□ 개요
o Intel社는 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트를 발표 [1]
o 영향 받는 버전 사용자는 해결방안에 따라 최신버전으로 업데이트 권고

□ 내용
o 인텔® 관리 엔진(Intel® ME)
- 커널에서 버퍼오버플로우로 인한 임의 코드 실행 취약점(CVE-2017-5705)
- 커널에서 발생하는 권한 상승 취약점(CVE-2017-5708)
- AMT에서 버퍼오버플로우로 인한 임의 코드 실행 취약점(CVE-2017-5711, CVE-2017-5712)
※ AMT (Active Management Technology) : 원격 유지보수 및 무선 관리 등을 수행하는 기술
o 인텔® 서버 플랫폼 서비스(Intel® SPS)
- 커널에서 버퍼오버플로우로 인한 임의 코드 실행 취약점(CVE-2017-5706)
- 커널에서 발생하는 권한 상승 취약점(CVE-2017-5709)
o 인텔® 신뢰 실행 엔진(Intel® TXE)
- 커널에서 버퍼오버플로우로 인한 임의 코드 실행 취약점(CVE-2017-5707)
- 커널에서 발생하는 권한 상승 취약점 (CVE-2017-5710)

□ 영향을 받는 제품 및 버전
o 참고사이트[1] 에 명시되어 있는 ‘Affected Products’을 통해 취약한 제품 확인

□ 해결 방안
o Intel ME, TXE, SPS 사용자는 인텔 검색 도구( 참고사이트 [2])를 사용하여 해당 취약점에 취약한지 확인 후 업데이트 수행
o 보안 업데이트가 공개된 운영체제를 운영하고 있을 경우, 참고 사이트[]의 내용을 참조하여 보안 업데이트 확인 및 설치
- Acer[3]
- Dell Client[4]
- Dell Server[5]
- Fujitsu[6]
- HPE Servers[7]
- Lenovo[8]
- Panasonic[9]

□ 기타 문의사항
o 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118

[참고사이트]
[1] https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr&_ga=2.147127473.74753197.1511420584-1413380157.1511420584
[2] https://downloadcenter.intel.com/download/27150
[3] https://us.answers.acer.com/app/answers/detail/a_id/51890
[4] http://www.dell.com/support/article/kr/ko/krdhs1/sln308237/dell-client-statement-on-intel-me-txe-advisory--intel-sa-00086-?lang=en
[5] http://www.dell.com/support/article/kr/ko/krdhs1/qna44242/dell-server-statement-on-intel-me-txe-advisory--intel-sa-00086-?lang=en
[6] http://www.fujitsu.com/global/support/products/software/security/products-f/itsa-00086e.html
[7] https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00036596en_us
[8] https://support.lenovo.com/kr/ko/product_security/len-17297
[9] http://pc-dl.panasonic.co.jp/itn/info/osinfo20171121.html

저작자 표시 비영리 변경 금지
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

Tag intel

ASUS RT-AC68U Firmware version 3.0.0.4.382.18547

ASUS RT-AC58U Firmware version 3.0.0.4.380.8119

ASUS RT-AC86U Firmware version 3.0.0.4.382.18219

Security fixed

- Fixed KRACK vulnerability

- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow

- Fixed CVE-2017-14492: DHCP - heap based overflow

- Fixed CVE-2017-14493: DHCP - stack based overflow

- Fixed CVE-2017-14494: DHCP - info leak

- Fixed CVE-2017-14495: DNS - OOM DoS

- Fixed CVE-2017-14496: DNS - DoS Integer underflow

- Fixed CVE-2017-13704 : Bug collision

- Fixed predictable session tokens, logged user IP validation, Logged-in information disclosure (special thanks for Blazej Adamczyk contribution)

- Fixed web GUI authorization vulnerabilities.

- Fixed AiCloud XSS vulnerabilities




저작자 표시 비영리
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)

======================================================


Severity: Moderate


There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No

EC algorithms are affected. Analysis suggests that attacks against RSA and DSA

as a result of this defect would be very difficult to perform and are not

believed likely. Attacks against DH are considered just feasible (although very

difficult) because most of the work necessary to deduce information

about a private key may be performed offline. The amount of resources

required for such an attack would be very significant and likely only

accessible to a limited number of attackers. An attacker would

additionally need online access to an unpatched system using the target

private key in a scenario with persistent DH parameters and a private

key that is shared between multiple clients.


This only affects processors that support the BMI1, BMI2 and ADX extensions like

Intel Broadwell (5th generation) and later or AMD Ryzen.


Note: This issue is very similar to CVE-2017-3732 and CVE-2015-3193 but must be

treated as a separate problem.


OpenSSL 1.1.0 users should upgrade to 1.1.0g

OpenSSL 1.0.2 users should upgrade to 1.0.2m


This issue was reported to OpenSSL on 10th August 2017 by the OSS-Fuzz project.

The fix was developed by Andy Polyakov of the OpenSSL development team.


Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

====================================================================


Severity: Low


This issue was previously announced in security advisory

https://www.openssl.org/news/secadv/20170828.txt, but the fix has not previously

been included in a release due to its low severity.


OpenSSL 1.1.0 users should upgrade to 1.1.0g

OpenSSL 1.0.2 users should upgrade to 1.0.2m



Note

====


Support for version 1.0.1 ended on 31st December 2016. Support for versions

0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer

receiving security updates.


References

==========


URL for this Security Advisory:

https://www.openssl.org/news/secadv/20171102.txt


Note: the online version of the advisory may be updated with additional details

over time.


For details of OpenSSL severity classifications please see:

https://www.openssl.org/policies/secpolicy.html

저작자 표시 비영리
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

o Cisco社는 자사 제품에 대해 다수의 취약점을 해결한 보안 업데이트를 공지
o 공격자는 해당 취약점을 이용하여 피해를 발생시킬 수 있어 해당 Cisco 제품을 사용하는 이용자들은 최신 버전으로 업데이트 권고

□ 설명
o Cisco Wireless LAN Controllor의 802.11v BSS(Basic Service Set) 전환 관리 패킷에서 입력 유효성 검증 미흡으로 발생하는
서비스 거부 취약점(CVE-2017-12275) [1]
o Cisco Wireless LAN Controllor의 SNMP(Simple Network Management Protocol)에서 발생하는 서비스 거부 취약점
(CVE-2017-12278) [2]
o Cisco ISE(Identity Services Engine)에서 발생하는 권한 상승 취약점(CVE-2017-12261) [3]
o Cisco Firepower 4100 Series NGFW 및 Firepower 9300 Security Appliance Smart Licensing에서 발생하는
원격 코드 실행 취약점(CVE-2017-12277) [4]
o Cisco Prime Collaboration Provisioning 어플리케이션에서 입력 값 검증 미흡으로 발생하는 SQL 인젝션 취약점(CVE-2017-12276) [5]
o Cisco APIC-EM(Application Policy Infrastructure Controller Enterprise Module)의 방화벽에서 발생하는
권한 우회 취약점(CVE-2017-12262) [6]
o Cisco Aironet 1560, 2800 및 3800 Series 액세스 포인트에 대한 EAP(Extensible Authentication Protocol) 수신 프레임
처리 미흡으로 발생하는 서비스 거부 취약점(CVE-2017-12274) [7]
o Cisco Aironet 1560, 2800 및 3800 Series 액세스 포인트에 대한 802.11 연결 요청 프레임 처리 미흡으로 발생하는 서비스 거부
취약점(CVE-2017-12273) [8]

□ 영향을 받는 제품 및 버전
o 참고사이트에 명시되어 있는 ‘Affected Products’을 통해 취약한 제품 확인

□ 해결 방안
o 취약점이 발생한 Cisco 소프트웨어가 설치된 Cisco장비의 운영자는 해당사이트에 명시되어 있는 ‘Affected Products’ 내용을
확인하여 패치 적용



[참고사이트]
[1] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc2
[2] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-wlc1
[3] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-ise
[4] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-fpwr
[5] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-cpcp
[6] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-apicem
[7] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet2
[8] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet1

저작자 표시 비영리 변경 금지
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

Tag Cisco

On September 8th, 2017, a news article reported zero-day flaws with D-Link DIR-850L routers.

 

D-Link immediately took actions to investigate the issues and endeavors to find the solutions to resolve the issues.

 

A firmware update is now available. 

 

This update requires a two-step process to upgrade the latest firmware and apply the security patches. 


 

Check the bottom label of your DIR-850L for the H/W Revision and please follow one of the following.

 

You will require a PC/Mac with a browser connected to internet through DIR-850L to perform the update successfully. 

 

For HW Rev. Ax (x is a number) please download the following files:


 


 DIR-850L_REVA_FIRMWARE_PATCH_v1.20B03.zip



       - Please unzip the downloaded file,

       - Open unzipped file folder

       - Open the DIR-850L_REVA_INSTRUCTIONS_v1.20B03.pdf and follow the instructions


For HW Rev. Bx (x is a number) please download the following files:

 

 DIR-850L_REVB_FIRMWARE_PATCH_v2.20B03.zip 



       - Please unzip the downloaded file,

       - Open unzipped file folder

       - Open the DIR-850L_REVB_INSTRUCTIONS_v2.20B03.pdf and follow the instructions 

 

Problems Resolved:

       - Firmware Protection

       - WAN && LAN - XSS exploit (CVE-2017-14413, CVE-2017-14414, CVE-2017-14415, CVE-2017-14416)

       - WAN - Weak Cloud protocol (CVE-2017-14419, CVE-2017-14420)

       - WAN && LAN - Stunnel private keys (CVE-2017-14422)

       - WAN && LAN - Nonce brute forcing for DNS configuration (CVE-2017-14423)

       - Local - Weak files permission and credentials stored in clear text

       (CVE-2017-14424, CVE-2017-14425, CVE-2017-14426, CVE-2017-14427, CVE-2017-14428)

       - LAN – DoS attack against some daemons (CVE-2017-14430)

저작자 표시 비영리
신고
블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

티스토리 툴바