Content type
Resolved http://www.irongeek.com/ http://www.irongeek.com/ 9219 text/html
Resolved http://www.irongeek.com/ http://www.dreamhost.com/r.cgi?155413 2958 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php 1375 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=security/hackingillustrated 1415 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=security/security 1876 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=mobile-device-hacking 3471 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=security/code 755 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=reviews/reviews 765 text/html
Resolved http://www.irongeek.com/ http://feedproxy.google.com/IrongeeksSecuritySite 12794 text/xml; charset=UTF-8
Resolved http://www.irongeek.com/ http://www.irongeek.com/browserinfo.php 1620 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/security-podcasts.php 5396 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=hoosier 283 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/newscat.php 453 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=links 221 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=contact 261 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=forum/index 140 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=workout/workout 342 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=fitness/nutrition 145 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=fitness/supplements 309 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=humor/humor 215 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=advertise 183 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=hire-adrian-for-security-or-tech-work-in-louisville-or-southern-indiana-kentuckiana 169 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=campuses-that-use-irongeek-for-teaching-infosec-in-higher-education 210 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/fed-watch.php 3629 text/html
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=books 466 text/html
Resolved http://www.irongeek.com/ http://www.printfection.com/irongeek/ 5934 text/html; charset=UTF-8
Resolved http://www.irongeek.com/ http://www.irongeek.com/i.php?page=about 1824 text/html
Error.txt:
Error message Found on page Bad link Milliseconds
Timeout http://www.irongeek.com/ http://www.packetsniffers.org/ 21495
Timeout http://www.irongeek.com/ http://hackhound.org/ 21106
Timeout http://www.irongeek.com/ http://hackhound.org/images/button2.gif 21007
NotFound http://www.irongeek.com/i.php?page=security/hackingillustrated http://leebaird.com/Me/Hacking.html 559
Timeout http://www.irongeek.com/i.php?page=security/hackingillustrated http://phreaknic.wilpig.org/ 21208
Linkrot is available in command-line utility and source code from here: Linkrot