Tageszusammenfassung - Donnerstag 12-09-2013

End-of-Shift report

Timeframe: Mittwoch 11-09-2013 18:00 − Donnerstag 12-09-2013 18:00 Handler: Robert Waldner Co-Handler: n/a

NIST advises against use of random bit generator algorithm apparently backdoored by NSA

"NIST strongly recommends that, pending the resolution of the security concerns and the re-issuance of SP 800-90A, the Dual_EC_DRBG, as specified in the January 2012 version of SP 800-90A, no longer be used," NIST says in a bulletin.

http://www.fiercegovernmentit.com/story/nist-advises-against-use-random-bit-generator-algorithm-apparently-backdoor/2013-09-11

Bugtraq: OWASP Zed Attack Proxy 2.2.0

This includes support for scripts embedded in ZAP components like the active and passive scanners as well as support for Zest - a new security focused scripting language from the Mozilla security team. It also supports Mozilla Plug-n-Hack, localization in 20 languages, various minor enhancements and lots of bug fixes.

http://www.securityfocus.com/archive/1/528553

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 6.1.0.47

Cross reference list for security vulnerabilities fixed in IBM WebSphere Application Server Fix Pack 6.1.0.47 CVE ID(s): CVE-2012-3305 CVE-2012-4853 CVE-2013-0458 CVE-2013-0461 CVE-2013-0460 CVE-2013-0459 CVE-2013-0596 CVE-2013-0541 CVE-2013-0543 CVE-2013-0462 CVE-2013-2967 CVE-2013-2976 CVE-2013-0542 CVE-2013-0544 CVE-2013-0169 CVE-2013-1768 CVE-2013-1862 CVE-2013-4005 CVE-2013-3029 CVE-2013-1896 CVE-2012-2098 CVE-2013-4053 CVE-2013-4052

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_vulnerabilities_fixed_in_ibm_websphere_application_server_6_1_0_47?lang=en_us

Technical Analysis of CVE-2013-3147

In July, Microsoft released a patch for a memory-corruption vulnerability in the Internet Explorer (IE) Web browser. The vulnerability enabled remote attackers to execute arbitrary code or cause a denial of service through a crafted or compromised website — also known as … Continue reading →

http://www.fireeye.com/blog/technical/2013/09/technical-analysis-of-cve-2013-3147.html

TYPO3 CMS 6.1.5, 6.0.10, 4.7.15 and 4.5.30 released

We are announcing the release of the following TYPO3 CMS updates: TYPO3 CMS 6.1.5 TYPO3 CMS 6.0.10 TYPO3 CMS 4.7.15 TYPO3 CMS 4.5.30 All versions are maintenance releases and contain bug fixes. Note: The 6.1.5 and 6.0.10 releases contain important fixes to regression which were introduced in the latest security releases (6.1.4 and 6.0.9). Releases 4.7.15 and 4.5.30 are merely bug fix releases, and increased compatibility with browsers and MySQL 5.5.

http://typo3.org/news/article/typo3-cms-615-6010-4715-and-4530-released/

Wordpress-Update schließt Sicherheitslücken

Mit Version 3.6.1 hat das Wordpress-Team ein wichtiges Update für seine Open-Source-Blog-Software freigegeben. 13 Fehler und drei Sicherheitslücken der vor kurzem veröffentlichten Version 3.6 wurden behoben, die Entwickler raten zur Aktualisierung.

http://www.heise.de/security/meldung/Wordpress-Update-schliesst-Sicherheitsluecken-1955270.html

Analysis: Staying safe from virtual robbers

The more popular online banking becomes, the more determined cybercriminals are to steal users’ money. How is money stolen with the help of malicious programs? How can you protect yourself from virtual robbery?

http://www.securelist.com/en/analysis/204792304/Staying_safe_from_virtual_robbers

Office-Updates geraten in Installationsschleife

Einige der am September-Patchday herausgegebene Office-Patches sind offenbar fehlerhaft. Drei der Updates hängen in einer Installationsschleife fest, eines sorgt dafür, dass Outlook nur noch eingeschränkt nutzbar ist.

http://www.heise.de/newsticker/meldung/Office-Updates-geraten-in-Installationsschleife-1955292.html

Juniper Junos Pulse Secure Access Service / Junos Pulse Access Control Service OpenSSL Multiple Vulnerabilities

https://secunia.com/advisories/54777

Siemens SCALANCE X-200 Web Hijack Vulnerability

OVERVIEWSiemens has identified a Web hijack vulnerability in the SCALANCE X-200 switch product family. Researcher Eireann Leverett of IOActive coordinated disclosure of the vulnerability with Siemens. Siemens has produced a firmware update that mitigates this vulnerability.This vulnerability could be exploited remotely.AFFECTED PRODUCTSSiemens reports that the vulnerability affects the following versions:

http://ics-cert.us-cert.gov/advisories/ICSA-13-254-01

Firefox OS Likely to Face HTML5, Boot-to-gecko Process Attacks

Excerpt: The Firefox OS, a new contender in mobile operating systems, will likely see HTML5-related attacks and assaults on a crucial operating system process, according to security vendor Trend Micro.Some mobile phone operators are already shipping devices with the Firefox OS, which comes from Mozilla, the nonprofit organization behind the Firefox desktop browser.

http://www.cio.com/article/739475/Firefox_OS_Likely_to_Face_HTML5_Boot_to_gecko_Process_Attacks?taxonomyId=3089