End-of-Shift report
Timeframe: Donnerstag 07-02-2013 18:00 − Freitag 08-02-2013 18:00
Handler: Stephan Richter
Co-Handler: L. Aaron Kaplan
Viele Router-Lücken, wenig Patches
Michael Messner hat nachgelegt: In seinem Blog veröffentlichte er weitere Schwachstellen in Routern von Linksys, Netgear und erneut D-Link. Die Hersteller sind seit Monaten informiert, trotzdem sind die meisten Lücken noch sperrangelweit offen.
http://rss.feedsportal.com/c/32407/f/463925/s/2856de6a/l/0L0Sheise0Bde0Cmeldung0CViele0ERouter0ELuecken0Ewenig0EPatches0E17999540Bhtml0Cfrom0Crss0A9/story01.htm
Advance Notification Service for the February 2013 Security Bulletin Release
We're kicking off the February 2013 Security Bulletin Release with Advance Notification of 12 bulletins for release Tuesday, February 12. This release brings five Critical and seven Important-class bulletins, which address 57 unique vulnerabilities. The Critical-rated bulletins address issues in Microsoft Windows, Internet Explorer and Exchange Software. The Important-rated bulletins address issues in Microsoft Windows, Office, .NET Framework, and Microsoft Server Software. Per our...
http://blogs.technet.com/b/msrc/archive/2013/02/07/advance-notification-service-for-the-february-2013-security-bulletin-release.aspx
Vuln: PostgreSQL enum_recv() Function Denial of Service Vulnerability
PostgreSQL enum_recv() Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/57844
Vuln: Adobe Flash Player CVE-2013-0633 Buffer Overflow Vulnerability
Adobe Flash Player CVE-2013-0633 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57788
Vuln: Adobe Flash Player CVE-2013-0634 Remote Memory Corruption Vulnerability
Adobe Flash Player CVE-2013-0634 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57787
Vuln: cURL/libcURL Curl_sasl_create_digest_md5_message() Stack Buffer Overflow Vulnerability
cURL/libcURL Curl_sasl_create_digest_md5_message() Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57842
Is it Spam or Is it Malware?, (Fri, Feb 8th)
Does anyone have a friend that regularly still sends you crap via email that usually includes a link or some pics. We are all IT security professionals here and know the preachers drill on this topic. Really, we do not like wasting our time on the junk that is sent to us. Delete, Delete, Delete. BUT, we are also human. We are the weakest link! So, today that one friend sends something over to us. This friend has a great knack for sending water cooler stuff that can warrant a look
http://isc.sans.edu/diary.html?storyid=15121&rss
Vuln: Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57778
http://isc.sans.edu/diary.html?storyid=15124&rss