End-of-Shift report
Timeframe: Dienstag 06-08-2013 18:00 − Mittwoch 07-08-2013 18:00
Handler: Stephan Richter
Co-Handler: n/a
Stop! Yammer time: Microsoft blats biz babble account hijacking bug
You cant touch this other users logins, Miss Hacker Microsoft has fixed a potentially nasty set of authentication vulnerabilities involving Yammer, the "Facebook for business" enterprise collaboration and social networking platform.
http://go.theregister.com/feed/www.theregister.co.uk/2013/08/06/yammer_authentication_flaw/
Fort Disco Brute-Force Attack Campaign Targets CMS Websites
The Fort Disco botnet targets systems built on content management systems such as WordPress, using a brute-force password attack to control systems and install additional malware.
http://threatpost.com/fort-disco-brute-force-attack-campaign-targets-cms-websites/101723
Breaking Down the China Chopper Web Shell - Part I
Part I in a two-part series. China Chopper: The Little Malware That Could China Chopper is a slick little web shell that does not get enough exposure and credit for its stealth. Other than a good blog post from security researcher...
http://www.fireeye.com/blog/technical/botnet-activities-research/2013/08/breaking-down-the-china-chopper-web-shell-part-i.html
Bugtraq: [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity
The Apache CloudStack Security Team was notified of an issue found in
the Apache CloudStack user interface that allows an authenticated user
to execute cross-site scripting attack against other users within the
system.
http://www.securityfocus.com/archive/1/527803
McAfee Superscan 4.0 Cross Site Scripting
Topic: McAfee Superscan 4.0 Cross Site Scripting Risk: Low Text:Trustwave SpiderLabs Security Advisory TWSL2013-024: Cross Site Scripting (XSS) vulnerability in McAfee Superscan 4.0 Publi...
http://cxsecurity.com/issue/WLB-2013080058
MyBB 1.6.10 url Parameter Arbitrary Site Redirection Vulnerability
Topic: MyBB 1.6.10 url Parameter Arbitrary Site Redirection Vulnerability Risk: Low Text:MyBB 1.6.10 url Parameter Arbitrary Site Redirection Vulnerability Vendor: MyBB Group Product web page:
http://www.mybb...
http://cxsecurity.com/issue/WLB-2013080057
Atlassian Confluence 5.3 Cross Site Scripting
Topic: Atlassian Confluence 5.3 Cross Site Scripting Risk: Low Text:Atlassian Confluence, the Enterprise Wiki Reflected XSS Details Product: Atlassian Confluence ...
http://cxsecurity.com/issue/WLB-2013080066
Atlassian JIRA 6.0.3 Cross Site Scripting
Topic: Atlassian JIRA 6.0.3 Cross Site Scripting Risk: Low Text: Atlassian JIRA v6.0.3 Arbitrary HTML/Script Execution Vulnerability Vendor: Atlassian Corporation Pty Ltd. Produc...
http://cxsecurity.com/issue/WLB-2013080065
Bugtraq: Attacking Google Accounts with weblogin: Tokens
For those who missed it, I would like to spread awareness about how
conveniences built into the Google eco-system can allow an
application, a physical user, or a forensics expert to access almost
everything in your Google account.
http://www.securityfocus.com/archive/1/527810
National Instruments LabVIEW Path Traversal Flaw Lets Remote Users Execute Arbitrary Code
A vulnerability was reported in National Instruments LabVIEW. A remote user can execute arbitrary code on the target system.
http://www.securitytracker.com/id/1028889
Cacti SQL and Command Injection Vulnerabilities
Some vulnerabilities have been reported in Cacti, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
https://secunia.com/advisories/54386
IBM Integrated Management Module IPMI default accounts
The Integrated Management Module (IMM) and Integrated Management Module II (IMM2) used by multiple IBM servers are preconfigured with one IPMI user account, which has the same default login name and password on all affected systems. If a malicious user gains access to the IPMI interface using this...
http://xforce.iss.net/xforce/xfdb/86172