Hi friends, *The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).*
*The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.* *So, update the openssl library as soon as possible because this is the library responsible for secure connection on the internet compromising with this means you are compromising with your internet security as these most of the transaction we are doing online.. Please refer in the attached mail for checking version and make sure built date is on or after 7th April 2014.* *For upgrading please refer :* https://www.digitalocean.com/community/articles/how-to-protect-your-server-against-the-heartbleed-openssl-vulnerability *For more info please refer http://heartbleed.com/ <http://heartbleed.com/>.* ---------- Forwarded message ---------- From: V.VenkataSubramani <v...@ncra.tifr.res.in> Date: Sat, Apr 19, 2014 at 12:07 PM Subject: [Fwd: openssl vulnerability - heartbleed] To: akshat singh <akshat.sp...@gmail.com> Dear Akshat This is the notice sent to st...@ncra...see if this info will be useful to our friends as well...may be you all know this by now. -- With Best Regards V.V.Subramani 020 2571 9202 -------- Forwarded Message -------- From: Vvs <v...@ncra.tifr.res.in> To: st...@ncra.tifr.res.in Cc: mang...@gmrt.ncra.tifr.res.in, r...@tifr.res.in Subject: openssl vulnerability - heartbleed Date: Fri, 18 Apr 2014 12:16:05 +0530 (IST) Mailer: Alpine 2.03 (LRH 1266 2009-07-14) Dear All If you are using MS-Windows OS, kindly make sure the updates are enabled and OS and anti-virus is upto date. If OS is Linux / MAC, pls run update, specially for openssl. The recent detection of heartbleed vulnerability in openssl is dangerous as most of us are making use of online transaction. The openssl 1.0.1(a-f) has this vulnerability, openssl 1.0.1g does not have this bug. Many old OS (Cent OS 5, RHEL 5) has older version of openssl which does not have this vulnerability. But, better to run update for all OS. Following command will help; openssl version -a -- look for built date If it is built on or after 7 April 2014, then this bug is fixed. In Redhat / CentOS / Fedora, this bug is fixed using back porting. The version may not be openssl 1.0.1g through normal update procedure. It is advised not to update using tar ball as future updates will be affected. If you need any help in update process, pls let us know. With Best Regards _____________________________________________________________ V.Venkatasubramani NCRA TIFR PUNE - 411007 ---------- Forwarded message ---------- Date: Thu, 17 Apr 2014 14:52:27 +0530 From: H.Raghavan <hrag...@tifr.res.in> Reply-To: "Computer Emergency Response Team [CERT] Advisory" <c...@www.tifr.res.in> To: c...@www.tifr.res.in Subject: [CERT] Fwd: [CIVN-2014-0067]Remote Code Execution Vulnerability in Microsoft Windows File Handling Component Dear All, Windows machines are vulnerable to attacks, pl configure your machines for auto update. Vulnerabilities found in windows machines are in the trail mail. A major vulnerability was found in openssl package used in MAC and Linux. If your system is running OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable. Pl upgrade your system immediately. If any assistance is required, pl call 2121 or send mail to c...@tifr.res.in. Regards, Raghavan. -------- Original Message -------- Subject: [CIVN-2014-0067]Remote Code Execution Vulnerability in Microsoft Windows File Handling Component Date: Thu, 17 Apr 2014 14:11:29 +0530 From: advisory <advis...@cert-in.org.in> To: advis...@cert-in.org.in Error verifying signature: Hash: SHA512 gpg: armor header: Version: PGP Desktop 10.2.0 (Build 2599) - not licensed for commercial use: gpg: armor header: www.pgp.com\r\n gpg: invalid armor header: Content-Type: application/x-inlinepgp-signed; format="flowed"; charset="US-ASCII" Content-Transfer-Encoding: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Original Issue Date:April 09, 2014 Severity Rating: HIGH Systems Affected Windows XP SP3 and Professional x64 Edition SP2 Windows Vista SP2 and x64 Edition SP2 Windows Server 2003 SP2 ,x64 Edition SP2 and SP2 for Itanium-based Systems Windows Server 2008 SP2 ,x64 Edition SP2 and SP2 for Itanium-based Systems Windows Server 2008 R2 x64-based SystemsSP1 and for Itanium-Based Systems Windows 7 SP1 for 32-bit and x64-based Systems Windows 8 for 32-bit and x64 based Systems Windows 8.1 for 32-bit and x64 based Systems Windows Server 2012 Windows Server 2012 R2 Windows RT Windows RT 8.1 Overview A vulnerability has been reported in Microsoft Windows File Handling Component which could be exploited by a remote attacker to take complete control of the affected system. Description This vulnerability exists in Microsoft Windows file handling component due to improper path restriction while processing specially crafted .bat and .cmd files that are run from an external network. A remote attacker could exploit this vulnerability by convincing the user to visit a link that contains a malicious file. Successful exploitation of this vulnerability could result in execution of arbitrary code on the targeted system in context of the logged-on user. Workaround Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone Solution Apply appropriate patches as mentioned in Microsoft Security Bulletin MS14-019 Vendor Information Microsoft http://technet.microsoft.com/en-us/security/bulletin/ms14-019 References Microsoft http://technet.microsoft.com/en-us/security/bulletin/ms14-019 Cisco http://tools.cisco.com/security/center/viewAlert.x?alertId=33581 Secunia http://secunia.com/advisories/57642/ Symantec http://www.symantec.com/security_response/vulnerability.jsp?bid=66619 CVE Name CVE-2014-0315 - -- Note: Please do not reply to this e-mail. For further queries contact CERT-In Information Desk. Email: i...@cert-in.org.in -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 2599) - not licensed for commercial use: www.pgp.com Charset: utf-8 wsBVAwUBU0+SmgeYBMMthaeHAQq8MggAhHUy3s/Me4jOHlQXwoyzdwUKWSfpLgSZ Epn21HidTF+HctGyO11o4khvsG9X99EWtrmgn+h2wjNAoYqBtNVdWlpbzTdWHDSO D3eEXqlV1NMeWEzRVofOQkNVUo2qq7TT7fdm+WwFV9uNARllOiGQ8RQ0NE/UZ06t BgWi8AnsozItL9IFqE6raf9OjtHEW9q6Wbu7AXKy2Sq8DsJfhY715+1OVpB21s1X cg53hS2TFpm96bjljebHJUlXEMv6Szvf0TTS9MSgHYb3kQJPWIjvIpA6FphDeEWp eyrgsfH7xQ2xe3n4FG7K274whTyDRpBw30L2Pil456hGWaQZgTm6zA== =inUH -----END PGP SIGNATURE----- -------------- next part -------------- An HTML attachment was scrubbed... URL: < http://www.tifr.res.in/mailman/private/cert/attachments/20140417/83cbfbad/attachment.html > _______________________________________________ CERT mailing list c...@www.tifr.res.in http://www.tifr.res.in/mailman/listinfo/cert -- Akshat Singh [PG-8 IIITM-Kerala] Pune Mob.: +91-8806963718 http://a4akshat.weebly.com/ _______________________________________ Pune GNU/Linux Users Group Mailing List
