End-of-Shift report
Timeframe: Freitag 31-05-2013 18:00 − Montag 03-06-2013 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability
Topic: WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability Risk: Low Text:Advisory: WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability Advisory ID: SSCHADV2013-004 Author: Stefan...
http://cxsecurity.com/issue/WLB-2013060001
ModSecurity 2.7.3 NULL pointer dereference PoC
Topic: ModSecurity 2.7.3 NULL pointer dereference PoC Risk: High Text:#!/usr/bin/env python3 #-*- coding: utf-8 -*- # # Created on Mar 29, 2013 # # @author: Younes JAAIDI <
yjaaidi at shookalabs.c...
http://cxsecurity.com/issue/WLB-2013060006
Security Bulletin: Multiple security vulnerabilities in IBM Sales Center for WebSphere Commerce (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-0191, CVE-2012-2159, CVE-2012-2161)
Multiple security vulnerabilities have been identified in IBM Sales Center for WebSphere Commerce V6.0 and V7.0 CVEID: CVE-2008-7271 CVE-2010-4647 CVE-2012-0186 CVE-2012-0191 CVE-2012-2159 CVE-2012-2161 Affected product(s) and affected version(s): IBM Sales Center for WebSphere Commerce V6.0 (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-2159, CVE-2012-2161) IBM Sales Center for WebSphere Commerce V7.0 (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-2159,
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_security_vulnerabilities_in_ibm_sales_center_for_websphere_commerce_cve_2008_7271_cve_2010_4647_cve_2012_0186_cve_2012_0191_cve_2012_2159_cve_2012_2161?lang=en_us
Besonders tückisches PayPal-Phishing
Aufgepasst: Mit persönlicher Anrede und einer eigens registrierten .de-Domain greifen Cyber-Kriminelle derzeit nach den Kreditkartendaten von PayPal-Kunden. Der Schwindel fällt bestenfalls auf den zweiten Blick auf.
http://www.heise.de/newsticker/meldung/Besonders-tueckisches-PayPal-Phishing-1874729.html
Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169
Potential Security Exposure with IBM HTTP Server for WebSphere Application Server. CVEID: CVE-2013-0169 AFFECTED VERSIONS: This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: · Version 8.5 · Version 8 · Version 7 · Version 6.1 Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21635988
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_exposure_in_ibm_http_server_cve_2013_0169?lang=en_us
WordPress AntiVirus FPD and Security bypass vulnerabilities
Topic: WordPress AntiVirus FPD and Security bypass vulnerabilities Risk: Low Text:These are Full path disclosure and Security bypass vulnerabilities in AntiVirus for WordPress. This is security plugin for dete...
http://cxsecurity.com/issue/WLB-2013060010
Compromised FTP/SSH account privilege-escalating mass iFrame embedding platform released on the underground marketplace
By Dancho Danchev Utilizing the very best in ‘malicious economies of scale’ concepts, cybercriminals have recently released a privilege-escalating Web-controlled mass iFrame embedding platform that’s not just relying on compromised FTP/SSH accounts, but also automatically gains root access on the affected servers in an attempt to target each and every site hosted there. Similar to […]
http://blog.webroot.com/2013/06/03/compromised-ftpssh-account-privilege-escalating-mass-iframe-embedding-platform-released-on-the-underground-marketplace/
IBM Tivoli Netcool/System Service Monitor Multiple OpenSSL Vulnerabilities
IBM Tivoli Netcool/System Service Monitor Multiple OpenSSL Vulnerabilities
https://secunia.com/advisories/53720
Apache Subversion Hook Scripts Arbitrary Command Injection Vulnerability
Apache Subversion Hook Scripts Arbitrary Command Injection Vulnerability
https://secunia.com/advisories/53727
Apache Subversion svnserve and FSFS Repositories Denial of Service Vulnerabilities
Apache Subversion svnserve and FSFS Repositories Denial of Service Vulnerabilities
https://secunia.com/advisories/53692
Researchers Infect iOS Devices With Malware Via Malicious Charger
Sparrowvsrevolution writes "At the upcoming Black Hat security conference in late July, three researchers at the Georgia Institute of Technology plan to show off a proof-of-concept charger that they say can be used to invisibly install malware on a device running the latest version of Apples iOS. A description of their talk posted to the conference website describes how they were able to install whatever malware they wished on an Apple device within a minute of the user plugging it into...
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/3xY6_Bverd0/story01.htm
Multiple vulnerabilities in Typo3 extensions
SQL Injection vulnerability in extension Multishop:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009-1/ Several vulnerabilities in third party extensions:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-007/ Security Bypass Vulnerability in extension powermail:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-006/
http://typo3.org/teams/security/security-bulletins/
Erneut Sicherheitslücke bei ClickandBuy
Die neue Schwachstelle lauerte auf der Hilfe-Seite für Kunden. Schon einmal hatte der Online-Bezahldienstleister ClickandBuy mit einer XSS-Lücke zu kämpfen.
http://www.heise.de/newsticker/meldung/Erneut-Sicherheitsluecke-bei-ClickandBuy-1874953.html
IBM DB2 / DB2 Connect Global Security Toolkit SSL Information Disclosure Weakness
IBM DB2 / DB2 Connect Global Security Toolkit SSL Information Disclosure Weakness
https://secunia.com/advisories/53696
IBM DB2 / DB2 Connect db2aud Privilege Escalation Vulnerability
IBM DB2 / DB2 Connect db2aud Privilege Escalation Vulnerability
https://secunia.com/advisories/52663
TYPO3 jQuery Autocomplete for indexed_search Extension SQL Injection Vulnerability
TYPO3 jQuery Autocomplete for indexed_search Extension SQL Injection Vulnerability
https://secunia.com/advisories/53633