End-of-Shift report
Timeframe: Dienstag 02-04-2013 18:00 − Mittwoch 03-04-2013 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Fool Me Once…
When youre lurking in the computer crime underground, it pays to watch your back and to keep your BS meter set to maximum. But when youve gained access to an elite black market section of a closely guarded crime forum to which very few have access, its easy to let your guard down. Thats what I did earlier this year, and it caused me to chase a false story. This blog post aims to set the record straight on that front, and to offer a cautionary (and possibly entertaining) tale to other would-be
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/KQ4_dgabCRA/
Vuln: Cisco Linksys E1500/E2500 Router Multiple Security Vulnerabilities
Cisco Linksys E1500/E2500 Router Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57760
MongoDB nativeHelper.apply Remote Code Execution
Topic: MongoDB nativeHelper.apply Remote Code Execution Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please...
http://feedproxy.google.com/~r/securityalert_database/~3/9qv99GNyBx0/WLB-2013040007
Virtual Access Monitor SQL Injection
Topic: Virtual Access Monitor SQL Injection Risk: Medium Text:High Risk Vulnerability in Virtual Access Monitor 2 April 2013 Ken Wolstencroft of NCC Group has discovered a High risk v...
http://feedproxy.google.com/~r/securityalert_database/~3/fgTY56cKvK8/WLB-2013040011
Mozilla Thunderbird Multiple Bugs Let Remote Users Execute Arbitrary Code, Deny Service, and Conduct Phishing and Cross-Site Scripting Attacks and Let Local Users Gain Elevated Privileges
Multiple vulnerabilities were reported in Mozilla Thunderbird. A remote user can cause arbitrary code to be executed on the target user's system. A local user can obtain elevated privileges on the target system. A remote user can cause denial of service conditions. A remote user can conduct phishing and cross-site scripting attacks.
http://www.securitytracker.com/id/1028382
Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code, Deny Service, and Conduct Phishing and Cross-Site Scripting Attacks and Let Local Users Gain Elevated Privileges
Multiple vulnerabilities were reported in Mozilla Firefox. A remote user can cause arbitrary code to be executed on the target user's system. A local user can obtain elevated privileges on the target system. A remote user can cause denial of service conditions. A remote user can conduct phishing and cross-site scripting attacks.
http://www.securitytracker.com/id/1028379
WordPress Feedweb Plugin "wp_post_id" Cross-Site Scripting Vulnerability
WordPress Feedweb Plugin "wp_post_id" Cross-Site Scripting Vulnerability
https://secunia.com/advisories/52855
Darkleech infiziert reihenweise Apache-Server
Darkleech ist "intelligent" und greift nicht jeden an. Opfer leitet es auf Seiten mit dem Blackhole Exploit Kit um. Für die Angriffe werden Apache-Webserver als Virenschleudern missbraucht. Eine Vielzahl von deutschen Webseiten soll infiziert sein.
http://www.heise.de/security/meldung/Darkleech-infiziert-reihenweise-Apache-Server-1833910.html
Cisco Connected Grid Network Management System SQL Injection Vulnerabilities
A vulnerability in device management of the Cisco Connected Grid Network Management System (CG-NMS) could allow an unauthenticated, remote attacker to modify data in the CG-NMS database by using SQL injection. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including SQL statements in an entry field.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1163
Cisco Connected Grid Network Management System Cross-Site Scripting Vulnerabilities
Cisco Connected Grid Network Management System (CG-NMS) is susceptible to cross-site scripting (XSS) vulnerabilities in the element list component. XSS attacks use obfuscation by encoding tags or malicious portions of the script using the Unicode method so that the link or HTML content is disguised to the end user browsing to the site. The origins of XSS attacks are difficult to identify using traceback methods...
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1171
ownCloud-Sicherheitsupdate zerschießt Installation
Nach einem Update auf die Versionen 5.0.1 und 5.0.2 stellt ownCloud die Funktion ein. Inzwischen haben die Entwickler nachgebessert.
http://www.heise.de/security/meldung/ownCloud-Sicherheitsupdate-zerschiesst-Installation-1834339.html
SEC Consult - Sophos Web Protection Appliance Multiple vulnerabilities
SEC Consult has identified several vulnerabilities within the components of the Sophos Web Protection Appliance in the course of a short crash test. Some components have been spot-checked, while others have not been tested at all.
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130403-0_Sophos_Web_Protection_Appliance_Multiple_Vulnerabilities.txt
IBM Maximo Asset Management Products - Potential security vulnerabilities with JavaTM SDKs
Security Bulletin: Asset and Service Mgmt Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. See Vulnerability Details for CVE IDs.
http://www-01.ibm.com/support/docview.wss?uid=swg21633170