End-of-Shift report
Timeframe: Montag 06-05-2013 18:00 − Dienstag 07-05-2013 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Bugtraq: ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities
ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities
http://www.securityfocus.com/archive/1/526542
Is there an epidemic of typo squatting?, (Tue, May 7th)
One of our readers, Jim, wrote in earlier today to say he has noticed an increase in "working" typo squatting over the last 2 months or so. That is, hes seen users accidently surfing to them or being redirected there by some sort of malicious javascript trickery. His question for us (and the rest of you) is, is this a local phenomenon or are the bad guys making more use of this tactic? Im not currently setup to monitor this type of activity, so I figured Id ask our loyal readers. Do...
http://isc.sans.edu/diary.html?storyid=15740&rss
Security Bulletin: IBM Content Collector affected by vulnerabilities in IBM Java SDK
Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with IBM Content Collector.
http://www-01.ibm.com/support/docview.wss?uid=swg21634236
Security Bulletin: IBM Notes PNG integer overflow (CVE-2013-2977)
IBM Notes has an integer overflow vulnerability which may be triggered by viewing a malformed PNG image.
http://www-01.ibm.com/support/docview.wss?uid=swg21635878
Security Bulletin: Multiple security vulnerabilities addressed in IBM Sterling Secure Proxy
IBM Sterling Secure Proxy is vulnerable to spoofing and information disclosure attacks.
http://www-01.ibm.com/support/docview.wss?uid=swg21636369
MyBB Game Section Plugin "des" and "s" Cross-Site Scripting Vulnerabilities
https://secunia.com/advisories/53296
Hacker verschafften sich Zugriff auf alle .edu-Domains
Die Hackergruppe "Hack The Planet" veröffentlicht Informationen zu Lücken in MoinMoin und ColdFusion, über die sie sich unter anderem Zugriff auf alle .edu-Domains, die Website des Sicherheitstools Nmap sowie andere prominente Websites verschaffte.
http://www.heise.de/security/meldung/Hacker-verschafften-sich-Zugriff-auf-alle-edu-Domains-1857588.html
Wonderware Information Server Vulnerabilities
This advisory provides mitigation details for multiple vulnerabilities that impact the Invensys Wonderware Information Server (WIS) software.
http://ics-cert.us-cert.gov/advisories/ICSA-13-113-01
Bugtraq: SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager
http://www.securityfocus.com/archive/1/526552
Honeywords sollen Passwortdiebe in die Falle locken
Zwei Krypto-Forscher schlagen vor, Datendiebe mit Köder-Passwörten zu überführen. Loggt sich jemand mit einem der sogenannten Honeywords ein, ist ziemlich sicher etwas faul.
http://www.heise.de/security/meldung/Honeywords-sollen-Passwortdiebe-in-die-Falle-locken-1858156.html
nginx "ngx_http_parse_chunked()" Buffer Overflow Vulnerability
nginx "ngx_http_parse_chunked()" Buffer Overflow Vulnerability
https://secunia.com/advisories/53248
XSS, LFI in Cisco, Linksys E4200 Firmware
Reflected XSS + LFI Bugs in the Cisco, Linksys E4200 Wireless Router Firmware Version: 1.0.05 build 7 were discovered by our Researchers in January 2013 and finally acknowledged by Linksys in April 2013. The Vendor is unable to Patch the Vulnerability in a reasonable timeframe.
http://www.cloudscan.me/2013/05/xss-lfi-linksys-e4200-firmware-0d.html