Tageszusammenfassung - Mittwoch 11-09-2013

End-of-Shift report

Timeframe: Dienstag 10-09-2013 18:00 − Mittwoch 11-09-2013 18:00 Handler: Robert Waldner Co-Handler: n/a

Juniper Junos J-Web Arbitrary Command Execution Vulnerability

Sense of Security has reported a vulnerability in Juniper Junos, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to the application not properly restricting access to /jsdm/ajax/port.php and can be exploited to execute arbitrary OS commands with root privileges.

https://secunia.com/advisories/54731


Android Mobile: Following In the Windows Footsteps

FireEye discovered an email spam campaign, currently ongoing, which is dropping the well-known Android malware Android FakeDefender. Looking through our DTI platform, we believe that this campaign started on the 6th of September. Vector of Propagation FireEye Labs has identified … Continue reading →

http://www.fireeye.com/blog/technical/2013/09/android-malware.html


BlackBerry Patches Flash, WebKit and Libexif Flaws on Mobile Devices

BlackBerry issued four security advisories, patching vulnerabilities in the Z10 and Q10 smartphones and the PlayBook tablet.

http://threatpost.com/blackberry-patches-flash-webkit-and-libexif-flaws-on-mobile-devices/102249


Macs need to patch too!, (Tue, Sep 10th)

Our regular readers know this, but on Patch Tuesday aka Black Tuesday we get a bit wider audience and hence its worth repeating it even more: Do not forget to also patch your Macs! E.g. a Trojan was recently discoverd that targets Macs with unpatched java flaws. See the Intego writeup. Not only that. Microsoft Office, Adobe Flash, shockwave, reader or acrobat all need to get update too. -- Swa Frantzen -- Section 66 (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons

http://isc.sans.edu/diary.html?storyid=16544&rss


Investigating the Security of the Firefox OS

Firefox OS is Mozilla’s foray into the mobile operating system field and promises a more adaptive mobile OS. But as mobile threats, in particular in the Android platform, has gained momentum, the question in everyone’s mind is – how safe is it? About a month ago, Telefonica announced that it had launched the Firefox OS […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroInvestigating the Security of the Firefox OS

http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/b6Lw53NWiz4/


FreeBSD Network ioctl(2) Lets Local Users Gain Elevated Privileges

A vulnerability was reported in the FreeBSD Kernel. A local user can cause denial of service conditions. A local user may be able to obtain elevated privileges on the target system.

http://www.securitytracker.com/id/1029014


Managed Malicious Java Applets Hosting Service Spotted in the Wild

In a series of blog posts, we’ve been profiling the tactics and DIY tools of novice cybercriminals, whose malicious campaigns tend to largely rely on social engineering techniques, on their way to trick users into thinking that they’ve been exposed to a legitimate Java applet window. These very same malicious Java applets, continue representing a popular infection vector among novice cybercriminals, who remain the primary customers of the DIY tools/attack platforms that we’ve

http://feedproxy.google.com/~r/WebrootThreatBlog/~3/3tgS8jmgHQQ/


Summary for September 2013 - Version: 1.0

Unter anderem: - Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution - Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Vulnerability in OLE Could Allow Remote Code Execution - Vulnerability in Windows Theme File Could Allow Remote Code Execution - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Vulnerabilities in Microsoft Access Could Allow Remote Code Execution

http://technet.microsoft.com/en-gb/security/bulletin/ms13-sep


Bugtraq: Synology DSM multiple vulnerabilities

Synology DiskStation Manager (DSM) it's a Linux based operating system, used for the DiskStation and RackStation products.

http://www.securityfocus.com/archive/1/528543


Java 7u40 ist da – diesmal kein Critical Patch Update

Das als Funktions-Update angedachte neue Java-Release bringt etliche Sicherheits-Features und ein an die frührere JRockit Mission Control Suite erinnerndes Werkzeug zur Überwachung und zum Profiling der JVM.

http://www.heise.de/security/meldung/Java-7u40-ist-da-diesmal-kein-Critical-Patch-Update-1954140.html


Xen - libxl partially sets up HVM passthrough even with disabled iommu

Impact: A HVM domain, given access to a device which bus mastering capable in the absence of a functioning IOMMU, can mount a privilege escalation or denial of service attack affecting the whole system.

http://seclists.org/oss-sec/2013/q3/578


Adobe Security Bulletins Posted

Today, we released the following Security Bulletins: APSB13-21 – Security updates available for Adobe Flash Player APSB13-22 – Security updates available for Adobe Acrobat and Reader APSB13-23 – Security updates available for Shockwave Player Customers of the affected products should … Continue reading →

http://blogs.adobe.com/psirt/2013/09/adobe-security-bulletins-posted-9.html


RouterOS sshd Denial of Service Vulnerability

Kingcope has reported a vulnerability in RouterOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within sshd when processing requests and can be exploited to corrupt memory and subsequently cause a crash of the daemon.

https://secunia.com/advisories/54633