[USN-3798-1] Linux kernel vulnerabilities

---------- Forwarded message ---------
From: Steve Beattie
Date: 2018年10月23日 週二 上午11:50
...
Luo Quan and Wei Yang discovered that a race condition existed in the
Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel when
handling ioctl()s. A local attacker could use this to cause a denial of
service (system deadlock). (CVE-2018-1000004)

范龙飞 discovered that a race condition existed in the Advanced Linux
Sound Architecture (ALSA) subsystem of the Linux kernel that could lead to
a use- after-free or an out-of-bounds buffer access. A local attacker with
access to /dev/snd/seq could use this to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2018-7566)

It was discovered that a buffer overflow existed in the NFC Logical Link
Control Protocol (llcp) implementation in the Linux kernel. An attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2018-9518)
...
References:
  https://usn.ubuntu.com/usn/usn-3798-1
  CVE-2015-8539, CVE-2016-7913, CVE-2017-0794, CVE-2017-15299,
  CVE-2017-18216, CVE-2018-1000004, CVE-2018-7566, CVE-2018-9518

NewTek: Make Any System a Media Player with NDI

by Kane Peterson & Chuck Baker Sometimes a production needs additional media available and perhaps playing full time and in a loop. Having a Windows system set up with VLC Media Player, Kane Peterson’s VLC SyncPlay app for VLC Media Player, and the NewTek NDI® Tools Pack, available by free download, can fulfill this need. READ MORE & WATCH VIDEO

TrendLabs: Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware

Figure 2: Infection chain of the attacks involving misconfigured Docker engine
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/misconfigured-container-abused-to-deliver-cryptocurrency-mining-malware/

[USN-3799-1] MySQL vulnerabilities

---------- Forwarded message ---------
From: Marc Deslauriers
Date: 2018年10月24日 週三 上午3:59

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

References:
  https://usn.ubuntu.com/usn/usn-3799-1
  CVE-2018-3133, CVE-2018-3143, CVE-2018-3144, CVE-2018-3155,
  CVE-2018-3156, CVE-2018-3161, CVE-2018-3162, CVE-2018-3171,
  CVE-2018-3173, CVE-2018-3174, CVE-2018-3185, CVE-2018-3187,
  CVE-2018-3200, CVE-2018-3247, CVE-2018-3251, CVE-2018-3276,
  CVE-2018-3277, CVE-2018-3278, CVE-2018-3282, CVE-2018-3283,
  CVE-2018-3284

Discover the latest updates to Google Analytics

NEW FEATURES

Cross Device Features Now Available A few months ago we introduced new Cross Device features to help you gain visibility into the journey your customers are taking across their devices as they interact with your website. To use these features, start by visiting the Admin section of your Analytics account and choose the setting to activate Google signals.

TrendLabs: Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine

Figure 1: Infection Chain for the attack

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/malware-targeting-brazil-uses-legitimate-windows-components-wmi-and-certutil-as-part-of-its-routine/

[Check_mk Announce] New Check_MK stable release 1.5.0p7

---------- Forwarded message ---------
From: Check_mk Announcements
Date: Tue, Oct 23, 2018 at 3:37 PM

Please note that this release ships with several security fixes. In case you are
currently using previous 1.5.0 versions we highly recommend to update.

This maintenance release ships with 20 changes affecing all editions of Check_MK,
8 Enterprise Edition specific changes and 0 Managed Services Edition specific changes.

WATO:
* 6843 FIX: Increased size of "state of a service" BI rule input field

User interface:
* 6669 LDAP connections: Improved performance for "Automatically discover LDAP server"
* 6752 FIX: New Theme: Make the reload Button for passive Checks in grayscale again
* 5957 FIX: LDAP: Locking of users using "Authentication Expiration" plugin was not unlocking users
* 6785 FIX: Fixed truncating leading new lines in text area input fields
* 6784 FIX: Fixed grouping of service description KeyError exception
* 6842 FIX: Fixed dashlet top offset in classic theme

Reporting & availability:
* 6413 FIX: Availability: don't try to merge completely disconnected intervals

HW/SW inventory:
* 6736 FIX: Status data inventory is ignored for Check_MK clusters
* 6806 FIX: Management boards: Fixed execution of inventory plugins
* 6802 FIX: HW/SW Inventory: Equal entries are not displayed correctly

Checks & agents:
* 6798 docker_node_network: Support older Docker versions
* 6832 docker_node_info: Support old Docker versions
* 6833 docker_node_images: Support old Docker versions
* 6797 docker_node_disk_usage: Support older Docker versions
* 6807 FIX: veeam_tapejobs: Check returns 'Item not found' if no jobs are sent by the agent
* 6805 FIX: printer_supply_ricoh: Fixed conversion of parameters which have an old format
* 6830 FIX: docker_node_network: Fix missing info in case of multiple networks
* 6803 FIX: cisco_hsrp: Treat 'listen' state also as OK if it was known during discovery
* 6808 FIX: agent_vsphere: Fixed retrieving system information

You can download Check_MK from our download page:
 * http://mathias-kettner.de/check_mk_download.html

Meet Roku Premiere

REF: https://www.roku.com/

[openssh-unix-announce] Announce: OpenSSH 7.9 released

---------- Forwarded message ---------
From: Damien Miller
Date: 2018年10月19日 週五 上午11:51

OpenSSH 7.9 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html

Potentially-incompatible changes
================================

This release includes a number of changes that may affect existing
configurations:

 * ssh(1), sshd(8): the setting of the new CASignatureAlgorithms
   option (see below) bans the use of DSA keys as certificate
   authorities.

 * sshd(8): the authentication success/failure log message has
   changed format slightly. It now includes the certificate
   fingerprint (previously it included only key ID and CA key
   fingerprint).

Changes since OpenSSH 7.8
=========================

This is primarily a bugfix release.
...

Reporting Bugs:
===============

- Please read http://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com

TrendLabs: SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload

Figure 3. Malicious Commandline via DeepLink tag

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/settingcontent-ms-can-be-abused-to-drop-complex-deeplink-and-icon-based-payload/

[Check_mk Announce] New Check_MK stable release 1.4.0p37

---------- Forwarded message ---------
From: Check_mk Announcements
Date: Sun, Oct 21, 2018 at 1:41 AM

Please note that this release ships with several security fixes. In case you are
currently using previous 1.4.0 versions we highly recommend to update.

WATO:
* 6709 SEC: Fixed possible information disclosure to apache log when editing users
* 6783 FIX: Fixed audit log not showing todays entries when "current date" is selected

User interface:
* 6710 SEC: Limit crash reporting functionality to permitted users

Checks & agents:
* 6667 Windows agent: Increased maximum allowed plugin output from 2MB to 16MB
* 6730 FIX: winperf_processor.util: Fixed displaying average values in graphs
* 6807 FIX: veeam_tapejobs: Check returns 'Item not found' if no jobs are sent by the agent
* 6478 FIX: synology_raid: Fixed crash on devices with more possibles raid states
* 6740 FIX: statgrab_mem: Mark ruleset as deprecated
* 6805 FIX: printer_supply_ricoh: Fixed conversion of parameters which have an old format
* 6747 FIX: oracle_tablespaces: Check for empty filenames
* 6748 FIX: oracle_tablespaces: Check for empty filenames
* 6800 FIX: mysql_slave: Metrics and graphs of relay log space is now displayed in a readable format
* 6606 FIX: mssql_backup: Fixed conversion of backup date and time
* 6738 FIX: mk_oracle: Plugin is compatible against 18c
* 6734 FIX: ibm_svc_enclosure: Fixed parsing data of IBM-FLASH900 devices
* 6735 FIX: cpu_util_unix: Fixed calculation of CPU usage on UNIX
* 6803 FIX: cisco_hsrp: Treat 'listen' state also as OK if it was known during discovery
* 6731 FIX: check_mk_agent.aix: Fixed multiline output processing
* 6808 FIX: agent_vsphere: Fixed retrieving system information
* 6732 FIX: agent_netapp: Skip attributes which are not available
* 6666 FIX: Windows agent: Fixed race condition leading to missing plugin output
* 5510 FIX: Add missing metrics for Windows Memory and Pagefile check

You can download Check_MK from our download page:
 * http://mathias-kettner.de/check_mk_download.html

Announcing CrossOver 18.0.0

REF: https://www.codeweavers.com/

OpenBSD 6.4 released - Oct 18, 2018

---------- Forwarded message ---------
From: Theo de Raadt
Date: Thu, Oct 18, 2018 at 10:24 PM
...
We are pleased to announce the official release of OpenBSD 6.4.
This is our 45th release.  We remain proud of OpenBSD's record of more
than twenty years with only two remote holes in the default install.

As in our previous releases, 6.4 provides significant improvements,
including new features, in nearly all areas of the system...

The README (https://ftp.OpenBSD.org/pub/OpenBSD/6.4/README) file
explains how to deal with these source files.
...

TrendLabs: CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows

Figure 1: Snapshot showing an example of usagetracker.properties
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2018-3211-java-usage-tracker-local-elevation-of-privilege-on-windows/

[Check_mk Announce] New Check_MK stable release 1.5.0p6

---------- Forwarded message ---------
From: Check_mk Announcements
Date: Mon, Oct 15, 2018 at 5:30 PM

WATO:
* 6664 FIX: WATO notification rules configuration: expansion of condition elements did not work for user rules
* 6668 FIX: WATO API: fixed broken configuration when setting cluster nodes in edit_host/add_host API call
* 6776 FIX: Timeperiod ical import: Fixed limitation to 100 events per multiple day event
* 6783 FIX: Fixed audit log not showing todays entries when "current date" is selected

User interface:
* 6779 FIX: Fixed displaying unrelated livestatus data to users randomly
* 6777 FIX: Background job logs were not always shown in job output
* 6778 FIX: Additional fix for URL redirect from /[site]/ to /[site]/check_mk/

Site management:
* 6410 FIX: Determine the parent process more reliably

HW/SW inventory:
* 6737 FIX: docker_node_network: Wrong API implementation caused a lot of small inventory history files

Core & setup:
* 6775 FIX: Parent scan now uses no-agent+no-snmp tags instead of ping

Checks & agents:
* 6665 Checks may now yield the value None as plugin output
* 5846 FIX: win_dhcp_pools: French systems are supported now
* 6740 FIX: statgrab_mem: Mark ruleset as deprecated
* 6747 FIX: oracle_tablespaces: Check for empty filenames
* 6748 FIX: oracle_tablespaces: Check for empty filenames
* 6800 FIX: mysql_slave: Metrics and graphs of relay log space is now displayed in a readable format
* 6739 FIX: mssql_backup: Levels can be disabled
* 6738 FIX: mk_oracle: Plugin is compatible against 18c
* 6412 FIX: mk_docker_container_piggybacked: don't try to execute the check_mk_agent inside a container if no bash is available
NOTE: Please refer to the migration notes!
* 6799 FIX: if.include: Index was always added to service description
* 6632 FIX: aix_memory: Fix graph colouring and labelling
* 6732 FIX: agent_netapp: Skip attributes which are not available

You can download Check_MK from our download page:
 * http://mathias-kettner.de/check_mk_download.html

NDI® Developer: NDI® Version 3.7 SDK Update Highlights include: Tools for analysis of network streams including information about bit-rates, timing, video and audio formats and more Integrated frame-synchronization and automatic audio dynamic resampling Improved network performance, next generation error correction to avoid packet loss Improved network discovery of sources Embedded SDK designed to allow integration of NDI into embedded devices, with an ARM based SDK that provides stream level access to NDI. Also included is an FPGA implementation and full source code to allow an off the shelf FPGA dev-kit to be used as a starting point for NDI encoding projects

REF: https://www.newtek.com/

TrendLabs: October Patch Tuesday: Microsoft Repairs JET Database Engine Bug, Win32K EoP Zero-Day

This month’s Patch Tuesday fixes a JET Database Engine Vulnerability (CVE-2018-8423) that Trend Micro’s Zero Day Initiative (ZDI) disclosed last September together with a proof of concept code. The vulnerability, which was rated as Important, can allow an attacker to send a specially crafted file containing data in the JET database format. When accessed on a machine, it can allow the JET database engine to execute an out-of-bounds write that would then allow for remote code execution. This month, Microsoft released 49 patches and two advisories, with 12 listed as Critical, 35 as Important, one Moderate, and one Low. Of the 49 CVEs, eight were disclosed through the ZDI program.

REF: https://blog.trendmicro.com/trendlabs-security-intelligence/october-patch-tuesday-microsoft-repairs-jet-database-engine-bug-win32k-eop-zero-day/

[USN-3789-1] ClamAV vulnerability

---------- Forwarded message ---------
From: Marc Deslauriers
Date: 2018年10月12日 週五 上午2:29

It was discovered that ClamAV incorrectly handled unpacking MEW
executables. A remote attacker could possibly use this issue to cause
ClamAV to crash, resulting in a denial of service.

References:
  https://usn.ubuntu.com/usn/usn-3789-1
  CVE-2018-15378

Trello: The Emoji Guide To Team Productivity

Believe it or not, the fastest growing language in the world isn’t Spanish, Mandarin or even internet slang—it’s emoji. These “picture characters,” which originated in Japan, are used and interpreted in a million different ways with one common purpose: to communicate with others.

REF: https://blog.trello.com/emoji-guide-team-productivity-infographic

Monitoring system on OpenBSD

---------- Forwarded message ---------
From: Tom Smyth
Date: Fri, Oct 5, 2018 at 11:13 AM

Librenms would be worth a look i believe it has email alerting
and snmp support needs php and mysql
Zabbix   ...havent used this one but it has monitoring functionality ...
If you are monitoring alot of systems, make sure your storage can
cope with alot of I/O or you will see annoying gaps in your graphs
so use SSDs and make sure that when formatting the system
that you align with 1MB offset ...  2048 sectors  (instead the default
64 bytes)

Peace
Tom Smyth

Google Home Hub: the smart display

REF: https://9to5google.com/2018/09/19/google-home-hub-vs-jbl-link-view-lenovo-smart-display/

[LSN-0044-1] Linux kernel vulnerability

---------- Forwarded message ---------

From: benjamin.romer@canonical.com
Date: 2018年10月9日 週二 上午2:51

It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local
attacker could use this to expose sensitive information (memory from the
kernel or other processes). (CVE-2018-3620)

It was discovered that the paravirtualization implementation in the Linux
kernel did not properly handle some indirect calls, reducing the
effectiveness of Spectre v2 mitigations for paravirtual guests. A local
attacker could use this to expose sensitive information. (CVE-2018-15594)

It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local
attacker in a guest virtual machine could use this to expose sensitive
information (memory from other guests or the host OS). (CVE-2018-3646)

It was discovered that a use-after-free vulnerability existed in the IRDA
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-6555)

It was discovered that a stack-based buffer overflow existed in the iSCSI
target implementation of the Linux kernel. A remote attacker could use this
to cause a denial of service (system crash). (CVE-2018-14633)

It was discovered that microprocessors utilizing speculative execution and
prediction of return addresses via Return Stack Buffer (RSB) may allow
unauthorized memory reads via sidechannel attacks. An attacker could use
this to expose sensitive information. (CVE-2018-15572)

Jann Horn discovered that the vmacache subsystem did not properly handle
sequence number overflows, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code. (CVE-2018-17182)

References:
  CVE-2018-3620, CVE-2018-15594, CVE-2018-3646, CVE-2018-6555,
  CVE-2018-14633, CVE-2018-15572, CVE-2018-17182

Proxmox Mail Gateway 5.1 We are pleased to announce the availability of Proxmox Mail Gateway 5.1. The Mail Gateway is based on Debian Stretch 9.5 with a 4.15 kernel, and the new version 5.1 comes with Debian security updates, bug fixes, and GUI improvements. The new Transport Layer Security (TLS) policy provides certificate-based authentication and encrypted sessions; the user management now allows a  help desk role; editing and showing smarthost port is possible; and we included support for SMTPUTF8

REF: https://forum.proxmox.com/threads/proxmox-mail-gateway-5-1-available.47798/

Dual boot OpenBSD with DragonFly BSD

---------- Forwarded message ---------
From: Heppler, J. Scott
Date: Tue, Oct 9, 2018 at 12:05 AM

This theoretically is doable but will be a challenge.  Your options will
also swing on whether the laptop you purchase will boot an old MBR
scheme or is restricted to GPT/UEFI.  DragonflyBSD has instructions on
multibooting an older MBR.

https://www.dragonflybsd.org/docs/handbook/Booting/

If you need GPT/UEFI, then you choosing a bootloader that is capable of
GPT/UEFI dual booting.  According to OpenBSD FAQ,  Grub2 or reFIND
will work. 

https://www.openbsd.org/faq/faq4.html#Multibooting
--
J. Scott Heppler

Trello for Teachers: A Roundup Of Trello Boards For The Classroom

Classrooms are more than just desks and chalkboards. They are collaborative learning environments that need many different materials and logistics to come together in the name of educating young people to adopt real-world skills. Many teachers of different age-levels and classroom styles are finding creative ways to leverage Trello for their collaborative classrooms and lesson plans.

REF: https://blog.trello.com/trello-for-teachers-boards-for-classroom

grepcidr by Charly's Column

Although Linux has many grep variants, you can always find a new one. I only discovered grepcidr [1] a few months ago. As the name suggests, the tool filters input by IP addresses and networks. It works equally well with IPv4 and IPv6. To show grepcidr's capabilities, I will use it to compile a list of all IPv4 addresses on my home network. I got this from the Syslog on the firewall, which is also the DHCP server:

cd /var/log
grepcidr 10.0.0.0/24 syslog|grep DHCPACK|tail -n 1500|cut -f9 -d" "|sort|uniq > 1stlist

REF: http://www.linux-magazine.com/Issues/2018/216/The-sys-admin-s-daily-grind-grepcidr

Trello: Investigating Indecision: Why We Can't Seem to Make Up Our Minds

Should you take the job with the higher pay, but longer commute? What’s the best way to prioritize your too-long list of tasks? How much time should you give a struggling relationship before calling it quits?

REF: https://blog.trello.com/indecision-why-we-cant-make-up-our-minds

Plex Web Shows are here!

Plex Web Shows are available today in Beta. Now you can enjoy free, high-quality, episodic shows from amazing publishers like Condé Nast, Bonnier Corp., Fandor, Future, TWiT, Jukin, Studio 71,  in a unified experience across ALL your devices.

REF:  https://www.plex.tv/

[USN-3779-1] Linux kernel vulnerabilities

---------- Forwarded message ---------
From: Steve Beattie
Date: 2018年10月3日 週三 上午3:32

It was discovered that an integer overflow vulnerability existed in the
Linux kernel when loading an executable to run. A local attacker could use
this to gain administrative privileges. (CVE-2018-14634)

It was discovered that a stack-based buffer overflow existed in the iSCSI
target implementation of the Linux kernel. A remote attacker could use this
to cause a denial of service (system crash). (CVE-2018-14633)

References:
  https://usn.ubuntu.com/usn/usn-3779-1
  CVE-2018-14633, CVE-2018-14634

Trello: The Remote Communication Cheat Sheet For Respecting @All Team Members

When done well, remote communication over chat can be at least as good as sharing an office. There are some cons that can't be overcome, but they're paired with benefits of things like better focus, easier access to conversations and topics, and asynchronicity.

REF: https://blog.trello.com/remote-team-communication-cheat-sheet

The Zero Day Initiative (ZDI)

The Zero Day Initiative (ZDI) was created to encourage the reporting of 0-day vulnerabilities privately to the affected vendors by financially rewarding researchers. At the time, there was a perception by some in the information security industry that those who find vulnerabilities are malicious hackers looking to do harm. Some still feel that way. While skilled, malicious attackers do exist, they remain a small minority of the total number of people who actually discover new flaws in software.

REF: https://www.zerodayinitiative.com/about/