How Ayn Rand’s Philosophy Inspired Assassination of JFK

Here’s how I’d paraphrase a comment in the new documentary film on Americans who refused to believe in morality, and struck out violently to prove they only can be self-judged: …reading Ayn Rand meant we were extremely anti-JFK, saw him as our arch-villain. US Marine Lee Harvey Oswald was going to be the hero of … Continue reading How Ayn Rand’s Philosophy Inspired Assassination of JFK →

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Security Boulevard.

Read More

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/how-ayn-rands-philosophy-inspired-assassination-of-jfk-4/?utm_source=rss&utm_medium=rss&utm_campaign=how-ayn-rands-philosophy-inspired-assassination-of-jfk-4

How Ayn Rand’s Philosophy Inspired Assassination of JFK

Here’s how I’d paraphrase a comment in the new documentary film on Americans who refused to believe in morality, and struck out violently to prove they only can be self-judged: …reading Ayn Rand meant we were extremely anti-JFK, saw him as our arch-villain. US Marine Lee Harvey Oswald was going to be the hero of … Continue reading How Ayn Rand’s Philosophy Inspired Assassination of JFK →

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Security Boulevard.

Read More

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/how-ayn-rands-philosophy-inspired-assassination-of-jfk-3/?utm_source=rss&utm_medium=rss&utm_campaign=how-ayn-rands-philosophy-inspired-assassination-of-jfk-3

How Ayn Rand’s Philosophy Inspired Assassination of JFK

Here’s how I’d paraphrase a comment in the new documentary film on Americans who refused to believe in morality, and struck out violently to prove they only can be self-judged: …reading Ayn Rand meant we were extremely anti-JFK, saw him as our arch-villain. US Marine Lee Harvey Oswald was going to be the hero of … Continue reading How Ayn Rand’s Philosophy Inspired Assassination of JFK →

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Security Boulevard.

Read More

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/how-ayn-rands-philosophy-inspired-assassination-of-jfk-2/?utm_source=rss&utm_medium=rss&utm_campaign=how-ayn-rands-philosophy-inspired-assassination-of-jfk-2

How Ayn Rand’s Philosophy Inspired Assassination of JFK

Here’s how I’d paraphrase a comment in the new documentary film on Americans who refused to believe in morality, and struck out violently to prove they only can be self-judged: …reading Ayn Rand meant we were extremely anti-JFK, saw him as our arch-villain. US Marine Lee Harvey Oswald was going to be the hero of … Continue reading How Ayn Rand’s Philosophy Inspired Assassination of JFK →

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Security Boulevard.

Read More

The post How Ayn Rand’s Philosophy Inspired Assassination of JFK appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/how-ayn-rands-philosophy-inspired-assassination-of-jfk/?utm_source=rss&utm_medium=rss&utm_campaign=how-ayn-rands-philosophy-inspired-assassination-of-jfk

BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’

Our thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group’s BSidesSF 2020 Conference, and on the Organization’s YouTube Channel. Additionally, the BSidesSF 2021 Conference will take place on March 6 – 9, 2021 – with no cost to participate. Enjoy!

Permalink

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Security Boulevard.

Read More

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-5/?utm_source=rss&utm_medium=rss&utm_campaign=bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-5

BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’

Our thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group’s BSidesSF 2020 Conference, and on the Organization’s YouTube Channel. Additionally, the BSidesSF 2021 Conference will take place on March 6 – 9, 2021 – with no cost to participate. Enjoy!

Permalink

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Security Boulevard.

Read More

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-4/?utm_source=rss&utm_medium=rss&utm_campaign=bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-4

BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’

Our thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group’s BSidesSF 2020 Conference, and on the Organization’s YouTube Channel. Additionally, the BSidesSF 2021 Conference will take place on March 6 – 9, 2021 – with no cost to participate. Enjoy!

Permalink

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Security Boulevard.

Read More

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-3/?utm_source=rss&utm_medium=rss&utm_campaign=bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-3

BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’

Our thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group’s BSidesSF 2020 Conference, and on the Organization’s YouTube Channel. Additionally, the BSidesSF 2021 Conference will take place on March 6 – 9, 2021 – with no cost to participate. Enjoy!

Permalink

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Security Boulevard.

Read More

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-2/?utm_source=rss&utm_medium=rss&utm_campaign=bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment-2

BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’

Our thanks to BSidesSF and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group’s BSidesSF 2020 Conference, and on the Organization’s YouTube Channel. Additionally, the BSidesSF 2021 Conference will take place on March 6 – 9, 2021 – with no cost to participate. Enjoy!

Permalink

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Security Boulevard.

Read More

The post BSidesSF 2020 – Or Katz’s ‘Creating Threat Intelligence Signals In A “Zero Trust” Environment’ appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment/?utm_source=rss&utm_medium=rss&utm_campaign=bsidessf-2020-or-katzs-creating-threat-intelligence-signals-in-a-zero-trust-environment

Digital Transformation Frameworks for Cyber Risk Teams

Businesses are embracing digital transformation to drive agility and ensure their success in a digital-first economy. This includes adapting to digital technologies like the cloud and the Internet of Things (IoT) as part of their transformation strategies.

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Security Boulevard.

Read More

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/digital-transformation-frameworks-for-cyber-risk-teams-4/?utm_source=rss&utm_medium=rss&utm_campaign=digital-transformation-frameworks-for-cyber-risk-teams-4

Digital Transformation Frameworks for Cyber Risk Teams

Businesses are embracing digital transformation to drive agility and ensure their success in a digital-first economy. This includes adapting to digital technologies like the cloud and the Internet of Things (IoT) as part of their transformation strategies.

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Security Boulevard.

Read More

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/digital-transformation-frameworks-for-cyber-risk-teams-3/?utm_source=rss&utm_medium=rss&utm_campaign=digital-transformation-frameworks-for-cyber-risk-teams-3

Digital Transformation Frameworks for Cyber Risk Teams

Businesses are embracing digital transformation to drive agility and ensure their success in a digital-first economy. This includes adapting to digital technologies like the cloud and the Internet of Things (IoT) as part of their transformation strategies.

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Security Boulevard.

Read More

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/digital-transformation-frameworks-for-cyber-risk-teams-2/?utm_source=rss&utm_medium=rss&utm_campaign=digital-transformation-frameworks-for-cyber-risk-teams-2

Digital Transformation Frameworks for Cyber Risk Teams

Businesses are embracing digital transformation to drive agility and ensure their success in a digital-first economy. This includes adapting to digital technologies like the cloud and the Internet of Things (IoT) as part of their transformation strategies.

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Security Boulevard.

Read More

The post Digital Transformation Frameworks for Cyber Risk Teams appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/digital-transformation-frameworks-for-cyber-risk-teams/?utm_source=rss&utm_medium=rss&utm_campaign=digital-transformation-frameworks-for-cyber-risk-teams

Joy Of Tech®’s ‘Facebook’s New Mission: We Need To Inflict Pain On Apple!’

via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech®!

Permalink

The post Joy Of Tech®’s ‘Facebook’s New Mission: We Need To Inflict Pain On Apple!’ appeared first on Security Boulevard.

Read More

The post Joy Of Tech®’s ‘Facebook’s New Mission: We Need To Inflict Pain On Apple!’ appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/joy-of-techs-facebooks-new-mission-we-need-to-inflict-pain-on-apple-2/?utm_source=rss&utm_medium=rss&utm_campaign=joy-of-techs-facebooks-new-mission-we-need-to-inflict-pain-on-apple-2

Joy Of Tech®’s ‘Facebook’s New Mission: We Need To Inflict Pain On Apple!’

via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech®!

Permalink

The post Joy Of Tech®’s ‘Facebook’s New Mission: We Need To Inflict Pain On Apple!’ appeared first on Security Boulevard.

Read More

The post Joy Of Tech®’s ‘Facebook’s New Mission: We Need To Inflict Pain On Apple!’ appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/joy-of-techs-facebooks-new-mission-we-need-to-inflict-pain-on-apple/?utm_source=rss&utm_medium=rss&utm_campaign=joy-of-techs-facebooks-new-mission-we-need-to-inflict-pain-on-apple

How Joining a Professional Community Can Supercharge Your Career and More

When I was a software developer, I never joined any dev communities. I didn’t see the point. I also worked evenings as a professional musician and mostly spent time within the music community and sports groups I was a part of. I spent time with my dev friends at work; I didn’t understand why I […]… Read More

The post How Joining a Professional Community Can Supercharge Your Career and More appeared first on The State of Security.

The post How Joining a Professional Community Can Supercharge Your Career and More appeared first on Security Boulevard.

Read More

The post How Joining a Professional Community Can Supercharge Your Career and More appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/how-joining-a-professional-community-can-supercharge-your-career-and-more/?utm_source=rss&utm_medium=rss&utm_campaign=how-joining-a-professional-community-can-supercharge-your-career-and-more

How one man silently infiltrated dozens of high-tech networks

Ever counted how many external source code dependencies your fancy new software product has? Be prepared for a surprise!
Read More

The post How one man silently infiltrated dozens of high-tech networks appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/how-one-man-silently-infiltrated-dozens-of-high-tech-networks/?utm_source=rss&utm_medium=rss&utm_campaign=how-one-man-silently-infiltrated-dozens-of-high-tech-networks

ISC Stormcast For Tuesday, February 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7374, (Tue, Feb 16th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post ISC Stormcast For Tuesday, February 16th, 2021 https://isc.sans.edu/podcastdetail.html?id=7374, (Tue, Feb 16th) appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/isc-stormcast-for-tuesday-february-16th-2021-https-isc-sans-edu-podcastdetail-htmlid7374-tue-feb-16th/?utm_source=rss&utm_medium=rss&utm_campaign=isc-stormcast-for-tuesday-february-16th-2021-https-isc-sans-edu-podcastdetail-htmlid7374-tue-feb-16th

ESB-2021.0564 – [Debian] busybox: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0564
                          busybox security update
                             16 February 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           busybox
Publisher:         Debian
Operating System:  Debian GNU/Linux
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Modify Arbitrary Files          -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Reduced Security                -- Remote/Unauthenticated
                   Unauthorised Access             -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-1000517 CVE-2017-16544 CVE-2017-15873
                   CVE-2016-2148 CVE-2016-2147 CVE-2015-9621
                   CVE-2015-9261 CVE-2014-9645 CVE-2014-4607
                   CVE-2013-1813 CVE-2011-5325 

Reference:         ESB-2019.1136
                   ESB-2016.2784
                   ESB-2014.1291

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- ------------------------------------------------------------------------
Debian LTS Advisory DLA-2559-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Markus Koschany
February 15, 2021                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : busybox
Version        : 1:1.22.0-19+deb9u1
CVE ID         : CVE-2011-5325 CVE-2015-9261 CVE-2016-2147 CVE-2016-214820
                 CVE-2017-15873 CVE-2017-16544 CVE-2018-1000517
Debian Bug     : 902724 882258 879732 818497 818499 803097 802702

Busybox, utility programs for small and embedded systems, was affected
by several security vulnerabilities. The Common Vulnerabilities and
Exposures project identifies the following issues.

CVE-2011-5325

    A path traversal vulnerability was found in Busybox implementation
    of tar. tar will extract a symlink that points outside of the
    current working directory and then follow that symlink when
    extracting other files. This allows for a directory traversal
    attack when extracting untrusted tarballs.

CVE-2013-1813

    When device node or symlink in /dev should be created inside
    2-or-deeper subdirectory (/dev/dir1/dir2.../node), the intermediate
    directories are created with incorrect permissions.

CVE-2014-4607

    An integer overflow may occur when processing any variant of a
   "literal run" in the lzo1x_decompress_safe function. Each of these
    three locations is subject to an integer overflow when processing
    zero bytes. This exposes the code that copies literals to memory
    corruption.

CVE-2014-9645

    The add_probe function in modutils/modprobe.c in BusyBox allows
    local users to bypass intended restrictions on loading kernel
    modules via a / (slash) character in a module name, as demonstrated
    by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none
    /" command.

CVE-2016-2147

    Integer overflow in the DHCP client (udhcpc) in BusyBox allows
    remote attackers to cause a denial of service (crash) via a
    malformed RFC1035-encoded domain name, which triggers an
    out-of-bounds heap write.

CVE-2016-2148

    Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox
    allows remote attackers to have unspecified impact via vectors
    involving OPTION_6RD parsing.

CVE-2017-15873

    The get_next_block function in archival/libarchive
    /decompress_bunzip2.c in BusyBox has an Integer Overflow that may
    lead to a write access violation.

CVE-2017-16544

    In the add_match function in libbb/lineedit.c in BusyBox, the tab
    autocomplete feature of the shell, used to get a list of filenames
    in a directory, does not sanitize filenames and results in executing
    any escape sequence in the terminal. This could potentially result
    in code execution, arbitrary file writes, or other attacks.

CVE-2018-1000517

    BusyBox contains a Buffer Overflow vulnerability in
    Busybox wget that can result in a heap-based buffer overflow.
    This attack appears to be exploitable via network connectivity.

CVE-2015-9621

    Unziping a specially crafted zip file results in a computation of an
    invalid pointer and a crash reading an invalid address.

For Debian 9 stretch, these problems have been fixed in version
1:1.22.0-19+deb9u1.

We recommend that you upgrade your busybox packages.

For the detailed security status of busybox please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/busybox

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -----BEGIN PGP SIGNATURE-----

iQKTBAABCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmAqYYRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeRK/g/5AVIsov1Jv48LUIvaQUVL9qCk9bmlnPvKJENPs+4LkYQldjmX+Jjldtyw
iKDmgfqY6C9AwSG3cCDZYDKgO/FR8MCRmtqoy0BAyGd59dwNCMSbnBBowH26+e3M
TL+z7BkU5cE92w6g1w/unxBX0NUlhlU5ptnz+wKJbexWYLqShbtsrkB8u/CYqMlF
6fqkfabVHBQf/FzEPuF5cKZqUjHDhLshuNuXvSlfgZlSqDghcQgF433+xn1kMyT3
3pgcig3JIoI6Ry+8HwrcIIiliWtEDEwwgaIrbiW7OJYrJgQhXhMMvLhDkNR0s+kl
2UjVyhLs8/rWABN1LCfzs90fomViFoV4tDWG/wK3/OPazywiDqwtoPfLoh5GD0vW
3TPC97VOTkz9vg2gukfP24xdHTw1YZgkoVQn1amPH6LHoQu3gsX9mpo98YKRfocK
Zy0NI9cMC/G2qbFf1pxVNZnJufpFoizu0SoHRAUTom5FJBMKxUR4nRVAcgoadzqW
OsTX5/4h3Z7S0SURYj0CSxcbpkpXfHAdOBhXBLFadyt+3LTefbQJ3mzuyFdhgxUN
whl7Jxaqy6sCePHEwCx0KmQ1fxIXbg1HTTZIzMcmgjQ9g8A/t7uOrL8QzFTAKe1X
w8xzogcv2Hu5ReEsDjRciIjTHPb1XnEOfDqHW++t7NBKFUuL9Sg=
=R51w
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYCs7VuNLKJtyKPYoAQiD0xAAklvACsK41Tnw4xINwkkr8Bscq+IB98BZ
2j18yaiPD++US2FHjtTWNVTEy9fKvVuNwbua2yvS3O6XO8dYsDPt5Crlav+QeASw
lZ73ZvTVVr9qy18C3dOsBmvs9ree5xDU+mJKsj/uHJTfnUQQPbh5r515eN+sx7he
LAK+h8w2V7ECLY1vjjoyqERGp+xatI/88W69YbIYHrGdkDzaiMbTxZ50wwqB7aZy
O56IrDhWlEphVdmLO5KYgiF1JhKFXgAjIziB6JnibnrGq1oVdnfmZsvIrZ7w+8Qt
dkmsiAXV5Ab8L+o/2vWKWFazuMvipUNhmWlwoMyHfJQ2sf1OeyhUTdIGY6KK0kbG
n+5VDGHHT7KaLTV6d1cx8/vNqw4sO5g9tlH26CoW/khJhfWRZuqxScIxDBkxa0uR
VUKHZYQifR89nwEU+RDcnwQoQxqMP5KBx+vfZ5Oa8nwEfj+iMedmZL+1UBQaiykr
hoQqACp425k5ujgYXmfFQJ1ME2Eukt6Gy1sbX9T6yi2Msbx8Nb6C4M3q+/K5bu39
B496DVO1riXA6Mchec7rjcr5L2X+A7vQKGP5RuvaiZM0O4qEODZFkIJfmJb5RbfE
eQ/kUG7E/ESE5+ZYPSxZz6tYeSVEx63eXRxv2xH517VoV42xAyodwWMPBtAqQXv1
o1bZxtHs9I0=
=Iw3a
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0564 – [Debian] busybox: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/esb-2021-0564-debian-busybox-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0564-debian-busybox-multiple-vulnerabilities

ESB-2021.0563 – [RedHat] rh-nodejs10-nodejs: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0563
                    rh-nodejs10-nodejs security update
                             16 February 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           rh-nodejs10-nodejs
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Provide Misleading Information  -- Remote/Unauthenticated
                   Reduced Security                -- Remote/Unauthenticated
                   Access Confidential Data        -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-15366 CVE-2020-15095 CVE-2020-8287
                   CVE-2020-8265 CVE-2020-8252 CVE-2020-8116
                   CVE-2020-7788 CVE-2020-7774 CVE-2020-7754
                   CVE-2020-7608  

Reference:         ESB-2021.0199
                   ESB-2021.0063
                   ESB-2020.4028

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:0521

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: rh-nodejs10-nodejs security update
Advisory ID:       RHSA-2021:0521-01
Product:           Red Hat Software Collections
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:0521
Issue date:        2021-02-15
CVE Names:         CVE-2020-7608 CVE-2020-7754 CVE-2020-7774 
                   CVE-2020-7788 CVE-2020-8116 CVE-2020-8252 
                   CVE-2020-8265 CVE-2020-8287 CVE-2020-15095 
                   CVE-2020-15366 
=====================================================================

1. Summary:

An update for rh-nodejs10-nodejs is now available for Red Hat Software
Collections.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

3. Description:

Node.js is a software development platform for building fast and scalable
network applications in the JavaScript programming language.

The following packages have been upgraded to a later upstream version:
rh-nodejs10-nodejs (10.23.1).

Security Fix(es):

* libuv: buffer overflow in realpath (CVE-2020-8252)

* nodejs-npm-user-validate: improper input validation when validating user
emails leads to ReDoS (CVE-2020-7754)

* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)

* nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788)

* nodejs-dot-prop: prototype pollution (CVE-2020-8116)

* nodejs: use-after-free in the TLS implementation (CVE-2020-8265)

* npm: sensitive information exposure through logs (CVE-2020-15095)

* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate
function (CVE-2020-15366)

* nodejs-yargs-parser: prototype pollution vulnerability (CVE-2020-7608)

* nodejs: HTTP request smuggling via two copies of a header field in an
http request (CVE-2020-8287)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1840004 - CVE-2020-7608 nodejs-yargs-parser: prototype pollution vulnerability
1856875 - CVE-2020-15095 npm: sensitive information exposure through logs
1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function
1868196 - CVE-2020-8116 nodejs-dot-prop: prototype pollution
1879315 - CVE-2020-8252 libuv: buffer overflow in realpath
1892430 - CVE-2020-7754 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS
1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability
1907444 - CVE-2020-7788 nodejs-ini: prototype pollution via malicious INI file
1912854 - CVE-2020-8265 nodejs: use-after-free in the TLS implementation
1912863 - CVE-2020-8287 nodejs: HTTP request smuggling via two copies of a header field in an http request

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source:
rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm

noarch:
rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm

ppc64le:
rh-nodejs10-nodejs-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.ppc64le.rpm

s390x:
rh-nodejs10-nodejs-10.23.1-2.el7.s390x.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.s390x.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.s390x.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.s390x.rpm

x86_64:
rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):

Source:
rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm

noarch:
rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm

ppc64le:
rh-nodejs10-nodejs-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.ppc64le.rpm

s390x:
rh-nodejs10-nodejs-10.23.1-2.el7.s390x.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.s390x.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.s390x.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.s390x.rpm

x86_64:
rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm

noarch:
rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm

ppc64le:
rh-nodejs10-nodejs-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.ppc64le.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.ppc64le.rpm

s390x:
rh-nodejs10-nodejs-10.23.1-2.el7.s390x.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.s390x.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.s390x.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.s390x.rpm

x86_64:
rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm

noarch:
rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm

x86_64:
rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm
rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-7608
https://access.redhat.com/security/cve/CVE-2020-7754
https://access.redhat.com/security/cve/CVE-2020-7774
https://access.redhat.com/security/cve/CVE-2020-7788
https://access.redhat.com/security/cve/CVE-2020-8116
https://access.redhat.com/security/cve/CVE-2020-8252
https://access.redhat.com/security/cve/CVE-2020-8265
https://access.redhat.com/security/cve/CVE-2020-8287
https://access.redhat.com/security/cve/CVE-2020-15095
https://access.redhat.com/security/cve/CVE-2020-15366
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYCq9DtzjgjWX9erEAQjdxRAAin6FEJyHizfEO+c4wwR2ZgXhSGqQb994
tDcin2W38t1c60+kviQA5gHf8OV/tGMoGXr+kjY8mfoudrWAKyO8uwTxt3ZIlBNu
RehUFnScPBi2AKbfQ8tQmf3fXAS7hpiajyzkFPPlz73JLVQ1tTgaQ8A9CwPcYfkt
W/Q+Q0+6e47CnNS+WzEGzPHxON626wtm0PAwYHFoA9kXbceS22GtY0mHaMGNqI9e
iXpvWuIRpNuymRE4b8uhDC6Fo4X1t3+BXePrWwIzOzTkUH6VmHDcCw4nKHf2zoe1
2sE+7FljArsoLHciMp1Ddkbd3TXUBqChttydsozL3WQ8IiiaR8FcYZmdEZ8suEJo
VK79qrVAEoWYKAjpYwLOnxqUCLzVAjrEzsXhVA8OgdAgFxKra7ZjLmOE/SnUK96r
mZQKM3K5i4kAPo7m9uJ/bBJYeb4vmC0Ekma5xEadDbqfl3QXmZJxUlc4gEQIz4je
Rbcy7At1nvhZuVwONInlYXYkg74U6SWOPlHZjpv6j8veLyTvpIs9bpQuuTc7Xn4s
FxTRxkPe9zwMfV7vtOGOUSADEgCwuVaciynkPfZD6MHLyGvABUrigsFPQ0Upi+v4
HuiHWfBMoqI/v9A0l4Iy2yJrkdc76aaODaaBB8dKUeI8DW/rGfXWBp5dgkiin/Rr
uCNMJQckAVw=
=ZoSY
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYCs6cuNLKJtyKPYoAQgxmw/7BU/oXneBZqMqkdCP2X0c1F3JIZHJCUPv
Fl2Dh08hfqxM/6VnJnwANs5BC6OqbCnSJBbbza9wlIu0dsMDPf55D/gdLLHVXaA+
MGFHoOAdhA391Z7SQZ2oFIhUqCtv+BspLEkt5tFy5ZikP+6azP8puA5nfIshAehT
6ssnJv8iFvultFP4menElQ8vhdeA28/76bNzdKsODraK8/+jL+/5piQDb15sIz74
zpiQkNrNHGwbHdFwlTy7jsWA8GufDOBARGPz5mjAwgBaaKChvao4AX0iaRMyafUb
FNsLI5f7OHlyhGMD9UD5wArbxtui4Y/UYY4sQ7rl8DBvi4T3YUTA239XHVuOTVUv
ItzpKhRZC6FT8X7eGUPh1daOqkZkLdotXV8L8iiBhOPdmrjbTiS2XujyBui5PnET
LdNCT858HB1QpCn42j1jrgwwyrprYbgBaTtmX+y+rBDRHZzLY8D4h8xOo2Dw3OpU
LHalpd4I1I2Qen4uySUqpHOfV+56ITQ0dXhyZsD6+ulUzQ/dkFOMrMh11chgndJS
e1WdUp5OcX9sEKXai1PE/vPP4T+8V/7CYbEc7RKw6gLH51oRp44p/ehhrTSKex9E
UvA5bKVJVk8pZfty1hlB8suRLA+D71E/BY7/5LYyhL6ndPzo55Ld8QN+jXimKZ7i
Pzdwb8PcKMg=
=sD+3
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0563 – [RedHat] rh-nodejs10-nodejs: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/02/16/esb-2021-0563-redhat-rh-nodejs10-nodejs-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0563-redhat-rh-nodejs10-nodejs-multiple-vulnerabilities