Here’s a collection of recent security vulnerabilities, alerts and news, which covers a 911 hacker being sentenced to three years jail, an RTSP vulnerability that affects current versions of MPlayer and VLC media players, Cisco having its first patch day, and news that Ubuntu Linux remained untouched at the conclusion of the latest PWN TO OWN contest.
- 911 hacker gets three years
In the first such prosecution in Orange Country, a teenager was sentenced to three years imprisonment for "swatting." The objective of this particular prank involves convincing 911 dispatchers to send SWAT teams on wild goose chase. I reported about this case over at IT News Digest late last year.
In this instance, the entire situation could have ended very badly as the husband heard the SWAT team outside and believed that a prowler was outside. Leaving his wife and two toddlers in the house, he took a knife and went into the backyard where he found the SWAT team pointing assault rifles at him.
TechRepublic members had advocated varying punishments then — well the verdict is out now.
Randal T. Ellis, 19, pleaded guilty Wednesday in Orange County Superior Court to five felony counts, including computer access and fraud, false imprisonment by violence and falsely reporting a crime. He was given prison time and ordered to pay $14,765 in restitution, most of which will go to the county Sheriff's Department.
This case is of interest because Randal spoofed the originating number of his 911 call using his computer to lend credence to his social engineering attempt. As the number of convictions for computed-related crimes increases, it is probably worth keeping an eye on the punishments meted out to them.
- RTSP vulnerability hits MPlayer and VLC media players
A recently fixed vulnerability in the xine-lib multimedia library also affects MPlayer and the VLC media player, both of which are still vulnerable. In addition, bugs in the real time data stream processing routines can be used to inject malicious code via crafted RTSP data streams.
Both MPlayer and the VLC media player are available for free and highly popular with the open-source crowd.
heise Security offers a technical explanation of the vulnerability.
sdpplin_parse()function in the
stream/realrtsp/sdpplin.cfile of MPlayer, or
modules/access/rtsp/real_sdpplin.cfile of VLC media player fails to check the length of the
streamidSDP parameter in a real time protocol data stream (RTSP), resulting in a potential buffer overflow. Using this, attackers can overwrite arbitrary memory areas using crafted data streams and execute injected code such as trojans.
If you use MPlayer, you should stay away from untrusted FLAC andn MOV files. VLC users should be wary of untrusted subtitle files. And of course, both MPlayer and VLC users should avoid untrusted RTSP data streams.
And yes, a demo exploit for this exploit is already out on milw0rm.
- Cisco does its first patch day
Following in the footsteps of Microsoft, Cisco had its very first "Patch Wednesday" last week. The idea is that all updates to its IOS router OS can be bundled and delivered to network administrators together. Additional patch days are scheduled every six months.
There are five security advisories issued by Cisco this time round.
According to the advisory, the following issues have been identified:
- Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability
- Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS
- Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers
- Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720
- Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak
If you are a registered customer, you can download the respective patches by following the links in the various advisories above.
The next Cisco patch day will be on the 24th September later this year.
- Windows Vista trips over Flash; Linux remains untouched
This year's "PWN To OWN" challenge has ended, and the only laptop left standing was a Sony Vaio running Ubuntu Linux. A MacBook Air fell on the second day due to a vulnerability in Apple's Safari browser while a laptop running Windows Vista Ultimate was successfully exploited on the third and final day.
The three-day hack challenge was kicked off last Wednesday and ended on Friday. The rules were progressively relaxed over the three days; with the prize money halved on each successive day. The hacked laptop is given to the successful hacker, regardless of the day in which it was broken into.
No one walked away with the first day's $20,000 prize, which required that only remote code-execution exploits be used. The MacBook Air fell on the second day, where the rules were relaxed to allow user-interaction of installed-by-default applications. The third day saw the inclusion of several popular third-party applications such as Skype and Flash — which led to the downfall of Windows Vista.
You can read more at the TippingPoint blog.
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.