Tageszusammenfassung - Dienstag 16-07-2013

End-of-Shift report

Timeframe: Montag 15-07-2013 18:00 − Dienstag 16-07-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

Bugtraq: Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities

Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities

http://www.securityfocus.com/archive/1/527304

---

Bugtraq: Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities

Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities

http://www.securityfocus.com/archive/1/527305

---

Bugtraq: FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability

FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability

http://www.securityfocus.com/archive/1/527302

---

Cisco Secure Access Control System Multiple Vulnerabilities

Cisco Secure Access Control System Multiple Vulnerabilities

https://secunia.com/advisories/54200

---

Schutz vor Ausnutzung der MasterKey-Lücke in Android

Zwei weitere Tools sollen Android-Nutzer vor Apps schützen, welche die kürzlich bekannt gewordenen Schwachstellen in der Signaturprüfung ausnutzen. Eines der beiden rüstet den Google-Patch nach, auf den man sonst lange warten muss.

http://www.heise.de/security/meldung/Schutz-vor-Ausnutzung-der-MasterKey-Luecke-in-Android-1918428.html

---

Open-source tool to ease security researchers quest for secrecy

To be presented and released at Black Hat, CrowdStrikes Tortilla delivers to researchers much-needed anonymity on Windows machines...

http://www.csoonline.com/article/736428/open-source-tool-to-ease-security-researchers-quest-for-secrecy?source=rss_application_security

---

HPSBPV02891 rev.1 - HP ProCurve Switches, Remote Unauthorized Information Disclosure

A potential security vulnerability has been identified with HP ProCurve Switches. The vulnerability could be remotely exploited resulting in unauthorized information disclosure.

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03819065

---

sol14468: Client-side component flaw - CVE-2013-0150

A flaw in a BIG-IP APM or FirePass client-side F5-signed component may allow a third party to install files on the client machine.

http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html

---

Cisco Identity Services Engine Search Form Cross-Site Scripting Vulnerability

Cisco Identity Services Engine Search Form Cross-Site Scripting Vulnerability

https://secunia.com/advisories/53965

---

Multiple Vulnerabilities in ePO 4.6.6 and earlier

The NATO Information Assurance Technical Centre conducted a series of penetration tests on ePolicy Orchestrator (ePO) 4.6.6 and reported several vulnerabilities to McAfee...

https://kc.mcafee.com/corporate/index/content&id=KB78824

---

Datenleck im Browser-Plug-in des Windows Media Player

Datenschnüffler können das Plug-in nutzen, um im Namens des Opfers auf beliebige Webseiten zuzugreifen. Ein Angreifer könnte über eine speziell präparierte Webseite etwa fremde Mail-Accounts durchstöbern und sogar in das lokale Netz des Opfers vordringen.

http://www.heise.de/security/meldung/Datenleck-im-Browser-Plug-in-des-Windows-Media-Player-1918691.html

---

Moodle Multiple Vulnerabilities

Moodle Multiple Vulnerabilities

https://secunia.com/advisories/54130

---

Signed Mac Malware Using Right-to-Left Override Trick

Right-to-left override (RLO) is a special character used in bi-directional text encoding system to mark the start of text that are to be displayed from right to left. It is commonly used by Windows malware such as Bredolab and the high-profile Mahdi trojan from last year to hide the real extension of executable files. Check out this Krebs on Security post for more details on the trick.

http://www.f-secure.com/weblog/archives/00002576.html