- [DSA609] DSA-609-1 atari800 infos SecuObs - L'observatoire de la sécurite internet - Site d'informations professionnelles francophone sur la sécurité informatique

Les derniers commentaires publiés sur SecuObs (1-5):

- WepBuster v1.0 beta0.5 released - 130232 downloads of BackTrack 4 Pre-Final since the release - Latest version virtualbox 3.0.0 released - ESRT @mubix A very effective SSH bruteforcer by @laramies recently updated - ESRT @mubix - Middler gets some more updates today Les derniers commentaires publiés sur SecuObs (6-25) Tous les commentaires publiés sur SecuObs avant les 5 derniers

Détail du test :

ID	15961
Nom	[DSA609] DSA-609-1 atari800
Auteurs	This script is (C) 2009 Tenable Network Security, Inc.
Catégorie	Debian Local Security Checks
Action	infos
Résumé	DSA-609-1 atari800
Description	Synopsis : The remote host is missing the DSA-609 security update Description : Adam Zabrocki discovered multiple buffer overflows in atari800, an Atari emulator. In order to directly access graphics hardware, one of the affected programs is installed setuid root. A local attacker could exploit this vulnerability to gain root privileges. For the stable distribution (woody) these problems have been fixed in version 1.2.2-1woody3. See also : http://www.debian.org/security/2004/dsa-609 Solution : The Debian project recommends that you upgrade your atari800 package immediately. Risk factor : High / CVSS Base Score : 7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Cliquer pour le detail - Liste des tests :

Cliquer pour le detail - liste des categories :

CISCO

Compte utilisateur unix par défaut

Acces root à distance

Acces shell à distance

General

Divers

Netware

Backdoors / chevaux de troie

NIS

Peer to Peer

Scanner de port

Fichiers en acces distant

RPC

Parametrage

Serveur de messagerie SMTP

SNMP

Services de moindre importance

Windows : Général

Windows : gestion des utilisateurs

Windows : Mises a jour

Debian : Mises a jour

Gentoo : Mises a jour

AIX : Mises a jour

Red Hat : Mises a jour

Mac OS X : Mises a jour

Slackware : Mises a jour

SuSE : Mises a jour

Mandrake : Mises a jour

Fedora : Mises a jour

Solaris : Mises a jour

FreeBSD : Mises a jour

HP-UX : Mises a jour

Ubuntu : Mises a jour

Les derniers commentaires publiés sur SecuObs (6-25):

- Vidéo : P. Kleissner Stoned Bootkit preview, full at BH 09 Las Vegas - SSTIC 2009 Challenge vs Metasm - Vidéo : Password cracking with L0phtcrack 6 - DLL injection by modifying an executable file - reverse shell from SQLi with 1 HTTP request, no extra channel to upload initial - Hackers crack ColdFusion - Vidéo : Hiding Files with NTFS Alternative Data Streams - Whitepaper Understanding and using RFID - phpMyAdmin exploited in masses - Update: PyLoris 1.8 - ESRT @dougburks - Richard Bejtlich's Wireshark 12 Tutorial - ESRT @Carlos_Perez @joswr1ght WPA2-PSK cracker Cowpatty 46 with less teh suck - ESRT @dougburks Synjunkie on DNS BackTrack 4 tools Fierce and DNSRecon - Draft 2 of OVAL Version 5.6 Now Available - Microsoft Gazelle browser : A layperson explanation - ESRT @bytz @developerworks Analysis Tool for Java data race and deadlock connect - ESRT @bytz @unixmen New Kernel Vulnerabilities Affect Ubuntu 6.06, 8.04 and 8.10 - ModSecurity Denial of Service - OpenFlow 0.9.0 RC1 has been released - ESRT @davegball Tool to detect Metasploit Meterpreter anti-forensics tactics Les cinq derniers commentaires publiés sur SecuObs Tous les commentaires publiés sur SecuObs avant les 25 derniers

SecuToolBox :

Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP aircrack + Ubiquiti (MadWifi) 300 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner + d'outils / + de tutoriels

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, windows, exploit, microsoft, réseau, attaque, vulnérabilité, système, audit, outil, virus, internet, données, linux, présentation, bluetooth, vista, metasploit, protocol, shell, scanner, réseaux, trames, téléphone, paquet, wishmaster, rootkit, engineering, sysun, https, black, mobile, noyau, téléphones, conférence, mémoire, source, scapy, google, reverse, détection, malveillant, snort, sécurise, patch + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA35687 Gentoo update for mod_security - SA35686 Gentoo update for libwmf - SA35699 Red Hat update for ruby - SA35697 Red Hat update for pidgin - SA35688 Ubuntu update for nagios2 and nagios3 + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Full-disclosure Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products - Full-disclosure Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability - Full-disclosure Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability - Full-disclosure Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability - Full-disclosure SSANZ - Server Systems Administration NZ. + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products - Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability - Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability - Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability - Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome - SECURITY DSA 1825-1 New nagios2/nagios3 packages fix arbitrary code execution + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

virus, spyware, vmware, firmware, security, malware, lockpicking, biometric, kernel, iphone, windows, adware, password, wimax, botnet, tutorial, phish, linux, symantec, rootkit, knoppix, metasploit, network, attack, server, virtual, internet, jailbreak, notacon, conference, exploit, google, wireshark, defcon, hacker, backtrack, openbsd, intel, ettercap, firewall, source, samsung, reprap, wireless, norton + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, vulnérabilité, windows, vulnerability, network, attack, google, hacker, exploit, inject, internet, remote, server, mobile, malware, apple, iphone, black, patch, sécurité, virus, linux, ebook, conficker, crypt, source, intel, virtual, facebook, access, trojan, twitter, research, firefox, overflow, pirate, phish, vista, cisco, obama, office, local, opera, adobe + de mots clés avec l'annuaire de la revue de presse

Mini-Tagwall des Tweets de la revue Twitter :

security, cisco, linux, defcon, firewall, vmware, metasploit, attack, server, phish, network, twitter, windows, exploit, nessus, botnet, backtrack, inject, crypt, wireshark, vulnerabi, python, acking, iphone, black, source, engineering, google, conficker, social, clouds, podcast, patch, vulnerability, virus, pentest, juniper, hacker, apple, client, proxy, virtual, complianc, apache, compliance + de mots clés avec l'annuaire de la revue Twitter