Everything related to Computer Security - Security Audits, Security Vulnerabilities, Intrusion Detection, Incident Handling, Forensics and Investigation, Information Security Policies, and a whole lot more.
Tuesday, July 31, 2012
Photo going around on Facebook
Joe -- Maybe you've seen this photo going around on Facebook -- one person's reasons for supporting President Obama. We've all got our own reasons for supporting the President, and with less than 100 days to go, now's the time to show it. Pitch in $3 or whatever you can before tonight's critical fundraising deadline. Thanks, Obama for America P.S. -- What we have on hand at midnight tonight determines how strong we can close out the next three months. Please pitch in what you can today. |
Contributions or gifts to Obama for America are not tax deductible. |
This email was sent to: securityworld@gmail.com. We believe that emails are a vital way for the campaign to stay in direct contact |
[SECURITY] [DSA 2518-1] krb5 security update
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2518-1 security@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
July 31, 2012 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : krb5
Vulnerability : denial of service and remote code execution
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-1014 CVE-2012-1015
Debian Bug : 683429
Emmanuel Bouillon from NCI Agency discovered multiple vulnerabilities in MIT
Kerberos, a daemon implementing the network authentication protocol.
CVE-2012-1014
By sending specially crafted AS-REQ (Authentication Service Request) to a KDC
(Key Distribution Center), an attacker could make it free an uninitialized
pointer, corrupting the heap. This can lead to process crash or even arbitrary
code execution.
.
This CVE only affects testing (wheezy) and unstable (sid) distributions.
CVE-2012-1015
By sending specially crafted AS-REQ to a KDC, an attacker could make it
dereference an uninitialized pointer, leading to process crash or even
arbitrary code execution
In both cases, arbitrary code execution is believed to be difficult to achieve,
but might not be impossible.
For the stable distribution (squeeze), this problem has been fixed in
version 1.8.3+dfsg-4squeeze6.
For the testing distribution (wheezy), this problem has been fixed in
version 1.10.1+dfsg-2.
For the unstable distribution (sid), this problem has been fixed in
version 1.10.1+dfsg-2.
We recommend that you upgrade your krb5 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCgAGBQJQGDhVAAoJEDBVD3hx7wuohhAQAMvfn2GpJ183+cRUkU2BU0nb
pNwX+RyE9PzxmROfnWQK+B5e4d/p85WVI+JIsqxRTdSU9exQW7Ix0KecFUOIDpih
UapoKsfyAsq1MuHP+zzhzITrjn/N0nLAWVLmhEiGYAXsSqhF9ANtHqEAVl4LMBFs
yM8mIOT1t2oBbWrdqDEObqzCHuXcF6zxOiO9V55yBima8qgKJaMfdwhexVCNgy2H
s07Z/Bip1X0MOQVt39OQ8gjpxLVKjCkLIzXKnGahFcthMxbT7JUFlgkqOUEhb8hz
C4aMWQ7VmaVyHRMoNQ36nbEeFOa1lbtFAUG1NtIAK4xc3yuUgzUAuiABtrlzOEE+
isTWYIFX6pAxxjmjDLXs+WzbsdbUg2WNpAT7yMlYpr8X1Fbspc4Q4cotXvOkxMDy
ZiztFrxLIwRzPKqz3mAR2aMMv+C15jAAkfI8TWY44uT7Nao8r7SkghhhW9XTHq/u
kjamNAqkdbeUN6Uv6LjKqtWcFHNDp/ybopx4eEAs9g49iYHjhIxeYSuZi9ezt69m
3aHE1+wRyQkYRXGTgQCSsEsQTmKG/GYsxbXz7AHTHeBKysXhozgXaVUP7mC4PhP6
IQl3TNPS7+ICDR/WmNecmDXnJSjiLr2Cxu05s6kdZufk2YuUmLKsDOwqdUK9zs5L
akNPAoiNvi30U+3tc07c
=lkou
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120731195612.4D07118AB@scapa.corsac.net
I'm asking you
Joe -- I'm always amazed by how Barack balances his responsibilities as president, a husband, and a dad. But sometimes even he needs a little help. And this campaign is going to take all of us pitching in. All of the things we've poured our hearts into -- from passing health care reform to fighting for an economy that works for everyone -- are on the line. I know I don't want to wake up on November 7th wondering if I could have done more. So I'm doing everything I can between now and Election Day to make sure we can keep moving this country forward for four more years. We've only got a few more hours before an important fundraising deadline. Please support this campaign by giving $3 or more today: https://donate.barackobama.com/Deadline-Midnight From all of us, thanks. Michelle |
Contributions or gifts to Obama for America are not tax deductible |
This email was sent to: securityworld@gmail.com. We believe that emails are a vital way for the campaign to stay in direct contact |
New data center design boasts 'world's most efficient cooling system'
13 awesome and scary things in near Earth space | IBM attempts to redefine the IPS | ||||||||||
Network World Daily News PM | ||||||||||
New data center design boasts 'world's most efficient cooling system' RESOURCE COMPLIMENTS OF: RIM Introducing BlackBerry® Mobile Fusion Easily manage and secure mobile device deployments with BlackBerry® Mobile Fusion. From a single interface, manage BlackBerry® smartphones, BlackBerry® PlayBook tablets and devices that use the iOS® and Android operating systems. Put an end to mobile chaos. Learn more at blackberry.com/mobilefusion In this Issue
WHITE PAPER: Citrix Systems 2x consolidation for less than F5. Shift up to the Cloud Pay more to get less consolidation? How dense does F5 think you are? Shift to Citrix NetScaler. 2x consolidationfor less. Don't compromise your consolidation project. The Iron Age is over. The Cloud Age is here. Learn how virtualization streamlines your datacenter and consolidates network resources. Learn More 13 awesome and scary things in near Earth space IBM attempts to redefine the IPS Outsourcers apparently don't miss a beat in face of massive India power outage Getting out in front of BYOD WHITE PAPER: Dell VMware Taking a Proactive Approach to Patch Management Outline best practices that can be implemented to ensure your organization can address security proactively, rather than having to react and use valuable resources when viruses, malware or worms attack. Learn More Now! Quirkiest Moments at 2012 Black Hat security conference IT execs prefer Obama on 5 key industry issues: survey iPhone 5 unveiling set for Sept. 12, rumors claim WHITE PAPER: SAP 21st Century Sales Warrior's Guide to Social Selling A new generation of Sales Warrior needs a new generation of tools. Watch, listen, read, and learn from the experts of Social Selling. Learn More Following Xsigo acquisition, Oracle becomes the Apple of enterprise IT Touch-centric Windows 8 without mouse and keyboard leaves a lot behind Intel continues move into smartphones with 3G system-on-a-chip Apple v. Samsung: How it was explained to the jury Box raises $125 million in funding | ||||||||||
SLIDESHOWS 12 new network features in Windows 8 JOIN THE NETWORK WORLD COMMUNITIES MOST-READ STORIES
| ||||||||||
Do You Tweet? You are currently subscribed to networkworld_daily_news_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. ** |
Guidance from the C-Suite on IT Costs
| |
|
|
So
Joe -- Sometimes politics can seem very small. But the choice voters face in this election couldn't be bigger. Over the past two months, we have been outraised by our opponents. They've used that advantage to distort the truth and mislead people, over and over, on TV and the radio in battleground states. Tonight is one of the most critical fundraising deadlines we'll face. If we win this election, it will be because of what you did in moments like this to close the gap. Please make a donation of $3 or more right now: https://donate.barackobama.com/Deadline-Midnight Thank you. Barack |
Contributions or gifts to Obama for America are not tax deductible |
This email was sent to: securityworld@gmail.com. We believe that emails are a vital way for the campaign to stay in direct contact |
Security soiree: Microsoft's BlueHat Prize contest
Twitter's attempt to protect TV exec's privacy backfires | Hands on with Google Handwrite | ||||||||||
Network World Security | ||||||||||
Security soiree: Microsoft's BlueHat Prize contest WHITE PAPER: EVault (formerly i365) The Dollars and Sense of Online Backup Read this paper to see how using online backup can answer these challenges by leveraging cloud-based technology to securely protect your company against data loss. Read Now! In this Issue
WHITE PAPER: McAfee Top 4 Security Surprises That Await Private Cloud Builders This report published by Gabriel Consulting Group discusses security risks that prospective private cloud builders might be overlooking. Learn more. Twitter's attempt to protect TV exec's privacy backfires Hands on with Google Handwrite WEBCAST: SAP Make Every Rep a Sales Hero with SAP Sales OnDemand: Webcast This Webcast introduces the business challenges facing sales today, and provides an overview and demonstration of how SAP Sales OnDemand can be used to address those challenges. Learn More The weirdest, wackiest and coolest sci/tech stories of 2012 (so far!) Cuckoo Sandbox Keeps Open Source Malware Analysis Moving WEBCAST: Webroot SecureAnywhere Business Endpoint Protection Traditional solutions have been failing us since the 90s. See how Webroot is changing endpoint data protection with a new way of looking at security that is 30x faster than leading solutions at a fraction of the footprint. Download a free-trial in just six seconds. Learn More! Advance Malware Protection: Network or Host? Netflix uncages Chaos Monkey disaster testing system Possible Anonymous network attack could target Olympics partners BT, GlaxoSmithKline Twitter suffers malware spam outbreak | ||||||||||
SLIDESHOWS 18 Notable Apple Alumni JOIN THE NETWORK WORLD COMMUNITIES MOST-READ STORIES
| ||||||||||
Do You Tweet? You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. ** |