/0®

You've won £ 350,000.

Photo going around on Facebook

Joe -- Maybe you've seen this photo going around on Facebook -- one person's reasons for supporting President Obama. We've all got our own reasons for supporting the President, and with less than 100 days to go, now's the time to show it. Pitch in $3 or whatever you can before tonight's critical fundraising deadline. https://donate.barackobama.com/Deadline-Midnight Thanks, Obama for America P.S. -- What we have on hand at midnight tonight determines how strong we can close out the next three months. Please pitch in what you can today.

Contributions or gifts to Obama for America are not tax deductible.

This email was sent to: securityworld@gmail.com. If that is not your preferred email address, you can update your information here. We believe that emails are a vital way for the campaign to stay in direct contact with supporters. Click here if you'd like to unsubscribe from these messages. This campaign is a community, and all ideas are welcome. We appreciate any feedback you might have -- positive or negative. Click here to contact the campaign with any questions or concerns.

[SECURITY] [DSA 2518-1] krb5 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


- -------------------------------------------------------------------------
Debian Security Advisory DSA-2518-1 security@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
July 31, 2012 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : krb5
Vulnerability : denial of service and remote code execution
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-1014 CVE-2012-1015
Debian Bug : 683429

Emmanuel Bouillon from NCI Agency discovered multiple vulnerabilities in MIT
Kerberos, a daemon implementing the network authentication protocol.

CVE-2012-1014

By sending specially crafted AS-REQ (Authentication Service Request) to a KDC
(Key Distribution Center), an attacker could make it free an uninitialized
pointer, corrupting the heap. This can lead to process crash or even arbitrary
code execution.
.
This CVE only affects testing (wheezy) and unstable (sid) distributions.

CVE-2012-1015

By sending specially crafted AS-REQ to a KDC, an attacker could make it
dereference an uninitialized pointer, leading to process crash or even
arbitrary code execution

In both cases, arbitrary code execution is believed to be difficult to achieve,
but might not be impossible.

For the stable distribution (squeeze), this problem has been fixed in
version 1.8.3+dfsg-4squeeze6.

For the testing distribution (wheezy), this problem has been fixed in
version 1.10.1+dfsg-2.

For the unstable distribution (sid), this problem has been fixed in
version 1.10.1+dfsg-2.

We recommend that you upgrade your krb5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJQGDhVAAoJEDBVD3hx7wuohhAQAMvfn2GpJ183+cRUkU2BU0nb
pNwX+RyE9PzxmROfnWQK+B5e4d/p85WVI+JIsqxRTdSU9exQW7Ix0KecFUOIDpih
UapoKsfyAsq1MuHP+zzhzITrjn/N0nLAWVLmhEiGYAXsSqhF9ANtHqEAVl4LMBFs
yM8mIOT1t2oBbWrdqDEObqzCHuXcF6zxOiO9V55yBima8qgKJaMfdwhexVCNgy2H
s07Z/Bip1X0MOQVt39OQ8gjpxLVKjCkLIzXKnGahFcthMxbT7JUFlgkqOUEhb8hz
C4aMWQ7VmaVyHRMoNQ36nbEeFOa1lbtFAUG1NtIAK4xc3yuUgzUAuiABtrlzOEE+
isTWYIFX6pAxxjmjDLXs+WzbsdbUg2WNpAT7yMlYpr8X1Fbspc4Q4cotXvOkxMDy
ZiztFrxLIwRzPKqz3mAR2aMMv+C15jAAkfI8TWY44uT7Nao8r7SkghhhW9XTHq/u
kjamNAqkdbeUN6Uv6LjKqtWcFHNDp/ybopx4eEAs9g49iYHjhIxeYSuZi9ezt69m
3aHE1+wRyQkYRXGTgQCSsEsQTmKG/GYsxbXz7AHTHeBKysXhozgXaVUP7mC4PhP6
IQl3TNPS7+ICDR/WmNecmDXnJSjiLr2Cxu05s6kdZufk2YuUmLKsDOwqdUK9zs5L
akNPAoiNvi30U+3tc07c
=lkou
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120731195612.4D07118AB@scapa.corsac.net

I'm asking you

Joe -- I'm always amazed by how Barack balances his responsibilities as president, a husband, and a dad. But sometimes even he needs a little help. And this campaign is going to take all of us pitching in. All of the things we've poured our hearts into -- from passing health care reform to fighting for an economy that works for everyone -- are on the line. I know I don't want to wake up on November 7th wondering if I could have done more. So I'm doing everything I can between now and Election Day to make sure we can keep moving this country forward for four more years. We've only got a few more hours before an important fundraising deadline. Please support this campaign by giving $3 or more today: https://donate.barackobama.com/Deadline-Midnight From all of us, thanks. Michelle

Contributions or gifts to Obama for America are not tax deductible

This email was sent to: securityworld@gmail.com. If that is not your preferred email address, you can update your information here. We believe that emails are a vital way for the campaign to stay in direct contact with supporters. Click here if you'd like to unsubscribe from these messages. This campaign is a community, and all ideas are welcome. We appreciate any feedback you might have -- positive or negative. Click here to contact the campaign with any questions or concerns.

New data center design boasts 'world's most efficient cooling system'

	13 awesome and scary things in near Earth space | IBM attempts to redefine the IPS
	Network World Daily News PM				Forward this to a Friend >>>
	New data center design boasts 'world's most efficient cooling system' A new kind of data center claiming to employ "the world's most efficient cooling system" turns the traditionally unbearable "hot aisle" between server racks into a rather pleasant air-conditioned hallway, all the while using significantly less energy. Read More RESOURCE COMPLIMENTS OF: RIM Introducing BlackBerry® Mobile Fusion Easily manage and secure mobile device deployments with BlackBerry® Mobile Fusion. From a single interface, manage BlackBerry® smartphones, BlackBerry® PlayBook™ tablets and devices that use the iOS® and Android™ operating systems. Put an end to mobile chaos. Learn more at blackberry.com/mobilefusion In this Issue 13 awesome and scary things in near Earth space IBM attempts to redefine the IPS Outsourcers apparently don't miss a beat in face of massive India power outage Getting out in front of BYOD INSIDER The state of network security Quirkiest Moments at 2012 Black Hat security conference IT execs prefer Obama on 5 key industry issues: survey iPhone 5 unveiling set for Sept. 12, rumors claim Following Xsigo acquisition, Oracle becomes the Apple of enterprise IT Touch-centric Windows 8 without mouse and keyboard leaves a lot behind Intel continues move into smartphones with 3G system-on-a-chip Apple v. Samsung: How it was explained to the jury Box raises $125 million in funding WHITE PAPER: Citrix Systems 2x consolidation for less than F5. Shift up to the Cloud Pay more to get less consolidation? How dense does F5 think you are? Shift to Citrix NetScaler. 2x consolidation—for less. Don't compromise your consolidation project. The Iron Age is over. The Cloud Age is here. Learn how virtualization streamlines your datacenter and consolidates network resources. Learn More 13 awesome and scary things in near Earth space There were a few interesting news items regarding the space around Earth this week. First NASA published a depiction of how the asteroids and comets that travel near the Earth. Second, the space agency issued another depiction of three of the largest contributors to space debris and how it orbits the planet. It makes you wonder why more things don't smash into each other more often in space. Take a look at those news items and some other amazing things that have or will happen in the space around Earth. Read More IBM attempts to redefine the IPS IBM Tuesday introduced what it's calling a "next generation" intrusion-prevention system (IPS), an offering that not only is designed to stifle network-based attacks, but adds application-level controls and URL filtering capabilities typically found in separate products such as Web security gateways. Read More Outsourcers apparently don't miss a beat in face of massive India power outage The massive power outages across most of northern India have not affected the software development, back office operations and services work that emanates from the country. Read More Getting out in front of BYOD It wasn't long ago that BYO was something you'd find on a party invitation. But with the wave of employees bringing their own smartphones and tablets into the workplace and expecting to use them for email, network access and mobile apps, BYOD -- or "bring your own device" -- now represents a promising but formidable business trend that doesn't leave IT in the mood for celebration. Read More WHITE PAPER: Dell VMware Taking a Proactive Approach to Patch Management Outline best practices that can be implemented to ensure your organization can address security proactively, rather than having to react and use valuable resources when viruses, malware or worms attack. Learn More Now! INSIDER The state of network security Network security is still as necessary as it was 15 years ago when the Black Hat Conference was first beginning. Sure the players have changed and the sophistication, but it is a classic good vs. evil scenario still. Read More Quirkiest Moments at 2012 Black Hat security conference From half-naked booth reps to colorful robots, it wasn't all about security on the exhibit floor and around the conference Read More IT execs prefer Obama on 5 key industry issues: survey On five separate questions involving the economic future of the technology industry, a plurality of IT executives surveyed indicate they would rather stick with President Obama than hand the reins over to presumptive Republican nominee Mitt Romney, who has made his business acumen the centerpiece of his campaign. Read More iPhone 5 unveiling set for Sept. 12, rumors claim Apple's iPhone 5 is due to be unveiled on Sept. 12, according to posts on three separate news or rumor websites. The new phone will be released before the end of the month, they say. Read More WHITE PAPER: SAP 21st Century Sales Warrior's Guide to Social Selling A new generation of Sales Warrior needs a new generation of tools. Watch, listen, read, and learn from the experts of Social Selling. Learn More Following Xsigo acquisition, Oracle becomes the Apple of enterprise IT This morning Oracle announced the acquisition of Xsigo Systems and there has been a frenzy of media coverage around it, primarily because it follows VMware's acquisition of Nicira, creating speculation of future acquisitions and many implications to the future of IT. However, some of the positioning of this acquisition was just flat out wrong. Read More Touch-centric Windows 8 without mouse and keyboard leaves a lot behind The new Windows 8 Wedge mouse and keyboard seem innovative and well engineered, but the real news is that they will be necessary add-ons for some Windows 8 tablets, especially when the tablets are used for traditional business applications. While Microsoft promotes touch as the key element of Windows 8, in more ways than one it acknowledges the reality that it must continue to support the mouse-keyboard... Read More Intel continues move into smartphones with 3G system-on-a-chip Intel announced Tuesday that it is planning to make a new system-on-a-chip with integrated 3G radio support available to select customers in the fourth quarter. Read More Apple v. Samsung: How it was explained to the jury The 10 California jurors who will decide the rights and wrongs in the battle between Apple and Samsung were sworn in late Monday and alongside instructions on how to proceed during the case, the U.S. judge presiding over the case explained to them the basics of the high-profile battle. Read More Box raises $125 million in funding Box has received US$125 million in funding, an infusion the company will use to boost its international expansion and strengthen its cloud-hosted enterprise collaboration, storage, file-sharing and content management software. Read More
	SLIDESHOWS 12 new network features in Windows 8 There are a bunch of new and impressive administrative features designed to increase network support, reliability, performance, and security. JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). Network World on Facebook Network World on LinkedIn MOST-READ STORIES Leaked Windows Phone 8 SDK brings app surprises Twitter's attempt to protect TV exec's privacy backfires Netflix uncages Chaos Monkey disaster testing system Possible Anonymous network attack could target Olympics partners BT, GlaxoSmithKline DeepField Networks exits stealth mode to reveal cloud genome mapping 12 new network features in Windows 8 The day VMware ate Cisco How to watch the Olympics on the Internet Oracle buys Xsigo for software-defined networking The 5 hottest IT jobs right now
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_daily_news_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **

Guidance from the C-Suite on IT Costs

Best Practices to Minimize Costs without Sacrificing the Quality of IT Services

Learn More CIO Perspective on Less Painful Budget Cuts Budget will always be the biggest factor when prioritizing IT projects. Three IT leaders candidly discuss their experiences in: Overcoming challenges of implementing IT cost savings Tips to change processes to keep projects on track Leveraging new technologies to reduce IT costs Balancing ad-hoc requests Learn More Forward to a Friend >>

Additional Resources Benefits BYOD Brings to the Enterprise. Preparing IT for Growing Business Demands SUBSCRIPTION SERVICES You are currently subscribed as security.world@gmail.com If you do not wish to receive future mailings from InfoWorld Online Resources, unsubscribe. View InfoWorld's online privacy policy. Copyright 2012 | InfoWorld | 492 Old Connecticut Path | Framingham MA 01701 | www.infoworld.com.

So

Joe -- Sometimes politics can seem very small. But the choice voters face in this election couldn't be bigger. Over the past two months, we have been outraised by our opponents. They've used that advantage to distort the truth and mislead people, over and over, on TV and the radio in battleground states. Tonight is one of the most critical fundraising deadlines we'll face. If we win this election, it will be because of what you did in moments like this to close the gap. Please make a donation of $3 or more right now: https://donate.barackobama.com/Deadline-Midnight Thank you. Barack

Contributions or gifts to Obama for America are not tax deductible

This email was sent to: securityworld@gmail.com. If that is not your preferred email address, you can update your information here. We believe that emails are a vital way for the campaign to stay in direct contact with supporters. Click here if you'd like to unsubscribe from these messages. This campaign is a community, and all ideas are welcome. We appreciate any feedback you might have -- positive or negative. Click here to contact the campaign with any questions or concerns.

Security soiree: Microsoft's BlueHat Prize contest

	Twitter's attempt to protect TV exec's privacy backfires | Hands on with Google Handwrite
	Network World Security				Forward this to a Friend >>>
	Security soiree: Microsoft's BlueHat Prize contest Microsoft's Trustworthy Computing Group recognizes securityresearchers for work on ROP Read More WHITE PAPER: EVault (formerly i365) The Dollars and Sense of Online Backup Read this paper to see how using online backup can answer these challenges by leveraging cloud-based technology to securely protect your company against data loss. Read Now! In this Issue Twitter's attempt to protect TV exec's privacy backfires Hands on with Google Handwrite The weirdest, wackiest and coolest sci/tech stories of 2012 (so far!) Cuckoo Sandbox Keeps Open Source Malware Analysis Moving Advance Malware Protection: Network or Host? Netflix uncages Chaos Monkey disaster testing system Possible Anonymous network attack could target Olympics partners BT, GlaxoSmithKline Twitter suffers malware spam outbreak WHITE PAPER: McAfee Top 4 Security Surprises That Await Private Cloud Builders This report published by Gabriel Consulting Group discusses security risks that prospective private cloud builders might be overlooking. Learn more. Twitter's attempt to protect TV exec's privacy backfires Twitter's ill-advised attempt to enforce an apparently not applicable privacy policy, combined with the ever-formidable law of unintended consequences, has rendered the reported workplace email address of an NBC Sports executive about as private as 1600 Pennsylvania Avenue. Of course, that's only if you believe a workplace email address is private/personal in the first place ... a dubious proposition... Read More Hands on with Google Handwrite Macworld associate editor Serenity Caldwell takes Google Handwrite for a spin. The search company's new project lets you scribble words and letters directly on the search screen, rather than use a virtual keyboard. Read More WEBCAST: SAP Make Every Rep a Sales Hero with SAP Sales OnDemand: Webcast This Webcast introduces the business challenges facing sales today, and provides an overview and demonstration of how SAP Sales OnDemand can be used to address those challenges. Learn More The weirdest, wackiest and coolest sci/tech stories of 2012 (so far!) From Apple to NASA and Stuxnet to robots, it's been a busy year Read More Cuckoo Sandbox Keeps Open Source Malware Analysis Moving I am back from my annual pilgrimage to Vegas for Security Week. Between Black Hat, DefCon and BSides Las Vegas, a critical mass of the infosec universe is on hand and it always a great learning experience in addition to a great time. I wanted to highlight a few things you probably haven't read about yet that I learned in Vegas. Read More WEBCAST: Webroot SecureAnywhere Business Endpoint Protection Traditional solutions have been failing us since the 90s. See how Webroot is changing endpoint data protection with a new way of looking at security that is 30x faster than leading solutions at a fraction of the footprint. Download a free-trial in just six seconds. Learn More! Advance Malware Protection: Network or Host? Large organizations have legitimate cause for concern. Malware creation and proliferation is increasing rapidly as cybercriminals and state-sponsored organizations create the next round of APTs, botnets, Trojans, and rootkits. What's more, we've entered the era of micro attacks designed to compromise a targeted organization, business unit, or individual. Read More Netflix uncages Chaos Monkey disaster testing system Netflix has released Chaos Monkey, which it uses internally to test the resiliency of its Amazon Web Services cloud computing architecture, making available for free one of the tools the video streaming company uses to keep its massive cloud computing architecture running. Read More Possible Anonymous network attack could target Olympics partners BT, GlaxoSmithKline Security firm Radware claims to have spotted evidence online that suggests hactivist group Anonymous is gearing up to target denial-of-service attacks on the websites of British companies BT and GlaxoSmithKline during the Olympics, and maybe do much more. Read More Twitter suffers malware spam outbreak A widespread spam attack linking to malware has broken out on Twitter, according to the security firm Sophos. Read More
	SLIDESHOWS 18 Notable Apple Alumni While some with Apple ties are already well-known, others may be surprising to find on the list. JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). Network World on Facebook Network World on LinkedIn MOST-READ STORIES 12 new network features in Windows 8 How to watch the Olympics on the Internet Europe's supply of IPv4 addresses nearing depletion Researcher creates proof-of-concept malware that infects BIOS, network cards iPhone 5 rumor rollup for the week ending July 27 The 5 hottest IT jobs right now The day VMware ate Cisco Windows 8 is a 'catastrophe,' says Valve founder and former Microsoft employee Gabe Newell Quirkiest moments at 2012 Black Hat security conference Microsoft announces new hardware for Windows 8
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **