A researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google's Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises.
View 2 RepliesI was just wondering wether a directory (I know thats just a special file) could be a security problem, as they have execute permissions? Could an exploit be attached to a directory. Has this ever happened?
View 1 Replies View RelatedI've got a user getting heavily spammed but other users on the same domain are fine, it all started last night here's some info...
-rwsr-xr-x 1 root root 700492 Jun 8 18:18 exploit
I've got loads of these in 'top'
5975 dovecot 15 0 3712 1712 1432 S 0.0 0.2 0:00.00 imap-login
and these in ps dovecot
dovecot 5250 5533 0 13:05 ? 00:00:00 pop3-login
root 5533 1 0 11:21 ? 00:00:00 /usr/sbin/dovecot
root 5534 5533 0 11:21 ? 00:00:00 dovecot-auth
dovecot 5663 5533 0 12:15 ? 00:00:00 pop3-login
ps exim i've got
Code:
mail 19725 32303 0 15:03 ? 00:00:00 /usr/sbin/exim -bd -q15m -oP /var/run/exim.pid
mail 19732 19725 0 15:03 ? 00:00:00 [exim] <defunct>
mail 20142 19725 0 15:03 ? 00:00:00 [exim] <defunct>
[code]....
I've been looking awhile now, but no patch for this is yet to be found. Does anyone have more info, or better, a fix? Last version from GNU's ftp server is also vuln as of this writing.
View 3 Replies View RelatedI've scanned my computer (I'm using Ubuntu 8.04 Hardy Heron) and ClamAV has issued it has found a virus called Exploit.PDF-9669. What seems strange to me is that such a warning always happens (or, at least, in the most cases) in the same folder tree "sys" and ClamAV issues the very same virus/malware warning (Exploit.PDF-9669).
An example:
sys/devices/virtual/vtconsole/vtcon0/uevent: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/address: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/broadcast: Exploit.PDF-9669 FOUND
sys/devices/LNXSYSTM:00/device:00/uevent: Exploit.PDF-9669 FOUND
My ClamAV version is 0.94.2/10275/Fri Jan 8 22:06:46 2010. It has been not updated since I installed Hardy in my computer last year. Is my computer in danger?
I read this morning that MicroSoft and Adobe Flash released a huge security update to counter the threat of malicious apps taking over systems. Included in the fix was Excel spreadsheets. Apparently a hacker could send a spreadsheet that if opened could remotely take over your machine. I opened my update manager and there was a sizable Open Office and Java update.
Question: Are Linux/Ubuntu machines susceptible to the security flaws?
Question: Since Adobe Flash is considered proprietary and not updated through the Ubuntu update manager, do I have to manually update that package?
I am using Android 2.1 froyo. I also installed adobe flash player 10.2 from the Android Market place. The default web browser on the tablet seems to crash when I it encounters flash that is multimedia like audio and video. It's funny how flash works great with linux distributions and not well in android. Does anyone know which version of android and/or web browser works best with flash so the crashes are minimal.
View 2 Replies View RelatedQuote:
In this video, Tim Armstrong, a malware researcher at Kaspersky Lab talks with Ryan Naraine about the strengths and weaknesses of the Android operating system. Armstrong looks at strengths and weaknesses of the open-source platform and warns about the risks associated with jailbreaking/rooting Android devices.
Http://www.breitbart.com/article.php...show_article=1
I just read the above article. Someone in Communist China has found a way to create a virus in the Android operating system. Android is a Linux fork.
It looks as though the virus is quite specific: it only works on certain apps downloaded from Communist China. I'm hoping that the Google Android version of Linux is different enough from the standard Linux it was "forked" off of that it will be of no concern to we desktop Linux users.
Does this mean that we Linux users must begin running anti-virus software as a continuous process now? What is the chance standard distros will be affected?
I was thinking about using Subsonic to stream music from my Gentoo system to my Android phone. Does this create security concern by allowing someone to hack in to my Gentoo system?
View 3 Replies View RelatedI installed everything and am running android OS on Ubuntu (using androidphonedriver guide). The problem I'm having now is that I don't know how to install android market application to be able to install other apps like opera etc.).
View 1 Replies View RelatedI need assistance with my Snort Installation. I used Bodhi Zazen's Network Intrusion Detection System post and found it easier than the previous time I had done it. I am currently running Ubuntu 10.04 server and Snort 2.8.6.1 with BASE 1.4.5. I followed Bodhi Zazen's instructions and when I tested snort it ended with a Fatal Error due to ERROR: /etc/snort/rules/exploit.rules(264) => 'fast_pattern' does not take an argument
Fatal Error, Quitting.. Here is the entire output once I ran the test command: snort -c /etc/snort/snort.con -T Running in Test mode
[Code]...
Dan Rosenberg has issued another Linux Kernel Exploit with PoC described in LWN [URL] I have tested that this exploit is not working on -Current (custom kernel, 2.6.36.1), which is good sign that Slackware is already immune of those problems.
View 12 Replies View Relatedim using firefox 3.5.7 with ubuntu 9.10 but firefox since 3.5.6 and 3.5.7 keeps crashing a lot-just now it crashed my entire system-the whole screen went black. So to that end is use of opera or chrome secure for ubuntu?
View 9 Replies View Relatedhow to cross-reference it but searching on 'Could not initialize the browser's security component' will find it. Then look at the last 3 entries. Me and two other users have been unable to use Thunderbird since yesterday's update.
View 2 Replies View RelatedOk i think Tor has some way of making the dns queries anonymous by default. I did the DNS nameserver spoofablity test here at [URL] and the results i got showed about 30 different dns servers. Normally when i carry out this test on my standard isp connection or the vpn i use i just get one dns servers settings consistently.
View 1 Replies View RelatedThe cryptographic underpinnings of the Internet, as presently constituted, are messy, chaotic and rather randomly constructed. And that infrastructure is not only ripe for a variety of attacks, but is not easily fixable, a group of experts said Friday. At a forum on browser security sponsored by a Washington policy think tank, a group of technologists and policy experts from industry and government outlined the serious architectural and implementation problems with SSL, the certificate authority infrastructure and the way that browsers handle certificates. It was not a pretty picture. The problems extend from the way that CAs issue certificates to how certificates are handled by the major browsers to the way that attackers are able to take advantage of the weaknesses throughout the system.
View 1 Replies View RelatedOnline, I see many security alerts firefox but none related to Opera or other browsers. Is Opera more secure than Firefox?
View 3 Replies View RelatedI am a student taking part in a comptition. We have a set of questions to complete within today. Can anyone please help me out with it. I have a custom written "echo" program in C, running on port number "1220" which echoes back the first 16 characters of whatever is given as the first command line argument. But somehow, my brother had got unauthorized remote root access. The program is given below. How did he do it? Please give the exploit code and explain how it works.
#include
#include
void echo(char* input) {
[code]....
Browser can't find server at att.yahoo.com so no internet. My folding at home client with Stanford can't download {an upload went ok}. I have 2 other fedora boxes & 3 windows boxes thru the same router and they are all fine.
I can manually ping Stanford ok,
Add/remove software within fed. works ok.
I can type in 192.168.0.1 & get the page for my router
The only thing I did between working & not working was to install
Nvidia Cuda driver for my GTX275
My guess is something in the firewall got tweaked. but I've compared it to 2 working boxes & nothing jumps out at me.
I have a F11 box serving xdmcp. I log into them machine remotely with xming. As far as I can tell, all x clients work fine, EXCEPT for sealert. I get occasional selinux alerts, but I cannot use the sealert browser on my remote machine. When I try to run the browser, I get this: sealert -V -b
2010-03-05 11:27:49,841 [dbus.proxies.ERROR] Introspect error on :1.61:/org/fedoraproject/Setroubleshootd: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus) 2010-03-05 11:27:49,842 [dbus.proxies.DEBUG] Executing introspect queue due to error 2010-03-05 11:27:49,842 [dbus.ERROR] could not start dbus: org.freedesktop.DBus.Error.ServiceUnknown: The name :1.61 was not provided by any .service files
I see the bug at [URL].. but it does not mention the browser, nor does it say what the fix/workaround is..Im going to stab in the dark and start relabeling things, but anyone know what's really wrong?
So I downloaded a movie from megaupload and a pop up came up with [URL]....that bounced me to[URL]..but that webpage did not display. Normally, on Windows, I would have an anti-virus that would likely give me some sense of good or bad websites. On Ubuntu, I am not quite sure. Do I need a malware scanner for the firefox browser? I have the standard package from the 10.04 distro with the latest updates...
View 5 Replies View RelatedI am trying to use apparmor to restrict my file browser, which is Thunar to only let me view the files that are in the home directory and also removable media.I tried following the apparmor sticky with no success.I created the profile and tried editing it and it either started and let me do pretty much everything or did not start at all. Would it be possible for someone to help me step by step to set up a profile for thunar that would only show the home directory and removable media.
View 2 Replies View RelatedI was recently connecting securely to the website where I have my mail account, and I connected through Tor. When doing so firefox presents me with the screen saying that the connection is untrusted and it can't verify the certificate. So I cancelled. I'm using torbutton and I turned torbutton to off and connected again with no problem. Then with torbutton on again, same thing (untrusted).
Is it possible the exit node I was going through is doing a man in the middle attack? However later when connecting through tor I did NOT get the warning about the site being untrusted. I really don't know what exit node I was using when I got the certificate warning and what exit node I was using when I did not recieve the warning. I don't know how long I stay on the same node or how/when it changes.
We have a web server running apache and a custom web app that we log into from a web browser and it ask you to except the certificate and all is well. I now have an user who is using a window server 2008 and he wants to manually import the *.cer file into his browser to be able to login. My question are:
1 - What is the file that is being imported into the browser? *.pem *.crt
2 - I see on our server that we have our certs I believe located in the /etc/pki/tls/certs. The openRADIUS servers that I have created, this is the directory to where it is stored.Is this the typical placement for certs.
3 -If the files is a .cert or *.pem than could I use openssl to convert them to the appropiate *.cer file for IE7
One of my user wants to be able to upload file via browser to the server. For that, i need to grant apache read and write access to a folder. How much secure is allowing apache to grant complete read and write access to a folder ?
View 2 Replies View RelatedExim user can get owned by a remote exploit [URL].. I was running Exim 4.63 5.el5_5.1 on CentOS 5.5 x86_64 and my Exim user got owned by that exploit.
Now I ran yum update and exim updated to 4.63 5.el5_5.2 I cannot find anywhere if this updated fixes the exploit.
whats the most secure firefox browser for karmic that i can use from a PPA source ? that source must be trustable.could you tell me the PPA for the one in question as well ?
View 2 Replies View RelatedCentOS using yum to update Exim. Exim is configured to not allow remote connections using the local_interfaces config option.My old version was 4.63-5.el5_5.2 and after using:
yum update exim
Girlfriend with a problem: she needs to sign up at the unemployment office in Spain. She is here in China. But for reasons unknown, she can't access the bit which she needs to. It says: 'can't set the browser' Java is enabled and so on, we read the instructions. On her windoze computer, she has a digital certificate. I copied it onto my mem-stick. When I try to copy it from my mem-stick to my Linux machine, I can't. Not even as root! The folder is called 'certificado digital' and contains two folders:
Trash.(tilde)1 and VM_Ware_Workstation They both have some kind of encrypted stuff inside. Can this certificate be installed on my machine?? Trash has 5 things, VM_Ware_Workstation has 3 things. The guy who set this up for her told her she must use Mozilla. Is a certificate only valid with a particular browser?