Tageszusammenfassung - Donnerstag 7-02-2013

End-of-Shift report

Timeframe: Mittwoch 06-02-2013 18:00 − Donnerstag 07-02-2013 18:00 Handler: Stephan Richter Co-Handler: Robert Waldner

Bugtraq: Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability

Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability

http://www.securityfocus.com/archive/1/525591


WordPress CommentLuv 2.92.3 Cross Site Scripting

Topic: WordPress CommentLuv 2.92.3 Cross Site Scripting Risk: Low Text:Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Version(s): 2.92.3 and probably pr...

http://feedproxy.google.com/~r/securityalert_database/~3/hGxikOAUsIU/WLB-2013020040


WordPress Wysija Newsletters 2.2 SQL Injection

Topic: WordPress Wysija Newsletters 2.2 SQL Injection Risk: Medium Text:Advisory ID: HTB23140 Product: Wysija Newsletters WordPress plugin Vendor: Wysija Vulnerable Version(s): 2.2 and probably pr...

http://feedproxy.google.com/~r/securityalert_database/~3/XJ6UhJjgxu4/WLB-2013020039


[webapps] - Netgear DGN1000B - Multiple Vulnerabilities

Netgear DGN1000B - Multiple Vulnerabilities

http://www.exploit-db.com/exploits/24464


[dos] - Cool PDF Reader 3.0.2.256 Buffer Overflow

Cool PDF Reader 3.0.2.256 Buffer Overflow

http://www.exploit-db.com/exploits/24463


Vuln: Google Chrome 24.0.1312.57 HTTP Authentication Security Bypass Weakness

Google Chrome 24.0.1312.57 HTTP Authentication Security Bypass Weakness

http://www.securityfocus.com/bid/57790


Intel Network Card (82574L) Packet of Death, (Wed, Feb 6th)

An interesting blog post by Kristian Kielhofer describes how a specific SPI packet can kill an Intel Gigabit ethernet card [1]. If a card is exposed to this traffic, the system has to be physically power cycled. A reboot will not recover the system. The network card crashed whenever the value 0x32 or 0x33 was found at offset 0x47f. Kristian first noticed this happening for specific SIP packets, but in the end, it turned out that any packet with 0x32 at 0x47f caused the crash. Intel traced the

http://isc.sans.edu/diary.html?storyid=15109&rss


Microsoft, Symantec Hijack 'Bamital' Botnet

Microsoft and Symantec said Wednesday that have teamed up to seize control over the "Bamital" botnet, a multi-million dollar crime machine that used malicious software to hijack search results. The two companies are now using that control to alert hundreds of thousands of users whose PCs remain infected with the malware.Related Posts:Microsoft Issues Fix for Zero-Day IE FlawAdobe, Microsoft Ship Critical Security UpdatesPolish Takedown Targets 'Virut' BotnetMicrosoft

http://feedproxy.google.com/~r/KrebsOnSecurity/~3/ZnTidLd2mjU/