Oracle Issued Critical Patch Update To Close 88 Security Hole

Oracle Issued Critical Patch Update To Close 88 Security Hole 

As part of its Critical Patch Update (CPU) Oracle released 88 security fixes addressing vulnerabilities in over 35 products in its portfolio. Last CPU of Oracle closed 78 security holes but this time the list added ten more so 78 became 88. Unlike Microsoft, which releases patches every month, Oracle follows a quarterly patch schedule across its entire product portfolio, excluding Oracle Enterprise Linux and Java. This April's Critical Patch Update contains six fixes for the Oracle Database Server, 11 for Oracle Fusion Middleware, 15 in Oracle Sun products, and six in MySQL, the company said in its CPU advisory released Apr. 17. Other affected suites include Oracle Enterprise Manager Grid Control, Oracle e-Business Suite, Oracle Supply Chain, Oracle PeopleSoft, Oracle Industry Applications, Oracle Financial Services, and Oracle Primavera Products.  There are 15 new security fixes for the Oracle Sun Products Suite, five of which could be remotely exploited without the need for a username or password. Of the 88 fixes, 33 were considered critical, meaning they could be remotely exploited without needing a username and password. In contrast, January's CPU had only 16 remote code execution vulnerabilities. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible," the company said in the advisory.  

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Oracle Issued Critical Patch Update To Close 88 Security Hole"https://www.voiceofgreyhat.com/2012/04/oracle-issued-critical-patch-update-to.html</a>

Linux Mint Debian 201109 Final (Gnome & Xfce) Released!

Linux Mint Debian 201109 Final Edition (Gnome & Xfce) Released.

What is LMDE:-

• Linux Mint Debian Edition (LMDE) is a rolling distribution based on Debian Testing.

• It’s available in both 32 and 64-bit as a live DVD with Gnome or Xfce.

• The purpose of LMDE is to look identical to the main edition and to provide the same functionality while using Debian as a base.

What’s new in this Release:-

• All Linux Mint 11 features

• Installer improvements (keyboard variants, locale, bug fixes, UUID in fstab)

• Update Packs, dedicated Update Manager and staged repositories

• GTK2/GTK3 theme compatibility

• Updated software and packages

Multi-core and multi-CPU support in 32-bit kernel:-

To guarantee compatibility with non-PAE processors, the 32-bit versions of Linux Mint Debian come with a 486 kernel by default. This kernel does not support SMP, and as a consequence is only able to detect one core and one CPU. If your CPU has multiple cores, or if you have more than one CPU, simply install the 686-PAE kernel and reboot your computer.

To download LMDE Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Linux Mint Debian 201109 Final (Gnome & Xfce) Released!"https://www.voiceofgreyhat.com/2011/09/linux-mint-debian-201109-final-gnome.html</a>

XSS in Oracle AS Portal 10g

I. VULNERABILITY
-------------------------
XSS in Oracle Portal Database Access Descriptor

II. BACKGROUND
-------------------------
Oracle AS Portal is a Web-based application for building and deploying
portals. It provides a secure, manageable environment for accessing
and interacting with enterprise software services and information
resources.

III. DESCRIPTION
-------------------------
Has been detected a reflected XSS vulnerability in Oracle Application
Server, that allows the execution of arbitrary HTML/script code to be
executed in the context of the victim user's browser.

The code injection is done through the DAD name. A DAD (Database
Access Descriptor) is a set of values that specifies how a database
server should fulfill a HTTP request.

IV. PROOF OF CONCEPT
-------------------------
Original request:
http://<oracle-application-server>/portal/pls/<DAD>

Malicious request:
http://<oracle-application-server>/portal/pls/<XSS injection>

Example 1:
http://<oracle-application-server>/portal/pls/"<H1>XSS vulnerability<XSS

In this scenario, the attacker has the difficulty of being unable to
close the HTML tag because he's can not add the character "/" as part
of the code injection (DAD name). However, it is possible to generate
that character without appearing in the injection. Below is an example.

Example 2:
http://<oracle-application-server>/portal/pls/"<img src=""
onmouseover="document.body.innerHTML=String.fromCharCode(60,72,84,77,76,62,60,72,49,62,88,83,83,60,47,72,49,62,32,60,72,50,62,86,85,76,78,60,47,72,50,62);"><XSS

V. BUSINESS IMPACT
-------------------------
An attacker can execute arbitrary HTML or script code in a targeted
user's browser, this can leverage to steal sensitive information as
user credentials, personal data, etc.

VI. SYSTEMS AFFECTED
-------------------------
Tested in Oracle Application Server Portal (Oracle AS Portal) 10g,
version 10.1.2. Other versions may be affected too.

VII. SOLUTION
-------------------------
Install last CPU (Critical Patch Update).

VIII. REFERENCES
-------------------------
http://www.oracle.com
http://www.isecauditors.com

IX. CREDITS
-------------------------
This vulnerability has been discovered
by Vicente Aguilera Diaz (vaguilera (at) isecauditors (dot) com).

X. REVISION HISTORY
-------------------------
August  11, 2010: Initial release
May     01, 2011: Final revision

XI. DISCLOSURE TIMELINE
-------------------------
August  11, 2010: Discovered by Internet Security Auditors
August  11, 2010: Oracle contacted including PoC.
August  12, 2010: Oracle inform that will investigate
                  the vulnerability.
April   19, 2011: Oracle fixed the vulnerability in the
                  CPU (Critical Patch Update).
May     01, 2011: Sent to lists.

XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is"
with no warranties or guarantees of fitness of use or otherwise.
Internet Security Auditors accepts no responsibility for any damage
caused by the use or misuse of this information.

XIII. ABOUT
-------------------------
Internet Security Auditors is a Spain based leader in web application
testing, network security, penetration testing, security compliance
implementation and assessing. Our clients include some of the largest
companies in areas such as finance, telecommunications, insurance,
ITC, etc. We are vendor independent provider with a deep expertise
since 2001. Our efforts in R&D include vulnerability research, open
security project collaboration and whitepapers, presentations and
security events participation and promotion. For further information
regarding our security services, contact us.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">XSS in Oracle AS Portal 10g"https://www.voiceofgreyhat.com/2011/05/xss-in-oracle-as-portal-10g.html</a>

Red Hat Enterprise Linux (RHEL) 6.2 Released

After RHEL 6.2 Beta now Red Hat the world’s leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 6.2. With this milestone, Red Hat includes many enhancements that deliver benefits spanning multiple areas, including performance and scalability. Red Hat Enterprise Linux 6 operating system achieved the largest multi-core Linux configuration results certified to-date on the two-tier SAP® Sales and Distribution (SD) standard application benchmark.1 Proven to perform and scale, Red Hat Enterprise Linux 6 effectively supports large, mission-critical enterprise computing environments.

Vice President and General Manager, Platform Business Unit at Red Hat, said, “The exciting features in Red Hat Enterprise Linux 6.2 with new impressive SAP® benchmark results allow our enterprise customers to have increased confidence that Red Hat Enterprise Linux 6 can run their enterprise workloads with high performance across physical, virtual and cloud computing environments.”

Enterprises can confidently migrate to the latest multi-core technology with Red Hat Enterprise Linux 6. On the latest two-tier SAP SD standard application benchmark, Red Hat Enterprise Linux 6 achieved more than 22,000 SAP SD benchmark users on a single system. On this same benchmark, the HP DL980 G7 system running Red Hat Enterprise Linux 6 fully utilized all 80 cores and 160 threads in the 8-processor system running MaxDB 7.8 and the SAP enhancement package 4 for the SAP ERP 6.0 application. This is the largest Linux result submitted to SAP to-date. The results demonstrate the capabilities of the HP ProLiant DL980 G7 8-processor system’s PREMA architecture and smart CPU caching technology. Results are as of December 2, 2011, certification number 2011052.

“Clients need solutions to automate, scale-up or virtualize their environments to best fit their business requirements,” said Martin Whittaker, vice president, Systems and Solutions Engineering, Enterprise Servers, Storage and Networking at HP. “Optimizing Red Hat Enterprise Linux on HP ProLiant DL980 systems extends the power of open source to HP Converged Infrastructure, delivering uptime, increased capacity and faster processing speeds.”

Red Hat Enterprise Linux 6.2 delivers significant improvements in resource management and high availability, as well as new features aimed at storage and file system performance and identity management. Red Hat Enterprise Linux 6.2 provides additional capabilities to manage system resources. For service providers or internal IT organizations that deliver applications or hosted services via multi-tenant environments, maximums can be set for CPU time associated with a given application, business process or a virtual machine. This allows for more efficient management of SLAs and enables the ability to implement service priorities, similar to those associated with network Quality of Service (QoS).

When an enterprise deploys its applications to run in a Red Hat Enterprise Linux 6.2 guest hosted by VMware, the applications can now be utilized for High Availability (HA) Add-Ons. This also includes full support for use of GFS2 shared storage file system by the virtual machines. The result is additional deployment flexibility for customers requiring HA within a portion of their virtualized environment, as well as full support for Red Hat Enterprise Linux on the VMware hypervisor.

Red Hat Enterprise Linux 6.2 adds enhancements to storage and file system features including full support of iSCSI extension for RDMA. Now, benefits of low latency and high throughput through a standard SAN implementation based on 10Gb Ethernet are available to even the most demanding storage environments. This allows customers to opt out of expensive Infiniband hardware or other dedicated interconnect fabrics. Other enhancements around file system include delayed meta data logging, asynchronous and parallel file system writes, as well as support for multiple active instances of Samba in a cluster which improves overall throughput and increases availability for large Samba clustered deployments.

Identity Management:-

In Red Hat Enterprise Linux 6.2 provides the administrative tools to quickly install, configure and manage server authentication and authorization in Linux/Unix enterprise environments, while still providing the option to interoperate with Microsoft Active Directory. This enables enterprises to manage Linux infrastructure easily and cost-effectively. Centralized identity management and host-based access control can reduce administrative overhead, streamlines provisioning and improves security.

Performance:- 

Is key to all customers. Red Hat Enterprise Linux 6.2 continues to put an emphasis on accelerating I/O such as network traffic steering to improve network throughput by as much as 30 percent in performance tests conducted by Red Hat and delivering numerous file system enhancements that reduce read-write times and boost overall system utilization.

Red Hat expects to deliver the beta for Red Hat Enterprise Linux 5.8 later this month. Also fully underway is development for Red Hat Enterprise Linux 7, the next major release of Red Hat Enterprise Linux. Red Hat received an outstanding response from all Red Hat subscribers – users and partners – for requested features coming from the recent Red Hat Enterprise Linux 7 Ideas discussion group posted on the Red Hat customer portal. This important feedback allows Red Hat to continue to make Red Hat Enterprise Linux a computing foundation for the next generation of operating system platforms.

For More Information, New Technical Features and Benefits document Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Red Hat Enterprise Linux (RHEL) 6.2 Released"https://www.voiceofgreyhat.com/2011/12/red-hat-enterprise-linux-rhel-62.html</a>

42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update Advisory

42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update (CPU) Advisory

The Oracle Corporation has released what it called a critical patch update for its Web-based Java programming language. Java SE software that fixes at least 42 security flaws in the widely-installed program and associated browser plugin. The Java update also introduces new features designed to alert users about the security risks of running certain Java content. The April patch, which targets 42 vulnerabilities, 19 of which have a severity rating of 10 (highest possible threat level) includes a majority of vulnerabilities that are currently being exploited. Among those 42 new security fixes across Java SE products of which 2 are applicable to server deployments of Java.  According to Oracle, “39 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.” Along with the fixes, Oracle changed the default setting of Java SE. Java applets will no longer run in a Web browser unless they have been digitally signed until a warning prompt is acknowledged. It has also extended how users will be alerted of other Java-related security issues. According to renowned security expert and blogger Brian Krebs - Java 7 Update 21 also introduces some new security warnings and message prompts for users who keep the program plugged into a Web browser (on installation and updating, Java adds itself as an active browser plugin). Oracle said the messages that will be presented depend upon different risk factors, such as using old versions of Java or running applet code that is not signed from a trusted Certificate Authority. Apps that present a lower risk display a simple informational message. This includes an option to prevent showing similar messages for apps from the same publisher in the future. Java applications considered to be higher risk — such as those that use an untrusted or expired certificate — will be accompanied by a prompt with a yellow exclamation point in a yellow warning triangle.

Affected Product Releases and Versions:-

Java SE	Patch Availability
JDK and JRE 7 Update 17 and earlier	Java SE
JDK and JRE 6 Update 43 and earlier	Java SE
JDK and JRE 5.0 Update 41 and earlier	Java SE
JavaFX 2.2.7 and earlier	JavaFX

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. As Java has been run by millions of devices and users across the globe, so we urge all of our readers to install and apply the security fixes to avoid any kind of threats. Note that - Oracle said that this week's security updates don't take care of all known flaws, they do address all known vulnerabilities currently being exploited in the wild. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update Advisory"https://www.voiceofgreyhat.com/2013/04/42-Java-Holes-Fixed-By-Oracle-CPU.html</a>

CloudCrack: An NVIDIA GPU-Accelerated Cryptanalysis Suite!

You must be aware of our previous posts such as – MOSCRACK and WPA Cracker. We now have another open source offering that is NOT a cracker, but a cryptanalysis suite that is written in CUDA – a parallel computing architecture.

CloudCrack is a GPU-enhanced cryptanalysis suite for cloud computing platforms such as the Amazon EC2 Cluster Compute cloud. It is a NVIDIA GPU-accelerated cryptanalysis suite written in CUDA, NVIDIA’s massively parallel concurrent programming language. CloudCrack contains custom CUDA multiprecision math libraries for storing a large target RSA modulus n in shared GPU memory, with each GPU core working as a parallel factoring process to break the target modulus.

CloudCrack is based upon a Pollard’s Rho factoring hybrid with an updated Brent cycle finder, and includes performance optimizations to the traditional Rho factoring method. The massively parallel design of the NVIDIA GPU architecture lends itself quite well to Pollard’s Rho, and the reduction sieve performance enhancements added with CloudCrack can reduce by several orders of magnitude the size of the keyspace required to search for a successful brute force attack against a large RSA target modulus n.

The only thing that will hurt us is that our small time home computers will not be able to support thisapplication. To run this open source software, you will need a Fermi capable GPU such as a GeForce GTS 450 or GTX 460 series, and a Linux-based NVIDIA CUDA (3.2 or better) development environment. RHEL 5.5 or Fedora 13 is preferred for maximum compatibility with future EC2 parameterized launch instances.  The most recent generation of consumer CUDA GPUs from NVIDIA contain hundreds of cores, each core of which can be utilized as a concurrent Rho factoringthread (the GTS 450 has 192 hardware cores; the GTX 460 has 336; and, the M2050/2060 Tesla series have 448 cores each). You ofcourse could rent them from Amazon, etc.

All this certainly sounds awesome and we are sure that there will be a spurt in cracking services. This software currently comes in two versions -

• REVA, which implements the Greatest Common Denominator (gcd) function on the GPU itself; currently there is a bug in the Montgomery math routines in the REVA gcd however.
• REVB includes reduction sieve performance enhancements but with the gcd function implemented on the host CPU, which requires about 25% of the PCIe bus bandwidth to shuffle targets from the GPU to the host CPU for the gcd test.

We can expect a REVC soon, which will include all of the performance enhancements inherent to the REVB fork, with a GPU-localized gcd like the architecture of REVA.

Download CloudCrack_REVA.tar.gz and CloudCrack_REVB.tar.gz or view the complete archivehere.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">CloudCrack: An NVIDIA GPU-Accelerated Cryptanalysis Suite!"https://www.voiceofgreyhat.com/2011/04/cloudcrack-nvidia-gpu-accelerated.html</a>

SUSE® Linux Enterprise 11 Service Pack 2 (SP2) Released

SUSE® Linux Enterprise 11 Service Pack 2 (SP2) Released
 

SUSE officially announced the general availability of SUSE® Linux Enterprise 11 Service Pack 2 (SP2). According to the official press release- With Service Pack 2, you get improved reliability, availability and serviceability and virtualization along with support for more third-party hardware. Because it's designed for interoperability and optimized for physical, virtual and cloud environments, SUSE Linux Enterprise Server paves the way for your future growth. It enables you to maximize the utilization of your existing IT resources and move easily from older physical servers to new, more powerful ones as they become available or your business needs change. SUSE Linux Enterprise Server is the most versatile and reliable Linux for mission-critical environments because we are committed to its continuous enhancement.

SUSE® Linux Enterprise 11 Service Pack 2 At a Glance:-
Improved Performance
Twenty percent faster through scheduler and memory management enhancements in the 3.0 Linux kernel:-

• Improved performance of compute and memory intensive workloads with support for transparent huge pages

• Faster network performance through transparent per-CPU load balancing on multi-queue devices

• Control groups enhancements—I/O throttling and memory cgroup controller optimization—for optimal performance

• 10x faster speeds with USB 3.0

Improved Reliability, Availability and Serviceability
Run SUSE Linux Enterprise Server with even greater confidence with these new features:-

• Support for new hardware RAS features, like CPU and memory off-lining

• btrfs support—improved services availability and data integrity with copy on write, integrated volume management, and checksums. New snapshot and rollback capabilities offer improved resilience

Better Security and Enhanced Hardware Support
Secure your environment, and grow rapidly—or at your own pace—with Service Pack 2 (SP2) enhancements that include:-

• Role based access controls in AppArmor®

• More powerful firewalls with faster packet filtering

• Support for fanotify—for improved support of third-party anti-virus solutions

• New drivers for over 500 of the latest CPUs, chipsets, networking devices and storage systems

More Robust Virtualization Capabilities
SP2 enables you to utilize resources more efficiently and migrate workloads to virtual and cloud environments with features such as:-

• Support for Linux Containers—high efficiency, low overhead OS virtualization

• Updated Xen 4.1 and KVM 0.15+ hypervisors

• Windows guest OS support in KVM

• Improved virtual machine guest OS performance with additional paravirtualized drivers for Xen, KVM, VMware vSphere and MSFT Hyper-V

For 60 Days Free 60-Day Evaluation Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">SUSE® Linux Enterprise 11 Service Pack 2 (SP2) Released"https://www.voiceofgreyhat.com/2012/03/suse-linux-enterprise-11-service-pack-2.html</a>

New enterprise security solutions for Sophos

IT security and data protection company Sophos has announced several new products on its enterprise security line-up, including a new light-weight mobile security platform designed for use on a wide range of mobile communication devices. Sophos Mobile Control provides protection on devices including Apple iPhones, iPads and Google Android and Windows Mobile devices. The system is designed to allow IT administrators to secure, monitor, and control configurations for smartphones running Apple iOS, Google Android and Windows Mobile operating systems. Sophos Mobile Control features a web-based console which allows IT administrators to centrally configure security settings, enable lockdown of unwanted features; and remote over-the-air lock or wipe if a device is lost or stolen. The web-based console is also designed to allow a constant monitoring of mobile devices to ensure consistent security policy enforcement, strong password policies and lock periods and ensure the control and installation of applications. The console also allows users to block the use of cameras, browsers, and sites such as YouTube. The service allows users to register new devices, lock or wipe devices on a self-service portal. It also controls access to corporate email via a secure gate allowing only properly secured and registered devices to access email. "Today, iPads, smartphones, and laptops are everywhere and connected to the web at all times. Mobile technology has allowed today's workforce to be far more productive but it has also opened up a new can of worms for IT teams as they must ensure that the data on those devices - especially the non-company-issues ones - are encrypted at all times no matter where the end user is. Sophos Mobile Control quickly and efficiently protects data on all iOS and Android mobile devices, giving those IT departments' peace of mind that their end users' devices are fully protected," said Matthias Pankert, head of Data Protection Product Management, Sophos. The second enterprise security product now available from Sophos is Sophos SafeGuard Enterprise 5.60, which provides encryption and data loss prevention (DLP) for desktops, laptops and removable media. SafeGuard is now designed to comprehensively manage all encryption options that fully support hardware drives, including Opal, software-based encryption, and hardware encrypted USB. It is also designed to manage enhancements to the latest versions of Sophos Endpoint Security and Data Protection. The new SafeGuard system is designed to provide up to 30 percent higher read/write throughput on solid state drives compared to the previous version. The software also reduces performance overhead with multiple central processing unit (CPU) processors running in parallel to minimise performance overhead of encryption and decryption, according to Sophos. It also includes active directory synchronisation; automatic event log; deletion; and enables scheduling of custom scripts for reoccurring tasks. "The explosion of smartphones and tablets, and especially the applications for these mobile devices, has pushed the presence of our corporate data even further out of the corporate data center.  The ability to protect our clients by maintaining security controls around this data is critical for businesses, especially financial services companies," said Pat Patterson, Information Security architect from Raymond James. The third software announcement from Sophos is the Sophos Endpoint Security and Data Protection 9.7 (Sophos ESDP), which id designed to deliver advanced labs intelligence via a single agent that enhances protection against zero-day and web-based threats along with real-time feedback to security and application policy settings via the cloud using Sophos Live Protection technologies. According to Sophos, the latest upgrade to Sophos ESDP (9.7) also includes encryption, data loss prevention, network access control, device control, application control, management, and reporting. The software is also designed to provide location-aware intelligent updating for mobile workers and extended tamper protection to help stop users from turning off key Sophos protection features, including anti-virus protection, updates, and client firewall. Sophes EDSP will also minimise computer CPU and disk I/O usage during while optimising  performance when users are active or away, according to the company. "IT organisations are facing unprecedented challenges securing their users, corporate data and infrastructure on consumer, mobile and cloud devices and platforms they do not own or control. It is incumbent upon security vendors to adapt and provide solutions that provide a full arsenal of protection against security threats and data loss, yet flexible and lightweight to protect users on any device, in any location," said Arabella Hallawell, vice president of Corporate Strategy, Sophos.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">New enterprise security solutions for Sophos"https://www.voiceofgreyhat.com/2011/05/new-enterprise-security-solutions-for.html</a>

Nessus 5.0.2 Vulnerability Scanner Released & Available For Download

Nessus 5.0.2 Vulnerability Scanner Released & Available For Download 

Earlier we have discussed several times about Nessus, a proprietary comprehensive vulnerability scanning tool. After almost six months, yet again Tenable Network Security officially announced the availability of Nessus 5.0.2. According to surveys done by sectools.org, Nessus is the world's most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable estimates that it is used by over 75,000 organizations worldwide. This update is largely a bugfix release, however a new build for Solaris 10 is now available. The major issues addressed in 5.0.2 include enhanced support for UTF8 encoding problems in reports and the detection of network congestion errors during scans more conservatively. 

Official Change Log for Nessus 5.0.2:- 

• UTF8 encoding problems would sometimes cause the generation of reports to fail 
• Fixed a case where generating some compliance checks reports would cause the scanner to hang, using 100% of the CPU 
• Resolved a resource leak issue occurring when a large number of different users are connected at the same time 
• Network congestion errors are now detected more conservatively 
• Upgraded libxml2, libxslt, openssl to their newest versions 
• Some nessusd.rules directives were not honored by the port scanners 
• Solaris 10 build

Other fixes:-

• Smarter max_hosts and global.max_hosts defaults
• Added support for named virtual hosts for IPv6
• Fixed a memory leak when mixing IPv4 and IPv6 targets
• Fixed the systemd control script (Fedora 16)
• Fixed a crash in nessus-mkcert on the command-line (Win32)
• Fixed a crash in localtime(), when passed an invalid argument (Win32)
• Fixed scratchpad_query() to allow NULL arguments
• PSSDK fix (Win32)

To Download Nessus 5.0.2 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Nessus 5.0.2 Vulnerability Scanner Released & Available For Download"https://www.voiceofgreyhat.com/2012/10/Nessus-5.0.2-Released-Available-For-Download.html</a>

SSLSmart- Ruby Based SSL Cipher Enumeration Tool

SSLSmart is a highly flexible and interactive tool aimed at improving efficiency and reducing the false positives during SSL testing. Among other things, SSLSmart simply an advanced and highly flexible Ruby based smart SSL cipher enumeration tool. It is an open source, cross platform, free tool. It was programmed because a number of tools on the Windows platform allow users to test for supported SSL ciphers suites, but most only provide testers with a fixed set of cipher suites. Further testing is performed by initiating an SSL socket connection with one cipher suite at a time, an inefficient approach that leads to false positives and often does not provide a clear picture of the true vulnerability of the server. SSLSmart is designed to combat these shortcomings.

Features:-

• Content Scan (default): Exact server response can be seen in HTML and Text forms for each cipher suite selected for the test URL. Basically, it shows various server error messages received for weak cipher suites from live systems.
• CONNECT Scan: Focuses only on success or failure of SSL socket connection with various cipher suites. This behavior does not offer any advantage over existing SSL testing tools and is thus likely to have similar issues with false positives. However, this scan is faster and consumes fewer network and CPU resources.
• Dynamic Cipher Suite Support: Most SSL testing tools provide a fixed set of cipher suites. SSLSmart hooks into Ruby OpenSSL bindings and offers dynamic “on the fly” cipher suite generation capabilities.
• Certificate Verification: SSLSmart performs server certificate verification. It uses the Firefox Root CA Certificate4 repository to perform Root CA verification. Additional Root CA Certificates can be added to the rootcerts.pem file or a custom .pem file can be supplied for Root CA Certificate verification.
• Proxy Support: SSLSmart provides web proxy support. For results to be accurate, it is important to use a transparent proxy5.
• Reporting: Reports can be generated in XML, HTML and Text formats along with their verbose versions. Verbose report versions include complete application response for each cipher suite and full details of the server certificate.
• API’s: Monkey patched Ruby API’s that form the backbone of SSLSmart can be consumed to write custom Ruby scripts for quick tests. These API’s can be consumed by users who work with the SSLSmart gem.

Supported Platforms:-

SSLSmart has been tested to work on the following platforms and versions of Ruby:

Windows: Ruby 1.8.6 with wxruby6 (2.0.0) and builder7 (2.1.2).

Linux: Ruby 1.8.7/1.9.1 with wxruby (2.0.0) and builder (2.1.2).

To Download SSLSmart Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">SSLSmart- Ruby Based SSL Cipher Enumeration Tool"https://www.voiceofgreyhat.com/2012/01/sslsmart-ruby-based-ssl-cipher.html</a>

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

German hackers group, widely known as THC -The Hacker's Choice released an comprehensive attack toolkit for the IPv6 protocol suite named 'THC-IPv6 Attack Toolkit'. THC is the first group who is releasing such attacking tool for IPv6 protocol. According to the release note this is  a complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. 

Features at a Glance:- 

• parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)
• alive6: an effective alive scanng, which will detect all systems listening to this address
• dnsdict6: parallized dns ipv6 dictionary bruteforcer
• fake_router6: announce yourself as a router on the network, with the highest priority
• redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer
• toobig6: mtu decreaser with the same intelligence as redir6
• detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc.
• dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS).
• trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
• flood_router6: flood a target with random router advertisements
• flood_advertise6: flood a target with random neighbor advertisements
• exploit6: known ipv6 vulnerabilities to test against a target
• denial6: a collection of denial-of-service tests againsts a target
• fuzz_ip6: fuzzer for ipv6
• implementation6: performs various implementation checks on ipv6
• implementation6d: listen daemon for implementation6 to check behind a fw
• fake_mld6: announce yourself in a multicast group of your choice on the net
• fake_mld26: same but for MLDv2
• fake_mldrouter6: fake MLD router messages
• fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
• fake_advertiser6: announce yourself on the network
• smurf6: local smurfer
• rsmurf6: remote smurfer, known to work only against linux at the moment
• sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice.
• thcping6: sends a hand crafted ping6 packet [and about 25 more tools for you to discover]

For detailed information about the usage, library interface & so on click here. To Download THC-IPv6 Attack Toolkit Click Here (Linux Only). For those who are hearing the name THC first time, we want to give you reminder that before this tool, this German hackers group published few other hack tools like Hydra (Fastest Login Cracker), THC SSL Dos and so on. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6"https://www.voiceofgreyhat.com/2012/10/THC-IPv6-Attack-Toolkit.html</a>

Another DoS fix for Apache HTTP server

The update of the Apache HTTP Server (httpd) to version 2.2.18 earlier this month to close a denial of service (DoS) problem appears to have exposed a related DoS vulnerability. The developers have nowreleased httpd 2.2.19 to fix this new problem which has been rated as moderately critical; however, as with the previous DoS vulnerability, it requires that mod_autoindex is enabled in the web server.

It appears that the updated Apache Portable Runtime (APR) 1.4.4 – which was bundled with the server to correct the denial of service vulnerability – could cause httpd workers to enter a 100% CPU utilising hung state when calling apr_fnmatch. An update to APR, version 1.4.5, which resolves the issue has been released by the APR developers and is bundled with Apache HTTP Server 2.2.19. Users can upgrade to httpd 2.2.19 or, if running httpd 2.2.17 or earlier, work around the denial of service problem by using the "IgnoreClient" option of the "IndexOptions". The problem was first noted and tracked on Debian mailing lists.

The developers also took the opportunity to fix an inadvertently changed function signature for ap_unescape_url_keep2f which had broken binary compatibility with some third party modules. The 2.2.19 update to httpd is available to download from the project's download page. The updated APR 1.4.5 is also available for download for developers who use the library in other projects.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Another DoS fix for Apache HTTP server"https://www.voiceofgreyhat.com/2011/05/another-dos-fix-for-apache-http-server.html</a>

Red Hat Announced Beta of Red Hat Enterprise Linux (RHEL) 6.3

Red Hat Announced Beta of Red Hat Enterprise Linux 6.3

Just over four months after the release of Red Hat Enterprise Linux (RHEL) 6.2, developer at RedHat has made a beta of version of RHEL 6.3 available. This beta includes a broad set of updates to the existing feature set and also provides rich new functionality particularly in the areas of virtualization, scalability, storage, file systems, and security. As always, the Red Hat Enterprise Linux 6.3 beta delivers new hardware enablement made possible by our strong relationships with our strategic hardware partners. This beta release has been designed for optimized performance, scalability, and reliability to cater to the diverse workloads running in physical, virtual and cloud environments.

Key Features in the Red Hat Enterprise Linux 6.3 Beta:-

Virtualization-

• A new tool called Virt-P2V that facilitates the conversion of physical Windows or Red Hat Enterprise Linux systems into virtual images to be deployed as KVM guests inside Red Hat Enterprise Linux or Red Hat Enterprise Virtualization.

• Stronger compliance with Payment Card Industry Data Security Standards (PCI-DSS), including the ability to perform secure wipes of virtual machine disks.

• The ability to perform live volume resizing, improving the overall availability of virtualized guests.

Scalability-

• The maximum number of virtual CPUs (vCPUs) has been increased from 64 to 160, which lets you run larger CPU-intensive workloads on the Red Hat Enterprise Linux platform. VMware ESX 5.0 currently support 32 vCPUs.

• The maximum supported memory configuration for KVM guests has been increased from 512GB to 2TB.

File Systems-

• GFS2 enhancements that create faster read-write capabilities for specific use cases.

• Support of O_Direct in FUSE (Filesystem in User Space), which can provide improved performance for certain workloads.

• Simplified configuration and administration for the file system. Integration of automount capability with System Security Services Daemon (SSSD) provides centralized management of configuration data and the ability to improve performance through caching and load balancing. (This feature is a Technology Preview.)

Storage-

• Red Hat Enterprise Linux 6.3 provides full support for Fibre Channel over Ethernet (FCoE) Target. This feature, which was previously provided as a Technology Preview, allows customers to present their Red Hat Enterprise Linux servers as FCoE storage devices. This feature complements the FCoE Initiator support that was delivered in Red Hat Enterprise Linux 6.0.

• The Logical Volume Manager (LVM) now provides support for RAID levels 4, 5, and 6. (Previously, support for these RAID levels was provided through the MD subsystem.) This expanded LVM RAID support simplifies overall storage administration by consolidating all management functions, such as creating volumes, resizing volumes, deploying RAID, taking snapshots, etc., into a single interface. (This feature is a Technology Preview.)

• The LVM now provides the ability to create thin provisioned logical volumes. Previously, storage was allocated when the volume was created, and needed to be monitored for space consumption and expanded manually. In Red Hat Enterprise Linux 6.3, storage is allocated as required, allowing volumes to expand up to the requested size on demand without intervention. (This feature is a Technology Preview.)

Security-

• Availability of a two-factor authentication mechanism, enhancing the overall security available to lock down Red Hat Enterprise Linux environments and enabling compliance with industry standards such as PCI-DSS.

• Expansion of the Advanced Encryption Standard (AES) to provide particular benefits for system performance on multi-processor machines.

Identity Management-

• With native support for netgroups and the services map in System Security Services Daemon (SSSD), Red Hat Enterprise Linux servers can be integrated into centralized systems -- such as Active Directory -- to manage system users.

• The addition of an automembership plug-in streamlines the administration of new users and hosts when they are added into the Identity Management system by automatically placing them into a predefined set of groups, speeding user and host provisioning.

• Performance improvements through session data caching, which lowers the overall load on authentication servers.

Hardware Enablement-

• Software bandwidth management for USB 3.0 for select Intel platforms is now available.

• Compiler optimization for Intel Xeon E5 processor family, which improves the result of string operations, is now included.

• Improvements to memory and I/O breakpoint execution operations within compiler tools are now included.

Developer Tools-

• With the introduction of OpenJDK 7, customers can develop and test with the latest version of open source Java.

To Download Red Hat Enterprise Linux 6.3 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Red Hat Announced Beta of Red Hat Enterprise Linux (RHEL) 6.3"https://www.voiceofgreyhat.com/2012/04/red-hat-announced-beta-of-red-hat.html</a>

Vulnerability Found in HTC Android Devices, Leaking Personal Data

Massive Security Vulnerability found in HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails Addresses, and many more.

Vulnerability:-
In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users' devices, easier remote analysis, corporate evilness - it doesn't matter. If you, as a company, plant these information collectors on a device, you better be DAMN sure the information they collect is secured and only available to privileged services or the user, after opting in.

That is not the case. What Trevor found is only the tip of the iceberg - we are all still digging deeper - but currently any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:-

• the list of user accounts, including email addresses and sync status for each

• last known network and GPS locations and a limited previous history of locations

• phone numbers from the phone log

• SMS data, including phone numbers and encoded text (not sure yet if it's possible to decode it, but very likely)

• system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info

Normally, applications get access to only what is allowed by the permissions they request, so when you install a simple, innocent-looking new game from the Market that only asks for the INTERNET permission (to submit scores online, for example), you don't expect it to read your phone log or list of emails.
But that's not all. After looking at the huge amount of data (the log file was 3.5MB on my EVO 3D) that is vulnerable to apps exploiting this vulnerability all day, I found the following is also exposed (granted, some of which may be already available to any app via the Android APIs):

•     active notifications in the notification bar, including notification text

•     build number, bootloader version, radio version, kernel version

•     network info, including IP addresses

•     full memory info

•     CPU info

•     file system info and free space on each partition

•     running processes

•     current snapshot/stacktrace of not only every running process but every running thread

•     list of installed apps, including permissions used, user ids, versions, and more

•     system properties/variables

•     currently active broadcast listeners and history of past broadcasts             received

•     currently active content providers

•     battery info and status, including charging/wake lock history

•     and more

Affected Phones:-

•     EVO 4G

•     EVO 3D

•     Thunderbolt

•     EVO Shift 4G?

•     MyTouch 4G Slide?

•     the upcoming Vigor?

•     some Sensations?

•     View 4G?

•     the upcoming Kingdom?

Note: Only stock Sense firmware is affected - if you're running an AOSP-based ROM like CyanogenMod, you are safe.

Here is Video to Show you  The HTCLoggers.apk Vulnerability:-

HTC's Response:-

After finding the vulnerability, Trevor contacted HTC on September 24th and received no real response for five business days, after which he released this information to the public (as per RF full disclosure Policy). In my experience, lighting fire under someone's ass in public makes things move a whole lot faster, which is why responsible disclosure is a norm in the security industry. (This is where we come in.)
As far as we know, HTC is now looking into the issue, but no statement has been issued yet. HTC, you got yourself into this mess, and it's now up to you to climb out of the hole as fast as possible, in your own interest. The ball is in your court.

-News Source (Android Police)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Vulnerability Found in HTC Android Devices, Leaking Personal Data"https://www.voiceofgreyhat.com/2011/10/vulnerability-found-in-htc-android.html</a>

Sabayon Linux 6 Core

After the release of Sabayon Linux 6, Fabio Erculiani is proud to announced the immediate availability for download of four Core editions of the Sabayon Linux operating system. Sabayon Linux 6 Core editions are designed for Linux experts and advanced users that want to set up a home server or create their very own operating system, based on Sabayon.
The four newly updated editions of Sabayon Linux 6 are: SpinBase, CoreCDX, ServerBase and OpenVZ. While the SpinBase and ServerBase editions allow users to make Sabayon spins or set up a home server, the CoreCDX edition allows users to easily obtain a minimal graphical environment of Sabayon.

Highlights of Sabayon Linux 6 Core:-

 

· Linux kernel 2.6.39 optimized for desktop usage;
· Small ISO images that can be booted from CD or USB stick;
· EXT4 filesystem as deafult;
· Support for Btrfs filesystem;
· Ready for Portage and Entropy (allows access to lots of installable apps);
· OpenVZ-enabled, Server-optimized and Vserver-enabled kernels available in the default repositories;
· Entropy Framework 1.0 Alpha 14;
· Easy customizable system after installation (GNOME or KDE SC desktop environments can be installed in no time);
· Fast installation process (guaranteed to take less than 5 minutes).

In order to run the Sabayon Linux Core 6 Edition on your system, make sure that you meet the minimum requirements:

· Intel Pentium Pro, Celeron, AMD K6-2, Pentium II/III or AMD Athlon CPU;
· 128 MB of RAM;
· 2-3 GB of free hard disk space;
· Supported 2D video card;
· a CD reader or USB flash drive.

To Download Sabayon Linux 6, Click HERE

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Sabayon Linux 6 Core"https://www.voiceofgreyhat.com/2011/07/sabayon-linux-6-core.html</a>

Critical Security Holes In Oracle Database

A serious vulnerability found by security researchers on oracle databases. An attacker can perform SQL injection attacks and other advanced attacks, thus they can gain full privilege & traction said security researchers. Is Oracle just paying lip service to database security? Some researchers within the database community think so, complaining that as the software juggernaut has grown with acquisitions, such as the blockbuster Sun deal, it hasn't maintained enough resources to securely develop database products and resolve vulnerabilities disclosed by researchers in a timely fashion.

"I would say easy fixes get done pretty quickly, within three to six months, but things that are harder and need some changes in architecture or have an impact on customers where customers have to make some changes to their products, to their software that uses the databases, those things don't get done in the CPU," said Alex Rothacker, manager of Application Security's research arm, TeamSHATTER. "We have a vulnerability disclosed where basically we can brute force any user's password ... we reported this two years ago and they haven't fixed it yet." 

 It's a complaint lodged by many researchers, who say that even as Oracle publicly states it wants to work with the research community to fix database issues, it isn't putting its shoulder into the effort. The numbers show that the proportion of quarterly critical patch updates for Oracle database products has diminished considerably over the last two years.

While some might come to the conclusion that there are fewer updates because Oracle's products are getting more secure, researchers say this trend has occurred simultaneously as the window between disclosure of vulnerabilities and patch releases for them has grown wider.

"They respond immediately and say 'Thank you very much for the information' and so on, but it sometimes takes more than a year to actually release a patch," said Slavik Markovich, VP and CTO of database security for McAfee. "I get the feeling that they don't invest enough or have enough people working on this so it takes a long time to patch." In the meantime, too, new database products--some of them security related, even--are released with the same type of vulnerabilities that researchers have been alerting Oracle to for years.   

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Critical Security Holes In Oracle Database"https://www.voiceofgreyhat.com/2011/12/critical-security-holes-in-oracle.html</a>

Linux 3.2 kernel Arrived With Lots Of Prominent Features

Finally Linux 3.2 kernel has been released. The whole process get delayed because Linux Repository Kernel.org was breached on August 2011 and later it was kept for maintenance for a long day. After certain time Kernel.org came live with with Linux kernel 3.0.4. And now we have the latest one 3.2 kernel though the last stable version is 3.1.7. 

Summary:-  This release includes support for Ext4 block sizes bigger than 4KB and up to 1MB, which improve performance with big files; btrfs has been updated with faster scrubbing, automatic backup of critical filesystem metadata and tools for manual inspection of the filesystems; the process scheduler has added support to set upper limits of CPU time; the desktop reponsiveness in presence of heavy writes has been improved, TCP has been updated to include an algorithm which speeds up the recovery of the connection after lost packets; the profiling tool "perf top" has added support for live inspection of tasks and libraries and see the annotated assembly code; the Device Mapper has added support for 'thin provisioning' of storage, and a new architeture has been added: the Hexagon DSP processor from Qualcomm. Other drivers and small improvements and fixes are also available in this release. 

Prominent Features:-

• Ext4: Support for bigger block sizes
• Btrfs: Faster scrubbing, automatic backup of tree roots, detailed corruption messages, manual inspection of metadata
• Process bandwith controller
• New architecture: Hexagon
• Thin provisioning and recursive snapshots in the Device Mapper
• I/O-less dirty throttling, reduce filesystem writeback from page reclaim
• TCP Proportional Rate Reduction
• Improved live profiling tool "perf top"
• Cross memory attach
• Driver and architecture-specific changes
• File systems :- [Ext4, Ext3, CIFS, Btrfs, JFFS2, EXOFS, NFS, GFS2, SQUASHFS]
• Memory management
• Networking
• Device Mapper
• Power management
• Virtualization
• Crypto
• Security
• Tracing/profiling

To Download The Full Source Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Linux 3.2 kernel Arrived With Lots Of Prominent Features"https://www.voiceofgreyhat.com/2012/01/linux-32-kernel-arrived-with-lots-of.html</a>

Red Hat Enterprise Linux (RHEL) 6.2 Beta Released

 

Beta for Red Hat Enterprise Linux 6.2 is now available. This beta includes a broad set of updates to the existing feature set and also provides rich new functionality particularly in the areas of performance and scaling, identity management, high availability, advanced storage, and networking. As always, this beta delivers new hardware enablement made possible by our strong relationships with our strategic hardware partners. This beta release has been designed for optimized performance, scalability and reliability to cater to the diverse workloads running in physical, virtual and cloud environments.
The key benefits for organizations working with this beta for Red Hat Enterprise Linux 6.2 are operational efficiency realized through enterprise management and monitoring, along with enhanced business agility through additional support for virtualized and clustered deployments.

Key functionality in this beta for Red Hat Enterprise Linux 6.2 are as follows:-

Performance and Scaling:-

• Kernel-level optimizations implemented in the process scheduler, networking, virtualization, and I/O subsystems.

• Faster creation of ext4 file systems and improved response times in XFS for certain workloads.

• Improved CPU controller scalability and enhanced resource management features to set processor utilization ceilings.

Identity Management:-

• Centralized identity management for the flexible management of users, roles, policies, and authentication services.

• New capabilities for the unification of Kerberos ticketing, DNS naming, user and group ids, and Linux systems policies into a single service.

High Availability:-

• Support for Red Hat Enterprise Linux 6 guests on VMware® hosts and comprehensive support for the GFS2 shared storage file system have been added to the High Availability Add-on Product, creating a more tightly integrated environment.

• Full support for the UDP-unicast protocol which reduces administration overhead, resulting in easier cluster deployment.

Advanced Storage:-

• World Wide Name (WWN), or World Wide Identifier (WWID), for storage devices making it easier to identify them during installation for users utilizing Storage Area Networks (SAN) and other advanced network topologies.

• Within production environments using infiniband – where high throughput and low latency are key requirements – Red Hat Enterprise Linux can now be purposed as an iSCSI initiator and storage server.

Networking:-

• Transmit Packet Steering (XPS) capabilities which improve network packet transmission throughput by 30%.

To See the Official Release Note of Red Hat Click Here

For Download Click Here

-News Source (RedHat)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Red Hat Enterprise Linux (RHEL) 6.2 Beta Released"https://www.voiceofgreyhat.com/2011/10/red-hat-enterprise-linux-rhel-62-beta.html</a>