End-of-Shift report
Timeframe: Dienstag 13-08-2013 18:00 − Mittwoch 14-08-2013 18:00
Handler: Robert Waldner
Co-Handler: n/a
Start isolating critical XP systems now, experts warn
Lack of updates after April 8, 2014 adds security complications for companies, retailers running specialty software dependent on XP
http://www.csoonline.com/article/738085/start-isolating-critical-xp-systems-now-experts-warn?source=rss_application_security
Security Bulletin: Tivoli Workload Scheduler Distributed and Tivoli Workload Scheduler for Applications Openssl Multiple Vulnerabilities
OpenSSL versions prior to 1.0.0 do not follow best security practices and need to upgrade. CVE(s): CVE-2013-0169 CVE-2013-0166 CVE-2012-2686 CVE-2012-2131 CVE-2012-2110 CVE-2012-0884 CVE-2012-0050 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2011-3210 CVE-2011-0014 CVE-2010-3864 Affected product(s) and affected version(s): Tivoli
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_tivoli_workload_scheduler_distributed_and_tivoli_workload_scheduler_for_applications_openssl_multiple_vulnerabilities?lang=en_us
Python SSL module NULL bytes spoofing
Python SSL module NULL bytes spoofing
http://xforce.iss.net/xforce/xfdb/86383
BIND Vulnerablilty Enables DNS Cache Poisoning Attack
A vulnerability in the BIND domain name system (DNS) software could give an attacker the ability to easily and reliably control queried name servers chosen by the most widely deployed DNS software on the Internet, according to new research presented at the Woot Conference in Washington D.C. today.
http://threatpost.com/bind-vulnerablilty-enables-dns-cache-poisoning-attack/101988
Apache Struts2 2.3.15 OGNL Injection
Topic: Apache Struts2 2.3.15 OGNL Injection Risk: Medium Text:CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Softw...
http://cxsecurity.com/issue/WLB-2013080115
DotNetNuke (DNN) Cross-Site Scripting Vulnerability
Topic: DotNetNuke (DNN) Cross-Site Scripting Vulnerability Risk: Low Text:Title: DotNetNuke (DNN) Cross-Site Scripting Vulnerability References: CVE-2013-4649 Discovered by: Sajjad Pourali , Nasser S...
http://cxsecurity.com/issue/WLB-2013080113
Vuln: TYPO3 Static Methods since 2007 Extension Unspecified Cross Site Scripting Vulnerability
TYPO3 Static Methods since 2007 Extension Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57288
Lücke gestopft
Endlich gibt es ein Sicherheitsupdate für die Steuerungsanlagen von Saia-Burgess und ihre Lücke.
http://www.heise.de/newsticker/meldung/Kritisches-Sicherheitsupdate-fuer-200-000-Industriesteuerungen-1934787.html
Summary for August 2013 - Version: 1.0
This bulletin summary lists security bulletins released for August 2013.
http://technet.microsoft.com/en-gb/security/bulletin/ms13-aug
Die August-Patches
Microsoft hat acht Patch-Pakete herausgegeben, die nun insgesamt 23 Lücken schließen sollen.
http://www.heise.de/newsticker/meldung/Microsofts-August-Patches-und-die-Rueckkehr-des-Ping-of-Death-1934998.html
Bugtraq: Subverting BINDs SRTT Algorithm: Derandomizing NS Selection
Subverting BINDs SRTT Algorithm: Derandomizing NS Selection
http://www.securityfocus.com/archive/1/528013
Chinese Underground Creates Tool Exploiting Apache Struts Vulnerability
About a month ago, the Apache Software Foundation released Struts 2.3.15.1, an update to the popular Java Web application development framework. The patch was released because vulnerabilities in older versions of Struts could allow attackers to run arbitrary code on vulnerable servers. Since then, we've found that hackers in the Chinese underground have created an [...]Post from: Trendlabs Security Intelligence Blog - by Trend MicroChinese Underground Creates Tool Exploiting Apache
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/LkrHQVJNU9U/
OSIsoft PI Interface for IEEE C37.118 Configuration Packets Processing Denial of Service Vulnerability
OSIsoft PI Interface for IEEE C37.118 Configuration Packets Processing Denial of Service Vulnerability
https://secunia.com/advisories/54498
.GOV zones may not resolve due to DNSSEC problems., (Wed, Aug 14th)
Currently, many users are reporting that .gov domain names (e.g. fbi.gov) will not resolve. The problem appears to be related to an error in the DNSSEC configuration of the .gov zone. According to a quick check with dnsviz.net, it appears that there is no DS record for the current .gov ZSK deposited with the root zone. (excerpt from:
http://dnsviz.net/d/fbi.gov/dnssec/) DNSSEC relies on two types of keys each zone uses: - A "key signing key" (KSK) and - A "zone signing
http://isc.sans.edu/diary.html?storyid=16367&rss
cPanel Multiple Vulnerabilities
cPanel Multiple Vulnerabilities
https://secunia.com/advisories/54455