Tageszusammenfassung - Montag 3-06-2013

End-of-Shift report

Timeframe: Freitag 31-05-2013 18:00 − Montag 03-06-2013 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter

WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability

Topic: WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability Risk: Low Text:Advisory: WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability Advisory ID: SSCHADV2013-004 Author: Stefan...

http://cxsecurity.com/issue/WLB-2013060001

ModSecurity 2.7.3 NULL pointer dereference PoC

Topic: ModSecurity 2.7.3 NULL pointer dereference PoC Risk: High Text:#!/usr/bin/env python3 #-*- coding: utf-8 -*- # # Created on Mar 29, 2013 # # @author: Younes JAAIDI <yjaaidi at shookalabs.c...

http://cxsecurity.com/issue/WLB-2013060006

Security Bulletin: Multiple security vulnerabilities in IBM Sales Center for WebSphere Commerce (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-0191, CVE-2012-2159, CVE-2012-2161)

Multiple security vulnerabilities have been identified in IBM Sales Center for WebSphere Commerce V6.0 and V7.0 CVEID: CVE-2008-7271 CVE-2010-4647 CVE-2012-0186 CVE-2012-0191 CVE-2012-2159 CVE-2012-2161 Affected product(s) and affected version(s): IBM Sales Center for WebSphere Commerce V6.0 (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-2159, CVE-2012-2161) IBM Sales Center for WebSphere Commerce V7.0 (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-2159,

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_security_vulnerabilities_in_ibm_sales_center_for_websphere_commerce_cve_2008_7271_cve_2010_4647_cve_2012_0186_cve_2012_0191_cve_2012_2159_cve_2012_2161?lang=en_us

Besonders tückisches PayPal-Phishing

Aufgepasst: Mit persönlicher Anrede und einer eigens registrierten .de-Domain greifen Cyber-Kriminelle derzeit nach den Kreditkartendaten von PayPal-Kunden. Der Schwindel fällt bestenfalls auf den zweiten Blick auf.

http://www.heise.de/newsticker/meldung/Besonders-tueckisches-PayPal-Phishing-1874729.html

Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169

Potential Security Exposure with IBM HTTP Server for WebSphere Application Server. CVEID: CVE-2013-0169 AFFECTED VERSIONS: This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: · Version 8.5 · Version 8 · Version 7 · Version 6.1 Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21635988

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_exposure_in_ibm_http_server_cve_2013_0169?lang=en_us

WordPress AntiVirus FPD and Security bypass vulnerabilities

Topic: WordPress AntiVirus FPD and Security bypass vulnerabilities Risk: Low Text:These are Full path disclosure and Security bypass vulnerabilities in AntiVirus for WordPress. This is security plugin for dete...

http://cxsecurity.com/issue/WLB-2013060010

Compromised FTP/SSH account privilege-escalating mass iFrame embedding platform released on the underground marketplace

By Dancho Danchev Utilizing the very best in ‘malicious economies of scale’ concepts, cybercriminals have recently released a privilege-escalating Web-controlled mass iFrame embedding platform that’s not just relying on compromised FTP/SSH accounts, but also automatically gains root access on the affected servers in an attempt to target each and every site hosted there. Similar to […]

http://blog.webroot.com/2013/06/03/compromised-ftpssh-account-privilege-escalating-mass-iframe-embedding-platform-released-on-the-underground-marketplace/

IBM Tivoli Netcool/System Service Monitor Multiple OpenSSL Vulnerabilities

https://secunia.com/advisories/53720

Apache Subversion Hook Scripts Arbitrary Command Injection Vulnerability

https://secunia.com/advisories/53727

Apache Subversion svnserve and FSFS Repositories Denial of Service Vulnerabilities

https://secunia.com/advisories/53692

Researchers Infect iOS Devices With Malware Via Malicious Charger

Sparrowvsrevolution writes "At the upcoming Black Hat security conference in late July, three researchers at the Georgia Institute of Technology plan to show off a proof-of-concept charger that they say can be used to invisibly install malware on a device running the latest version of Apples iOS. A description of their talk posted to the conference website describes how they were able to install whatever malware they wished on an Apple device within a minute of the user plugging it into...

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/3xY6_Bverd0/story01.htm

Multiple vulnerabilities in Typo3 extensions

SQL Injection vulnerability in extension Multishop: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009-1/ Several vulnerabilities in third party extensions: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-007/ Security Bypass Vulnerability in extension powermail: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-006/

http://typo3.org/teams/security/security-bulletins/

Erneut Sicherheitslücke bei ClickandBuy

Die neue Schwachstelle lauerte auf der Hilfe-Seite für Kunden. Schon einmal hatte der Online-Bezahldienstleister ClickandBuy mit einer XSS-Lücke zu kämpfen.

http://www.heise.de/newsticker/meldung/Erneut-Sicherheitsluecke-bei-ClickandBuy-1874953.html

IBM DB2 / DB2 Connect Global Security Toolkit SSL Information Disclosure Weakness

https://secunia.com/advisories/53696

IBM DB2 / DB2 Connect db2aud Privilege Escalation Vulnerability

https://secunia.com/advisories/52663

TYPO3 jQuery Autocomplete for indexed_search Extension SQL Injection Vulnerability

https://secunia.com/advisories/53633