Tageszusammenfassung - Montag 29-10-2012

End-of-Shift report

Timeframe: Donnerstag 25-10-2012 18:00 − Montag 29-10-2012 18:00 Handler: Robert Waldner Co-Handler: Matthias Fraidl

Realplayer Watchfolders long Filepath Overflow

Topic: Realplayer Watchfolders long Filepath Overflow Risk: High Text:Realplayer Watchfolders Long Filepath Overflow by Joseph Sheridan Summary Realplayer version is vulnerable to ...


Detecting Advanced Persistent Threat with Network Traffic Analysis

"A high degree of stealthiness over a prolonged duration of operation in order to do a successful cyber attack can be defined as Advanced Persistent Threat. The attack objectives therefore typically extend beyond immediate financial gain, and compromised systems continue to be of service even after key systems have been breached and initial goals reached. Todays successful targeted attacks use a combination of social engineering, malware, and backdoor activities...."


[dos] - Microsoft Office Publisher 2010 Crash PoC

Microsoft Office Publisher 2010 Crash PoC


[dos] - Microsoft Windows Help program (WinHlp32.exe) Crash PoC

Microsoft Windows Help program (WinHlp32.exe) Crash PoC


Another systematic SCADA vuln

"If its Monday, it must be time for a new SCADA vulnerability: this time, arising through the combination of a popular development environment and bad developer habits. Described in full by Digital Bond researcher Reid Wightman here, as many as 261 manufacturers and heaven-knows-how-many deployed systems may have created insecure systems using the software. The software in question is CoDeSys, from German company S3...."


Vuln: Drupal Arbitrary PHP Code Execution and Information Disclosure Vulnerabilities

Drupal Arbitrary PHP Code Execution and Information Disclosure Vulnerabilities


Schädling versteckt sich hinter der Maus



Bugtraq: [SECURITY] [DSA 2567-1] request-tracker3.8 security update

[SECURITY] [DSA 2567-1] request-tracker3.8 security update


Steuerungssysteme mit Hintertür

Die Programmiersoftware CoDeSys des deutschen Herstellers 3 S-Smart Software Solutions kann aus der Ferne ohne Authentifizierung manipuliert werden. Die Software wird für die digitale Steuerung von Maschinen und Anlagen von 261 Geräteherstellern genutzt. Damit verwenden "Tausende von Endanwendern aus dem Maschinen- und Anlagenbau und weiteren Industriezweigen CoDeSys", wie 3 S-Smart auf ihrer Internetseite angibt. Zu den Firmen, die CoDeSys nutzen, gehören unter anderem Unternehmen im Energie-, Militär- und Navigationsbereich. Entdeckt hat die Sicherheitslücke Reid Wightman, Sicherheits-Berater bei digital bond.