End-of-Shift report
Timeframe: Montag 01-07-2013 18:00 − Dienstag 02-07-2013 18:00
Handler: Stephan Richter
Co-Handler: n/a
Bugtraq: [SECURITY] CVE-2013-1777: Apache Geronimo 3 RMI classloader exposure
A misconfigured RMI classloader in Apache Geronimo 3.0 may enable an attacker to send a serialized object via JMX that could compromise the system.
http://www.securityfocus.com/archive/1/527022
Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Script Injection Vulnerabilities
Topic: Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Script Injection Vulnerabilities Risk: Low Text:Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Script Injection Vulnerabilities Vendor: Barracuda Networks, Inc. Product web ...
http://cxsecurity.com/issue/WLB-2013070014
Hackers Aggressively Scanning ICS, SCADA Default Credentials, Vulnerabilities
Attacks against industrial control systems and SCADA equipment are progressing beyond automated scans for vulnerabilities or default credentials hitting honeypots, and are leading to service disruptions.
http://threatpost.com/hackers-aggressively-scanning-ics-scada-default-credentials-vulnerabilities/
Bugtraq: Linksys EA - 2700, 3500, 4200, 4500 w/ Lighttpd 1.4.28 Unauthenticated Remote Administration Access
- Unauthenticated remote access to all pages of the router
administration GUI, bypassing any credential prompts under certain
common configurations (see below)
- Direct access to several other critical files, unauthenticated as well
http://www.securityfocus.com/archive/1/527027
Symantec Security Information Manager Console Multiple Vulnerabilities
Multiple vulnerabilities have been reported in Symantec Security Information Manager, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to disclose sensitive information and conduct cross-site scripting attacks.
https://secunia.com/advisories/53990
IBM Rational Automation Framework Java JSSE Denial of Service Vulnerability
IBM has acknowledged a vulnerability in IBM Rational Automation Framework, which can be exploited by malicious people to cause a DoS (Denial of Service).
https://secunia.com/advisories/54034
IBM Sterling B2B Integrator / IBM Sterling File Gateway Multiple Vulnerabilities
Multiple vulnerabilities have been reported in IBM Sterling B2B Integrator and IBM Sterling File, where one has an unknown impact and others can be exploited by malicious users to conduct SQL injection attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.
https://secunia.com/advisories/53850
HPSBHF02888 rev.1 - HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution
Potential security vulnerabilities have been identified with HP, 3COM, and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information and execution of code.
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03808969
Cisco TC Software SIP Implementation Error May Affect Communications Integrity
A vulnerability in the Session Initiation Protocol (SIP) implementation used in TC Software could allow an unauthenticated, remoteattacker to cause an endpoint to process unintended SIP NOTIFY messages.
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3401
TRENDnet Multiple Products Security Bypass Security Issue
A security issue has been reported in multiple TRENDnet products, which can be exploited by malicious users to bypass certain security restrictions.
https://secunia.com/advisories/53926
HTTPS Side-Channel Attack A Tool For Encrypted Secret Theft
Researchers to release details on how SSL vulnerability gives attackers ability to steal everything from OAuth tokens to PII through an enterprise app in just 30 seconds.
http://www.darkreading.com/vulnerability/https-side-channel-attack-a-tool-for-enc/240157583
IBM Storwize V7000 Unified Multiple Vulnerabilities
IBM has acknowledged multiple vulnerabilities in IBM Storwize V7000 Unified, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
https://secunia.com/advisories/54036
HP-UX update for Java
HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
https://secunia.com/advisories/53999
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03809278
Fortinet FortiOS (FortiGate) Cross-Site Request Forgery Vulnerability
A vulnerability has been reported in Fortinet FortiOS (FortiGate), which can be exploited by malicious people to conduct cross-site request forgery attacks.
https://secunia.com/advisories/53996
Hacker Holes in Server Management System Allows ‘Almost-Physical’ Access
Major vulnerabilities in a protocol for remotely monitoring and managing servers would allow attackers to hijack the computers to gain control of them, access or erase data, or lock others out. The vulnerabilities exist in more than 100,000 servers connected ...
http://www.wired.com/threatlevel/2013/07/ipmi/
HP-UX update for Apache with Tomcat Servlet Engine
HP has issued an update for Apache with Tomcat Servlet Engine. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
https://secunia.com/advisories/53989
Alcatel-Lucent OmniTouch Multiple Products Cross-Site Scripting Vulnerability
A vulnerability has been reported in multiple Alcatel-Lucent OmniTouch products, which can be exploited by malicious people to conduct cross-site scripting attacks.
https://secunia.com/advisories/54000