Tageszusammenfassung - Freitag 5-04-2013

End-of-Shift report

Timeframe: Donnerstag 04-04-2013 18:00 − Freitag 05-04-2013 18:00 Handler: Stephan Richter Co-Handler: Otmar Lendl

Advance Notification Service for the April 2013 Security Bulletin Release

In celebration of spring’s onset, today we’re providing advance notification for the April 2013 release of nine bulletins; two Critical and seven Important. The Critical bulletins address vulnerabilities in Microsoft Windows and Internet Explorer, and the seven Important-rated bulletins will address issues in Microsoft Windows, Office, Antimalware Software, and Server Software. As always, we’ll publish the bulletins on the second Tuesday of the month, April 9, 2013 at...

http://blogs.technet.com/b/msrc/archive/2013/04/04/advance-notification-service-for-the-april-2013-security-bulletin-release.aspx


Blog: Skypemageddon by bitcoining

Cybercriminals mine Bitcoins via abusing CPU of the victims by infecting users via Skype

http://www.securelist.com/en/blog/208194210/Skypemageddon_by_bitcoining


Avaya Aura Application Enablement Services Multiple Vulnerabilities

Avaya Aura Application Enablement Services Multiple Vulnerabilities

https://secunia.com/advisories/52893


Xerox FreeFlow Print Server Multiple Vulnerabilities

Xerox FreeFlow Print Server Multiple Vulnerabilities

https://secunia.com/advisories/52848


Cisco Tivoli Business Service Manager Denial of Service Vulnerability

Cisco Tivoli Business Service Manager (TBSM), which is part of Cisco Hosted Collaboration Mediation (HCM), contains a vulnerability that could allow an unauthenticated remote attacker to cause a partial Denial of Service (DoS).

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1174


McAfee Email Gateway Denial of Service Vulnerability

McAfee Email Gateway Denial of Service Vulnerability

https://secunia.com/advisories/52838


BSI warnt vor erneuten Angriffen über Anzeigen

In den letzten Tagen wurden vermehrt OpenX-Anzeigen-Server mit Schadcode präpariert. Mittlerweile geraten über Anzeigennetze auch große Sites ins Visier und attackieren dann innerhalb kurzer Zeit tausende Besucher.

http://www.heise.de/security/meldung/BSI-warnt-vor-erneuten-Angriffen-ueber-Anzeigen-1836278.html


Vuln: Apache Subversion svn_fs_file_length() Remote Denial of Service Vulnerability

Apache Subversion svn_fs_file_length() Remote Denial of Service Vulnerability

http://www.securityfocus.com/bid/58323