End-of-Shift report
Timeframe: Donnerstag 25-10-2012 18:00 − Montag 29-10-2012 18:00
Handler: Robert Waldner
Co-Handler: Matthias Fraidl
Realplayer Watchfolders long Filepath Overflow
Topic: Realplayer Watchfolders long Filepath Overflow Risk: High Text:Realplayer Watchfolders Long Filepath Overflow by Joseph Sheridan Summary Realplayer version 15.0.5.109 is vulnerable to ...
http://feedproxy.google.com/~r/securityalert_database/~3/dOv6-0tUVh8/WLB-2012100238
Detecting Advanced Persistent Threat with Network Traffic Analysis
"A high degree of stealthiness over a prolonged duration of operation in order to do a successful cyber attack can be defined as Advanced Persistent Threat. The attack objectives therefore typically extend beyond immediate financial gain, and compromised systems continue to be of service even after key systems have been breached and initial goals reached. Todays successful targeted attacks use a combination of social engineering, malware, and backdoor activities...."
http://thehackernews.com/2012/10/detecting-advanced-persistent-threat.html#sthash.8PWW7q1g.dpbs
[dos] - Microsoft Office Publisher 2010 Crash PoC
Microsoft Office Publisher 2010 Crash PoC
http://www.exploit-db.com/exploits/22310
[dos] - Microsoft Windows Help program (WinHlp32.exe) Crash PoC
Microsoft Windows Help program (WinHlp32.exe) Crash PoC
http://www.exploit-db.com/exploits/22303
Another systematic SCADA vuln
"If its Monday, it must be time for a new SCADA vulnerability: this time, arising through the combination of a popular development environment and bad developer habits. Described in full by Digital Bond researcher Reid Wightman here, as many as 261 manufacturers and heaven-knows-how-many deployed systems may have created insecure systems using the software. The software in question is CoDeSys, from German company S3...."
http://www.theregister.co.uk/2012/10/28/codesys_vulnerability/
Vuln: Drupal Arbitrary PHP Code Execution and Information Disclosure Vulnerabilities
Drupal Arbitrary PHP Code Execution and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56103
Schädling versteckt sich hinter der Maus
xhtml
http://www.heise.de/security/meldung/Schaedling-versteckt-sich-hinter-der-Maus-1738260.html/from/atom10
Bugtraq: [SECURITY] [DSA 2567-1] request-tracker3.8 security update
[SECURITY] [DSA 2567-1] request-tracker3.8 security update
http://www.securityfocus.com/archive/1/524528
Steuerungssysteme mit Hintertür
Die Programmiersoftware CoDeSys des deutschen Herstellers 3 S-Smart Software Solutions kann aus der Ferne ohne Authentifizierung manipuliert werden. Die Software wird für die digitale Steuerung von Maschinen und Anlagen von 261 Geräteherstellern genutzt. Damit verwenden "Tausende von Endanwendern aus dem Maschinen- und Anlagenbau und weiteren Industriezweigen CoDeSys", wie 3 S-Smart auf ihrer Internetseite angibt. Zu den Firmen, die CoDeSys nutzen, gehören unter anderem Unternehmen im Energie-, Militär- und Navigationsbereich. Entdeckt hat die Sicherheitslücke Reid Wightman, Sicherheits-Berater bei digital bond.
http://www.heise.de/security/meldung/Steuerungssysteme-mit-Hintertuer-1738466.html/from/atom10