DOCSLIB.ORG

Mcafee Foundstone Fsl Update

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mcafee Foundstone Fsl Update 2018-APR-18 FSL version 7.6.18 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 23333 - (CTX233832) Citrix XenServer Multiple Vulnerabilities Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2016-2107, CVE-2016-2108 Description Multiple vulnerabilities are present in some versions of Citrix XenServer. Observation Citrix XenServer is a popular virtualization platform. Multiple vulnerabilities are present in some versions of Citrix XenServer. The flaws lie in OpenSSL. Successful exploitation could allow an attacker to decrypt management traffic, execute arbitrary code or cause a denial of service. 163578 - Oracle Enterprise Linux ELSA-2018-1062 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2015-8539, CVE-2016-3672, CVE-2016-7913, CVE-2016-8399, CVE-2016-8633, CVE-2017-1000, CVE-2017-1000111, CVE-2017-1000112, CVE-2017-1000251, CVE-2017-1000252, CVE-2017-1000380, CVE-2017-1000407, CVE-2017-1000410, CVE- 2017-11176, CVE-2017-12154, CVE-2017-12188, CVE-2017-1219, CVE-2017-12190, CVE-2017-13166, CVE-2017-14106, CVE- 2017-14140, CVE-2017-15116, CVE-2017-15121, CVE-2017-15126, CVE-2017-15127, CVE-2017-15129, CVE-2017-15265, CVE- 2017-15649, CVE-2017-17053, CVE-2017-17448, CVE-2017-17449, CVE-2017-17558, CVE-2017-18017, CVE-2017-18203, CVE- 2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2017-7184, CVE-2017-7294, CVE-2017-7472, CVE-2017-7518, CVE-2017-7533, CVE-2017-7541, CVE-2017-7542, CVE-2017-7558, CVE-2017-8824, CVE-2017-9725, CVE-2018-1000004, CVE-2018-5750, CVE- 2018-6927 Description The scan detected that the host is missing the following update: ELSA-2018-1062 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2018-April/007619.html OEL7 x86_64 kernel-doc-3.10.0-862.el7 perf-3.10.0-862.el7 python-perf-3.10.0-862.el7 kernel-tools-libs-3.10.0-862.el7 kernel-debug-devel-3.10.0-862.el7 kernel-tools-libs-devel-3.10.0-862.el7 kernel-abi-whitelists-3.10.0-862.el7 kernel-debug-3.10.0-862.el7 kernel-devel-3.10.0-862.el7 kernel-3.10.0-862.el7 kernel-headers-3.10.0-862.el7 kernel-tools-3.10.0-862.el7 23327 - Mozilla Firefox Multiple Vulnerabilities Prior To 59.0.1 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5146, CVE-2018-5147 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system. 23328 - Mozilla Firefox Multiple Vulnerabilities Prior To 59.0.1 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5146, CVE-2018-5147 Description Multiple vulnerabilities are present in some versions of Mozilla Firefox. Observation Mozilla Firefox is a popular web browser. Multiple vulnerabilities are present in some versions of Mozilla Firefox. The flaws lie in several components. Successful exploitation could allow an attacker to remotely execute arbitrary code on the target system. 23342 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 52.7 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146 Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client. Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow attackers to remotely execute arbitrary code or cause a denial of service condition on the target system. 23343 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 52.7 Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146 Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client. Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow attackers to remotely execute arbitrary code or cause a denial of service condition on the target system. 23431 - (MSPT-Apr2018) Microsoft Excel Memory Remote Code Execution (CVE-2018-1029) Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2018-1029 Description A vulnerability in some versions of Microsoft Excel could lead to remote code execution. Observation A vulnerability in some versions of Microsoft Excel could lead to remote code execution. The flaw is due to improper handling of objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. 23432 - (HT208697) Apple iCloud Vulnerabilities Prior To 7.4 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE- 2018-4121, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4144, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165 Description Multiple vulnerabilities are present in some versions of Apple iCloud. Observation Apple iCloud is a manager for the Apple's cloud-based storage service. Multiple vulnerabilities are present in some versions of Apple iCloud. The flaws lie in multiple components. Successful exploitation could allow an attacker to execute remote arbitrary code, cause a denial-of-service condition or lead to information disclosure. 23438 - Cisco IOS Software Smart Install Remote Code Execution Vulnerability Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0171 Description A vulnerability is present in some versions of Cisco IOS. Observation Cisco IOS is an operating system used in Cisco devices. A vulnerability is present in some versions of Cisco IOS. The flaw is due to improper handling of a crafted Smart Install message. Successful exploitation could allow a remote attacker to cause a denial of service or execute arbitrary code. 23451 - Cisco IOS Software Quality of Service Remote Code Execution Vulnerability Category: SSH Module -> NonIntrusive -> Cisco IOS Patches and Hotfixes Risk Level: High CVE: CVE-2018-0151 Description A vulnerability is present in some versions of Cisco IOS. Observation Cisco IOS is an operating system used in Cisco devices. A vulnerability is present in some versions of Cisco IOS. The flaw lies in quality of service subsystem. Successful exploitation by an unauthenticated, remote attacker could result in execution of arbitrary code on the affected device with elevated privileges and cause a temporary denial of service condition. 139092 - Oracle Solaris 11.3.29.5.0 Update Is Not Installed (Third Party Components) Category: SSH Module -> NonIntrusive -> Solaris Patches and Hotfixes Risk Level: High CVE: CVE-2015-7554, CVE-2015-7557, CVE-2015-7558, CVE-2016-2334, CVE-2016-2335, CVE-2016-4347, CVE-2016-4348, CVE- 2016-6163, CVE-2016-9296, CVE-2017-10965, CVE-2017-10966, CVE-2017-11464, CVE-2017-13726, CVE-2017-13727, CVE-2017- 15227, CVE-2017-15228, CVE-2017-15721, CVE-2017-15722, CVE-2017-15723, CVE-2017-17880, CVE-2017-2753, CVE-2017- 2885, CVE-2017-3142, CVE-2017-3143, CVE-2017-5884, CVE-2017-5885, CVE-2017-7829, CVE-2017-7845, CVE-2017-7846, CVE- 2017-7847, CVE-2017-7848, CVE-2017-9468, CVE-2017-9765, CVE-2018-2753, CVE-2018-2754, CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018- 5104, CVE-2018-5117, CVE-2018-5205, CVE-2018-5206, CVE-2018-5207, CVE-2018-5208, CVE-2018-5334, CVE-2018-5335, CVE- 2018-5336 Description The scan detected that the host is missing the following update: SRU 11.3.29.5.0 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://support.oracle.com/rs?type=doc&id=2361795.1 https://support.oracle.com/epmos/faces/DocumentDisplay? _afrLoop=507462766511768&id=1448883.1&_afrWindowMode=0&_adf.ctrl-state=98kg3qcn0_33#aref_section26 141931 - Red Hat Enterprise Linux RHSA-2018-1119 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937 Description The scan detected that the host is missing the following update: RHSA-2018-1119 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2018-April/msg00031.html RHEL6D x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9 RHEL6S x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9 RHEL6WS x86_64 flash-plugin-29.0.0.140-1.el6_9 i386 flash-plugin-29.0.0.140-1.el6_9 23330 - Mozilla Firefox ESR Vulnerability Prior To ESR 52.7.3 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2018-5148 Description A vulnerability is present in some versions of Mozilla Firefox ESR.
Load more

Recommended publications
  • Uila Supported Apps
    Uila Supported Applications and Protocols updated Oct 2020 Application/Protocol Name Full Description 01net.com 01net website, a French high-tech news site. 050 plus is a Japanese embedded smartphone application dedicated to 050 plus audio-conferencing. 0zz0.com 0zz0 is an online solution to store, send and share files 10050.net China Railcom group web portal. This protocol plug-in classifies the http traffic to the host 10086.cn. It also 10086.cn classifies the ssl traffic to the Common Name 10086.cn. 104.com Web site dedicated to job research. 1111.com.tw Website dedicated to job research in Taiwan. 114la.com Chinese web portal operated by YLMF Computer Technology Co. Chinese cloud storing system of the 115 website. It is operated by YLMF 115.com Computer Technology Co. 118114.cn Chinese booking and reservation portal. 11st.co.kr Korean shopping website 11st. It is operated by SK Planet Co. 1337x.org Bittorrent tracker search engine 139mail 139mail is a chinese webmail powered by China Mobile. 15min.lt Lithuanian news portal Chinese web portal 163. It is operated by NetEase, a company which 163.com pioneered the development of Internet in China. 17173.com Website distributing Chinese games. 17u.com Chinese online travel booking website. 20 minutes is a free, daily newspaper available in France, Spain and 20minutes Switzerland. This plugin classifies websites. 24h.com.vn Vietnamese news portal 24ora.com Aruban news portal 24sata.hr Croatian news portal 24SevenOffice 24SevenOffice is a web-based Enterprise resource planning (ERP) systems. 24ur.com Slovenian news portal 2ch.net Japanese adult videos web site 2Shared 2shared is an online space for sharing and storage.
    [Show full text]
  • Leveraging Open Source Software
    1 Leveraging Open Source Software (Text of talk delivered by Justice Yatindra Singh Judge Allahabad High Court at the 9th e- Governance conference on 3rd February 2006 at Kochi, Kerala) FUD is an abbreviation of fear, uncertainty and doubt; it is often a salesman's strategy: spreading false rumours regarding others' products. Open source software (OSS) is its victim. In our country FUD for OSS arises out of ignorance. I am glad that, we are discussing OSS as it has crucial role to play in the IT world. WHAT IS OSS? A computer programme consists of two parts: Source Code and Object Code. Nowadays, computer programmes are written in high level computer languages using compact English words. This part is known as source code. These languages also have a programme called compiler and with their help, source code is compiled into machine language so that computers may understand it. When it is so done, it is called object code or machine code. Description―if it complies with certain conditions―is protected as a Copyright. Source code is a kind of description and can be protected as copyright provided it is published or disclosed. In the proprietery software, source code is generally not disclosed and in such a situation it is protected as a trade secret or undisclosed information. There was a debate whether object code is protected as a copyright or not but after TRIPS, it has to be protected as a copyright and now object code is so protected. Everyone is not using copyrights to have rights in computer programme.
    [Show full text]
  • OSS Watch National Software Survey 2008
    OSS Watch National Software Survey 2008 Ramón Casero Cañas Acknowledgements Publication information The survey was prepared and the report written by Ramón This survey report is licensed under the Creative Commons Casero Cañas (OSS Watch), and edited by Ross Gardler and Attribution-ShareAlike 2.0 England & Wales licence. Elena Blanco (OSS Watch), and Pete Cooper. OSS Watch National Software Survey 2008 However, there are many people who helped to make it pos- Ramón Casero Cañas sible. We would like to thank the ICT directors of the FE and HE institutions, who took the time to respond to the survey First edition, published February 2009. and send feedback to us; Dr Ellen Helsper (Oxford Internet Institute) for her advice, academic input and support; Randy Metcalfe, former OSS Watch Service Manager, who set us with this task and was always a source of encouragement and support; Michael Fraser, former OSS Watch Director, for his comments; Gabriel Hanganu, Stuart Yeates and Rowan Wilson (OSS Watch) for their comments, envelope stuffing, corrections and so much more; Laura Marriott and Beverley McNichols for their data collection; Jean Davis and Sally Hard- ing for envelope stuffing; Barry Cornelius, Dominic Hargreaves, Charles Hutchings, Liz Masterman, Denise McDonough, Stuart Lee, Janet McKnight, Howard Noble, Mark Norman, Catrin Radcliffe and Peter Robinson for their comments about the online questionnaire; Judy McAuliffe, Tina Dick, Leslie Ferguson, Fran Jackson, Bruce Shakespeare, Jane Truby and Wendy Simmonds for their help with administration
    [Show full text]
  • Arabic Domain Names
    Arabic Domain Names SaudiNIC’s Experiences and Initiatives Relate to UA Raed Alfayez, SaudiNIC ICANN 55, Marrakech, March 2016 Agenda • About SaudiNIC • SaudiNIC Previous Work – IDN Assessment reports – Raseel – An Arabic Email System • What's Next? About SaudiNIC • Administering the domain name space under: – (.sa) since 1995 .2010 since (.ﺔﯾدوﻌﺳﻟا) – • Operated by a government organization: – CITC (Communication and Information Technology Commission) • Coordinating with regional and international bodies in order to present the local community needs • Leading the local and regional communities efforts towards supporting Arabic language in Domain Names since 2001 (more than 15 years of experience) SaudiNIC Previous Work Arabic IDN pilot projects • GCC Pilot Project (2004-2005) • Arab League (2005 - 2009) Tools, algorithms and solutions to manage variants: • Master Key Algorithm • Filters • Variant Management System (VMS) IDN Assessment Reports Arabic Email Project (Raseel) IDN Assessment Reports Conducted and Published a number of IDN Assessment Reports: • IDN Top Level Domain Evaluations and Testing Report 2007 • with the cooperation of the Arabic Domain Name Pilot Project Team. • Arabic IDN Test Results for Browsers 2010 • Mozilla Firefox & Microsoft IE 2014 • IDN Assessment Report IDN Assessment Reports - 2014 • Goal: –to study and assess end-user experiences regarding IDNA implementations for Arabic domain names. • Covered many areas and behaviors • Developed –methodology for Test Case Modeling and Generation –online system to capture results IDN Assessment Reports - 2014 • IDNA support ≠ browsers’ address bars support. • User acceptance for IDNA is less than 1% (Excluding address bar in some web browsers) – It’s been more than 10 years since the publication of IDNA RFCs, and still less than 1%! • How long do we need for Internationalized Email (IDN Email) to be fully deployed! – Do we need to wait 10+ years to get a 1% acceptance! • RFCs are not enough, we need accelerators.
    [Show full text]
  • Mail Box Server and Web Mail Server
    OPS535 – Advanced Network Administration Mail Box Server Lab POP3 and IMAP Servers Web mail using squirrelmail Secure IMAP (Mail Box Server) server for user's remote mail access CentOS 7.0 rpm package: dovecot 2.2.10-4 CentOS7,0 Web Site: http://www.dovecot.org Configuration file: /etc/dovecot/dovecot.conf Starting/stopping dovecot use systemctl command - by default starts/stops pop3, pop3s, imap, imaps Logging: by default log messages send to /var/log/maillog file (syslog option) Very Useful Command: dovecot -n (display vital information about dovecot) On CentOS 7.0: [root@mail ~]# dovecot -n # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-229.14.1.el7.x86_64 x86_64 CentOS Linux release 7.1.1503 (Core) mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } ssl = required ssl_cert = </etc/pki/dovecot/certs/dovecot.pem ssl_key = </etc/pki/dovecot/private/dovecot.pem userdb { driver = passwd } On CentOS 5.3: root@localhost ~]# dovecot -n # 1.0.7: /etc/dovecot.conf login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3):
    [Show full text]
  • Servicio De Mensajería De Correo Utilizando Software Libre Para
    Servicio de mensajería de correo utilizando software libre para mejorar el tiempo de respuesta de atención Tesis para optar el Título de Ingeniero de Sistemas y Cómputo Presentado por César Antonio Rojo López Asesor Dr. Santiago Raúl Gonzales Sánchez Lima – Perú Noviembre de 2020 DEDICATORIA Dedico este trabajo a mi familia particularmente a mis padres Mercedes López de Rojo y César Rojo Fernando como también a mi prometida Ximena Veliz que dia a dia me dan fuerza y motivacin para seguir adelante, como también al Gerente General de TecnoWeb Latam Diego Benavente por brindarme todas las herramientas para la implementación tecnologcia. 2 ÍNDICE ÍNDICE DE FIGURAS ............................................................................................................................. 5 INDICE DE TABLAS ............................................................................................................................... 7 RESUMEN ................................................................................................................................................. 8 ABSTRACT ............................................................................................................................................... 9 INTRODUCCIÓN ................................................................................................................................... 10 CAPÍTULO I: PLANTEAMIENTO DEL PROBLEMA ..................................................................... 12 1.1. Situación Problemática ..........................................................................................................
    [Show full text]
  • Symantec Enterprise Security Manager Patch Policy Release Notes Symantec Enterprise Security Manager Patch Policy Release Notes
    Symantec Enterprise Security Manager Patch Policy Release Notes Symantec Enterprise Security Manager Patch Policy Release Notes The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Legal Notice Copyright © 2008 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, LiveUpdate, Symantec Enterprise Security Architecture, Enterprise Security Manager, and NetRecon are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in Commercial Computer Software or Commercial Computer Software Documentation", as applicable, and any successor regulations.
    [Show full text]
  • Forensic Analysis of Communication Records of Messaging Applications from Physical Memory
    ARTICLE IN PRESS JID: COSE [mNS; October 24, 2018;11:47 ] computers & security xxx (xxxx) xxx Available online at www.sciencedirect.com j o u r n a l h o m e p a g e : w w w . e l s e v i e r . c o m / l o c a t e / c o s e Forensic analysis of communication records of messaging applications from physical memory ∗ Diogo Barradas , Tiago Brito, David Duarte, Nuno Santos, Luís Rodrigues INESC-ID, Instituto Superior Técnico, Universidade de Lisboa, Portugal a r t i c l e i n f o a b s t r a c t Article history: Inspection of physical memory allows digital investigators to retrieve evidence otherwise Received 2 May 2018 inaccessible when analyzing other storage media. In this paper, we analyze in-memory com- Accepted 23 August 2018 munication records produced by instant messaging and email applications, both in desktop Available online xxx web-based applications and native applications running in mobile devices. Our results show that, in spite of the heterogeneity of data formats specific to each application, communica- Keywords: tion records can be represented in a common application-independent format. This format Digital forensics can then be used as a common representation to allow for general analysis of digital ar- Instant-messaging tifacts across various applications. Then, we introduce RAMAS, an extensible forensic tool Memory forensics which aims to ease the process of analysing communication records left behind in physical Mobile applications memory by instant-messaging and email clients. Web-applications © 2018 Elsevier Ltd.
    [Show full text]
  • Efail: Breaking S/MIME and Openpgp Email Encryption Using Exfiltration Channels
    Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels Damian Poddebniak and Christian Dresen, Münster University of Applied Sciences; Jens Müller, Ruhr University Bochum; Fabian Ising and Sebastian Schinzel, Münster University of Applied Sciences; Simon Friedberger, NXP Semiconductors, Belgium; Juraj Somorovsky and Jörg Schwenk, Ruhr University Bochum https://www.usenix.org/conference/usenixsecurity18/presentation/poddebniak This paper is included in the Proceedings of the 27th USENIX Security Symposium. August 15–17, 2018 • Baltimore, MD, USA ISBN 978-1-939133-04-5 Open access to the Proceedings of the 27th USENIX Security Symposium is sponsored by USENIX. Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels Damian Poddebniak1, Christian Dresen1, Jens Muller¨ 2, Fabian Ising1, Sebastian Schinzel1, Simon Friedberger3, Juraj Somorovsky2, and Jorg¨ Schwenk2 1Munster¨ University of Applied Sciences 2Ruhr University Bochum 3NXP Semiconductors, Belgium Abstract is designed to protect user data in such scenarios. With end-to-end encryption, the email infrastructure becomes OpenPGP and S/MIME are the two prime standards merely a transportation service for opaque email data and for providing end-to-end security for emails. We de- no compromise – aside from the endpoints of sender or scribe novel attacks built upon a technique we call mal- receiver – should affect the security of an end-to-end en- leability gadgets to reveal the plaintext of encrypted crypted email. emails. We use CBC/CFB gadgets to inject malicious plaintext snippets into encrypted emails. These snippets S/MIME and OpenPGP. The two most prominent stan- abuse existing and standard conforming backchannels to dards offering end-to-end encryption for email, S/MIME exfiltrate the full plaintext after decryption.
    [Show full text]
  • A Technical Summary
    A Technical Summary Table A.1. Kerberos administrative ACL (MIT) Allow Deny Operation a A Add principals or policies d D Delete principals or policies m M Modify principals or policies c C Change passwords i I Inquiry the database l L List principals or policies s S Set key for principals * or x Allow all privileges Table A.2. Kerberos kadmin password policies (MIT) Option Meaning -history Minimum count of unusable old passwords -maxlife Maximum allowed lifetime -minclasses Minimum character classes -minlength Minimum password length -minlife Minimum lifetime 380 A Technical Summary Table A.3. LDAP access control list levels Level Privilege Coding Explanation none =0 No access at all auth =x Permits authentication attempt compare =cx Permits comparison search =scx Permits search filter application read =rscx Permits search result inspection write =wrscx Permits modification or deletion Table A.4. The OpenAFS access control list attributes Permission Meaning l List contents (lookup) i Create new files or directories (insert) d Delete files or directories a Change ACL attributes of directories (administer) r Read contents of files w Modify contents of files (write) k Lock files for reading read Equivalent to rl write Equivalent to rlidwk (no administrative rights) all Equivalent to rlidwka none Remove all ACL permissions Table A.5. The OpenAFS @sys names (excerpt) @sys Architecture alpha dux40 Digital UNIX 4 on an Alpha alpha dux50 Digital UNIX 5 on an Alpha i386 linux24 Linux Kernel 2.4 on Intel and compatible i386 linux26 Linux Kernel 2.6 on Intel and compatible i386 nt40 Microsoft Windows NT and later on Intel and compatible ppc darwin70 Apple MacOS X 10.3 on a PowerPC Macintosh ppc darwin80 Apple MacOS X 10.4 on a PowerPC Macintosh ppc darwin90 Apple MacOS X 10.5 on a PowerPC Macintosh rs aix52 IBM AIX 5.2 on a pSeries rs aix53 IBM AIX 5.3 on a pSeries sgi 65 SGI Irix 6.5 on a MPIS x86 darwin80 Apple MacOS X 10.4 on an Intel Macintosh x86 darwin90 Apple MacOS X 10.5 on an Intel Macintosh A Technical Summary 381 Table A.6.
    [Show full text]
  • Ubuntuguide Part2
    UbuntuGuide Part2 - http://ubuntuguide.org/index.php?title=UbuntuGuide_Part2&... UbuntuGuide Part2 From Contents 1 Boot from a Live CD 2 UEFI 3 Coreboot 4 Multiple OS Installation 4.1 Introduction 4.1.1 Using Grub Legacy for the boot partition 4.2 Partition design 4.3 Windows partitions 4.3.1 Changing Windows partition sizes 4.3.1.1 Using Shrink Volume on Vista and Windows 7 4.3.1.2 Reinstalling Vista or Windows 7 on a new partition 4.3.1.2.1 Using Windows Recovery Disks 4.3.1.3 Windows XP (or earlier) 4.3.1.4 Windows bootloaders 4.4 Install your first Linux OS 4.5 Copy boot files to the small Grub partition 4.6 Reinstall Grub to MBR 4.7 Install your second Linux OS 4.8 Changing main Grub boot menu settings 4.8.1 Using UUIDs for the main Grub bootloader menu 4.8.2 Add MacOSX entry 4.9 Re-installing Grub Legacy after Windows upgrade or re-installation 4.10 Other chainloader options 4.10.1 Chainloading Grub2 from Grub Legacy 4.11 The (hd0,9) problem 4.12 Protecting Grub Legacy from cracking 4.13 Manipulating partitions on the hard drive 5 Manipulating Partitions 5.1 Use the (K)Ubuntu Desktop LiveCD 5.2 Use GParted to manage partitions 5.3 One linux-swap partition per computer 5.4 Creating and "moving" free space 5.5 Creating or resizing a partition 5.6 Changing Grub Legacy in a boot partition 5.7 Changing Grub2 in a changed partition 5.7.1 Booting (K)Ubuntu manually from Grub Legacy 5.7.2 Discovering the current kernel files manually 5.8 Changing Grub Legacy in a changed partition 6 Virtualbox in Windows 6.1 Install Virtualbox in Windows 6.2 Install Ubuntu edition for virtual machines 6.2.1 Install a desktop 6.2.2 Install Linux Guest Additions 6.2.3 Creating shared folders 7 Android emulation 7.1 Android-x86 in VirtualBox 7.1.1 Networking for Android-x86 7.1.1.1 Wired networking for Android-x86 RC 4.0RC1 7.1.2 Installing apps 7.1.2.1 Modified apps 7.1.3 Usage tips 7.2 Android SDK emulator 7.2.1 Networking for Android SDK 7.2.2 Installing an app 1 of 177 08/10/2013 09:04 AM UbuntuGuide Part2 - http://ubuntuguide.org/index.php?title=UbuntuGuide_Part2&..
    [Show full text]
  • Basic Squirrelmail for HEC (Revised 6/11/06)
    Basic SquirrelMail for HEC (Revised 6/11/06) Getting Started Welcome to SquirrelMail! 'What is SquirrelMail?' you may ask. Well, simply put, it is an easy to use program for accessing your email from any web browser anywhere in the world. For the Collaborative, SquirrelMail is a feature rich replacement for the old “Stalker” webmail system that we have used for many years. We think that after you have logged in and used it for a bit, you will be astounded at its simplicity and ease of use. Revision Notes – This document reflects revisions made to the SquirrelMail email program at the request of early adopters and testers at HEC. Please discard any previous versions you may have. Logging In The first thing you need to do is to log into the SMail system. To login, follow these simple steps: 1) Start your favorite web browser and point it at this URL: mail.collaborative.org NOTE: SquirrelMail supports Firefox, Internet Explorer, and Mozilla web browsers. Other browsers such as Safari may not work properly! 2) You will be taken to the login screen as shown below: 3) Enter your email account name and password. 4) Click once on the [Login] button. You will be taken right to your SquirrelMail desktop! Basic SquirrelMail for HEC Rev. 06/11/06 Pat Hartley The SquirrelMail Desktop Once you successfully login to the SquirrelMail program, you will arrive at the desktop. It is here that you will read mail, delete mail, compose mail, and generally manage your mail box. As noted below, the desktop has four main areas.
    [Show full text]