CRITICAL VULNERABILITY AFFECTS LINUX SYSTEMS

A highly critical vulnerability has been revealed in the GNU C Library (glibc) that could allow attackers to execute malicious code on servers and remotely gain control of Linux machines.

The vulnerability, called as "GHOST" was discovered and disclosed by the security researchers from California-based security firm Qualys on Tuesday. Hackers could exploit it to silently gain complete control of a targeted Linux system without having any prior knowledge of system credentials

WHAT IS THE ISSUE?

The problem actual originates from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. This function is especially invoked by the _gethostbyname and gethostbyname2() function calls.

According to the researchers, a remote attacker has ability to call either of these functions which could allow them to exploit the vulnerability in an effort to execute arbitrary code with the permissions of the user running the application.

EXPLOIT CODE

In an attempt to highlight the severity of the risk, security researchers were able to write proof-of-concept exploit code that is capable to carry out a full-fledged remote code execution attack against the Exim mail server.

The researcher’s exploit able to bypass all existing exploit protections (like ASLR, PIE and NX) available on both 32-bit and 64-bit systems, including position independent executions, address space layout randomization and no execute protections.

Using the exploit, an attacker is able to craft malicious emails that could automatically compromise a vulnerable server without the email even being opened, according to Amol Sarwate, director of engineering with Qualys.

So far, the company has not published the exploit code to the public but eventually it plans to make the exploit available as a Metasploit module.

VERSIONS AFFECTED

The vulnerability affects versions of glibc as far back as glibc-2.2, which was released in 2000.

"Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, Ubuntu 12.04, for example," researchers from Qualys said in an advisory published Tuesday.

FIXES AVAILABLE FOR SOME LINUX DISTRIBUTIONS

However, major distributors of the Linux operating system, including Red Hat, Debian and Ubuntu, updated their software on Tuesday to thwart the serious cyber threat. In order to update systems, core functions or the entire affected server reboot is required.

Red Hat, the No. 1 provider of Linux software to businesses, recommends its customers to update their systems "as soon as possible to mitigate any potential risk."

Source: TheHackerNews

Read More

DROPBOX APP FOR WINDOWS PHONE IS FINALLY HERE

After a long, long wait, Dropbox has launched an official app for Windows Phone today. Dropbox originally announced that they were working on the app back in November as part of a new partnership with Microsoft.

As an added bonus, Dropbox, which previously only had an official Windows 8.1 app, is now a universal between phones and PCs.

Dropbox lets you bring your photos, docs, and videos anywhere and share them easily. Access any file you save to your Dropbox from all of your computers, phones, tablets, and on the web. With Dropbox you’ll always have your important memories and work with you.

Features:

• Access your photos, docs, and videos from any device
• 2 GB of free space when you sign up
• Share even your biggest files with a simple link — no more attachments!
• Add files to your “Favorites” for fast, offline viewing

Use Dropbox to save and share photos, docs, and videos in a snap. And if something happens to your Windows phone, your stuff is always safe in Dropbox.

This should be a boon for those of you who were previously relying on third-party apps, such as CloudSix. Will you be switching over to Dropbox's official offering?

Download Dropbox for Windows Phone from here.

If you want to contribute to this blog, read here

Read More

WINDOWS 10 FOR PHONES

Microsoft officially unveiled Windows 10 for phones on 21st January at Windows 10 event. Below find a look at the various features announced.



Above is Windows 10 start screen. Besides the background wallpaper there does not seem to be anything new here.



The tiles seem completely opaque (update – the tiles are in fact semi-transparent).



Above is the app list. New apps will now occupy a slot above called Recently Installed.



This is the new notification tray.



Many new quick action buttons are now supported.



Settings are now more organized and grouped.



Toast notifications are now actionably.







Voice typing is now supported, and the keyboard is repositionable.



It now also features a mini-joystick for precise cursor positioning.



The messaging app will now support sending text messages via Skype and other carrier IP providers.



A new version of Word, Powerpoint and Excel will be available which will run the same code as the desktop.






The apps have the full power of office, including, review, formatting and everything else, and is powered by hardware acceleration.



Outlook now use the Word engine to render email.



It will also let you flag or delete email with a swipe.



The new calendar app is a lot more colourful.



The Lumia Camera app will be the default camera app on all Windows 10 phones and will simply be called Camera.





The new photos app will automatically enhance your pictures…



and also automatically create albums.

Above is the new People Hub



and the new Xbox Music app. It will support a new OneDrive music locker which will arrive in 2 months.



The new maps app will replace Here maps on the phone, and provide walking and turn by turn directions. On the maps page view Cortana will always be listening, and you could say “Cortana, repeat that” to hear directions again.



The new Spartan browser will initially be available only on the desktop. It will eventually also come to the phone.


You liked this post and want to contribute to this blog, then read here

Read More

EXPLOIT ALLOWS ASUS ROUTERS TO BE HACKED FROM LOCAL NETWORK

A vulnerability in Asuswrt, the firmware running on many wireless router models from Asustek Computer, allows attackers to completely compromise the affected devices. Malicious hackers, however, need to launch their attacks from within the local networks served by the vulnerable routers.

The flaw is located in a service called infosvr, which runs on Asuswrt-powered routers by default. The service, which is used by a tool called the Asus Wireless Router Device Discovery Utility, listens to packets sent to the router’s LAN (local area network) interface over UDP broadcast port 9999.

“This service runs with root privileges and contains an unauthenticated command execution vulnerability,” security researcher Joshua Drake, who found the vulnerability,said on his GitHub account.

Drake published his findings after someone else independently found the same issue and released an exploit for it.

While attackers can’t exploit this flaw from the Internet, they can use it to gain control of routers if they first compromise a device connected to them or if they manage to connect to the local network in some other way. Any local computer infected with malware can therefore become a serious threat to a router that’s vulnerable to this attack.

Routers are valuable targets for attackers, because they provide them with a foothold inside networks from where they can attack other devices. A router compromise is much harder to detect than a PC infection, because there are no antivirus programs running on such devices.

By controlling routers attackers gain the ability to intercept, inspect and modify incoming and outgoing Internet traffic for all devices that connect through them. Among other things, they can strip SSL from secure traffic and use DNS hijacking techniques to misrepresent legitimate websites.

Until Asus releases firmware updates for the affected routers, there are several mitigations available, although applying some of them requires technical skills.

The simplest way to block potential exploits for this vulnerability is to create a firewall rule that blocks UDP port 9999 on the router, but unfortunately this cannot be done through the Web-based administration interface. Users will have to connect to their router via Telnet and type “iptables -I INPUT -p udp —dport 9999 -j DROP” without the quotes on the command line interface.

The command sets up a firewall rule to block UDP port 9999, but it’s not persistent across reboots so the procedure needs to be repeated every time the router restarts.

Eric Sauvageau, the maintainer of Asuswrt-Merlin, a popular custom firmware for Asus routers that is based on Asus’ unified Asuswrt firmware, suggested a persistent fix that involves using the non-volatile JFFS partition available on Asus routers.

Users who run Asuswrt-Merlin on their routers can simply upgrade to version 376.49_5 of the firmware, which contains a fix for this vulnerability. Howerver, it should be noted that installing custom firmware can void the device warranty and should only be done by users who understand and accept all the risks associated with this procedure, including the possibility that their device might be damaged.

Source: WMPowerUser

Read More

VLC FOR WINDOWS PHONE NOW AVAILABLE FOR DOWNLOAD FROM STORE

The much awaited VLC Player app for Windows Phone is now available in Store. The main advantage of VLC app is that it allows playback of wide variety of videos and audio formats including MKV and others.

App Description

VLC media player is a portable, free and open-source, cross-platform media player and streaming media server written by the VideoLAN project.
VLC media player supports most audio and video compression formats, files and streaming protocols.

The app is still a beta and receiving updates daily. All WP users must try the VLC beta app and wait for the Full Release.

Download it here from Windows Phone Store for free.

Read More