May 24, 2012

Positive Technologies Joins OVAL Community

For quite a long time there wasn’t any unified standard in the world that would allow information security experts to formally describe information systems vulnerabilities, configuration errors and missing security updates. OVAL, an open language for description and assessment of vulnerabilities, has become a very simple and universal method of IS content sharing.

Open Vulnerability and Assessment Language (OVAL) is a specialized language based on XML intended for automated assessment of security systems, which provides means for description of a system under research, for analysis of its state and reporting on the check results.

May 18, 2012

SAP Eliminates Vulnerabilities Detected by Positive Research

At the end of 2011, SAP products proved to contain a whole number of vulnerabilities (one, two, and three - in Russian) that would have allowed conducting a DoS attack. The vulnerabilities were detected by Vladimir Zarichny, a specialist of Positive Research.

The details of the vulnerabilities were provided to the vendor, and in May, 2012, SAP released a patch that fixes these and some other security flaws. The specialist’s work has been acknowledged by the SAP Product Security Response team: Vladimir’s name has been placed on SAP’s wall of fame (Acknowledgements Page).

Writing Linux Security Module

Linux Security Modules (LSM) is a framework allowing Linux to support various security models. LSM has been a part of the kernel starting with Linux v. 2.6. Currently, the official kernel hosts such security modules as SELinux, AppArmor, Tomoyo, and Smack.

The modules run simultaneously with the native Linux security model Discretionary Access Control (DAC). LSM checks are triggered by the actions allowed by DAC.

The LSM mechanism can be implemented in various ways. Generally, it is adding mandatory access control (as, for example, in SELinux case). Besides you can invent your own security model and implement it as a module using the framework. As an example let's consider implementation of a module that will grant privileges on system actions if a specific USB device is connected.

Google Again Pays for a Discovered Vulnerability

Not so long ago a vulnerability was discovered in one of Google’s services, which would have allowed an attacker to perform a remote command execution on the target system; for example, download and run programs, read and modify files, or retrieve data from the DBMS. This vulnerability was discovered by an expert of Positive Research, Dmitry Serebryannikov, and was eliminated by the joint efforts of experts of the research center and the Google Security Team. The work done has been featured by the Google team as part of their Vulnerability Reward Program, and rewarded by a prize due for such significant discoveries.

May 17, 2012

Finish up with SAP. From a user's password to a top manager's salary


Sometimes, obtaining access to SAP, a security analysis specialist has no idea what to do next and how to demonstrate possible consequences of the detected vulnerabilities.

This article covers methods of obtaining access to the production system and data of the SAP HCM module.

May 15, 2012

Online Battling at PHDays 2012

If by any reason you do not get into the participant list of Positive Hack Days 2012 or cannot visit Digital October Center, the forum’s platform, on May 30 and 31, you still have an opportunity to participate in this event. Join the online battle with competitors from all over the world at Positive Hack Days 2012! Description and participation terms are under the cut.