End-of-Shift report
Timeframe: Montag 09-03-2015 18:00 − Dienstag 10-03-2015 18:00
Handler: Stephan Richter
Co-Handler: n/a
MS15-MAR - Microsoft Security Bulletin Summary for March 2015 - Version: 1.0
This bulletin summary lists security bulletins released for March 2015.
https://technet.microsoft.com/en-us/library/security/MS15-MAR
Apple Patches for iOS, OS X and Apple TV, (Tue, Mar 10th)
With yesterdays updates for iOS, OS X and Apple TV, Apple also addressed a number of security vulnerabilities, most notably the Freak vulnerability. After updating, the affected operating systems no longer support export quality ciphers. However, Apple browsers continue to support SSLv3 and as a result, continue to be vulnerable to POODLE. Quick Summary of the security content of Apples updates: XCode 6.2: This update addresses 4 vulnerabilities in subversion and 1 in git. OS X: 5...
https://isc.sans.edu/diary/Apple+Patches+for+iOS%2C+OS+X+and+Apple+TV/19443
Exploiting the DRAM rowhammer bug to gain kernel privileges
"Rowhammer" is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. We tested a selection of laptops and found that a subset of them exhibited the problem. We built two working privilege escalation exploits that use this effect. One exploit uses rowhammer-induced bit flips to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process. When run on a machine vulnerable to the rowhammer...
http://googleprojectzero.blogspot.co.at/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
Network Forensics What Are Your Investigations Missing - SANS DFIR WEBCAST
Traditionally, computer forensic investigations focused exclusively on data from the seized media associated with a system of interest.Recently, memory analysis has become an integral part of forensic analysis, resulting in a new and significantly different way for digital examiners and investigators to perform their craft.Now another evolution in computer forensics is at hand - one that includes data collected from network devices as well as the from wires themselves. Every day, more and more...
http://blog.malwareresearch.institute/video/2015/03/09/network-forensics-what-are-your-investigations-missing-sans-dfir-webcast
Yahoo Patches Critical eCommerce, Small Business Vulnerabilities
Yahoo has fixed a handful of vulnerabilities that could have given an attacker free reign over all of its user-run eCommerce websites and caused multiple headaches for small business owners.
http://threatpost.com/yahoo-patches-critical-ecommerce-small-business-vulnerabilities/111519
Attackers targeting Elasticsearch remote code execution hole
Devs ring patch alarm bells, drop shell code Attackers are targeting a patched remote code execution vulnerability in Elasticsearch that grants unauthenticated bad guys access through a buggy API.
http://go.theregister.com/feed/www.theregister.co.uk/2015/03/10/elastic_search_vuln/
SMS Trojan bypasses CAPTCHA
Trojan-SMS.AndroidOS.Podec proved to be remarkable: it can send messages to premium-rate numbers employing tools that bypass the Advice of Charge system. It can also subscribe users to premium-rate services while bypassing CAPTCHA.
http://securelist.com/analysis/publications/69169/sms-trojan-bypasses-captcha/
Xen Security Advisory CVE-2015-2150 / XSA-120
Non-maskable interrupts triggerable by guests
http://xenbits.xen.org/xsa/advisory-120.html
Xen Security Advisory CVE-2015-2151 / XSA-123
Hypervisor memory corruption due to x86 emulator flaw
http://xenbits.xen.org/xsa/advisory-123.html
Xen Security Advisory XSA-124
Non-standard PCI device functionality may render pass-through insecure
http://xenbits.xen.org/xsa/advisory-124.html
Exploiting the DRAM "Row Hammer" Bug
IBM has determined that all IBM System z, System p, and System x products are not vulnerable to this attack. IBM is analyzing other IBM products to determine if they are potentially impacted by this issue. Please actively monitor both your IBM Support Portal for available fixes and/or remediation steps and this blog for additional information.
https://www-304.ibm.com/connections/blogs/PSIRT/entry/exploiting_the_dram_row_hammer_bug?lang=en_us
Row Hammer Privilege Escalation Vulnerability
cisco-sa-20150309-rowhammer
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150309-rowhammer
Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products
cisco-sa-20150310-ssl
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl
Varnish 4.0.3 heap-buffer-overflow while parsing backend server HTTP response
Topic: Varnish 4.0.3 heap-buffer-overflow while parsing backend server HTTP response Risk: High Text:Hi there, Latest varnish-cache 4.0.3 (
https://www.varnish-cache.org/) seem to have a problem with parsing HTTP responses fro...
http://cxsecurity.com/issue/WLB-2015030056
Foxit Reader Update Service Unsafe Service Path Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1031879
Foxit Reader GIF File LZWMinimumCodeSize Memory Corruption Error Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1031878
Foxit Reader GIF File Ubyte Size Memory Corruption Error Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1031877
Red Hat Enterprise MRG Messaging Qpid Daemon Bugs Let Remote Users Deny Service and Access the System
http://www.securitytracker.com/id/1031872
Rails ActiveModel::Name Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1031873
Security Advisory: MainWP-Child WordPress Plugin
Security Risk: Critical Exploitation level: Very Easy/Remote DREAD Score: 9/10 Vulnerability: Password bypass / Privilege Escalation Patched Version: 2.0.9.2 During a routine audit of our Website Firewall (WAF), we found a critical vulnerability affecting the popular MainWP Child WordPress plugin. According to worpdress.org, it is installed on more than 90,000 WordPress sites as as remote administration...
http://blog.sucuri.net/2015/03/security-advisory-mainwp-child-wordpress-plugin.html
Google Analytics by Yoast 5.3.2 - Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/7838
Fraction Theme <= 1.1.1 - Privilege Escalation via CSRF
https://wpvulndb.com/vulnerabilities/7840