End-of-Shift report
Timeframe: Freitag 05-07-2013 18:00 − Montag 08-07-2013 18:00
Handler: Matthias Fraidl
Co-Handler: Stephan Richter
Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host
A local administrative user on a PV guest can exploit a memory management page reference counting error to gain access on the target host server.
Systems running only HVM guests are not affected.
http://www.securitytracker.com/id/1028740
WordPress post.php cross-site scripting
WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the post.php script. A remote attacker could exploit this vulnerability using the excerpt and content fields to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
http://xforce.iss.net/xforce/xfdb/85439
Debian Security Advisory DSA-2720 icedove
several vulnerabilities
http://www.debian.org/security/2013/dsa-2720
Multiple D-Link Devices - OS-Command Injection via UPnP Interface
The vulnerability is caused by missing input validation in different XML parameters. This vulnerability could be exploited to inject and execute arbitrary shell commands.
WARNING: You do not need to be authenticated to the device to insert and execute malicious commands.
http://www.exploit-db.com/exploits/26664
OpenNetAdmin Remote Code Execution
This exploit works because adding modules can be done without any sort
of authentication.
http://cxsecurity.com/issue/WLB-2013070055
Styx Exploit Pack: Domo Arigato, PC Roboto
Not long ago, miscreants who wanted to buy an exploit kit -- automated software that helps booby-trap hacked sites to deploy malicious code -- had to be fairly well-connected, or at least have access to semi-private underground forums. These days, some exploit kit makers are brazenly advertising and offering their services out in the open, marketing their wares as browser vulnerability "stress-test platforms."
https://krebsonsecurity.com/2013/07/styx-exploit-pack-domo-arigato-pc-roboto/
Debian Security Advisory DSA-2721 nginx
buffer overflow
http://www.debian.org/security/2013/dsa-2721
What Does Facebook Know About You - An Analysis
If you've read a news website, turned on the TV or not been under a rock over the past few weeks, then there is a good chance you've heard of a guy named Edward Snowden. He's the US analyst who is currently stuck in a Russian airport looking for asylum because he exposed that - surprise, surprise - the US government/NSA had been spying on pretty much everyone.
http://daylandoes.com/facebook-and-your-data/
15 MILLION dodgy login attempts spaffed all over Nintendo loyalists
Thousands of players plundered for their hard-earned booty Hackers broke into 24,000 Club Nintendo accounts after pummelling the loyalty-reward website in a month-long assault.
http://go.theregister.com/feed/www.theregister.co.uk/2013/07/08/nintendo_brute_force_attack/
Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability
Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/50218
DropBox account hacking bypassing two-factor authentication
Zouheir Abdallah revealed that a hacker already knows the victim's credentials for Dropbox account that has 2FA authentication enabled, is able to hack it.
http://securityaffairs.co/wordpress/15944/hacking/dropbox-account-hacking.html
Spam blizzards sometimes seed malware, AppRiver study warns
Digital desperadoes have begun hiding their larcenous activities behind blizzards of spam aimed at their victims inboxes, according to a report released last week by a cloud security provider. The technique, called Distributed Spam Distraction (DSD), began appearing early this year, AppRiver revealed in its Global Threat & Spamscape Report for the first half of 2013.
http://www.techhive.com/article/2043764/spam-blizzards-sometimes-seed-malware-appriver-study-warns.html
cPanel cpanellogd Two Privilege Escalation Vulnerabilities
cPanel cpanellogd Two Privilege Escalation Vulnerabilities
https://secunia.com/advisories/53921
FFmpeg Multiple Vulnerabilities
FFmpeg Multiple Vulnerabilities
https://secunia.com/advisories/54044
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: accessible_is_browse_results, maag_formcaptcha, meta_feedit, rzautocomplete, sb_folderdownload, sg_zfelib, sg_zlib, tq_seo
http://typo3.org/news/article/several-vulnerabilities-in-third-party-extensions-4/