Difference between revisions of "Sysadm:Vulnerability Patches"
(Created page to track patches of vulnerabilities.) |
m |
||
Line 16: | Line 16: | ||
this is a test | this is a test | ||
− | All Windows PCs using Cygwin were vulnerable. Updated individually by installing newest version of bash. The folks at ERI took care of updating our unix servers and Mac users received an update from OSX ([http://support.apple.com/kb/DL1769 Mavericks], [http://support.apple.com/kb/DL1768 Mountain Lion], [http://support.apple.com/kb/DL1767 Lion]). | + | All Windows PCs using Cygwin were vulnerable. Updated individually by installing newest version of bash. The folks at ERI took care of updating our unix servers (yum -y update bash) and Mac users received an update from OSX ([http://support.apple.com/kb/DL1769 Mavericks], [http://support.apple.com/kb/DL1768 Mountain Lion], [http://support.apple.com/kb/DL1767 Lion]). |
==Heartbleed (04/2014)== | ==Heartbleed (04/2014)== | ||
Line 30: | Line 30: | ||
==HP Printer Public String Vulnerability (09/2013)== | ==HP Printer Public String Vulnerability (09/2013)== | ||
OIT/NOC brought to our attention the fact that RSRU (the CHG Laserjet 4100dtn print) was using the manufacturer-default “public” community string, which is a potential DoS attack mechanism. Performed cold reset to resolve issue and reset admin password. | OIT/NOC brought to our attention the fact that RSRU (the CHG Laserjet 4100dtn print) was using the manufacturer-default “public” community string, which is a potential DoS attack mechanism. Performed cold reset to resolve issue and reset admin password. | ||
+ | |||
+ | ==Windows Bad BSOD Update (04/2013)== | ||
+ | A Microsoft update from April 8th, 2013 (KB2823324) had the potential to cause blue screens of death upon reboot. Microsoft recommends uninstalling the update immediately. An email was sent out to this effect - no users reported being effected. | ||
+ | |||
+ | An article on the issue: | ||
+ | https://threatpost.com/en_us/blogs/microsoft-uninstall-faulty-patch-tuesday-security-update-041213 | ||
+ | |||
+ | Microsoft official notices: | ||
+ | http://support.microsoft.com/kb/2823324 | ||
+ | http://support.microsoft.com/kb/2839011 |
Latest revision as of 14:46, 2 February 2015
The purpose of this page is to record vulnerabilities that were patched in CHG systems, including when the vulnerability was found, the date it was patched, and what systems were patched. Please list the most recently patched vulnerabilities on top.
Contents
GHOST Vulnerability (01/2015)
The GHOST vulnerability was patched on all CHG servers and VMs that needed it by Aaron. chg-git was already up to date. .
Jenkins Default Tomcat Vulnerability (12/2014)
OIT brought to our attention that example Apache Tomcat JSPs and Servlets were installed on chg-ewx. These were subsequently removed.
ShellShock Bash Bug (09/2014)
To test for vulnerability:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If you're vulnerable it'll print:
vulnerable this is a test
If you've updated Bash you'll only see:
this is a test
All Windows PCs using Cygwin were vulnerable. Updated individually by installing newest version of bash. The folks at ERI took care of updating our unix servers (yum -y update bash) and Mac users received an update from OSX (Mavericks, Mountain Lion, Lion).
Heartbleed (04/2014)
The campus VPN server depends upon OpenSSL and was vulnerable to the Heartbleed bug. It was patched.
Windows Samba Security Policy on Swift (11/2013)
OIT sent us a notice that swift was vulnerable because of a security policy setting where "signing is disabled on the remote SMB server". This can allow man-in-the-middle attacks against the SMB server. Resolved issue by going into Security Policy interface on swift and setting "Microsoft network server: Digitally sign communications (always)".
Solution also applied to chg2.
See: http://technet.microsoft.com/en-us/library/cc731957.aspx
HP Printer Public String Vulnerability (09/2013)
OIT/NOC brought to our attention the fact that RSRU (the CHG Laserjet 4100dtn print) was using the manufacturer-default “public” community string, which is a potential DoS attack mechanism. Performed cold reset to resolve issue and reset admin password.
Windows Bad BSOD Update (04/2013)
A Microsoft update from April 8th, 2013 (KB2823324) had the potential to cause blue screens of death upon reboot. Microsoft recommends uninstalling the update immediately. An email was sent out to this effect - no users reported being effected.
An article on the issue: https://threatpost.com/en_us/blogs/microsoft-uninstall-faulty-patch-tuesday-security-update-041213
Microsoft official notices: http://support.microsoft.com/kb/2823324 http://support.microsoft.com/kb/2839011