ICT Security-Sécurité PC et Internet
87.1K views | +0 today
Follow
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Critical Flaw Threatens Millions of BIND Servers | threatpost

Critical Flaw Threatens Millions of BIND Servers | threatpost | ICT Security-Sécurité PC et Internet | Scoop.it
From threatpost.com - March 29, 2013 2:47 PM

There is a critical vulnerability in several current versions of the BIND nameserver software that could allow an attacker to knock vulnerable DNS servers offline or compromise other applications running on those machines. The bug is present in several versions of the ubiquitous BIND software and the maintainers of the application have released a patch for it ===> that they recommend users install as soon as possible. <===

 

===> The vulnerability is in BIND 9.7, 9.8, and 9.9 for Unix systems, but Windows versions are not affected. <===

 

The problem lies in the way that the software handles certain regular expressions, and an attacker who exploits the vulnerability could not only cause a denial-of-service condition on the server but also could potentially compromise other software on the machine.

 

Gust MEES's insight:

 

The bug is present in several versions of the ubiquitous BIND software and the maintainers of the application have released a patch for it ===> that they recommend users install as soon as possible. <===

 

===> The vulnerability is in BIND 9.7, 9.8, and 9.9 for Unix systems, but Windows versions are not affected. <===

 

The problem lies in the way that the software handles certain regular expressions, and an attacker who exploits the vulnerability could not only cause a denial-of-service condition on the server but also could potentially compromise other software on the machine.

 

Check also:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Linux-Vulnerabilities

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Linux-Rootkits missbrauchen SSH-Dienst

Linux-Rootkits missbrauchen SSH-Dienst | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - February 25, 2013 10:51 AM
Auf kompromittierten Linux-Systemen haben Sicherheitsexperten eine heimtückische Hintertür entdeckt, die sich über eine Bibliothek in den SSH-Dienst einklinkt.
Gust MEES's insight:

Check also:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Linux-Vulnerabilities

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Nobody-is-perfect

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Sicherheitslücke und Jailbreak bei Amazon Kindle Touch

Sicherheitslücke und Jailbreak bei Amazon Kindle Touch | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - July 16, 2012 9:24 AM
Der Webbrowser des eBook-Readers führt beim Besuch einer präparierten Webseite beliebige Shell-Befehle mit Root-Rechten aus. Die Jailbreak-Community setzt diese Lücke bereits zur Installation von nicht autorisierter Software ein.

 

Weiter lesen:

http://www.heise.de/security/meldung/Sicherheitsluecke-und-Jailbreak-bei-Amazon-Kindle-Touch-1636888.html

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Critical Flaw Found In Security Pros' Favorite: Backtrack Linux

Critical Flaw Found In Security Pros' Favorite: Backtrack Linux | ICT Security-Sécurité PC et Internet | Scoop.it
From threatpost.com - April 11, 2012 7:13 PM
A critical security flaw has been identified in recent versions of Backtrack, a popular version of Linux that is used by security professionals for penetration testing.
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

PoC exploits for Linux privilege escalation bug published

PoC exploits for Linux privilege escalation bug published | ICT Security-Sécurité PC et Internet | Scoop.it
From net-security.org - January 26, 2012 10:15 AM
The publication of proof-of-concept exploit code for a recently spotted privilege escalation flaw (CVE-2012-0056 ) in the Linux kernel has left Linux vendors scrambling to push out a patch.
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Duqu Servers Included Hacked Linux Systems

Duqu Servers Included Hacked Linux Systems | ICT Security-Sécurité PC et Internet | Scoop.it
From www.infosecisland.com - December 4, 2011 8:40 AM
Duqu Servers Included Hacked Linux Systems
Be it brute force password hacking or another Stuxnet 0-Day, Duqu shows that Linux is vulnerable to hackers.
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

LinuxFoundation.org et les sous-domaines victimes d’attaques

LinuxFoundation.org et les sous-domaines victimes d’attaques | ICT Security-Sécurité PC et Internet | Scoop.it
From www.linformaticien.com - September 12, 2011 10:37 AM
Pour cause de maintenance de sécurité suite à une faille repérée le 8 septembre, les sites de la Linux Foundation, ...
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Linux world in security spinout as Linux Foundation and Kernel.org remain “temporarily unavailable”

Linux world in security spinout as Linux Foundation and Kernel.org remain “temporarily unavailable” | ICT Security-Sécurité PC et Internet | Scoop.it
From nakedsecurity.sophos.com - September 12, 2011 8:07 AM
The Linux world is in a bit of a security spinout at the moment. Could this be the moment that you finally decide to try OpenBSD?
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Linux kernel: denial of service via DCCP getsockopt

Linux kernel: denial of service via DCCP getsockopt | ICT Security-Sécurité PC et Internet | Scoop.it
From www.globalsecuritymag.com - March 11, 2013 3:36 AM
This bulletin was written by Vigil@nce : http://vigilance.fr/offer SYNTHESIS OF THE VULNERABILITY A local attacker can use the getsockopt() (...)
Gust MEES's insight:

 

Check also:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Linux-Vulnerabilities

 

more...
Selena Mini's comment, March 11, 2013 5:28 AM
It's great to see ..
Sign up to comment
Scooped by Gust MEES
Scoop.it!

DR Web discovers the first Linux/OSX cross-platform trojan

DR Web discovers the first Linux/OSX cross-platform trojan | ICT Security-Sécurité PC et Internet | Scoop.it
From www.infosecurity-magazine.com - August 28, 2012 2:11 PM
Dr Web, the Russian anti-malware company that did much to expose the growth of the Flashback botnet, has found the first Linux/OSX cross-platform trojan – which it calls BackDoor.Wirenet.1...

 

 

 

Read more:

http://www.infosecurity-magazine.com/view/27833/dr-web-discovers-the-first-linuxosx-crossplatform-trojan/?utm_source=twitterfeed&amp;amp;utm_medium=twitter

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Dangerous Samba vulnerability affects all Linux systems

Dangerous Samba vulnerability affects all Linux systems | ICT Security-Sécurité PC et Internet | Scoop.it
From searchsecurity.techtarget.com - April 11, 2012 7:37 PM
A dangerous Samba vulnerability can be used by attackers to gain root access to Linux systems, according to an advisory and security update issued by Samba development team.
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

The Importance of Securing a Linux Web Server

The Importance of Securing a Linux Web Server | ICT Security-Sécurité PC et Internet | Scoop.it
From resources.infosecinstitute.com - April 6, 2012 3:44 PM

Many risks are possible from a compromise including using the web server into a source of malware, creating a spam-sending relay, a web or TCP proxy, or other malicious activity.

 

The operating system and packages can be fully patched with security updates and the server can still be compromised based purely on a poor security configuration.

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Linux vendors urgently patch a security flaw

Linux vendors urgently patch a security flaw | ICT Security-Sécurité PC et Internet | Scoop.it
From www.theinquirer.net - January 26, 2012 8:54 AM
Enables Android 4.0 Ice Cream Sandwich root exploit...

 

OPEN SOURCE Linux distributors are quickly patching a security flaw recently found in the Linux kernel.


A local attacker can gain root access to the system via a privilege escalation vulnerability. The security hole involves the kernel failing to restrict access to the "/proc//mem" file, according to Techworld, and the security advisory is CVE-2012-0056.


Source: The Inquirer (http://s.tt/15oXz)

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Vigil@nce: Linux kernel, denial of service via Broadcom 43xx - Global Security Mag Online

Vigil@nce: Linux kernel, denial of service via Broadcom 43xx - Global Security Mag Online | ICT Security-Sécurité PC et Internet | Scoop.it
From www.globalsecuritymag.com - September 29, 2011 10:17 AM
This bulletin was written by Vigil@nce : http://vigilance.fr/offer SYNTHESIS OF THE VULNERABILITY When the kernel uses the b43 network driver, (...)...

 

Vigil@nce: Linux kernel, denial of service via Broadcom 43xx

 

When the kernel uses the b43 network driver, an attacker can use large Wi-Fi frames, in order to create a denial of service.

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Linux Foundation suffers security breach

From www.net-security.org - September 12, 2011 8:11 AM

Both websites are sporting a message from the Linux Foundation saying that the sites and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011 and is believed to be connected to the intrusion on kernel.org.

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

WebKit security holes haunt Ubuntu | ZDNet

WebKit security holes haunt Ubuntu | ZDNet | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - August 24, 2011 3:33 PM
According to an Ubuntu security alert, the WebKit flaws are dangerous enough to cause arbitrary code execution attacks.
more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn