End-of-Shift report
Timeframe: Freitag 14-03-2014 18:00 − Montag 17-03-2014 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
Security Exploit Patched on vBulletin - PHP Object Injection
The vBulletin team just issued a warning, and released patches for a security exploit that affected all versions of vBulletin including 3.5, 3.6, 3.7, 3.8, 4.X, 5.X. They recommend that anyone using vBulletin apply these patches as soon as possible. Here is part of their announcement: A security issue has been found that affects all...
http://blog.sucuri.net/2014/03/security-exploit-patched-on-vbulletin-php-object-injection.html
Pwn2Own results for Wednesday (Day One)
At Pwn4Fun, Google delivered a very impressive exploit against Apple Safari launching Calculator as root on Mac OS X. ZDI presented a multi-stage exploit, including an adaptable sandbox bypass, against Microsoft Internet Explorer, launching Scientific Calculator (running in medium integrity) with continuation.
http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/
Pwn2Own results for Thursday (Day Two)
... Vulnerabilities were successfully presented on Thursday in the Pwn2Own competition ... against Google Chrome, Microsoft Internet Explorer, Apple Safari, Mozilla Firefox, Adobe Flash.
http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/
Verschlüsselung: Caesar-Wettbewerb sucht authentifizierte Verschlüsselung
Die erste Runde des Caesar-Wettbewerbs hat begonnen. Das Ziel: Kryptografen suchen bessere Algorithmen für authentifizierte Verschlüsselung.
http://www.golem.de/news/verschluesselung-caesar-wettbewerb-sucht-authentifizierte-verschluesselung-1403-105182-rss.html
The Long Tail of ColdFusion Fail
Earlier this month, I published a story about a criminal hacking gang using Adobe ColdFusion vulnerabilities to build a botnet of hacked e-commerce sites that were milked for customer credit card data. Todays post examines the impact that this botnet has had on several businesses, as well as the important and costly lessons these companies learned from the intrusions.
http://krebsonsecurity.com/2014/03/the-long-tail-of-coldfusion-fail/
Webstorage-App von Asus schwächelt erneut bei SSL
Eine eigentlich behobene SSL-Lücke in der Android-App für den Asus-Onlinespeicher Webstorage ist auferstanden: Die aktuelle App-Version überpüft nicht das vom Onlinespeicher übermittelte Serverzertifikat.
http://www.heise.de/security/meldung/Webstorage-App-von-Asus-schwaechelt-erneut-bei-SSL-2148420.html
iOS 7 has weak random number generator
Trivial to break, says researcher In an effort to improve iDevice security, Apple replaced its internal random number generator between iOS 6 and iOS 7 - but a security researcher believes Cupertino inadvertently downgraded security.
http://go.theregister.com/feed/www.theregister.co.uk/2014/03/16/ios_7_has_weak_random_number_generator/
VU#381692: Webmin contains a cross-site scripting vulnerability
Vulnerability Note VU#381692 Webmin contains a cross-site scripting vulnerability Original Release date: 14 Mar 2014 | Last revised: 14 Mar 2014 Overview Webmin 1.670, and possibly earlier versions, contains a cross-site scripting vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Webmin 1.670, and possibly earlier versions, contains a cross-site scripting vulnerability in the "search" parameter of the view.cgi...
http://www.kb.cert.org/vuls/id/381692
Siemens SIMATIC S7-1500 CPU Firmware Vulnerabilities
Siemens and Positive Technology researchers (Yury Goltsev, Llya Karpov, Alexey Osipov, Dmitry Serebryannikov and Alex Timorin) have identified nine firmware vulnerabilities in the Siemens SIMATIC S7-1500 CPU Firmware. Siemens has produced a patch that mitigates these vulnerabilities.These vulnerabilities could be exploited remotely.
http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01
OpenX 2.8.11 Cross Site Request Forgery
Topic: OpenX 2.8.11 Cross Site Request Forgery Risk: Low Text: Hello, Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11and earlier allows remote attackers to ...
http://cxsecurity.com/issue/WLB-2014030121
iOS 7 Arbitrary Code Execution
When a specific value is supplied in USB Endpoint descriptor for a HID device the Apple device kernel panics and reboots
http://cxsecurity.com/issue/WLB-2014030126
GNU Readline Insecure usage of temporary files
Topic: GNU Readline Insecure usage of temporary files Risk: Medium Text: Whilst auditing some code for insecure uses of temporary files I spotted a potential area of concern in GNU readline. (...
http://cxsecurity.com/issue/WLB-2014030129
HPSBNS02969 rev.1 - HP NonStop Servers running Java 7, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability
Potential vulnerabilities have been identified with HP NonStop Servers running Java 7. The vulnerabilities could be exploited remotely affecting confidentiality, integrity and availability.
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04126444