End-of-Shift report
Timeframe: Montag 07-01-2013 18:00 − Dienstag 08-01-2013 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Bugtraq: Chrome for Android - Cookie theft from Chrome by malicious Android app
Chrome for Android - Cookie theft from Chrome by malicious Android app
http://www.securityfocus.com/archive/1/525222
Bugtraq: Chrome for Android - Android APIs exposed to JavaScript
Chrome for Android - Android APIs exposed to JavaScript
http://www.securityfocus.com/archive/1/525220
Foxit Reader <= 5.4.4.1128 npFoxitReaderPlugin.dll Stack Buffer Overflow
Topic: Foxit Reader
http://feedproxy.google.com/~r/securityalert_database/~3/mNx5SSGJYF4/WLB-2013010048
Drupal 6.x->7.18 getimagesize() <= Multiple Vulnerabilities
Topic: Drupal 6.x->7.18 getimagesize()
http://feedproxy.google.com/~r/securityalert_database/~3/2AwbWS10dFQ/WLB-2013010050
Bugtraq: Facebook for Android - Information Diclosure Vulnerability
Facebook for Android - Information Diclosure Vulnerability
http://www.securityfocus.com/archive/1/525223
Symantec plays down PGP hole
"Symantec has quenched fears about a vulnerability in its PGP technology. According to a Pastebin statement, the pgpwded. sys kernel driver distributed with Symantec PGP Desktop contains an arbitrary memory overwrite vulnerability in the handling of IOCTL 0x80022058...."
http://news.hitb.org/content/symantec-plays-down-pgp-hole
‘Value of a Hacked PC’ Graphic Goes Global
The Value of a Hacked PC graphic, which I published on this blog a few months ago to explain bad guy uses for your PC, is getting a makeover. I’m honored to say that the SANS Institute, a security training group, has taken the idea and run with it as an educational tool, and is in [...]
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/ehmnqBEd8q0/
Abgeschottetes Android für Unternehmen
Eine speziell angepasste Version des Mobilbetriebssystems überwacht, was der User mit seinem Gerät tun kann – basierend auf der jeweiligen Nutzungssituation.
http://www.heise.de/meldung/Abgeschottetes-Android-fuer-Unternehmen-1767696.html/from/atom10
Vuln: OpenIPMI ipmievd Daemon PID Files Insecure File Permissions Vulnerability
OpenIPMI ipmievd Daemon PID Files Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/51036
Vuln: PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/27163
ENISA Names Drive-By Exploits as Biggest Emerging Threat of 2012
"The European Network and Information Security Agency (ENISA) has released its Cyber Threat Landscape analysis of 2012. The study, based on over 120 threat reports, highlights the top threats and their trends. According to the report, drive-by exploits malicious code injects used to exploit web browser vulnerabilities are the number one threat...."
http://news.softpedia.com/news/ENISA-Names-Drive-By-Exploits-as-Biggest-Emerging-Threat-of-2012-319250.shtml
[webapps] - Advantech WebAccess HMI/SCADA Software Persistence XSS Vulnerability
Advantech WebAccess HMI/SCADA Software Persistence XSS Vulnerability
http://www.exploit-db.com/exploits/23968
Wichtiges Sicherheitsupdate für MoinMoin-Wiki
Das Update auf Version 1.9.6 behebt unter anderem eine kritische Schwachstelle, die bereit aktiv von Cyber-Kriminellen ausgenutzt wird.
http://rss.feedsportal.com/c/32407/f/463925/s/274e0d0f/l/0L0Sheise0Bde0Cmeldung0CWichtiges0ESicherheitsupdate0Efuer0EMoinMoin0EWiki0E17792170Bhtml0Cfrom0Crss0A9/story01.htm
Payment Card Fraud in the European Union
"The criminal market of payment card fraud (PCF) within the European Union (EU) is dominated by well structured and globally active organised crime groups (OCGs). Criminal networks have managed to affect non-cash payments in the EU to the extent that protection measures are very expensive and need to be implemented on a global level. Consequently, the use of payment cards can be inconvenient and no longer fully secure for EU cardholders...."
https://www.europol.europa.eu/sites/default/files/publications/1public_full_20_sept.pdf
Angriffe auf ungepatchte ColdFusion-Lücken
Adobe warnt davor, dass Cyber-Kriminelle durch bislang nicht geschlossene Sicherheitslöcher in ColdFusion-Server einsteigen. Ein passender Patch ist frühestens in einer Woche fertig.
http://rss.feedsportal.com/c/32407/f/463925/s/274f87d4/l/0L0Sheise0Bde0Cmeldung0CAngriffe0Eauf0Eungepatchte0EColdFusion0ELuecken0E17794420Bhtml0Cfrom0Crss0A9/story01.htm
Bugtraq: ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability
ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability
http://www.securityfocus.com/archive/1/525229
[webapps] - WordPress Plugin Google Document Embedder Arbitrary File Disclosure
WordPress Plugin Google Document Embedder Arbitrary File Disclosure
http://www.exploit-db.com/exploits/23970
Kritische Schwachstellen in Asterisk
Digium hat einige kritische Schwachstellen in der quelloffenen Telefonanlagen-Software Asterisk geschlossen, durch die ein Angreifer Code in den Server einschleusen kann. Bei den Lücken handelt es sich um Pufferüberläufe auf dem Stack, die über die Protokolle HTTP, SIP und XMPP ausgenutzt werden können. Nur bei XMPP ist hierzu eine aktive Sitzung nötig.
http://www.heise.de/meldung/Kritische-Schwachstellen-in-Asterisk-1779526.html/from/atom10