Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

YYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update

Published: 2012-08-21
Last Updated: 2012-08-22 00:18:05 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

From their Security Bulletin "Adobe has released security updates for Adobe Flash Player 11.3.300.271 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.11 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.10 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system." Fixes the following CVE entries: CVE-2012-4163, CVE-2012-4164, CVE-2012-4165, CVE-2012-4166, CVE-2012-4167, CVE-2012-4168. It appears as though Adobe is going for a weekly update cycle.

More details are here: https://www.adobe.com/support/security/bulletins/apsb12-19.html

Thanks Toby and Rene for writing in!

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

I will be teaching SANS Sec560 in Montreal this September, and Sec542 in Vancouver this December.

0 comment(s)

RuggedCom fails key management 101 on Rugged Operating System (ROS)

Published: 2012-08-21
Last Updated: 2012-08-22 00:16:41 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

The Rugged Operating System (ROS) has a hard coded RSA private key used for SSL/TLS communications. With the private key from a server being a known value it is not difficult to decrypt any traffic to/from the device. This vulnerability could lead to loss of confidentiality, loss of integrity, and loss of availability for a device that should be secure and reliable. This is the same set of devices that had a backdoor account disclosed in April, where the account name was factory and the password was based on the MAC address. These devices are often used in SCADA and process control systems, where they should be adequately protected from any potentially hostile network access. For 'hardened' devices these two significant fails to implement security properly makes you wonder.

The key management fail is from an ICS-CERT ALERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-234-01.pdf

The backdoor and password management fail is here: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-116-01A.pdf

Thanks Andrew for writing in!

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

I will be teaching SANS Sec560 in Montreal this September, and Sec542 in Vancouver this December.

0 comment(s)
ISC StormCast for Tuesday, August 21st 2012 http://isc.sans.edu/podcastdetail.html?id=2749
Diary Archives