Tageszusammenfassung - Mittwoch 28-08-2013

End-of-Shift report

Timeframe: Dienstag 27-08-2013 18:00 − Mittwoch 28-08-2013 18:00 Handler: Robert Waldner Co-Handler: n/a

Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed under a security manager.

IBM Tivoli Monitoring ships and uses a Java Runtime Environment (JRE). This alert addresses several vulnerabilities for the Tivoli Enterprise Portal browser JRE which might allow remote untrusted Java WebStart applications and untrusted Java applets to affect confidentiality, availability and integrity. CVE(s): CVE-2013-2467, CVE-2013-2448, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471,

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_tivoli_monitoring_clients_affected_by_vulnerabilities_in_ibm_jre_executed_under_a_security_manager2?lang=en_us


Firefox Extension HTTP Nowhere Allows Users to Browse in Encrypted-Only Mode

It’s no secret that the Web wasn’t really meant to be a secure platform, for communications or commerce or anything else. But it’s used for all of these functions every day, and for the most part they depend upon the sites they deal with using SSL and doing so correctly. That’s not always a sure [...]

http://threatpost.com/firefox-extension-http-nowhere-allows-users-to-browse-in-encrypted-only-mode/102108


Microsoft Releases Revisions to 4 Existing Updates, (Tue, Aug 27th)

Four patches have undergone signficant revision according to Microsoft. The following patches were updated today by Microsoft, and are set to roll in the automatic updates: MS13-057 - Critical - https://technet.microsoft.com/security/bulletin/MS13-057 - Reason for Revision: V3.0 (August 27, 2013): Bulletin revised to rerelease security update 2803821 for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008; security update 2834902 for Windows XP and Windows Server 2003;

http://isc.sans.edu/diary.html?storyid=16448&rss


Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service

Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service

http://www.securitytracker.com/id/1028957


Linux-Trojaner analysiert

Avast hat den bislang wohl ersten Online-Banking-Trojaner, der es auf Linux-Nutzer abgesehen hat, in seinem Virenlabor untersucht: Der Entwickler hat sich große Mühe gegeben, damit sein Baby unentdeckt bleibt.

http://www.heise.de/newsticker/meldung/Erster-Banking-Trojaner-fuer-Linux-analysiert-1943718.html


Exploit für ungepatchte Lücke in Java 6 aufgetaucht

Ein Werkzeug enthält Code, der eine seit Juni bekannte Lücke in Java 6 ausnutzt. Oracle hat die Wartung für diese Version eingestellt, die sich jedoch noch häufig im Einsatz befindet.

http://www.heise.de/newsticker/meldung/Exploit-fuer-ungepatchte-Luecke-in-Java-6-aufgetaucht-1944261.html


Cybercriminals offer spam-ready SMTP servers for rent/direct managed purchase

By Dancho Danchev We continue to observe an increase in underground market propositions for spam-ready bulletproof SMTP servers, with the cybercriminals behind them trying to differentiate their unique value proposition (UVP) in an attempt to attract more customers. Let’s profile the underground market propositions of what appears to be a novice cybercriminal offering such spam-ready […]

http://feedproxy.google.com/~r/WebrootThreatBlog/~3/eWR3avR3M7k/


IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability

IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability

https://secunia.com/advisories/54632


IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities

IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities

https://secunia.com/advisories/54641


Bugtraq: Two Instagram Android App Security Vulnerabilities

Two Instagram Android App Security Vulnerabilities

http://www.securityfocus.com/archive/1/528292