Tageszusammenfassung - Mittwoch 5-06-2013

End-of-Shift report

Timeframe: Dienstag 04-06-2013 18:00 − Mittwoch 05-06-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

Get Set Null Java Security

Java, being widely used by the applications, has also been actively targeted by malware authors. One of the most common techniques to exploit Java applications, is to disable the security manager. This blog provides widely used logic used by malware authors...

http://www.fireeye.com/blog/technical/2013/06/get-set-null-java-security.html


Schneider Electric Quantum Ethernet Module Hard-Coded Credentials

This updated advisory is a follow-up to the original advisory titled ICSA-12-018-01 Schneider Electric Quantum Ethernet Module Hard-Coded Credentials that was published on January 17, 2012, on the ICS-CERT Web page

http://ics-cert.us-cert.gov/advisories/ICSA-12-018-01A


Schneider Electric PLCs Multiple Vulnerabilities

This updated advisory is a follow-up to the updated advisory titled ICSA-13-077-01A Schneider Electric PLCS Multiple Vulnerabilities (Update A) that was published March 20, 2013, on the ICS-CERT Web page.

http://ics-cert.us-cert.gov/advisories/ICSA-13-077-01B


Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx, (Wed, Jun 5th)

Richard Porter ISC Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

http://isc.sans.edu/diary.html?storyid=15932&rss


IBM AIX inet IPv6 Bug Lets Remote Users Deny Service

On systems configured with IPv6, a remote user can send a specially crafted IPv6 packet to cause the target system to hang.

http://www.securitytracker.com/id/1028626


Mac OSX Server DirectoryService Buffer Overflow

Topic: Mac OSX Server DirectoryService Buffer Overflow Risk: High Text:Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Mac OSX Server DirectoryService buffer overflow 1....

http://cxsecurity.com/issue/WLB-2013060040


NetGear DGN1000 and NetGear DGN2200 security bypass

NetGear DGN1000 and NetGear DGN2200 could allow a remote attacker to bypass security restrictions, caused by an error in the interface when handling requests containing the currentsetting.htm substring. An attacker could exploit this vulnerability to gain unauthorized access to restricted functionality.

http://xforce.iss.net/xforce/xfdb/84662


[2013-06-05] Critical vulnerabilities in CTERA portal

CTERA portal contains multiple and partly critical security issues such as XML External Entity injection that allows unauthenticated attackers to fully take over the affected server.

https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130605-0_CTERA_PORTAL_Multiple_Vulnerabilities_v10.txt


Apple Mac OS X Multiple Vulnerabilities

Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

https://secunia.com/advisories/53684


PRTG Network Monitor login.htm cross-site scripting

PRTG Network Monitor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the login.htm script. A remote attacker could exploit this vulnerability using the errormsg...

http://xforce.iss.net/xforce/xfdb/84686


Apache Struts OGNL Expression Injection Vulnerabilities

Security Research Laboratory has reported some vulnerabilities in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions.

https://secunia.com/advisories/53693


Monkey HTTP Daemon "mk_request_header_process()" Signedness Error Buffer Overflow Vulnerability

A vulnerability has been discovered in Monkey HTTP Daemon, which can be exploited by malicious people to compromise a vulnerable system.

https://secunia.com/advisories/53697


CVE-2013-3919: A recursive resolver can be crashed by a query for a malformed zone

A bug has been discovered in the most recent releases of BIND 9 which has the potential for deliberate exploitation as a denial-of-service attack. By sending a recursive resolver a query for a record in a specially malformed zone, an attacker can cause BIND 9 to exit with a fatal "RUNTIME_CHECK" error in resolver.c

https://kb.isc.org/article/AA-00967