AusCERT Week in Review for 1st June 2012

Date: 01 June 2012 Original URL: http://www.auscert.org.au/render.html?cid=7066&it=15892 As another rainy week draws to a close here in Brisbane, I sincerely hope that you've all been having better weather elsewhere in the country! As far as vulnerabilities are concerned, it has been a little slow this week but there have still been a few noteworthy bulletins coming across my desk. - The most interesting bulletin this week is most definitely the vulnerability in crypt, as used by FreeBSD. As if DES encryption wasn't already weak enough as it is, a vulnerability was identified in crypt that affects the handling of characters that can't be represented with 7-bit ASCII, causing these characters and all of those characters after to be ignored when hashing passwords! - US-CERT published an interesting alert regarding a vulnerability in the Seagate BlackArmor range of NAS products, which contain a static php file that is used to reset the administrator password. It appears that anyone with network access who can directly access the file can potentially reset the admin password. Seagate has not provided an update to fix the issue. - It's rare that a week doesn't go by without some kind of Linux kernel vulnerability, this week's coming in the form of a potential root compromise in Red Hat 5. Local users who have been granted TUN/TAP virtual interface access can potentially use this a flaw in the kernel to escalate their privileges. - It's fairly common for Cisco to push some kind of bulletin relating to a denial of service in one of its products caused by malformed packets. This week's vulnerable products are the Cisco IOS XR software as used by the Cisco 9000 Series Aggregation Services Routers, Route Switch Processor and Cisco Carrier Routing System. Have a great weekend! Jonathan