End-of-Shift report
Timeframe: Donnerstag 11-07-2013 18:00 − Freitag 12-07-2013 18:00
Handler: Matthias Fraidl
Co-Handler: Otmar Lendl
SQUID 3.3.6 buffer overflow in HTTP request handling
This problem allows any trusted client or client script who can
generate HTTP requests to trigger a buffer overflow in Squid,
resulting in a termination of the Squid service.
http://cxsecurity.com/issue/WLB-2013070089
php 5.3.26 heap corruption in the XML parser
Badly formed XML might corrupt the heap.
Warning: xml_parse_into_struct(): Maximum depth exceeded - Results truncated
http://cxsecurity.com/issue/WLB-2013070090
Of TrueType Font Vulnerabilities and the Windows Kernel
This months Patch Tuesday security bulletins called attention to vulnerabilities in the Windows kernels font-processing engine, which had been exploited previously in Duqu and other targeted attacks.
http://threatpost.com/of-truetype-font-vulnerabilities-and-the-windows-kernel/101263
Critical Patch Update - July 2013 - Pre-Release Announcement
This Critical Patch Update Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for July 2013, which will be released on Tuesday, July 16, 2013.
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
OpenSSH User Enumeration Time-Based Attack
Topic: OpenSSH User Enumeration Time-Based Attack Risk: Low Text:Hi List, today, we will show a bug concerning OpenSSH. OpenSSH is the most used remote control software nowadays on *nix li...
http://cxsecurity.com/issue/WLB-2013070092
HP: Neue Hintertüren in Server-Produkten
HP hat zugegeben, dass auch die StoreVirtual-Server des Herstellers undokumentierte Hintertüren besitzen. Ein in Kürze erscheinender Patch soll Abhilfe schaffen.
http://www.heise.de/security/meldung/HP-Neue-Hintertueren-in-Server-Produkten-1916292.html
Juniper Junos PIM Packet Handling Denial of Service Vulnerability
A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when handling Protocol-Independent Multicast (PIM) packets and can be exploited to crash the Flow Daemon (flowd) via specially crafted PIM packets that transit the device.
https://secunia.com/advisories/54157
How Microsoft handed the NSA access to encrypted messages
Secret files show scale of Silicon Valley co-operation on Prism Outlook.com encryption unlocked even before official launch Skype worked to enable Prism collection of video calls Company says it is legally compelled to comply
http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data
Bugtraq: CVE-2013-3568 - Linksys CSRF + Root Command Injection
Hi list, I would like to inform you that the latest available Linksys WRT110 firmware is prone to root shell command injection via cross-site request forgery. This vulnerability is the result of the web interface's failure to sanitize ping targets as well as a lack of csrf tokens.
http://www.securityfocus.com/archive/1/527226
Amazons Einkaufshilfe spioniert Nutzer aus
Eine von Amazon angebotene Browser-Erweiterung meldet dem Elektronikhändler alle Webseiten, die man ansurft. Die Daten werden zudem an einen Statistikdienst geschickt, der sich besonders für die Google-Nutzung interessiert.
http://www.heise.de/security/meldung/Amazons-Einkaufshilfe-spioniert-Nutzer-aus-1916578.html