End-of-Shift report
Timeframe: Dienstag 18-06-2013 18:00 − Mittwoch 19-06-2013 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Sybase EAServer Multiple Vulnerabilities
Multiple vulnerabilities have been reported in Sybase EAServer, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system.
https://secunia.com/advisories/53733
Java SE Critical Patch Update - June 2013
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 40 new security fixes across Java SE products of which 4 are applicable to server deployments of Java.
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Java 7 update 25 released (Tue, Jun 18th)
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
(c) SANS Internet Storm Center.
http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://isc.sans.edu/diary.html?storyid=16025
Critical Update Plugs 40 Security Holes in Java
Oracle today released a critical patch update for its Java software that fixes at least 40 security vulnerabilities in this widely deployed program and browser plugin. Updates are available for Java 7 on both Mac and Windows.
https://krebsonsecurity.com/2013/06/critical-update-plugs-40-security-holes-in-java/
Siemens WinCC 7.2 Multiple Vulnerabilities
This advisory provides mitigation details for vulnerabilities that impact the Siemens WinCC Web Navigator 7.2.
http://ics-cert.us-cert.gov/advisories/ICSA-13-169-02
Remote code execution vuln appears in Puppet
Big trouble in automated clouds - Puppet Labs has blasted out a security advisory about a vulnerability in the popular infrastructure management tool Puppet.
http://go.theregister.com/feed/www.theregister.co.uk/2013/06/18/puppet_security_vuln/
Solaris 10 patch cluster File clobbering vulnerability
Topic: Solaris 10 patch cluster File clobbering vulnerability Risk: Medium Text:File clobbering vulnerability in Solaris 10 patch cluster 3/27/2013 Larry W. Cashdollar @_larry0 Hello, The 147147-2...
http://cxsecurity.com/issue/WLB-2013060154
Joomla 1.5.26, 2.5.11, 3.1.1 crypto vulnerability
Topic: Joomla 1.5.26, 2.5.11, 3.1.1 crypto vulnerability Risk: Medium Text:# Vulnerable Application All current and past versions of Joomla (
http://www.joomla.org) up to 1.5.26, 2.5.11, 3.1.1. Also th...
http://cxsecurity.com/issue/WLB-2013060146
Symantec Endpoint Protection Manager Buffer Overflow Vulnerability
A vulnerability has been reported in Symantec Endpoint Protection Manager, which can be exploited by malicious people to compromise a vulnerable system.
https://secunia.com/advisories/53864
Angestellte wollen Hilfe bei IT-Sicherheit
Der Umgang mit Informationstechnik gehört auch für Angestellte in kleinen und mittelständischen Unternehmen zum täglichen Alltag. Einer Studie zufolge fühlten sie sich bei dieser Aufgabe jedoch vielfach alleingelassen.
http://futurezone.at/b2b/16584-angestellte-wollen-hilfe-bei-it-sicherheit.php?rss=fuzo