End-of-Shift report
Timeframe: Dienstag 27-08-2013 18:00 − Mittwoch 28-08-2013 18:00
Handler: Robert Waldner
Co-Handler: n/a
Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed under a security manager.
IBM Tivoli Monitoring ships and uses a Java Runtime Environment (JRE). This alert addresses several vulnerabilities for the Tivoli Enterprise Portal browser JRE which might allow remote untrusted Java WebStart applications and untrusted Java applets to affect confidentiality, availability and integrity. CVE(s): CVE-2013-2467, CVE-2013-2448, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471,
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_tivoli_monitoring_clients_affected_by_vulnerabilities_in_ibm_jre_executed_under_a_security_manager2?lang=en_us
Firefox Extension HTTP Nowhere Allows Users to Browse in Encrypted-Only Mode
It’s no secret that the Web wasn’t really meant to be a secure platform, for communications or commerce or anything else. But it’s used for all of these functions every day, and for the most part they depend upon the sites they deal with using SSL and doing so correctly. That’s not always a sure [...]
http://threatpost.com/firefox-extension-http-nowhere-allows-users-to-browse-in-encrypted-only-mode/102108
Microsoft Releases Revisions to 4 Existing Updates, (Tue, Aug 27th)
Four patches have undergone signficant revision according to Microsoft. The following patches were updated today by Microsoft, and are set to roll in the automatic updates: MS13-057 - Critical -
https://technet.microsoft.com/security/bulletin/MS13-057 - Reason for Revision: V3.0 (August 27, 2013): Bulletin revised to rerelease security update 2803821 for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008; security update 2834902 for Windows XP and Windows Server 2003;
http://isc.sans.edu/diary.html?storyid=16448&rss
Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service
Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service
http://www.securitytracker.com/id/1028957
Linux-Trojaner analysiert
Avast hat den bislang wohl ersten Online-Banking-Trojaner, der es auf Linux-Nutzer abgesehen hat, in seinem Virenlabor untersucht: Der Entwickler hat sich große Mühe gegeben, damit sein Baby unentdeckt bleibt.
http://www.heise.de/newsticker/meldung/Erster-Banking-Trojaner-fuer-Linux-analysiert-1943718.html
Exploit für ungepatchte Lücke in Java 6 aufgetaucht
Ein Werkzeug enthält Code, der eine seit Juni bekannte Lücke in Java 6 ausnutzt. Oracle hat die Wartung für diese Version eingestellt, die sich jedoch noch häufig im Einsatz befindet.
http://www.heise.de/newsticker/meldung/Exploit-fuer-ungepatchte-Luecke-in-Java-6-aufgetaucht-1944261.html
Cybercriminals offer spam-ready SMTP servers for rent/direct managed purchase
By Dancho Danchev We continue to observe an increase in underground market propositions for spam-ready bulletproof SMTP servers, with the cybercriminals behind them trying to differentiate their unique value proposition (UVP) in an attempt to attract more customers. Let’s profile the underground market propositions of what appears to be a novice cybercriminal offering such spam-ready […]
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/eWR3avR3M7k/
IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability
IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability
https://secunia.com/advisories/54632
IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities
IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities
https://secunia.com/advisories/54641
Bugtraq: Two Instagram Android App Security Vulnerabilities
Two Instagram Android App Security Vulnerabilities
http://www.securityfocus.com/archive/1/528292