End-of-Shift report
Timeframe: Montag 24-03-2014 18:00 − Dienstag 25-03-2014 18:00
Handler: Robert Waldner
Co-Handler: n/a
Microsoft Security Advisory (2953095): Vulnerability in Microsoft Word Could Allow Remote Code Execution - Version: 1.0
Microsoft is aware of a vulnerability affecting supported versions of Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer.
http://technet.microsoft.com/en-us/security/advisory/2953095
Security Advisory 2953095: recommendation to stay protected and for detections
Today, Microsoft released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. This blog will discuss mitigations and temporary defensive strategies that will help customers to protect themselves while we are working on a security update. This blog also provides some preliminary details of the exploit code observed in the wild. Mitigations and Workaround The in the wild
http://blogs.technet.com/b/srd/archive/2014/03/24/security-advisory-2953095-recommendation-to-stay-protected-and-for-detections.aspx
[dos] - Windows Media Player 11.0.5721.5230 - Memory Corruption PoC
#[+] Exploit Title: Windows Media Player 11.0.5721.5230 Memory Corruption PoC
#[+] Date: 22-03-2014
#[+] Category: DoS/PoC
#[+] Tested on: WinXp/Windows 7 Pro
http://www.exploit-db.com/exploits/32477
Security Notice- Allegro RomPager Information Disclosure Vulnerability in Multiple Huawei Routers
Huawei has noticed an information disclosure vulnerability on the RomPager embedded web server, which is developed by Allegro. The vulnerability affects Huawei HG520c, MT880, and MT886 access routers.
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-330381.htm
Bugtraq: Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti
Summary:
Three vulnerabilities were found in cacti version 0.8.7g.
The vulnerabilities are:
1) Stored Cross-Site Scripting (XSS) (via URL)
2) Missing CSRF (Cross-Site Request Forgery) token allows execution of arbitrary commands
3) The use of exec-like function calls without safety checks allow arbitrary commands
http://www.securityfocus.com/archive/1/531588
Bugtraq: Deutsche Telekom CERT Advisory [DTC-A-20140324-003] vulnerabilities in icinga
Two vulnerabilities were found in icinga version 1.9.1.
These vulnerabilities are:
1) several buffer overflows
2) Off-by-one memory access
http://www.securityfocus.com/archive/1/531593
Bugtraq: Deutsche Telekom CERT Advisory [DTC-A-20140324-002] vulnerabilities in check_mk
Several vulnerabilities were found in check_mk version 1.2.2p2.
The vulnerabilities are:
1 - Reflected Cross-Site Scripting (XSS)
2 - Stored Cross-Site Scripting (XSS) (via URL)
3 - Stored Cross-Site Scripting (XSS) (via external data, no link necessary)
4 - Stored Cross-Site Scripting (XSS) (via external data on service port, no link necessary)
5 - Missing CSRF (Cross-Site Request Forgery) token allows execution of arbitrary commands
6 - Multiple use of exec-like function calls which allow arbitrary commands
7 - Deletion of arbitrary files
http://www.securityfocus.com/archive/1/531594
Net-snmp snmptrapd Community String Processing Lets Remote Users Deny Service
A remote user can send a specially crafted SNMP trap request with an empty community string to trigger a flaw in newSVpv() and cause the target snmptrapd service to crash.
Systems with the Perl handler enabled are affected.
http://www.securitytracker.com/id/1029950
Trojan.PWS.OSMP.21 infects payment terminals
March 25, 2014 Home users aren't the only ones being targeted by today's threats - various financial organisations are receiving their own share of attention from criminals who are crafting malicious applications for ATMs and payment terminals. Doctor Web has issued a warning regarding one such Trojan, namely, Trojan.PWS.OSMP.21. This malware is infecting the terminals of a major Russian payment system.
http://news.drweb.com/show/?i=4259&lng=en&c=9
RSA BSAFE Micro Edition Suite (MES) 4.0.x Denial Of Service
Summary:
RSA BSAFE MES 4.0.5 contains fix for a security vulnerability that could potentially be exploited by malicious users to
deny access to the affected system.
Details:
This vulnerability may cause unpredictable application behavior resulting in a server crash due to faulty certificate
chain processing logic.
http://cxsecurity.com/issue/WLB-2014030193
PHP Fileinfo libmagic AWK File Processing Denial of Service Vulnerability
A vulnerability has been reported in PHP, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the libmagic library bundled in the Fileinfo extension when processing certain AWK scripts, which can be exploited to cause excessive CPU resources consumption via a specially crafted AWK script file.
https://secunia.com/advisories/57564
OpenVZ update for kernel
OpenVZ has issued an update for kernel. This fixes multiple vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system.
https://secunia.com/advisories/57573
Password Hashing Competition
Theres a private competition to identify new password hashing schemes. Submissions are due at the end of the month.
https://www.schneier.com/blog/archives/2014/03/password_hashin.html