End-of-Shift report
Timeframe: Dienstag 25-02-2014 18:00 − Mittwoch 26-02-2014 18:00
Handler: Stephan Richter
Co-Handler: n/a
Chameleon: Forschungsvirus verbreitet sich von WLAN zu WLAN
Britische Wissenschaftler haben unter dem Namen "Chameleon" einen vollständigen Router-Wurm geschaffen, der das Internet nicht braucht. Die Malware kopiert sich von einem Router zum anderen per WLAN und kann sich so epidemieartig ausbreiten. Aber auch Wege zur Abwehr solcher Gefahren sind absehbar. (WLAN, Virus)
http://www.golem.de/news/chameleon-forschungs-virus-verbreitet-sich-von-wlan-zu-wlan-1402-104804-rss.html
DDoSing a Cell Phone Network
Interesting research: Abstract: The HLR/AuC is considered to be one of the most important network elements of a 3G network. It can serve up to five million subscribers and at least one transaction with HLR/AuC is required for every single phone call or data session. This paper presents experimental results and observations that can be exploited to perform a novel...
https://www.schneier.com/blog/archives/2014/02/ddosing_a_cell.html
IE Zero-day Exploit Being Used in Widespread Attacks
The number of attacks exploiting a yet-to-be-patched vulnerability in Internet Explorer has increased dramatically over the past few days, indicating the exploit is no longer used just in targeted attacks against particular groups of people.
http://www.cio.com/article/748778/IE_Zero_day_Exploit_Being_Used_in_Widespread_Attacks
QuickTime 7.7.5 für Windows behebt diverse Sicherheitslücken
Apples Multimediaumgebung enthält unter Windows eine ganze Reihe von sicherheitsrelevanten Bugs. Version 7.7.5 soll sie beheben - ein schnelles Update ist angeraten.
http://www.heise.de/security/meldung/QuickTime-7-7-5-fuer-Windows-behebt-diverse-Sicherheitsluecken-2124553.html
Announcing EMET 5.0 Technical Preview
Today, we are thrilled to announce a preview release of the next version of the Enhanced Mitigation Experience Toolkit, better known as EMET. You can download EMET 5.0 Technical Preview here. This Technical Preview introduces new features and enhancements that we expect to be key components of the final EMET 5.0 release. We are releasing this technical preview to gather customer feedback about the new features and enhancements. Your feedback will affect the final EMET 5.0 technical
https://blogs.technet.com/b/srd/archive/2014/02/25/announcing-emet-5-0-technical-preview.aspx
VU#684412: libpng denial-of-service vulnerability
Vulnerability Note VU#684412 libpng denial-of-service vulnerability Original Release date: 25 Feb 2014 | Last revised: 25 Feb 2014 Overview libpng versions 1.6.0 through 1.6.9 contain a denial-of-service vulnerability. Description CWE-835: Loop with Unreachable Exit Condition (Infinite Loop) - CVE-2014-0333Glenn Randers Pehrson of the PNG Development Group reports:The progressive decoder in libpng16 enters an infinite loop, thus hanging the application, when it encounters a zero-length IDAT...
http://www.kb.cert.org/vuls/id/684412
Schneider Electric SCADA Products Exception Handler Vulnerability
Researcher Carsten Eiram of Risk Based Security has identified an exception handling vulnerability in Schneider Electric’s CitectSCADA application. The original vulnerability reported by Mr. Eiram had already been fixed in CitectSCADA v7.20SP2. While investigating this vulnerability report, Schneider Electric discovered additional related vulnerabilities and has produced a patch that mitigates them in SCADA Expert Vijeo Citect, CitectSCADA, and PowerSCADA Expert.
http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01
IBM AIX OpenSSL Multiple Denial of Service Vulnerabilities
https://secunia.com/advisories/57041
Python Buffer Overflow in socket.recvfrom_into() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1029831
Cisco Unified Communications Manager CAPF Unauthenticated Device Information Update Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0743
Cisco Unified Communications Manager OS Administration CSRF Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0740
Cisco Unified Contact Center Express CCMConfig Sensitive Information Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2102
Cisco Unified Contact Center Express Serviceability Page CSRF Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0745