End-of-Shift report
Timeframe: Freitag 29-03-2013 18:00 − Dienstag 02-04-2013 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
IPv6-Migrationsleitfaden für öffentliche Verwaltungen
Das Bundesinnenministerium hat zusammen mit einigen Partnern ein dickes "Kochbuch" für die IPv6-Einführung vorgelegt und wirbt darin für die Vorzüge des Protokolls im täglichen Einsatz.
http://heise.de.feedsportal.com/c/35207/f/653902/s/2a23a3bf/l/0L0Sheise0Bde0Cnewsticker0Cmeldung0CIPv60EMigrationsleitfaden0Efuer0Eoeffentliche0EVerwaltungen0E18328960Bhtml0Cfrom0Catom10A/story01.htm
IBM Storwize V7000 Unified Samba Bug Lets Remote Authenticated Users Modify Files
A remote authenticated user can exploit a flaw in the Samba implementation to perform operations on the target Storwize V7000 Unified CIFS export that are not permitted by the CIFS share access control settings. This may include writing to read-only shares.
http://www.securitytracker.com/id/1028365
US-CERT Alert TA13-088A: DNS Amplification Attacks
A Domain Name Server (DNS) Amplification attack is a popular form of Distributed Denial of Service (DDoS) that relies on the use of publically accessible open recursive DNS servers to overwhelm a victim system with DNS response traffic.
http://www.us-cert.gov/ncas/alerts/TA13-088A
IBM Lotus iNotes Input Validation Flaws Permit Cross-Site Scripting Attacks
Two vulnerabilities were reported in IBM Lotus iNotes. A remote user can conduct cross-site scripting attacks.
http://www.securitytracker.com/id/1028363
Perl Bug in Rehash Mechanism Lets Remote Users Deny Service
A vulnerability was reported in Perl.
A remote user can send specially crafted data to cause the target Perl application to consume excessive memory and crash. Applications that provide arbitrary user-supplied data as input to hash keys are affected.
http://www.securitytracker.com/id/1028346
Fortinet FortiMail IBE Appliance Application Filter Bypass
Topic: Fortinet FortiMail IBE Appliance Application Filter Bypass Risk: Medium Text:Title: Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities Date: == 2013-01-23 References: == http...
http://feedproxy.google.com/~r/securityalert_database/~3/UZi8QdV4Kiw/WLB-2013010217
Foxit Reader <= 5.4.4.1128 npFoxitReaderPlugin.dll Stack Buffer Overflow
Topic: Foxit Reader
http://feedproxy.google.com/~r/securityalert_database/~3/mNx5SSGJYF4/WLB-2013010048
DIY Java-based RAT (Remote Access Tool) spotted in the wild
By Dancho Danchev While the authors/support teams of some of the market leading Web malware exploitation kits are competing on their way to be the first kit to introduce a new exploit on a mass scale, others, largely influenced by the re-emergence of the DIY (do-it-yourself) trend across the cybercrime ecosystem, continue relying on good [...]
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/yE_PNzkr8w8/
Bugtraq: Authentication bypass on Netgear WNR1000
Authentication bypass on Netgear WNR1000
http://www.securityfocus.com/archive/1/526148
HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities
Potential security vulnerabilities have been identified with HP-UX Apache running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass, unauthorized modification, and other vulnerabilities.
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03716627
IBM InfoSphere Information Server Input Validation Flaw Permits Cross-Site Scripting Attacks
A vulnerability was reported in IBM InfoSphere Information Server. A remote user can conduct cross-site scripting attacks.
http://www.securitytracker.com/id/1028372
Splunk Web Input Validation Flaw Permits Cross-Site Scripting Attacks
A vulnerability was reported in Splunk Web. A remote user can conduct cross-site scripting attacks.
http://www.securitytracker.com/id/1028371
Cyber Security Bulletin (SB13-091) - Vulnerability Summary for the Week of March 25, 2013
"The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains
http://www.us-cert.gov/ncas/bulletins/SB13-091
Vuln: Mitsubishi MX Component ActiveX Control ActUWzd.dll Remote Buffer Overflow Vulnerability
Mitsubishi MX Component ActiveX Control ActUWzd.dll Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/58692
Cisco Connected Grid Network Management System Multiple Vulnerabilities
Cisco Connected Grid Network Management System Multiple Vulnerabilities
https://secunia.com/advisories/52834
VMSA-2013-0004 - VMware ESXi security update for third party library
The ESXi userworld libxml2 library has been updated to resolve a security issue.
https://www.vmware.com/security/advisories/VMSA-2013-0004.html
ICS-CERT Advisory ICSA-13-091-01 - Wind River VXWorks SSH and Web Server Multiple Vulnerabilities
This advisory provides mitigation details for six vulnerabilities in the Wind River VxWorks Remote Terminal Operating System (RTOS).
http://ics-cert.us-cert.gov/pdf/ICSA-13-091-01.pdf
ModSecurity XML External Entity Processing Vulnerability
ModSecurity XML External Entity Processing Vulnerability
https://secunia.com/advisories/52847