VMware ESXi 4.1 Patch 04

John Willemse  March 29 2012 12:33:33 AM

VMware ESXi 4.1 Patch 04 and VMSA-2011-0007. Release date: April 28, 2011

Badkey now on VMware ESXi 4 Build 582267 of VMSA-2011-0007 (28 Apr 2011). VMware ESXi 4.1 Patch 04.
VMware ESXi 4.1 Patch ESXi410-201201401-SG: Updates firmware for build information, see KB 2009137
The Badkey Team.  LinkedIn: http://nl.linkedin.com/in/willemsej

@kb.vmware.com/selfservice
VMware ESXi 4.1 Patch ESXi410-201104401-SG: Updates Firmware. Release date: April 28, 2011

On Securityfocus.com VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console Apr 28 2011 04:54PM

@cvedetails.com
Vulnerability Details : CVE-2011-1785
VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic. Publish Date : 2011-05-03 Last Update Date : 2012-01-26

@nvd.nist.gov
Vulnerability Summary for CVE-2011-1785
Original release date:05/03/2011. Last revised:01/27/2012. Source: US-CERT/NIST

@xforce.iss.net
VMware ESX Server and ESXi socket denial of service
vmware-esxserver-socket-dos (67195) The risk level is classified as MediumMedium Risk
Description: VMware ESX Server and ESXi are vulnerable to a denial of service, cause by an error when handling sockets. An attacker could exploit this vulnerability to exahust all available sockets.

@isc.sans.edu
VMware ESXi 4.1 Security and Firmware Updates
Published: 2011-04-28, Last Updated: 2011-04-28 17:23:27 UTC
The patch resolves several security issues (CVE-2011-1786, CVE-2010-1324, CVE-2010-1323, CVE-2010-4020, CVE-2010-4021, and CVE-2011-1785) affecting OpenLDAP and KRB5.

Now we are running on Build 582267. Release Date: January 30, 2012
More @support.vmware.com/selfsupport/download

VMware ESXi 4 Build 582267. Patch 04 (30 Jan 2012)

VMSA-2011-0007. 28 Apr 2011
VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

1. Summary
VMware ESXi and ESX could encounter a socket exhaustion situation which may lead to a denial of service. Updates to Likewise components and to the ESX Service Console address security vulnerabilities.

2. Relevant releases
VMware ESXi 4.1 without patch ESXi410-201104401-SG.
VMware ESXi 4.0 without patch ESXi400-201104401-SG.

Summaries and Symptoms:
This bulletin includes all software updates required to install VMware ESXi 4.1 Patch 04 on a host.
A host is not considered running ESXi 4.1 Patch 04 until it is compliant with this bulletin.
For more information, see the KBs for the individual bulletins.
ESXi410-201201401-SG Security.  KB 2009143
ESXi410-201201402-BG Critical. KB 2009144


The Badkey Team
LinkedIn: http://nl.linkedin.com/in/willemsej

• Comments [0]

Windows Server Update Services (WSUS)

John Willemse  March 9 2012 12:48:50 AM

   
Windows Server Update Services 3.0 Service Pack 2

Even een server hier @badkey.com

History: Sunday 30th, October 2005
Badkey Corner. WSUS Rollup Tool Sample. via URL: http://wsus.editme.com
http://www.badkey.com/db/blogsphere.nsf/d6plinks/JWIE-6HNU2W

Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2) delivers new features, including Windows Server 2008 support,
integration with Server Manager in Windows Server 2008 R2, API enhancements, and software updates.

Microsoft Windows Server Update Services 3.0 SP1 (WSUS 3.0 SP1) enables information technology administrators to deploy the latest Microsoft product updates to computers running Microsoft Windows Server 2003, Windows Server® 2008, Windows Vista®, Microsoft Windows XP with Service Pack 2, and Windows 2000 with Service Pack 4 operating systems. By using WSUS, administrators can fully manage the distribution of updates that are released through Microsoft Update to computers in their network.

How WSUS works:
WSUS provides a management infrastructure consisting of the following: Microsoft Update
The Microsoft Web site that distributes updates of Microsoft products. Windows Server Update Services server

This component is installed on a Windows Server 2003 SP1 or Windows Server 2008 server inside the corporate firewall. The WSUS server allows administrators to manage and distribute updates through the WSUS 3.0 Administration console, which can be installed on any Windows computer in the domain. In addition, a WSUS server can be the update source for other WSUS servers within the organization. At least one WSUS server in the network must connect to Microsoft Update to get available update information. The administrator can determine, based on network security and configuration, whether or not other servers should connect directly to Microsoft Update.
Automatic Updates

This component is built into the Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP, and Windows 2000 SP4 operating systems. Automatic Updates enables both server and client computers to receive updates from Microsoft Update or from a WSUS server.

Overview:
WSUS 3.0 SP2 delivers important customer-requested management, stability, and performance improvements. Some of the features and improvements include the following:

•  Integration with Windows Server 2008 R2.
•  Support for the BranchCache feature in Windows Server 2008 R2.
•  Support for Windows 7 and Windows Server 2008 R2 clients.
•  Compliance Report
•  Windows Update Agent (WUA) offers a collection of performance enhancements, user experience improvements, and bug fixes software updates.

WSUS 3.0 SP2 can be installed alone, or as an upgrade of WSUS 3.0 SP1.

This package installs both the WSUS 3.0 SP2 Server, WSUS 3.0 SP2 Administration Console components and WUA client for down-level operating system. You must install the server components on a computer that is running on Windows Server 2003 SP2 or later versions. You may install the Administration Console on a remote computer that is running one of the supported operating systems, see below the Supported Operating Systems section.

WSUS Support Forums. http://www.wsus.info

Stapsgewijze handleiding voor Windows Server Update Services 3.0 SP2.
http://technet.microsoft.com/nl-nl/library/dd939822%28v=ws.10%29.aspx

Microsoft Windows Server Update Services 3.0 SP2 Step By Step Guide.
http://www.microsoft.com/download/en/details.aspx?id=913

Windows Server Update Services
http://en.wikipedia.org/wiki/Windows_Server_Update_Services




The Badkey Team

LinkedIn: http://nl.linkedin.com/in/willemsej
Comments Disabled

Astaro Security Gateway 8.300

John Willemse  February 25 2012 12:39:41 AM

ASG V8 Appliance Upgrade Date Link

The following Firmware Up2Date package has been successfully downloaded and is now available for installation: 8.300

For more information about this package please see the attached information.
System Uptime      : 35 days 1 hour 0 minutes
System Load        : 0.42
System Version     : Astaro Security Gateway 8.203

Up2Date 8.300 package description:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected Wifi APs will perform firmware upgrade
Connected RED devices may perform firmware upgrade

News:
Added: BGP4 support
Added: RED ASG-to-ASG tunel
Added: Amazon VPC support
Added: Wifi AP50 support
Fixed: VLAN and PPPoE over bridge are subject to packet filter now

Bugfixes:
Fix [16884]: Confd: reject IP addresses with leading zeros
Fix [17199]: RAS addresses are never removed from backend group network objects
Fix [18581]: QoS limits maximum packet size to 2047
Fix [18600]: Websec reporting: scheduled reports are always empty
Fix [18728]: SMTP Proxy can't send any email when special characters in BATV secret
Fix [19887]: Using Interface bound ANY Object (e.g. Internet IPv4) in network list will cause other entries not to match

Feature Overview of V8.300
ASG 8.3 provides the following new features. We've also spent significant effort on stability enhancements and quashing outstanding issues.

Major New Things

  Amazon Machine Images (AMI) for ASG (and ACC)
  As mentioned in our earlier technical preview, you can now launch and run Astaro Security Gateway inside Amazon's Elastic Computing Cloud (EC2). Already we are seeing creative uses of this deployment method with partners using their cloud-based ASG to connect our RED product, and then extending their branches further by adding our Access Points to those devices - all managed centrally from their Amazon ASG. Let us know via a post at our UBB at www.astaro.org how it works for you, and how you are (or plan) to use it for your business - we are always interested in use cases! To locate the ASG AMI's, go to the community AMIs tab and search for "ASG". (A full deployment tutorial will be available at GA)

  Amazon Virtual Private Cloud (VPC) connector
  The Amazon VPC service allows you to host and run your server infrastructure in a secure, scalable cloud. Our VPC connector gives you a permanent, encrypted connection to your VPC resources right from ASG. The back end for this uses our new BGP routing to redundant Amazon gateways, and is done automatically without you needing to know anything about BGP or the Amazon technical parameters for doing it manually (or with more complex products). A guide will be available at GA release to assist you in connecting to your VPC.

  Support for Astaro Wireless AP50
  Our new Wireless AP50 product is finished production and will be available very soon. You will need to be at ASG V8.300+ to use this product. With 5Ghz and 2.4Ghz bands, dual high-gain antennas, and Gigabit ethernet, this is our biggest and most capable wireless product, perfect for bigger environments or locations where the 2.4Ghz band is cluttered with interference. You can get more info at Astaro Access Points

  Site-to-Site VPN using RED Protocol
  We have added the ability to make tunnels between ASG devices using our much-heralded RED tunnel technology*. This operates similarly to how site-site over SSL works, you setup one ASG as the "Main" office (Server) and connect to them from other ASG sites as the "Client". Some quick steps to begin:
      At the Main Site:
          Go to "WebAdmin-->RED Management-->[Server]Client Management Tab".
          Add a RED, enter a name and pick type "ASG". Click Apply.
          Download the .red provisioning file which is created.
      On the Remote ASG you wish to connect:
          Go to "WebAdmin-->RED Management-->[Client]Tunnel Management"
          Add a tunnel, create (or select) a definition for the Hostname of the Main ASG and supply the provisioning file you downloaded from the Main ASG.
          The tunnel will now be created.
      Now that you have a tunnel, you must to setup things manually. You will find hardware interfaces you can use to create a Network Interface in the ASG's, select IP ranges to be used, and otherwise manually configure the connectivity. This was originally designed for a special use case; you have however surprised us with your interest in this feature. So, we plan to have a more guided setup within WebAdmin for using RED for a site-site VPN with ASG's in a future Up2Date.

  *This will NOT turn your remote ASG into a RED terminal. It will still have a GUI and work like a normal Site-Site VPN does.
  **This new site-site functionality will likely be merged into the VPN section in future V8.3 Up2Date.

  BGP4 Routing Support
  ASG now has the ability to do Border Gateway Protocol Routing (BGP). You will find the configuration for this in WebAdmin at "Interfaces & Routing-->Border Gateway Protocol". A specialized routing protocol with specific applications, you should make use of this feature only if you know what you are doing.


Minor Adjustments
  The Astaro Authentication Agent (AAA) has by popular request been made available as an MSI package as well as an EXE. You will find both on the Client Authentication section in WebAdmin. Thanks to everyone who asked for this feature, YOU made it happen. Enjoy those mass roll-outs!
  Saved Web Reports have been to school and now remember how info was sorted when you saved them
  The printable configuration engine has also been educated on how to properly display big blocks of text without going outside the lines and now looks much better
  You can now see and sort application rules by the groups you create
  Notifications have had "select-all" boxes added, saving you from having to click dozens of times to select what you want
  You can now create Web Security Reports from Pre-8.2 Logs, see Support-->Advanced-->Weblog Import
  The Wireless Access Points Grouping section now has an apply button like the rest of WebAdmin, and no longer resets your selections between clicks as a result.

Running: Astaro Security Gateway 8.300



The Badkey Team
http://nl.linkedin.com/in/willemsej

Comments Disabled

Lotus Notes/Domino 8.5.3 Fix Pack 1 Preliminary Release Notice. February 3, 2012

John Willemse  February 19 2012 09:57:29 PM

Notes/Domino Fix List Lotus Notes/Domino 8.5.3 Fix Pack 1 Preliminary Release Notice February 3, 2012 Notes/Domino 8.5.3 Fix Pack 1 is a scheduled Fix Pack of low-risk, high-impact fixes to help customers safely avoid known issues. IBM strongly recommends that customers running Notes/Domino 8.5.3 upgrade to this latest Fix Pack since it addresses a small percentage of defects that impact the broadest set of customers. Fix Packs are released periodically between Maintenance Releases to provide a greater level of stability for customer environments. They go through the same level of fix, regression and interoperability testing that occurs with Maintenance Releases. Fix Packs are always cumulative and contain all of the fixes from previous ones. Notes/Domino 8.5.3 Fix Pack 1 addresses defects in both the Client and Server. All Fix Packs are language independent and may be applied on any language version of Notes/Domino 8.5.3. Decision to upgrade Customers unable to upgrade to later Releases should install Fix Packs to benefit from later fixes made to the product. By providing a small number of fixes, customers are able to accept fewer code changes with lower risk, allowing them to "patch" an older Maintenance Release until a more extensive upgrade to the current Release is possible. However, while Fix Packs provide important fixes and IBM strongly recommends applying the latest Fix Pack available for a Maintenance Release, IBM still recommends that customers upgrade to the latest Release + Fix Pack combination to receive the broadest set of fixes available. You will receive more overall fixes with a later Release + Fix Pack than with a set of Fix Packs on top of an earlier Maintenance Release. For more information, see technote #1368141-"Differences between Notes/Domino Maintenance Releases, Fix Packs and Cumulative Client Hotfixes." Fixes contained in this Fix Pack A plus symbol (+) before the SPR number indicates a fix for a regression bug. A regression bug is an issue that was introduced in a Maintenance Release but did not exist in previous releases of that code stream. For example, a bug that appears in 8.5.3 but did not exist in 8.5.2 is a regression. If an APAR exists for the corresponding SPR, the APAR number will appear in parentheses next to the SPR number. For example, SPR #nnnnnnnnnn (LO12345). The Fix List database on developerWorks contains the description of each fix in this Fix Pack, and indicates which platform(s) have been fixed. 8.5.3 Fix Pack 1 Preliminary Fix List descriptions: Client +SPR# PANN8LNT3Y - Fix resolves a Calendar refresh issue. Calendar documents failed to display without hitting Refresh. +SPR# EFUU8P4V6P - Fix resolves "Invalid Or Nonexistent Document" error for a form with a "Microsoft Web Browser" control in Notes 8.5.3. SPR# ACHG8H6DAR - Fixed the issue where a Notes client internal error occurred during: "Dip File Auto Savejob". SPR# AFIL8GLGK4 - Fixed a problem where creating a mail with right-click on Sametime contact resulted in the display of all mail in the application showing as part of the 'conversation'. +SPR# ICRE8HGS65 - Fix resolves an issue where Html bold, italic, and underline tags are not rendering with Embedded Browser disabled in 8.5.2 & 8.5.3. Server SPR# RNOG82FPFV - Fix resolves use of Program document to shutdown the Domino server with nserver -q correctly. SPR# DANG7UCHMJ - Fix resolves use of REPL_SYNC_ALL_UNREAD notes.ini parameter as designed to sync unread counts across replicas. SPR# BBSZ8MRKYS - Fix resolves replication issue around Profile documents not replicating. +SPR# GTON8GHD4N - Fix resolves a defect where profile documents are not replicating when the best merge flag on the properties of the form is set in the design. +SPR# NORK86PNB8 - Fix resolves a potential Domino Server Performance issue when email messages are trying to find the next hop to a domain where there are thousands of connection documents in the directory. +SPR# NBRR8LHTGP - Resolved a server crash when trying to open signed S/MIME email in 8.5.2 FP3. iNotes Web Access +SPR# MJON8MRQGX - Fix resolves an issue in iNotes where Vertical Scroll Bar does not work in iNotes 853 when using IE8 in Compatibility Mode. +SPR# MJON8MSK2V - Fix resolves an issue in 8.5.3 iNotes where logout button does not work in Full Mode when Sametime is enabled in the preferences. +SPR# CTSI8MLMDR - Fixed an issue where the notes.ini setting, iNotes_WA_DefaultUI, was causing requests to be issued repeatedly. SPR# MVEO8JXQLN - Resolved HTTP crashes on Domino clustered servers caused by iNotes Client.

Comments Disabled

Sophos Endpoint Version 10. Virusscan Server 2008 and WHS.

John Willemse  February 7 2012 11:25:12 PM

Sophos Endpoint Version 10. Version 10 Upgrade Center

For customers with an Endpoint Protection license using Enterprise Console. Upgrading made easy

What is new
- Faster scanning - We've improved our scan speeds by whitelisting common Windows OS files
- Improved management - It's now easier to find computers for remediation and manage alerts
- Faster installation - We've rebuilt the installer so it's now quicker and simpler to secure new computers
- Patch, Web and Encryption add-ons - To further enhance your security
More @Sophos

10 ways our complete security just got better:
More @Sophos




The Badkey Team.
Comments Disabled

Differences between the IBM Lotus Domino 7.0.2 Blog template and previous external versions

John Willemse  February 1 2012 09:26:31 PM

Differences between the IBM Lotus Domino 7.0.2 Blog template and previous external versions
http://www-01.ibm.com/support/docview.wss?uid=swg21245947

Question
The Domino Blog template, which was developed and maintained for over 3 years by an external source, was acquired by IBM® and incorporated into Lotus® Notes/Domino® 7.0.2.

Therefore, some IBM customers are already familiar with the template.

When the template was brought into IBM, some changes had to be made in order to:

• remove Open source code
• ease support of the template
• simplify use of the template
• change the user interface to fit in with IBM standards
• make Language translation easier

These changes have, therefore, resulted in some feature removals, feature alterations and a different user interface (UI), which are discussed in this technote.

Answer

Contents:

Identifying the Blog Template Version
Version 2.1.3
Version 3.x
Version 7.0.2
Feature Removal
Trackback
Calendar Views/entries
Automated Menus
Themes
Custom Tags
Feature Amendment
Web Rich Text Editor
Statistics
User Interface
Site Design Templates

---

Identifying the Blog Template Version

The original template had various versions which worked across release 5.x of the Domino server (version 2.x of the template only) and release 6.x of the Domino server (all versions).

The IBM version of the template is known as IBM Lotus Domino Blog template version 7.0.2.

Note: Customers using original versions of the template should, therefore, look at the 7.0.2 template as a new template, rather than a continuation of the original. Documentation for the old versions of the template should not be referenced for use for the 7.0.2 template.

You can identify the template version you are currently using via the Design properties of your Domino Blog database. With the database open, select File > Database > Properties. Switch to the Design tab (4th tab from the left). On the Design tab you will see an Inheritance section. Here is where the template name will appear.

Version 2.1.3

Version 3.x

Version 7.0.2

---

Feature Removal

Trackback
Trackback capability has been removed due to use of some open source code and not enough time to replace it.

Calendar Views/entries
This feature was removed as it served little purpose and was not widely used.


Automated Menus
This feature was removed as its use was very minimal and was not implemented in a way that could easily be supported.



Themes
The ability to export/import themes for your blog has been removed. The feature was not robust enough to be added to IBM production software. In addition, with the change in how the HTML templates function, the current code would not work.


For more information about the HTML template changes, see the Site Design Templates topic in the Feature Amendments section below.



Custom Tags
Custom tags gave you the ability to type text into the configuration document and, using a tag, you could place this text within your site.

This Custom Tags feature has been removed because it served little purpose, and also because the title was confusing; it implied you could create or customize your own tags.

---

Feature Amendment

Web Rich Text Editor
The web rich text editor used a 3^rd party open source code set to provide a rich editing experience. This code has been removed and replaced by a basic editor that currently provides only for bold, italics, and underline formatting.

Original Rich Text Editing

Current Rich Text Editing


Statistics
The capture of site statistics (monitoring of page hits) has been removed from the template due to a best practice of not allowing users to capture the hits in the same database as the content.

However, the ability to capture hits remains, and you have to direct the page hits to a secondary database. For more information refer to the technote, "Collecting site usage statistics for the IBM Lotus Domino Blog Template" (#1246924).

This feature amendment removes the support of the tags <$DXGoogle$> and <$DXReferrers$>. However, the code remains in the template and so using the statistics technote they still can be configured.

Specifying Target Database for Statistics




User Interface
As part of the simplification and aligning the template with other standard templates, the interface has been amended.

Old Interface


Old Forms


New Interface



New Forms


Site Design Templates
The biggest change that affects use of the template is the structure of the HTML templates that control the look and feel of your blog web site.

These changes were done in order to simplify use of the template; however, this means that you will need to convert your old style templates to the new one before upgrading your blog template.

Previously there were many types of templates as indicated below:


There are now much fewer:


The emphasis has changed from a template for a use (therefore, Site, Document, Search, Comment, etc.) to the concept of a “HTML Page” and “HTML item or transaction”.

So the page templates are used for the layout of entire pages (such as home, documents, search, etc.) and the item templates are used to format each individual item within a page. These items could be each blog entry within the home page, or each item of a search result, etc.

Related information

Collecting site usage statistics for the IBM Lotus Domino
Comments Disabled

John Willemse CV. LinkedIn

John Willemse  January 29 2012 02:07:04 AM

 

All information via LinkedIn
Dominoblog.ntf. Lotus/Domino 8.5.x

The Badkey Team
Comments Disabled

IBM Lotus Domino RPC Operation Denial of Service Vulnerability. 8.5.2

John Willemse  January 28 2012 12:32:00 PM

According to the IBM page about this: "If an attacker can monitor and record all communications between a Notes client and a Domino server then it is possible to crash the Domino server by modifying a specific packet, in a specific way, during a specific operation.", so a relatively low threat. Upgrade to 8.5.3 if you can, if not (because of the server changes in 8.5.3) upgrade to 8.5.2 FP4.

Source: SecurityFocus

---

IBM Lotus Domino RPC Operation Denial of Service Vulnerability

Bugtraq ID:	51167
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2011-1393
Remote:	Yes
Local:	No
Published:	Dec 22 2011 12:00AM
Updated:	Jan 02 2012 11:20PM
Credit:	Xiaopeng Zhang of Fortiguard Labs
Vulnerable:	IBM Lotus Domino 8.5.2 IBM Lotus Domino 8.5 IBM Lotus Domino 8.0.2 Fix Pack 5 IBM Lotus Domino 8.0.2 IBM Lotus Domino 8.5.2 FP3 IBM Lotus Domino 8.5.2 FP2 IBM Lotus Domino 8.5.0.1 IBM Lotus Domino 8.5 FP1 IBM Lotus Domino 8.5 IBM Lotus Domino 8.0.2.4 IBM Lotus Domino 8.0.2.3 IBM Lotus Domino 8.0.2.2 IBM Lotus Domino 8.0.2.1 IBM Lotus Domino 8.0
Not Vulnerable:	IBM Lotus Domino 8.5.3 IBM Lotus Domino 8.5.2 FP4

IBM Lotus Domino is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

An attacker can use readily available network utilities.

Solution:
The vendor released an update. Please see the references for details.


Comments Disabled