[Woc-notify] [nitc] VENOM vulnerability
Brian Hart
brianhart at ou.edu
Thu May 14 14:42:10 UTC 2015
For those using proxmox, they are aware of it as well and released a patch
to their "pve-test" repository.
http://forum.proxmox.com/threads/22127-Venom-vulnerablity
On May 14, 2015 8:40 AM, "Laws, Peter C." <plaws at ou.edu> wrote:
> VirtualBox/Mac didn't have an update last night but they do now.
>
> --
> Peter Laws / N5UWY
> National Weather Center / Network Operations Center
> University of Oklahoma Information Technology
> plaws at ou.edu (Remote)
> College of Architecture, Division of Regional and City Planning, MRCP '16
> ________________________________________
> From: Skaggs, Gary A. [gskaggs at ou.edu]
> Sent: Wednesday, May 13, 2015 20:19
> To: NITC Distribution List
> Subject: [nitc] FW: VENOM vulnerability
>
> For all of you running VMs, a good/timely read.
>
> Gary
>
>
> From: <Kurz>, "Kenneth J." <kkurz at ou.edu<mailto:kkurz at ou.edu>>
> Date: Wednesday, May 13, 2015 at 7:32 PM
> To: Norman-Networking <network at ou.edu<mailto:network at ou.edu>>, "Security
> (Norman)" <security at ou.edu<mailto:security at ou.edu>>, unix_group <
> unix at ou.edu<mailto:unix at ou.edu>>, "Steward, Shad (HSC)" <
> Shad-Steward at ouhsc.edu<mailto:Shad-Steward at ouhsc.edu>>, "Saliba, Dana M.
> (HSC)" <Dana-Saliba at ouhsc.edu<mailto:Dana-Saliba at ouhsc.edu>>, "Moore,
> Randy W. (HSC)" <Randy-Moore at ouhsc.edu<mailto:Randy-Moore at ouhsc.edu>>,
> "Smith, Bryan E. (IT) (HSC)" <Bryan-E-Smith at ouhsc.edu<mailto:
> Bryan-E-Smith at ouhsc.edu>>, "Bighorse, Aaron L." <bighorse at ou.edu<mailto:
> bighorse at ou.edu>>, "George, Kendall A." <kendallg at ou.edu<mailto:
> kendallg at ou.edu>>
> Subject: VENOM vulnerability
>
> All,
>
> Attached is the best summary I’ve seen about the VENOM vulnerability that
> is making headlines. It is a vulnerability than can open access to host
> systems (once a running VM is compromised) and all other VM’s running on a
> host. VMWare and Hyper-V are NOT affected.
>
> The reason I forwarded on is I know there are a number of people running
> Virtualbox, ubuntu, redhat, etc, to run VMs. They are all affected. As
> well as products by Fireeye, F5, others, etc. Info is at the link below.
>
> http://venom.crowdstrike.com/
>
> Ken
>
> -----------------------------------------------
> Ken Kurz, CISSP
> Executive Director, Networking, Information Security & Risk Management
> University of Oklahoma Information Technology
> 405-325-6441 – O
> 405-534-6079 – C
> www.ou.edu/ouit<http://www.ou.edu/ouit>
> -----------------------------------------------
>
>
> ---
>
> You are currently subscribed to nitc as: plaws at ou.edu<mailto:plaws at ou.edu>
> .
>
> To unsubscribe click here:
> http://lists.nwc.ou.edu/u?id=1311.7bb060764a818184ebb1cc0d43d382aa&n=T&l=nitc&o=706549
>
> (It may be necessary to cut and paste the above URL if the line is broken)
>
> or send a blank email to
> leave-706549-1311.7bb060764a818184ebb1cc0d43d382aa at lists.nwc.ou.edu
> <mailto:
> leave-706549-1311.7bb060764a818184ebb1cc0d43d382aa at lists.nwc.ou.edu>
>
>
> ---
> You are currently subscribed to nitc as: brianhart at ou.edu.
> To unsubscribe click here:
> http://lists.nwc.ou.edu/u?id=7885.5c22590152f4f53f3c05cf7cc6aa0b6b&n=T&l=nitc&o=707549
> or send a blank email to
> leave-707549-7885.5c22590152f4f53f3c05cf7cc6aa0b6b at lists.nwc.ou.edu
>
---
You are currently subscribed to nitc as: woc-notify at list.woc.noaa.gov.
To unsubscribe click here: http://lists.nwc.ou.edu/u?id=47164.3d6e8cdf62c3b687501808cc1203704d&n=T&l=nitc&o=707551
or send a blank email to leave-707551-47164.3d6e8cdf62c3b687501808cc1203704d at lists.nwc.ou.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.woc.noaa.gov/pipermail/woc-notify/attachments/20150514/1a269abc/attachment.html>
More information about the Woc-notify
mailing list