Tageszusammenfassung - Donnerstag 18-07-2013

End-of-Shift report

Timeframe: Mittwoch 17-07-2013 18:00 − Donnerstag 18-07-2013 18:00 Handler: Stephan Richter Co-Handler: n/a

Multiple Vulnerabilities in Cisco Unified Communications Manager

Cisco Unified Communications Manager (Unified CM) contains multiple vulnerabilities that could be used together to allow an unauthenticated, remote attacker to gather user credentials, escalate privileges, and execute commands to gain full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify information in Cisco Unified CM.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm


Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips


On "FBI" "Ransomware" and Macs

On Monday, Malwarebytes researcher Jerome Segura posted a nice write up (and video) about FBI themed ransom scams targeting users of Apple Mac OS X.The basics are as such: • Segura discovered the scam via a Bing Images search for Taylor Swift. • A compromised site hosting the image linked to a webpage mimicking police ransomware. • Only it isnt really "ware" in the normal sense of a ransomware trojan. • The scam uses clever persistent JavaScript in its attempt to...

http://www.f-secure.com/weblog/archives/00002577.html


New commercially available Web-based WordPress/Joomla brute-forcing tool spotted in the wild

By Dancho Danchev Thanks to the fact that users not only continue to use weak passwords, but also, re-use them across multiple Web properties, brute-forcing continues to be an effective tactic in the arsenal of every cybercriminal. With more malicious underground market releases continuing to utilize this technique in an attempt to empower potential cybercriminals with […]

http://blog.webroot.com/2013/07/17/new-commercially-available-web-based-wordpressjoomla-brute-forcing-tool-spotted-in-the-wild/


ePhoto Transfer v1.2.1 iOS Multiple Web Vulnerabilities

Topic: ePhoto Transfer v1.2.1 iOS Multiple Web Vulnerabilities Risk: Medium Text:Title: ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities Date: == 2013-07-17 References: == http...

http://cxsecurity.com/issue/WLB-2013070132


Flux Player v3.1.0 iOS File Include & Arbitrary File Upload Vulnerability

Topic: Flux Player v3.1.0 iOS File Include & Arbitrary File Upload Vulnerability Risk: High Text:Title: Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Date: == 2013-07-16 Refere...

http://cxsecurity.com/issue/WLB-2013070136


HPSBST02896 rev.2 - HP StoreVirtual Storage, Remote Unauthorized Access

A potential security vulnerability has been identified with the HP StoreVirtual Storage. This vulnerability could be remotely exploited to gain unauthorized access to the device.

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03825537


BlackBerry späht Mail-Login aus

Wer auf einem aktuellen BlackBerry seinen Mail-Account konfiguriert hat, sollte besser sein Passwort ändern. Die dort eingegebenen Zugangsdaten kennt nämlich auch der Hersteller.

http://www.heise.de/security/meldung/BlackBerry-spaeht-Mail-Login-aus-1919718.html


Autodesk Multiple Products DWG Processing Code Execution Vulnerability

A vulnerability has been reported in multiple Autodesk products, which can be exploited by malicious people to compromise a user's system.

https://secunia.com/advisories/54198


Hackers crippled OVER HALF of worlds financial exchanges - report

Repeated assaults leave bankers in quivering heaps Half of all the worlds critical financial exchanges have suffered cyber attacks in the past year, a report has found...

http://go.theregister.com/feed/www.theregister.co.uk/2013/07/18/half_of_all_financial_exchanges_hit_by_cyber_attacks/


IBM API Management Security Bulletin: security vulnerability in IBM API Management V2.0

There is an unspecified security vulnerability in IBM API Management which may allow an unauthorized user to gain access to the system.

https://www-304.ibm.com/support/docview.wss?uid=swg21643847


RuggedCom Rugged Operating System Multiple Vulnerabilities

RuggedCom has acknowledged multiple vulnerabilities in Rugged Operating System, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

https://secunia.com/advisories/54223


Joomla! Googlemaps Plugin "url" Cross-Site Scripting Vulnerability

MustLive has discovered a vulnerability in the Googlemaps plugin for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

https://secunia.com/advisories/54055


Drupal Hostmaster (Aegir) Module Security Bypass Security Issue

A security issue has been reported in the Hostmaster (Aegir) module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

https://secunia.com/advisories/54136


Cisco 9900 Series Phone Arbitrary File Download Vulnerability

A vulnerability in the Serviceability servlet of fourth-generation Cisco IP phones could allow an unauthenticated, remote attacker to download arbitrary files from the phones file system.

http://tools.cisco.com/security/center/viewAlert.x?alertId=30110