Tageszusammenfassung - Donnerstag 24-10-2013

End-of-Shift report

Timeframe: Mittwoch 23-10-2013 18:00 − Donnerstag 24-10-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

Neutrino: Caught in the Act

Last week, we got a tip from Kafeine about hacked sites serving injected iframes leading to an exploit kit. We thought it was quite interesting so we looked at one of the infected websites and found this sneaky piece of code: The deobfuscated code shows the location from where the...

http://www.f-secure.com/weblog/archives/00002626.html

Neue und alte Router-Lücken bei Netgear, Tenda und DrayTek

Sicherheitsexperten haben eine Hintertür in Routern der WNDR-Reihe von Netgear gefunden, die ohne Passwort-Abfrage vollen Zugrif auf das Gerät erlaubt. Bei Modellen der Firmen Tenda und DrayTek kann man Schadcode ausführen, ohne sich einloggen zu müssen.

http://www.heise.de/security/meldung/Neue-und-alte-Router-Luecken-bei-Netgear-Tenda-und-DrayTek-1984597.html

Industrial software flaw could allow manipulation of energy processes

The vulnerability lies in industrial automation software that uses a weak encryption algorithm for user authentication, researchers at IOActive found.

http://www.scmagazine.com/industrial-software-flaw-could-allow-manipulation-of-energy-processes/article/317610/

Bugtraq: ESA-2013-067: RSA® Authentication Agent for Web for Internet Information Services (IIS) Security Controls Bypass Vulnerability

http://www.securityfocus.com/archive/1/529394

Bugtraq: RPS/APS vulnerability in snom/yealink and others

http://www.securityfocus.com/archive/1/529397

Security Bulletin: IBM Flex System Manger expired USERID password vulnerability (CVE-2013-5424)

Security Bulletin: IBM Flex System Manger expired USERID password vulnerability (CVE-2013-5424) Affected product(s) and affected version(s): IBM Flex System Manager Node, Types 7955, 8731, 8734 all models, Version 1.3.0

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_flex_system_manger_expired_userid_password_vulnerability_cve_2013_5424?lang=en_us

Cisco IOS XR Software Route Processor Denial of Service Vulnerability

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-iosxr

Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2

Multiple Vulnerabilities in Cisco Identity Services Engine

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-ise

Cisco Secure ACS Distributed Deployment Denial of Service Vulnerability

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5536

Vuln: Multiple Cisco Appliances CVE-2013-5537 Denial of Service Vulnerability

http://www.securityfocus.com/bid/63280

Vuln: Joomla! Maian15 Component name Parameter Arbitrary Shell Upload Vulnerability

http://www.securityfocus.com/bid/63287

Vuln: Drupal Spaces Module Access Bypass Vulnerability

http://www.securityfocus.com/bid/63305

WordPress Blue Wrench Video Widget Plugin Cross-Site Request Forgery Vulnerability

https://secunia.com/advisories/55456