End-of-Shift report
Timeframe: Mittwoch 17-10-2012 18:00 − Donnerstag 18-10-2012 18:00
Handler: Stephan Richter
Co-Handler: L. Aaron Kaplan
Oracle Leaves Fix for Java SE Zero Day Until February Patch Update
"Oracle will not patch a critical sandbox escape vulnerability in Java SE versions 5, 6 and 7 until its February Critical Patch Update, according to the researcher who discovered the flaw. Adam Gowdiak of Polish security firm Security Explorations told Threatpost via email that Oracle said it was deep into testing of another Java patch for the October CPU released yesterday and that it was too late to include the sandbox fix. Gowdiak said he plans to present technical details on the flaw...
http://threatpost.com/en_us/blogs/oracle-leaves-fix-java-se-zero-day-until-february-patch-update-101712?utm_source=Newsletter_101712&utm_medium=Email+Marketing&utm_campaign=Newsletter&CID=&CID=
Vuln: Oracle Database Authentication Protocol CVE-2012-3137 Security Bypass Vulnerability
Oracle Database Authentication Protocol CVE-2012-3137 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55651
High bandwidth DDoS attacks are now common, researcher says
"Distributed denial-of-service (DDoS) attacks with an average bandwidth of over 20Gbps have become commonplace this year, according to researchers from from DDoS mitigation vendor Prolexic. Last year such high-bandwidth attacks were isolated incidents, but attacks that exceed 20Gbps in bandwidth occur frequently now, Prolexics president Stuart Scholly said Tuesday. This is significant because very few companies or organizations have the necessary network infrastructure to deal with...
http://www.computerworld.com/s/article/9232487/High_bandwidth_DDoS_attacks_are_now_common_researcher_says?taxonomyId=17
ModSecurity 2.6.8 multipart/invalid part ruleset bypass
Topic: ModSecurity 2.6.8 multipart/invalid part ruleset bypass Risk: Medium Text:SEC Consult Vulnerability Lab Security Advisory == title: ModSecurity mul...
http://feedproxy.google.com/~r/securityalert_database/~3/5KOdJs9aZmg/WLB-2012100153
One year on, SSL servers STILL cower before the BEAST
70% of sites still vulnerable to cookie monster The latest monthly survey by the SSL Labs project has discovered that many SSL sites remain vulnerable to the BEAST attack, more than a year after the underlying vulnerability was demonstrated by security researchers.…
http://go.theregister.com/feed/www.theregister.co.uk/2012/10/18/ssl_security_survey/
Four horsemen posse: This here security town needs a new sheriff
Body which issues CISSP tin stars set for shakeup? As the overpriced beers flowed and dusk approached in central London pubs surrounding the venue of RSA Europe last week, talk often turned towards the (ISC)2 security certification body.…
http://go.theregister.com/feed/www.theregister.co.uk/2012/10/18/isc2_election/
A New Cybersecurity Technique - Signature-based communications blockage for control systems
"This is a brief look at a new product capability reported by Tofino Security that may allow some ICS owners to avoid at least part of their patch cycle without increasing security vulnerability...."
http://chemical-facility-security-news.blogspot.nl/2012/10/a-new-cybersecurity-technique.html
[webapps] - OTRS 3.1 Stored XSS Vulnerability
OTRS 3.1 Stored XSS Vulnerability
http://www.exploit-db.com/exploits/22070
Bugtraq: Internet Explorer 9 XSS Filter Bypass
Internet Explorer 9 XSS Filter Bypass
http://www.securityfocus.com/archive/1/524460
Before We Knew It - An Empirical Study of Zero-Day Attacks In The Real World
Little is known about the duration and prevalence of zero-day attacks,
which exploit vulnerabilities that have not been disclosed publicly.
Knowledge of new vulnerabilities gives cyber criminals a free pass to
attack any target of their choosing, while remaining undetected.
Unfortunately, these serious threats are difficult to analyze, because,
in general, data is not available until after an attack is discovered...
http://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf