Tageszusammenfassung - Freitag 26-04-2013

End-of-Shift report

Timeframe: Donnerstag 25-04-2013 18:00 − Freitag 26-04-2013 18:00 Handler: Stephan Richter Co-Handler: L. Aaron Kaplan

Bugtraq: Nginx ngx_http_close_connection function integer overflow

http://www.securityfocus.com/archive/1/526439

---

Anti-Phishing Workgroup Publishes 2012 Global Phishing Report. Download here: http://docs.apwg.org/reports/APWG_GlobalPhishingSurvey_2H2012.pdf, (Thu, Apr 25th)

-- John Bambenek bambenek \at\ gmail /dot/ com Bambenek Consulting (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

http://isc.sans.edu/diary.html?storyid=15683&rss

---

Vulnerability in Citrix NetScaler Access Gateway Enterprise Edition Could Result in Unauthorized Access to Network Resources

A vulnerability has been identified in NetScaler Access Gateway Enterprise Edition that could allow a remote attacker to gain unauthorized access to internal network resources.

http://support.citrix.com/article/ctx137238

---

HPSBPI02868 SSRT101017 rev.1 - HP Managed Printing Administration (MPA), Remote Cross Site Scripting (XSS)

A potential security vulnerability has been identified with HP Managed Printing Administration (MPA). The vulnerability could be exploited remotely resulting in cross site scripting (XSS).

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03737200

---

Multiple HP LaserJet products unauthorized access

http://xforce.iss.net/xforce/xfdb/83817

---

VMSA-2013-0006 VMware security updates for vCenter Server

VMware has updated vCenter Server Appliance (vCSA) and vCenter Server running on Windows to address multiple security vulnerabilities.

https://www.vmware.com/security/advisories/VMSA-2013-0006.html

---

IBM Security Bulletin: Vulnerabilities in AppScan Standard

The IBM Security AppScan Standard 8.6 (previously known as IBM Rational AppScan Standard Edition) release includes fixes to two security vulnerabilities.

http://www-01.ibm.com/support/docview.wss?uid=swg21609022

---

Security Bulletin: Vulnerability in Sametime Links (CVE-2013-0533)

Sametime Links can be exploited to create a DOM-based XSS vulnerability. A fix is provided. CVE(s): CVE-2013-0533 Affected product(s) and affected version(s): Sametime Links 8.0.2, 8.5, 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1 server on any platform. Refer to the following reference URLs for remediation and additional vulnerability details.

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_vulnerability_in_sametime_links_cve_2013_0533?lang=en_us

---

Possible Exploit Vector for DarkLeech Compromises

Often it is quite surprising how long old, well-known vulnerabilities continue to be exploited. Recently, a friend sent me an example of a malicious script used in an attempted attack against their server:...

http://blogs.cisco.com/security/possible-exploit-vector-for-darkleech-compromises/