End-of-Shift report
Timeframe: Freitag 27-11-2015 18:00 − Montag 30-11-2015 18:00
Handler: Stephan Richter
Co-Handler: Alexander Riepl
IBM Security Bulletin: IBM Maximo Asset Management contains a vulnerability which could allow a user to log in with an expired password (CVE-2015-5017)
IBM Maximo Asset Management contains a vulnerability which could allow a user to log into the system with an expired password. This vulnerability could allow a local attacker to obtain sensitive information or compromise the integrity of the system.
http://www.ibm.com/support/docview.wss?uid=swg21969052
IBM Security Bulletin: Security Bulletin: Vulnerability in Apache Commons affects IBM Endpoint Manager for Remote Control (CVE-2015-7450)
Apache Commons Collections could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of data with Java InvokerTransformer class. By sending specially crafted data, an attacker could exploit this vulnerability to execute arbitrary Java code on the system.
http://www.ibm.com/support/docview.wss?uid=swg21971490
Program:Win32/CompromisedCert.D
This threat is a Dell root certificate for which the private keys were leaked. This means a hacker can use this certificate to modify your browsing experience and steal sensitive information.
https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Program%3aWin32%2fCompromisedCert.D&threatid=224188&enterprise=0
Dell Root-CA-Desaster: Microsoft bringt Updates in Stellung
Mit einem Update für mehrere seiner Sicherheits-Tools will Microsoft zwei digitale Zertifikate entfernen, die auf Computern des Herstellers Dell zu Sicherheitsrisiken wurden. Erste Schadsoftware, die das Einfallstor nutzt, wurde bereits gefunden.
http://heise.de/-3025738
Turris Omnia Security Project protects home network users
The non-profit security research Turris Omnia project originating from the Czech Republic focuses on safety of SoHo users. The non-profit security research project originating from the Czech Republic, which focuses on safety of SoHo ..
http://securityaffairs.co/wordpress/42382/hacking/turris-omnia-router-project.html
International NCSC One Conference 2016
We are pleased to announce the fourth edition of our international One Conference 2016 that will take place at the World Forum in The Hague on April 5 and 6, 2016. Again the program will be informative and eye-opening offering something of interest to a wide variety of participants from private sectors, ..
https://www.ncsc.nl/english/current-topics/news/ncsc-one-conference-2016.html
Lancom fixt Verschlüsselungsproblem in Routern
In verschiedenen Routern von Lancom klafft eine Schwachstelle, über die Angreifer verschlüsselte Verbindungen aufbrechen können. Workarounds sichern betroffene Geräte ab.
http://heise.de/-3026432
DFN-CERT-2015-1837: Xen: Eine Schwachstelle ermöglicht das Ausführen beliebigen Programmcodes mit den Rechten des Dienstes
https://portal.cert.dfn.de/adv/DFN-CERT-2015-1837/
Bugtraq: Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 Advanced Information Security Corporation
http://www.securityfocus.com/archive/1/537001
SSA-763427: Vulnerability in Communication Processor (CP) modules SIMATIC CP 343-1, TIM 3V-IE, TIM 4R-IE, and CP 443-1
An authentication bypass vulnerability in Communication Processor (CP) module families SIMATIC CP 343-1/TIM 3V-IE/TIM 4R-IE/CP 443-1 could allow unauthenticated users to perform administrative operations under certain conditions.
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-763427.pdf
Multiple serious vulnerabilities in RSI Videofied's alarm protocol
RSI Videofied are a French company that produce a series of alarm panels that are fairly unique in the market. They are designed to be battery powered and send videos from the detectors if the alarm is triggered. This is called video ..
http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.0.2e, 1.0.1q, 1.0.0t and 0.9.8zh. These releases will be made available on 3rd December between approx. 1pm and 5pm (UTC). They will fix a number of security defects, the highest of which is classified as "moderate" severity.
https://mta.openssl.org/pipermail/openssl-announce/2015-November/000045.html