End-of-Shift report
Timeframe: Mittwoch 17-07-2013 18:00 − Donnerstag 18-07-2013 18:00
Handler: Stephan Richter
Co-Handler: n/a
Multiple Vulnerabilities in Cisco Unified Communications Manager
Cisco Unified Communications Manager (Unified CM) contains multiple vulnerabilities that could be used together to allow an unauthenticated, remote attacker to gather user credentials, escalate privileges, and execute commands to gain full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify information in Cisco Unified CM.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm
Multiple Vulnerabilities in Cisco Intrusion Prevention System Software
Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability
Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability
Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability
Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips
On "FBI" "Ransomware" and Macs
On Monday, Malwarebytes researcher Jerome Segura posted a nice write up (and video) about FBI themed ransom scams targeting users of Apple Mac OS X.The basics are as such: • Segura discovered the scam via a Bing Images search for Taylor Swift. • A compromised site hosting the image linked to a webpage mimicking police ransomware. • Only it isnt really "ware" in the normal sense of a ransomware trojan. • The scam uses clever persistent JavaScript in its attempt to...
http://www.f-secure.com/weblog/archives/00002577.html
New commercially available Web-based WordPress/Joomla brute-forcing tool spotted in the wild
By Dancho Danchev Thanks to the fact that users not only continue to use weak passwords, but also, re-use them across multiple Web properties, brute-forcing continues to be an effective tactic in the arsenal of every cybercriminal. With more malicious underground market releases continuing to utilize this technique in an attempt to empower potential cybercriminals with […]
http://blog.webroot.com/2013/07/17/new-commercially-available-web-based-wordpressjoomla-brute-forcing-tool-spotted-in-the-wild/
ePhoto Transfer v1.2.1 iOS Multiple Web Vulnerabilities
Topic: ePhoto Transfer v1.2.1 iOS Multiple Web Vulnerabilities Risk: Medium Text:Title: ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities Date: == 2013-07-17 References: == http...
http://cxsecurity.com/issue/WLB-2013070132
Flux Player v3.1.0 iOS File Include & Arbitrary File Upload Vulnerability
Topic: Flux Player v3.1.0 iOS File Include & Arbitrary File Upload Vulnerability Risk: High Text:Title: Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Date: == 2013-07-16 Refere...
http://cxsecurity.com/issue/WLB-2013070136
HPSBST02896 rev.2 - HP StoreVirtual Storage, Remote Unauthorized Access
A potential security vulnerability has been identified with the HP StoreVirtual Storage. This vulnerability could be remotely exploited to gain unauthorized access to the device.
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03825537
BlackBerry späht Mail-Login aus
Wer auf einem aktuellen BlackBerry seinen Mail-Account konfiguriert hat, sollte besser sein Passwort ändern. Die dort eingegebenen Zugangsdaten kennt nämlich auch der Hersteller.
http://www.heise.de/security/meldung/BlackBerry-spaeht-Mail-Login-aus-1919718.html
Autodesk Multiple Products DWG Processing Code Execution Vulnerability
A vulnerability has been reported in multiple Autodesk products, which can be exploited by malicious people to compromise a user's system.
https://secunia.com/advisories/54198
Hackers crippled OVER HALF of worlds financial exchanges - report
Repeated assaults leave bankers in quivering heaps Half of all the worlds critical financial exchanges have suffered cyber attacks in the past year, a report has found...
http://go.theregister.com/feed/www.theregister.co.uk/2013/07/18/half_of_all_financial_exchanges_hit_by_cyber_attacks/
IBM API Management Security Bulletin: security vulnerability in IBM API Management V2.0
There is an unspecified security vulnerability in IBM API Management which may allow an unauthorized user to gain access to the system.
https://www-304.ibm.com/support/docview.wss?uid=swg21643847
RuggedCom Rugged Operating System Multiple Vulnerabilities
RuggedCom has acknowledged multiple vulnerabilities in Rugged Operating System, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
https://secunia.com/advisories/54223
Joomla! Googlemaps Plugin "url" Cross-Site Scripting Vulnerability
MustLive has discovered a vulnerability in the Googlemaps plugin for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.
https://secunia.com/advisories/54055
Drupal Hostmaster (Aegir) Module Security Bypass Security Issue
A security issue has been reported in the Hostmaster (Aegir) module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
https://secunia.com/advisories/54136
Cisco 9900 Series Phone Arbitrary File Download Vulnerability
A vulnerability in the Serviceability servlet of fourth-generation Cisco IP phones could allow an unauthenticated, remote attacker to download arbitrary files from the phones file system.
http://tools.cisco.com/security/center/viewAlert.x?alertId=30110