6 C
Wednesday, November 22, 2017
Home Tags IPV6

Tag: IPV6

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort proc...
A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial...
The Simple Network Management Protocolnbsp;(SNMP) subsystem of Cisconbsp;IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system ...
A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting i...
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficie...
Study of nearly 300 apps finds shocking omissions, including a failure to encrypt.
It uses antiquated code, possibly to decrease chances of detection. A rare strain of malware known as "Fruitfly" appears to have been lurking in the dusty corners of macOS for years, taking advantage of vulnerabilities in code that hasn't been update...
A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a ...
A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Uni...
D1000 can be directed to drop its firewall, allowing access to panel over the internet Eir, Ireland's largest ISP, has tens of thousands of customers with insecure ADSL2+ modems that appear to be vulnerable to remote takeover. Earlier this month, a security researcher writing under the name "kenzo" has posted a proof-of-concept exploit that demonstrates how an attacker might take control of an Eir D1000 modem. The ZyXEL-built Eir D1000 [PDF] comes with an open TCP port, 7547, which is used by the CPE WAN Management Protocol to manage the modems on Eir's network.

According to kenzo, the modem includes a TR-064 server for LAN-based configuration, to allow ISPs to set up software on the device.
It's not supposed to be accessible from the internet, but apparently it is. TR-064 commands can be used, among other things, to fetch Wi-Fi security keys and to set up an NTP server that disables the modem firewall, thereby opening the administration interface on port 80. "By sending certain TR-064 commands, we can instruct the modem to open port 80 on the firewall," kenzo's post says. "This allows access to the web administration interface from the Internet-facing side of the modem.

The default login password for the D1000 is the Wi-Fi password.

This is easily obtained with another TR-064 command." A compromised modem could be used to attack other devices on the network or as part of a botnet. Last week, posting under the Twitter handle "Bobby 'Tables", Darren Martyn, a security researcher with Insecurity.net and former LulzSec hacker, appeared to confirm the vulnerability. A search [login required] using the Shodan vulnerability search engine suggests there are presently 63,828 vulnerable devices in Ireland, 62,251 of which are associated with Eir.

This is down from about 100,000 previously, according to kenzo. The Register sent inquiries to Eir but has not heard back. According to kenzo, two other Eir modems are vulnerable to the "Misfortune Cookie" vulnerability (CVE-2014-9222), ZyXEL models P-660HN-T1A_IPv6 and P-660HW-T1. kenzo observes that back when Eir went by Eircom, the company used Netopia modems that blocked port 7547 except for IP addresses assigned to its own management servers. Had the company done so for its D1000, the vulnerabilities would not have been exploitable. ® Sponsored: Customer Identity and Access Management

The number of enterprises with at least one security vulnerability is the highest in five years

London, UK - 9 November 2016 - Enterprises across the globe are refreshing their network equipment earlier in its lifecycle in a move to embrace workplace mobility, Internet of Things, and software-defined networking strategies.
In addition, their equipment refresh is more strategic, with architectural vision in mind.

But despite the higher refresh rate, networks are getting less secure, largely due to neglected patching.

These are some of the highlights in the annual Network Barometer Report today by Dimension Data.

First published in 2009, the 2016 Network Barometer Report was compiled from data gathered from 300,000 service incidents logged for client networks that Dimension Data supports.

Dimension Data also carried out 320 technology lifecycle management assessments covering 97,000 network devices in organisations of all sizes and all industry sectors across 28 countries.

Andre van Schalkwyk, Senior Practice Manager Network Consulting, Dimension Data said, “Since 2010, networks had been ageing.

This year’s Report reverses that trend, and for the first time in five years, we’re seeing networks age more slowly.

“Ageing networks are not necessarily a bad thing: companies just need to understand the implications.

They require a different support construct, with gradually increasing support costs. On the other hand, this also means that organisations can delay refresh costs,” says van Schalkwyk, and points out that ageing networks are unlikely to support initiatives such as software-defined networking and automation, or handle traffic volumes necessary for collaboration or cloud.

According to the Report, in Europe, Asia-Pacific, and Australia enterprises’ network age reduced in line with the global average, while in the Americas, the number of ageing and obsolete devices decreased much faster, from 60% in the 2015 Report to 29% in the 2016 Report.

This can be attributed to the release of pent-up spend following four years of financial constraint.
Van Schalkwyk said clients in the Americas appear to be refreshing networks with the new generation of programmable infrastructure.
In Asia-Pacific and Australia, equipment refresh occurred as part of data centre network redesigns.

In contrast to the global trend, in Middle East and Africa, the network age increased, possibly the result of economic uncertainty, particularly in South Africa.

Meanwhile, of the 97,000 network devices that Dimension Data discovered, the number of devices that have at least one known [1]security vulnerability increased from 60% in the 2015 Report to 76% in the 2016 Report – the highest figure in five years.

In Europe the rise in network vulnerabilities has been very steep over the last three years, hiking from 26% in 2014 to 51% in 2015 and to 82% in the 2016 Report. Network vulnerability has also risen in organisations in the Middle East and Africa over the last three years.
In Australia, 87% of network devices have at least one known vulnerability.
In Asia-Pacific and the Americas, networks are slightly less vulnerable - respectively 49% and 66%, compared to 61% and 73% in the previous edition.

Other highlights in the 2016 Network Barometer Report include:

  • The percentage of devices supporting IPv6 rose steeply from 21% last year to 41% this year, due to the increase in current devices in networks.

    This allows organisations with newer networks to support their digitisation strategies by enabling connectivity for the Internet of Things, big data, analytics, and containerisation.
  • Software-defined networking is coming soon, but not just yet. While there is market interest in software-defined networks, it’s early in the adoption cycle and today, few organisational networks are capable of supporting a software-defined approach.
    In 2015 less than 0.4% of devices could support software-defined WAN and only 1.3% of data centre switches were SDN-ready.
  • Incident response is 69% faster, and repair time 32% faster networks monitored by Dimension Data.
    These numbers reduce by a further 55% and 36% respectively, when combined with Dimension Data’s service desk integration.
  • 37% of incidents are caused by configuration or human error, which can be avoided with proper monitoring, configuration management, and automation.

[1] A security advisory is a notice issued by a manufacturer that they are aware of a security vulnerability on one of their products.

Follow us on

About Dimension Data
Dimension Data uses the power of technology to help organisations achieve great things in the digital era.

As a member of the NTT Group, we accelerate our clients’ ambitions through digital infrastructure, hybrid cloud, workspaces for tomorrow, and cybersecurity. With a turnover of USD 7.5 billion, offices in 58 countries, and 31,000 employees, we deliver wherever our clients are, at every stage of their technology journey. We’re proud to be the Official Technology Partner of Amaury Sport Organisation, which owns the Tour de France, and the title partner of the cycling team, Team Dimension Data for Qhubeka.
Visit us at http://www.dimensiondata.com

For more information
Charlotte Martin / Jonathan Mathias
Finn Partners
020 3217 7060

Updated qemu-kvm-rhev packages that fix several bugs and add variousenhancements are now available for Red Hat Virtualization Hypervisor 7. Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems.