End-of-Shift report
Timeframe: Freitag 29-01-2016 18:00 − Montag 01-02-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
FreeBSD Linux Support issetugid(2) Error Lets Local Users Gain Elevated Privileges
The Linux compatibility layer issetugid(2) system call may return incorrect information. A local user may be able to exploit an application that uses this system call to gain elevated privileges.
http://www.securitytracker.com/id/1034872
QEMU Firmware Configuration Processing Access Flaw Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
A privileged local user with CAP_SYS_RAWIO capabilities on the guest system can trigger an out-of-bounds read/write access error when processing firmware configurations and cause denial of service conditions or gain elevated privileges on the host system.
http://www.securitytracker.com/id/1034858
HP integrated Lights Out (iLO) TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections
A remote user that can conduct a man-in-the-middle attack can cause the target system to downgrade the Diffie-Hellman algorithm to 512-bit export-grade cryptography. The remote user may then be able to decrypt the connection.
http://www.securitytracker.com/id/1034884
Hippo CMS 10.1 XML External Entity Information Disclosure Vulnerability
XXE (XML External Entity) processing through upload of SVG images in the CMS, and through XML import in the CMS Console application.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5301.php
Hippo CMS 10.1 Stored Cross-Site Scripting Vulnerability
Hippo CMS suffers from a stored XSS vulnerability. Input passed thru the POST parameters groupname and description is not sanitized allowing the attacker to execute HTML code into users browser session on the affected site.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5300.php
HP Client Security Manager 8.3.4 Cross-Site Scripting Vulnerability
HP Client Security Manager is prone to XSS attacks because of lacking sanitization of data from HTML forms. It makes any site vulnerable even without XSS presence on the site.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5299.php
Now VirusTotal can scan your firmware image for bad executables
VirusTotal presented a new malware scanning engine that allows users to analyze their firmware images searching for malicious codes. VirusTotal has recently announced the launch of a new malware scanning service for firmware ..
http://securityaffairs.co/wordpress/44097/malware/virustotal-firmware-scan.html
6 Millionen US-Dollar für Sicherheitslücken in Google-Produkten
Google zeigt sicher weiterhin spendabel, wenn Sicherheitsforscher neue Lücken in Chrome, Android & Co. an den Konzern melden.
http://heise.de/-3088182
DSA-3460 privoxy - security update
It was discovered that privoxy, a web proxy with advanced filteringcapabilities, contained invalid reads that could enable a remoteattacker to crash the application, thus causing a Denial of Service.
https://www.debian.org/security/2016/dsa-3460
Is security outfit Norse Corp dead or just temporarily TITSUP?
Imploding says Brian Krebs Security startup Norse Corp has gone ominously dark.
www.theregister.co.uk/2016/02/01/is_norse_corp_dead_or_just_temporarily_titsup/
LibreSSL emits new versions, says not vulnerable to OpenSSL bug
Ciscos pedalling hard to prepare patches too Corrected LibreSSL sysadmins should keep an eye on their mirrors for a soon-to-land update.
www.theregister.co.uk/2016/02/01/openbsd_rolls_in_libressl_bug_fixes/
DSA-3463 prosody - security update
It was discovered that insecure handling of dialback keys may allowa malicious XMPP server to impersonate another server.
https://www.debian.org/security/2016/dsa-3463
Schluss mit "123456": 1. Februar ist "Change your password"-Tag
Zahlreiche Nutzer verwenden noch immer haarsträubend unsichere Passwörter
http://derstandard.at/2000030144886
Aktuell im Umlauf: Trojaner-Mail im Namen des Kopierers verschickt
Kriminelle versenden dieser Tage gehäuft E-Mails mit Schadcode im Anhang über gefälschte Absenderadressen von Netzwerk-Kopierern.
http://heise.de/-3088536
GAME OVER: HOW A COLOURFUL GAME TURNED INTO A SUBSCRIPTION TRAP - App from the Google Play store automatically set up two subscriptions in the Netherlands
Premium SMS messages were the first attacks on Android users - almost six years ago, malware with this functionality was the primary risk. Since then of course, the malware landscape for mobile devices has moved on significantly. For this very ..
https://blog.gdatasoftware.com/blog/article/game-over-how-a-colourful-game-turned-into-a-subscription-trap.html
Theres a lot of vulnerable OS X applications out there.
Lately, I was doing research connected with different updating strategies, and I tested a few applications working under Mac OS X. This short weekend research revealed that we have many insecure applications in the wild. As a result, I have found a vulnerability which allows an attacker take control of another computer on the same network (via MITM).
https://vulnsec.com/2016/osx-apps-vulnerabilities/
Illegaler Bezahldienst Liberty Reserve: Gründer bekennt sich der Geldwäsche schuldig
US-Behörden bezeichnen den 2013 abgestellten Onlinedienst Liberty Reserve als "die Bank der Wahl für die kriminelle Unterwelt". Der Gründer hat sich nun schuldig bekannt, über 250 Millionen US-Dollar gewaschen zu haben.
http://heise.de/-3088621