Tageszusammenfassung - Donnerstag 4-07-2013

End-of-Shift report

Timeframe: Mittwoch 03-07-2013 18:00 − Donnerstag 04-07-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

Alstom Grid S1 Agile Improper Authorization

This advisory provides mitigation details for a vulnerability affecting the Alstom Grid MiCOM S1 Agile and S1 Studio Software.Note: Alstom Grid MiCOM S1 Studio Software is its own software suite. A user could have MiCOM S1 Studio Software from a different vendor. This advisory only addresses the Alstom software product.

http://ics-cert.us-cert.gov/advisories/ICSA-13-184-01


Security Bulletin: IBM Business Process Manager (BPM) Vulnerable URLs (CVE-2013-0581)

When a dashboard is opened or a service is executed, a malicious attacker can intercept network requests from the client. Then, the attacker can modify the URL parameters of the request so that malicious code can be executed within the client browser. CVE(s): CVE-2013-0581 Affected product(s) and affected version(s): IBM Business Process Manager Standard Versions 7.5.1.x, 8.0.0.x, 8.0.1.x IBM Business Process Manager Express Versions 7.5.1.x,8.0.0.x, 8.0.1.x IBM Business Process Manager

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_business_process_manager_bpm_vulnerable_urls_cve_2013_05811?lang=en_us


Deceptive ads targeting German users lead to the W32/SomotoBetterInstaller Potentially Unwanted Application (PUA)

By Dancho Danchev We've just intercepted yet another campaign serving deceptive ads, this time targeting German-speaking users into downloading and installing the privacy-invading "FLV Player" Potentially Unwanted Application (PUA), part of Somoto's pay-per-install network. More details: ...

http://blog.webroot.com/2013/07/03/deceptive-ads-targeting-german-users-lead-to-the-w32somotobetterinstaller-potentially-unwanted-application-pua/


IBM AIX TFTP RBAC Bug Lets Remote Authenticated Users Read and Overwrite Root-Owned Files

A vulnerability was reported in IBM AIX. A remote authenticated user can read and overwrite files on the target system with root privileges.

http://www.securitytracker.com/id/1028728


Androids Code-Signatur lässt sich umgehen

Ein junges US-Sicherheitsunternehmen will einen Android-Fehler entdeckt haben, der das Einschleusen beliebigen Codes in signierte App-Pakete erlaubt, ohne die Signatur zu brechen.

http://www.heise.de/security/meldung/Androids-Code-Signatur-laesst-sich-umgehen-1911077.html