Wednesday, January 28th, 2015

Time	Event
12:19a	Highly critical “Ghost” allowing code execution affects most Linux systems (Ars Technica) Ars Technica has a report on GHOST, which is a critical vulnerability found in the GNU C library (glibc). "The buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that's invoked by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application. In a blog post published Tuesday, researchers from security firm Qualys said they were able to write proof-of-concept exploit code that carried out a full-fledged remote code execution attack against the Exim mail server. The exploit bypassed all existing exploit protections available on both 32-bit and 64-bit systems, including address space layout randomization, position independent executions, and no execute protections." While the proof-of-concept used Exim, a wide variety of client and server programs call gethostbyname*(), often at the behest of a remote system (or attacker). Distributions have started putting out updates; users and administrators should plan on updating as soon as possible. (Comment on this)
12:36a	GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems (Threat Post) Threat Post takes a look at a critical vulnerability in glibc. "The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls. “A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat." The vulnerability has been assigned CVE-2015-0235. (Comment on this)
5:47p	Security advisories for Wednesday CentOS has updated glibc (C7; C6; C5: code execution). Debian-LTS has updated eglibc (code execution). Mageia has updated busybox (arbitrary module loading), flash-player-plugin (multiple vulnerabilities), php (multiple vulnerabilities), privoxy (multiple vulnerabilities), and python-pillow (denial of service). Oracle has updated glibc (OL7; OL6; OL5: code execution). Red Hat has updated chromium-browser (RHEL6 Supplementary: multiple vulnerabilities), flash-plugin (RHEL5,6 Supplementary: multiple vulnerabilities), glibc (RHEL6,7; RHEL5; RHEL5.6, 5.9, 6.2, 6.4, 6.5: code execution), and kernel (RHEL6: denial of service). Scientific Linux has updated glibc (SL6,7; SL5: code execution) and kernel (SL6: denial of service). SUSE has updated glibc (SLE11, SLE10: code execution). Ubuntu has updated eglibc (12.04, 10.04: code execution), openjdk-6 (12.04, 10.04: multiple vulnerabilities), and openjdk-7 (14.10, 14.04: multiple vulnerabilities). (Comment on this)
10:16p	[$] Pettycoin and sidechaining At linux.conf.au 2015 in Auckland, Rusty Russell presented a talk about his personal side-project, Pettycoin. Russell had announced Pettycoin at LCA 2014; at that time it represented an untested concept: a way to attach a separate, Bitcoin-like network to the existing Bitcoin blockchain. Pettycoin's goal was originally to offer a simpler and faster "side network" that periodically reconnected to Bitcoin. In the intervening year, Russell made a lot of progress, but other new innovations in the Bitcoin arena have led him to question parts of the Pettycoin approach and consider a reimplementation. (Comment on this)

<< Previous Day

2015/01/28 [Calendar]

Next Day >>