End-of-Shift report
Timeframe: Dienstag 19-03-2013 18:00 − Mittwoch 20-03-2013 18:00
Handler: Robert Waldner
Co-Handler: Matthias Fraidl
Security firm publishes details about Java issue, asks for second opinion
"Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has categorized as demonstrating "allowed behavior"."As of Mar 18, 2013 no information was received from Oracle that would indicate that Issue 54 is treated by the company as a security vulnerability," they wrote on Monday. ..."
http://www.net-security.org/secworld.php?id=14617
Google fully implements security feature on DNS lookups
"Google has fully implemented a security feature that ensures a person looking up a website isnt inadvertently directed to a fake one. The Internet company has run its own free public Domain Name System (DNS) lookup service, called Public DNS, since 2009. DNS lookups are required to translate a domain name, such as www...."
http://www.computerworld.com.au/article/456804/google_fully_implements_security_feature_dns_lookups/?fp=4&fpid=16
Samsung Android Remote Owning Devices *youtube
Topic: Samsung Android Remote Owning Devices *youtube Risk: High Text:I was planning to open a blog since some months, but I decided to do it only now, to summarize some of the findings of a quick ...
http://feedproxy.google.com/~r/securityalert_database/~3/zRL6QVbdylE/WLB-2013030171
Strategie zu Cyberkriminalität beschlossen
Regierung will sich künftig besser koordinieren
http://futurezone.at/netzpolitik/14759-strategie-zu-cyberkriminalitaet-beschlossen.php?rss=fuzo
CVSS Security-Bug Rating System Gets A Makeover
"In 2005, three companies--Cisco, Qualys and Symantec--announced the Common Vulnerability Scoring System (CVSS) as a way to rank the security impact of software flaws and the potential risks they posed to companies. In theory, the flaw scoring system aims to give security professionals, researchers and software vendors a repeatable way to rank the severity of a vulnerability by measuring the issues base exploitability, how that evolves over time, and the impact the security bug has on the
http://www.darkreading.com/vulnerability-management/167901026/security/security-management/240151205/security-bug-rating-system-gets-a-makeover.html
MySQL yaSSL Two Buffer Overflow Vulnerabilities
MySQL yaSSL Two Buffer Overflow Vulnerabilities
https://secunia.com/advisories/52445
Linux Kernel ext3 Message Logging Format String Vulnerabilities
Linux Kernel ext3 Message Logging Format String Vulnerabilities
https://secunia.com/advisories/52661
IBM WebSphere Commerce password information disclosure
IBM WebSphere Commerce password information disclosure
http://xforce.iss.net/xforce/xfdb/80206
Google Picasa BMP and TIFF Images Processing Vulnerabilities
Google Picasa BMP and TIFF Images Processing Vulnerabilities
https://secunia.com/advisories/51652