Ransomware, phishing, and Web application attacks all increased during a year in which the majority of attacks involved a human element.
The post 85% of Data Breaches Involve Human Interaction: Verizon DBIR appeared first on Malware Devil.
The volume and complexity of risks today’s organizations face are growing exponentially due to rapidly advancing technology and …
The post How to Choose the Right Risk Management Software appeared first on Hyperproof.
The post How to Choose the Right Risk Management Software appeared first on Security Boulevard.
The post How to Choose the Right Risk Management Software appeared first on Malware Devil.
Which industries saw the most phishing last year? These 5 did in a year of record-setting threat growth. See how to protect your business.
The post Which Industries Saw the Most Phishing Last Year? These 5 appeared first on Security Boulevard.
The post Which Industries Saw the Most Phishing Last Year? These 5 appeared first on Malware Devil.
According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key.
Read More
The post Colonial Pipeline Shells Out $5M in Extortion Payout, Report appeared first on Malware Devil.
The post Chrome: Insufficient fix for CVE-2021-21148 appeared first on Malware Devil.
The post How we bypassed bytenode and decompiled Node.js bytecode in Ghidra appeared first on Malware Devil.
The post From Binary Patch to Proof-of-concept: a VMware ESXi vmxnet3 Case Study appeared first on Malware Devil.
The post One-click reflected XSS in www.instagram.com due to unfiltered URI schemes leads to account takeover appeared first on Malware Devil.
Half of companies had at least one case of having all ports open to the public, while more than a third had an exposed database.
The post Firms Struggle to Secure Multicloud Misconfigurations appeared first on Malware Devil.
An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships.
Read More
The post Ransomware Going for $4K on the Cyber-Underground appeared first on Malware Devil.
The IT and OT security providers will integrate solutions aimed at improving critical infrastructure security
The post Dragos & IronNet Partner on Critical Infrastructure Security appeared first on Malware Devil.
This week, first we interview creator Alex Chaveriat on his “Hack Naked Story”, then we talk Attack Surface Mapping w/ AMASS, and we round out the show with the Security News!
→Full Show Notes: https://securityweekly.com/psw694
→Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4
→Visit our website: https://www.securityweekly.com
→Follow us on Twitter: https://www.twitter.com/securityweekly
The post 🔴 LIVE: Paul’s Security Weekly #694 appeared first on Malware Devil.
This week, first we interview creator Alex Chaveriat on his “Hack Naked Story”, then we talk Attack Surface Mapping w/ AMASS, and we round out the show with the Security News!
→Full Show Notes: https://securityweekly.com/psw694
→Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4
→Visit our website: https://www.securityweekly.com
→Follow us on Twitter: https://www.twitter.com/securityweekly
The post 🔴 LIVE: Paul’s Security Weekly #694 appeared first on Malware Devil.
Bruce Schneier explores the potential dangers of artificial intelligence (AI) systems gone rogue in society.
The post When AI Becomes the Hacker appeared first on Malware Devil.
New capabilities let admins restrict access to resources from privileged access workstations or regions based on GPS location.
The post Microsoft Adds GPS Location to Identity & Access Control in Azure AD appeared first on Malware Devil.
When it comes to the ABCs of website security server side scans and file integrity monitoring are the “A” and “B”. In fact, our server side scanner is one of the most crucial tools in Sucuri’s arsenal. It’s paramount in maintaining an effective security product for our customers and analysts alike.
This crucial tool handles tasks like issuing security warnings and alerts to our clients, notifying them that they have been compromised, and assisting our analysts in detecting new and emerging variants of malware.
Continue reading Server Side Scans and File Integrity Monitoring at Sucuri Blog.
The post Server Side Scans and File Integrity Monitoring appeared first on Security Boulevard.
The post Server Side Scans and File Integrity Monitoring appeared first on Malware Devil.
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1631
USN-4951-1: Flatpak vulnerability
13 May 2021
===========================================================================
AusCERT Security Bulletin Summary
———————————
Product: Flatpak
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Access Confidential Data — Existing Account
Reduced Security — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-21381
Reference: ESB-2021.1149
ESB-2021.1079
ESB-2021.0892
Original Bulletin:
https://ubuntu.com/security/notices/USN-4951-1
– ————————–BEGIN INCLUDED TEXT——————–
USN-4951-1: Flatpak vulnerability
12 May 2021
A Flatpak application could access files that it would not normally
be permitted to access.
Releases
o Ubuntu 20.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
Packages
o flatpak – Application deployment framework for desktop apps
Details
Anton Lydike discovered that Flatpak did not properly handle special tokens
in desktop files. An attacker could use this to specially craft a Flatpak
application that could escape sandbox confinement.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 20.10
o flatpak – 1.8.2-1ubuntu0.2
o libflatpak0 – 1.8.2-1ubuntu0.2
Ubuntu 20.04
o flatpak – 1.6.5-0ubuntu0.3
o libflatpak0 – 1.6.5-0ubuntu0.3
Ubuntu 18.04
o flatpak – 1.0.9-0ubuntu0.3
o libflatpak0 – 1.0.9-0ubuntu0.3
In general, a standard system update will make all the necessary changes.
References
o CVE-2021-21381
– ————————–END INCLUDED TEXT——————–
You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYJxThuNLKJtyKPYoAQhwww//ePWsiwSYs9+tul/s9d2l/ny/0opKcbM9
O3WlLls++GgYW/4t93Pfqs560hQIHBUAUA6oOL1qs2w8lbLJ4sw00DelUgra3Sgg
3sBlVgdocoLTolchzSaBMj6wZgOH/SgT3kJ8GA7iQuMtJ2qbS/A4RxmR3jL6hxL4
NBRO703elncGqVzB7icwQnj9yB8PB8ebi67vEgoT8lxFkZCLC3ikq5AmuhthVnCt
WeZUlwoYOE8kpuHZQxKE8VuwbYnWqi/1uITEk7L0YnYaq0E2xmerw/hqI1/xhrca
xjKHZC80Cl+sc6oaJbwkOTS47BmxmO8jdcn23YFJb5lm7gKFUDNODKQmADenVBzw
zQaK4qEKktTzeIq/+vr9el5MCy44YRDcg9jUHDWEN6hZPyFn6hBLPHUiiKBYby2m
+kD2CGTlSzxSrTKVtcYIAh0hRiqYzJa+8Q9soez9D1IwZrG3N+OdajUnIOlHlzci
q22UyGeIKHxtw6q3B9/qk0ZDehQ4gnXtovYrHCNGLR9MgFfJw6lFUQhzJaR7OHPU
We2P87XbyJc1IyvHx/uUYMD0KWAT5LSmCxXGDEE7p+WjpOJn1joJngA3p3GZJDBw
XDsSokrWshBOmAPAXThM+GCnwZSWhrge8iIZCDUotpvnHY5eMQsd4XkriEJtjpMR
1dIYA7tVSQ8=
=GnnB
—–END PGP SIGNATURE—–
The post ESB-2021.1631 – [Ubuntu] Flatpak: Multiple vulnerabilities appeared first on Malware Devil.
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1632
USN-4952-1: MySQL vulnerabilities
13 May 2021
===========================================================================
AusCERT Security Bulletin Summary
———————————
Product: MySQL
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Modify Arbitrary Files — Existing Account
Denial of Service — Existing Account
Read-only Data Access — Existing Account
Access Confidential Data — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-2308 CVE-2021-2307 CVE-2021-2305
CVE-2021-2304 CVE-2021-2301 CVE-2021-2300
CVE-2021-2299 CVE-2021-2298 CVE-2021-2293
CVE-2021-2278 CVE-2021-2232 CVE-2021-2230
CVE-2021-2226 CVE-2021-2217 CVE-2021-2215
CVE-2021-2212 CVE-2021-2208 CVE-2021-2203
CVE-2021-2201 CVE-2021-2196 CVE-2021-2194
CVE-2021-2193 CVE-2021-2180 CVE-2021-2179
CVE-2021-2172 CVE-2021-2171 CVE-2021-2170
CVE-2021-2169 CVE-2021-2166 CVE-2021-2164
CVE-2021-2162 CVE-2021-2154 CVE-2021-2146
Reference: ASB-2021.0074
ESB-2021.1106
ESB-2021.0956
ESB-2021.0606
Original Bulletin:
https://ubuntu.com/security/notices/USN-4952-1
– ————————–BEGIN INCLUDED TEXT——————–
USN-4952-1: MySQL vulnerabilities
12 May 2021
Several security issues were fixed in MySQL.
Releases
o Ubuntu 21.04
o Ubuntu 20.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
Packages
o mysql-5.7 – MySQL database
o mysql-8.0 – MySQL database
Details
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.25 in Ubuntu 20.04 LTS, Ubuntu 20.10, and
Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.34.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-34.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-24.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-25.html
https://www.oracle.com/security-alerts/cpuapr2021.html
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 21.04
o mysql-server-8.0 – 8.0.25-0ubuntu0.21.04.1
Ubuntu 20.10
o mysql-server-8.0 – 8.0.25-0ubuntu0.20.10.1
Ubuntu 20.04
o mysql-server-8.0 – 8.0.25-0ubuntu0.20.04.1
Ubuntu 18.04
o mysql-server-5.7 – 5.7.34-0ubuntu0.18.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References
o CVE-2021-2154
o CVE-2021-2293
o CVE-2021-2203
o CVE-2021-2299
o CVE-2021-2180
o CVE-2021-2308
o CVE-2021-2170
o CVE-2021-2217
o CVE-2021-2304
o CVE-2021-2307
o CVE-2021-2179
o CVE-2021-2208
o CVE-2021-2166
o CVE-2021-2215
o CVE-2021-2193
o CVE-2021-2194
o CVE-2021-2146
o CVE-2021-2232
o CVE-2021-2278
o CVE-2021-2305
o CVE-2021-2171
o CVE-2021-2298
o CVE-2021-2162
o CVE-2021-2169
o CVE-2021-2301
o CVE-2021-2164
o CVE-2021-2196
o CVE-2021-2201
o CVE-2021-2172
o CVE-2021-2226
o CVE-2021-2212
o CVE-2021-2300
o CVE-2021-2230
– ————————–END INCLUDED TEXT——————–
You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYJxUaONLKJtyKPYoAQg2Wg//VV4YY3CHFS/ffL9pRcNn2W3j0OGTtw3I
QvlWDwG/AJtIoFBlSdMbV4CugwDEWOC0gKH/3ZK4VyURyKocG40wqZMpvEp72fBr
q736w2vK/0IJRWVvxVjubJ/RVL4pKgjnJjYNJU0VcQD6+Kai+lhtj/uNroL2gl0z
ncgj4KDu/2qoQsbnQFubsvFkshKtZaNgIxhl8ovt+Ydr7SQ3yYFQUUraALtt5N2X
0Rc2SPGZo2rFBlyv/jfwIWGQYpR/6pHvAGnE4ziQEcvCPfXx6KpZocQZIdlHNSxX
W8wZ0tRamilzagCQGUaAJaaX5R5pXFOJ3rRg7ux8sZ3zGdS4z2P8nPjyx9m8EaGi
FTIj8T3xY7Ba8LVtkrh0oXzdikyo9uF7FFYVCCBI2yfri28tKiDkgcaTtQ9plvD4
twoXNZtUXiOEeURqJpUwoSar95lS0sVSycv2/oyNcjOUqPOCiJLBtEuvhsh6h4Xp
j9OzOFSMZb9zCTB+UIa8HMy3rGjf1xAWq6JdFyYmT6I50cdGk2wmTkpSbufb+dg1
UHrcJYWigHXeoEIXEuFx7YAwn3/zMKcmnQcUkDBoh9UdOO6QHg9VOhGjWqLois76
mY80fvmx1JJwNeTjIaS2eUeHCjQMg+lbztLjXyPXvc3A13S2idY7y8GFkQJag03a
EVcAPni7w6A=
=xLe/
—–END PGP SIGNATURE—–
The post ESB-2021.1632 – [Ubuntu] MySQL: Multiple vulnerabilities appeared first on Malware Devil.
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1633
Security update for openvpn-openssl1
13 May 2021
===========================================================================
AusCERT Security Bulletin Summary
———————————
Product: openvpn-openssl1
Publisher: SUSE
Operating System: SUSE
Impact/Access: Denial of Service — Remote/Unauthenticated
Access Confidential Data — Remote/Unauthenticated
Unauthorised Access — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-15078 CVE-2018-7544
Reference: ESB-2021.1521
Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-202114723-1
– ————————–BEGIN INCLUDED TEXT——————–
SUSE Security Update: Security update for openvpn-openssl1
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:14723-1
Rating: moderate
References: #1085803 #1185279
Cross-References: CVE-2018-7544 CVE-2020-15078
Affected Products:
SUSE Linux Enterprise Server 11-SECURITY
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for openvpn-openssl1 fixes the following issues:
o CVE-2020-15078: Fixed authentication bypass with deferred authentication
(bsc#1185279).
o CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in
the management interface (bsc#1085803).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Server 11-SECURITY:
zypper in -t patch secsp3-openvpn-openssl1-14723=1
Package List:
o SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64):
openvpn-openssl1-2.3.2-0.10.9.1
openvpn-openssl1-down-root-plugin-2.3.2-0.10.9.1
References:
o https://www.suse.com/security/cve/CVE-2018-7544.html
o https://www.suse.com/security/cve/CVE-2020-15078.html
o https://bugzilla.suse.com/1085803
o https://bugzilla.suse.com/1185279
– ————————–END INCLUDED TEXT——————–
You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYJxWbeNLKJtyKPYoAQhVEA/9HJWgFfrRRZolZEGGwcGYoNfZeoL+yDNj
iLHINef7Rhso0xBjY73OJ4n0VgRyiI/AxmBfxLGU5U2WNN70rzQpgVvAJPZQRNW4
+WCoNJ1xoPkeb6wJykhpgINrTfMMi2Qqowbk5b7f3JRnuzoxmAMlySgxxGw+/lrr
70KNYsCPZjAF173r1dIN3iy4zuQhcoS0jr2zhnGsUSDMzy7n/LZ75HM1l8l8Oqll
U2/fo9+m0ozSCy3cLuIISpk9/Hf3x5VEFW6RuP7r5bffcg26O8BtCAK9Mhd7a3aE
w1AE/oEljxI620oKnF668//5gvEEmCK7UlwYmwUkSJKX2puSfUDBoq5a3k4qsi+M
Wsi74UFxmdHywR5jgtRh7FunoLFzcOrB7WOpuc/9MIbnW0N91iw7NSRmk6WJo9it
BxlDHj5VBw99j2tdhWBCt1/LtSWEQwv9yoqhbohOHicFyZsgSApXJPleK04H5MYB
dBRF2WwW6J+kproQCiNQO7T8mev93qxZZ9MI46cBFFcpj2xxU8ASqN1tuXcJDiyE
aP89BiUfUeZozVHwBgifiwryo4+SfTpPxC6GRDTF8AeZECMV/Xyloa1MHAxEMrv1
m6rg4mm6xC1NDYbXzOrR06W9wAPVIQoED/oHcOZNSPreyKNgB4iHOc6TQZg/+o8+
m2Ct1xm4wso=
=Sx3t
—–END PGP SIGNATURE—–
The post ESB-2021.1633 – [SUSE] openvpn-openssl1: Multiple vulnerabilities appeared first on Malware Devil.
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1634
Security update for openvpn
13 May 2021
===========================================================================
AusCERT Security Bulletin Summary
———————————
Product: openvpn
Publisher: SUSE
Operating System: SUSE
Impact/Access: Denial of Service — Remote/Unauthenticated
Access Confidential Data — Remote/Unauthenticated
Unauthorised Access — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-15078 CVE-2020-11810 CVE-2018-7544
Reference: ESB-2021.1521
ESB-2020.1359
Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-20211577-1
https://www.suse.com/support/update/announcement/2021/suse-su-20211576-1
Comment: This bulletin contains two (2) SUSE security advisories.
– ————————–BEGIN INCLUDED TEXT——————–
SUSE Security Update: Security update for openvpn
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:1577-1
Rating: moderate
References: #1085803 #1169925 #1185279
Cross-References: CVE-2018-7544 CVE-2020-11810 CVE-2020-15078
Affected Products:
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP2
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for openvpn fixes the following issues:
o CVE-2020-15078: Fixed authentication bypass with deferred authentication
(bsc#1185279).
o CVE-2020-11810: Fixed race condition between allocating peer-id and
initializing data channel key (bsc#1169925).
o CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in
the management interface (bsc#1085803).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-1577=1
o SUSE Linux Enterprise Module for Basesystem 15-SP2:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-1577=1
Package List:
o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x
x86_64):
openvpn-2.4.3-5.7.1
openvpn-auth-pam-plugin-2.4.3-5.7.1
openvpn-auth-pam-plugin-debuginfo-2.4.3-5.7.1
openvpn-debuginfo-2.4.3-5.7.1
openvpn-debugsource-2.4.3-5.7.1
openvpn-devel-2.4.3-5.7.1
o SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 ppc64le s390x
x86_64):
openvpn-2.4.3-5.7.1
openvpn-auth-pam-plugin-2.4.3-5.7.1
openvpn-auth-pam-plugin-debuginfo-2.4.3-5.7.1
openvpn-debuginfo-2.4.3-5.7.1
openvpn-debugsource-2.4.3-5.7.1
openvpn-devel-2.4.3-5.7.1
References:
o https://www.suse.com/security/cve/CVE-2018-7544.html
o https://www.suse.com/security/cve/CVE-2020-11810.html
o https://www.suse.com/security/cve/CVE-2020-15078.html
o https://bugzilla.suse.com/1085803
o https://bugzilla.suse.com/1169925
o https://bugzilla.suse.com/1185279
– ——————————————————————————–
SUSE Security Update: Security update for openvpn
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:1576-1
Rating: moderate
References: #1085803 #1185279
Cross-References: CVE-2018-7544 CVE-2020-15078
Affected Products:
SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for openvpn fixes the following issues:
o CVE-2020-15078: Fixed authentication bypass with deferred authentication
(bsc#1185279).
o CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in
the management interface (bsc#1085803).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1576=1
Package List:
o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
openvpn-2.3.8-16.26.1
openvpn-auth-pam-plugin-2.3.8-16.26.1
openvpn-auth-pam-plugin-debuginfo-2.3.8-16.26.1
openvpn-debuginfo-2.3.8-16.26.1
openvpn-debugsource-2.3.8-16.26.1
References:
o https://www.suse.com/security/cve/CVE-2018-7544.html
o https://www.suse.com/security/cve/CVE-2020-15078.html
o https://bugzilla.suse.com/1085803
o https://bugzilla.suse.com/1185279
– ————————–END INCLUDED TEXT——————–
You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYJxawuNLKJtyKPYoAQiqpA//anc2cKapUdKdo2n12Ce7eBbC7ptwK50i
IdwKpFVCWYV27iAiJu8UnARPNCAz+t/MVGjq4hElbW/ea818HUCO+Y7aoRWUYrr4
WnJlVWQvymuSm0vDZ2Z59Rj/lKfP6ufE/+JwYFrDTrzrMoW7ChnWrWm72wuduCZh
ulQmNBCuLq3j57VhE55Uy5jDvxCzBHJB2xBLisZrQzL9OIUowmKFJoLGI6vVyUP0
KRJlLzzX0t2keAX1t5/azvh6idCjk+uMkHJFEesS3VIyswy34OyIxuqngW/pYqQm
YlnYeSXm+nfWSgTgt+XCD/fX6664q4ol6fHG2DVw2GahZ4zxF8DxJqZsUOs/mw/h
b6OSoV63rBvX00CupY7hZfFi8Z3x5kgRwFUDGHx1sIVzLskurBFzc0SgGaEl/cbI
GVvCi7+SHGe9nJxpg7wEfXY7Vkzd+McQzopPEUUy33DCBtmF2zD2YOIMrho24+RZ
5tfWYftoaGH0opJVZUO1jpsXu8LUnFyHWswZ/ghbBrHwoTzlCVL9mDY+z6LoXu1V
bI4Y5rEwjxj8yV6uHGIu57pzdmlROImWkMde3m3YReDlzgxXQoOoXwlbE5NIziuB
lwrRKdJhNhqWGpjTGxdzMKECARpJ+BX2YTD/SQi/oqicHdAleFsFo1nkpo5Q1Txq
18v3HWsHMxg=
=Eowg
—–END PGP SIGNATURE—–
The post ESB-2021.1634 – [SUSE] openvpn: Multiple vulnerabilities appeared first on Malware Devil.
In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...
