End-of-Shift report
Timeframe: Mittwoch 06-02-2013 18:00 − Donnerstag 07-02-2013 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Bugtraq: Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability
Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability
http://www.securityfocus.com/archive/1/525591
WordPress CommentLuv 2.92.3 Cross Site Scripting
Topic: WordPress CommentLuv 2.92.3 Cross Site Scripting Risk: Low Text:Advisory ID: HTB23138 Product: CommentLuv WordPress plugin Vendor: Andy Bailey Vulnerable Version(s): 2.92.3 and probably pr...
http://feedproxy.google.com/~r/securityalert_database/~3/hGxikOAUsIU/WLB-2013020040
WordPress Wysija Newsletters 2.2 SQL Injection
Topic: WordPress Wysija Newsletters 2.2 SQL Injection Risk: Medium Text:Advisory ID: HTB23140 Product: Wysija Newsletters WordPress plugin Vendor: Wysija Vulnerable Version(s): 2.2 and probably pr...
http://feedproxy.google.com/~r/securityalert_database/~3/XJ6UhJjgxu4/WLB-2013020039
[webapps] - Netgear DGN1000B - Multiple Vulnerabilities
Netgear DGN1000B - Multiple Vulnerabilities
http://www.exploit-db.com/exploits/24464
[dos] - Cool PDF Reader 3.0.2.256 Buffer Overflow
Cool PDF Reader 3.0.2.256 Buffer Overflow
http://www.exploit-db.com/exploits/24463
Vuln: Google Chrome 24.0.1312.57 HTTP Authentication Security Bypass Weakness
Google Chrome 24.0.1312.57 HTTP Authentication Security Bypass Weakness
http://www.securityfocus.com/bid/57790
Intel Network Card (82574L) Packet of Death, (Wed, Feb 6th)
An interesting blog post by Kristian Kielhofer describes how a specific SPI packet can kill an Intel Gigabit ethernet card [1]. If a card is exposed to this traffic, the system has to be physically power cycled. A reboot will not recover the system. The network card crashed whenever the value 0x32 or 0x33 was found at offset 0x47f. Kristian first noticed this happening for specific SIP packets, but in the end, it turned out that any packet with 0x32 at 0x47f caused the crash. Intel traced the
http://isc.sans.edu/diary.html?storyid=15109&rss
Microsoft, Symantec Hijack 'Bamital' Botnet
Microsoft and Symantec said Wednesday that have teamed up to seize control over the "Bamital" botnet, a multi-million dollar crime machine that used malicious software to hijack search results. The two companies are now using that control to alert hundreds of thousands of users whose PCs remain infected with the malware.Related Posts:Microsoft Issues Fix for Zero-Day IE FlawAdobe, Microsoft Ship Critical Security UpdatesPolish Takedown Targets 'Virut' BotnetMicrosoft
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/ZnTidLd2mjU/