Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Oracle patches its software to appease the Venom security vulnerability

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

May 19, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

Oracle said earlier this morning that it has released security patches for its virtualization software to 'appease' the Venom vulnerability that allows attackers to break out of virtual machines in order to attack other hosts on the network.

Oracle follows a whole slew of other companies including KVM and Xen which have patched the buffer overflow bug. For now, VMware, Microsoft and even Bochs are immune to the problem it appears.

Researcher Jason Geffner of internet security firm Crowdstrike quietly tipped off other vendors including Oracle to VENOM (Virtualized Environment Neglected Operations Manipulation) (bulletin CVE-2015-3456) and notified the Oracle, QEMU and Xen mailing lists.

"The vulnerable virtual Floppy Disk Controller (FDC) code is included in various virtualization platforms, and is used in some Oracle products," the company said in a recent security patch advisory.

"The vulnerability may be exploitable by an attacker who has access to an account on the guest operating system with privilege to access the FDC," said the advisory.

"The attacker may be able to send malicious code to the FDC that is executed in the context of the hypervisor process on the host operating system," it added.

The security vulnerability can only be remotely exploited if attackers are logged into a server but Oracle still considers it severe enough to strongly recommend enterprise customers to apply the patches and reboot as soon as possible.

And that limitation prevented mass exploitation, according to various security experts. Affected versions include VirtualBox 3.2, 4.0, 4.1, 4.2, and 4.3 prior to 4.3.28.

It also includes Oracle VM 2.2, 3.2 and 3.3, and Oracle Linux 5, 6 and 7. Further diluting the potency of VENOM is the immunity of AWS Xen instances.

Trustwave threat intelligence manager Karl Sigler says that the bug is similar to a privilege escalation issue in that it requires an existing access to virtual machines.

"Most corporate virtual environments are simply isolated from anonymous or public access and would simply be immune to attacks," Sigler said.

"I would see this attack typically used to target hosting companies that utilize virtual environments like KVM. An attacker would purchase a KVM instance then use VENOM to breach the hosting server," he added.

Source: Oracle.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer