Tageszusammenfassung - Dienstag 5-02-2013

End-of-Shift report

Timeframe: Montag 04-02-2013 18:00 − Dienstag 05-02-2013 18:00 Handler: Stephan Richter Co-Handler: Robert Waldner

Unlucky for you: UK crypto-duo crack HTTPS in Lucky 13 attack

OpenSSL patch to protect against TLS decryption boffinry Two scientists say they have identified a new weakness in TLS, the encryption system used to safeguard online shopping, banking and privacy. The design flaw, revealed today, could be exploited to snoop on passwords and other sensitive information sent by users to HTTPS websites.…

http://go.theregister.com/feed/www.theregister.co.uk/2013/02/04/unlucky_13_crypto_attack/

---

Bugtraq: ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities

ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities

http://www.securityfocus.com/archive/1/525541

---

Nagios XI 2012R1.5b XSS & Command Execution & SQL Injection & CSRF

Topic: Nagios XI 2012R1.5b XSS & Command Execution & SQL Injection & CSRF Risk: Medium Text:Reflected XSS: Alert Cloud Component: Example URL: http://nagiosxiserver/nagiosxi/includes/components/alertcloud/index.php?w...

http://feedproxy.google.com/~r/securityalert_database/~3/4q2noPJRt1M/WLB-2013020023

---

[webapps] - Cisco Unity Express Multiple Vulnerabilities

Cisco Unity Express Multiple Vulnerabilities

http://www.exploit-db.com/exploits/24449

---

Vuln: Oracle E-Business Suite CVE-2013-0390 Remote Security Vulnerability

Oracle E-Business Suite CVE-2013-0390 Remote Security Vulnerability

http://www.securityfocus.com/bid/57419

---

Bugtraq: APPLE-SA-2013-02-04-1 OS X Server v2.2.1

APPLE-SA-2013-02-04-1 OS X Server v2.2.1

http://www.securityfocus.com/archive/1/525572

---

Crooks, think your Trojan looks legit? This one has a DIGITAL CERTIFICATE

CA defends issuing digital seal to Brazilian swindlers Security researchers have discovered a banking Trojan that comes with its own built-in digital certificate.…

http://go.theregister.com/feed/www.theregister.co.uk/2013/02/05/digitally_signed_banking_trojan/