End-of-Shift report
Timeframe: Donnerstag 30-10-2014 18:00 − Freitag 31-10-2014 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Multiple vulnerabilities in Cisco products
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/: CVE-2014-3371
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3372
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3366
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3374
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3373
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3375
Security Advisory - Medium Severity - WP eCommerce WordPress Plugin
If you're using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall (WAF), we ..
http://blog.sucuri.net/2014/10/security-advisory-medium-severity-wp-ecommerce-wordpress-plugin.html
Nordex NC2 XSS Vulnerability
This advisory provides mitigation details for a cross-site scripting vulnerability in the Nordex Control 2 (NC2) application.
https://ics-cert.us-cert.gov//advisories/ICSA-14-303-01
Meinberg Radio Clocks LANTIME M-Series XSS
This advisory provides mitigation details for vulnerabilities in the Meinberg Radio Clocks LANTIME M-Series XSS.
https://ics-cert.us-cert.gov//advisories/ICSA-14-275-01
Accuenergy Acuvim II Authentication Vulnerabilities
This advisory provides mitigation details for two authentication vulnerabilities within the Accuenergy AXM-NET Ethernet module's web server.
https://ics-cert.us-cert.gov//advisories/ICSA-14-275-02
[2014-10-31] XXE and XSS vulnerabilities in Scalix Web Access
Scalix Web Access is vulnerable to XML external entity injection (XXE) and reflected cross site scripting (XSS) attacks. An unauthenticated attacker can get read access to the filesystem of the Scalix Web Access host and thus obtain sensitive information.
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141031-0_Scalix_Web_Access_XXE_v10.txt
Spotting Malicious Injections in Otherwise Benign Code
Being able to spot suspicious code, and then determine whether it is benign or malicious is a very important skill for a security researcher. Every day we scan through megabytes of HTML, JS and PHP. It's quite easy to miss something bad, especially ..
http://blog.sucuri.net/2014/10/spotting-malicious-injections-in-otherwise-benign-code.html
Setting HoneyTraps with ModSecurity: Adding Fake Cookies
This blog post continues with the topic of setting "HoneyTraps" within your web applications to catch attackers. Please review the previous posts for more ..
http://blog.spiderlabs.com/2014/10/setting-honeytraps-with-modsecurity-adding-fake-cookies.html
Facebook geht ins Tor-Netz
Das soziale Netz will zukünftig eine Nutzung der Dienste auch über das Anonymisierungsnetz Tor möglich machen. Dafür setzt der Konzern einen eigenen Onion-Dienst im Tor-Netz auf.
http://www.heise.de/security/meldung/Facebook-geht-ins-Tor-Netz-2440221.html
Schwachstellen in Samsung Knox
Bei einer Analyse von der auf vielen Geräten vorinstallierten Security-App Samsung Knox Personal kamen Mängel ans Licht. Der Hersteller erklärte die App für überholt, Ersatz gibt es allerdings nur für zwei aktuelle Spitzengeräte.
http://www.heise.de/security/meldung/Schwachstellen-in-Samsung-Knox-2440119.html
Google to kill off SSL 3.0 in Chrome 40
Google plans to remove support for the aging Secure Sockets Layer (SSL) version 3.0 protocol in Google Chrome 40, which is expected to ship in about two months.The decision comes after Google security researchers recently discovered a dangerous design flaw in SSL 3.0. Dubbed "POODLE," the vulnerability ..
http://www.csoonline.com/article/2841837/application-security/google-to-kill-off-ssl-30-in-chrome-40.html