Tageszusammenfassung - Donnerstag 24-03-2016

End-of-Shift report

Timeframe: Mittwoch 23-03-2016 18:00 − Donnerstag 24-03-2016 18:00 Handler: Robert Waldner Co-Handler: Alexander Riepl

Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip

IBM Security Bulletin: IBM Forms Server vulnerability identified in Webform Server (CVE-2016-0223)

http://www.ibm.com/support/docview.wss?uid=swg21977574

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System FC5022 16Gb SAN and EN4023 10Gb Scalable Switches

http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099273

Security Bulletin: Vulnerabilities in OpenSSL affect QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for BladeCenter

http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099272

Cisco Network Convergence System 6000 Series Routers SCP and SFTP Modules Denial of Service Vulnerability

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs

Zyxel MAX3XX Series Wimax CPEs Hardcoded Root Password

https://cxsecurity.com/issue/WLB-2016030135

Measuring SMTP STARTTLS Deployment Quality

At Yahoo, our users send and receive billions of emails everyday. We work to make Yahoo Mail easy to use, personalized, and secure for our hundreds of millions of users around the world. In line with our efforts to protect our users ..

https://yahoo-security.tumblr.com/post/141495385400/measuring-smtp-starttls-deployment-quality

Kerberos Kadmind Null Pointer Dereference in process_db_args() Lets Remote Authenticated Users Execute Arbitrary Code on the Target System

http://www.securitytracker.com/id/1035399

CA Single Sign-On Agent Input Validation Flaws Let Remote Users Obtain Potentially Sensitive Information and Cause Denial of Service Conditions

http://www.securitytracker.com/id/1035389

Researchers find hole in SIP, Apple's newest protection feature

System Integrity Protection pwned Security researchers have discovered a vulnerability that creates a means for hackers to circumvent Apple's newest protection .. www.theregister.co.uk/2016/03/24/macosx_security_bypass/

Nemucods CRYPTED Ransomware Can Be Neutralized with This Decrypter

Victims that had their computers locked by a ransomware that uses the CRYPTED file extension can now free their files using a special decrypter created by Emsisoft security ..

http://news.softpedia.com/news/nemucod-s-crypted-ransomware-can-be-neutralized-with-this-decrypter-502102.shtml

RCE flaw affects DVRs sold by over 70 different vendor

RSA security researcher Rotem Kerner has discovered a remote code execution vulnerability that affects digital video recorders (DVRs) sold by more than 70 different vendors around the world.

https://www.helpnetsecurity.com/2016/03/24/rce-flaw-dvrs-70-vendors/

Erpressungs-Trojaner Petya riegelt den gesamten Rechner ab

Eine neue Ransomware hat es aktuell auf deutschsprachige Windows-Nutzer abgesehen. Petya wird über Dropbox verteilt und manipuliert die Festplatte, wodurch das Betriebssystem nicht mehr ausgeführt werden kann.

http://www.heise.de/newsticker/meldung/Erpressungs-Trojaner-Petya-riegelt-den-gesamten-Rechner-ab-3150917.html

VU#279472: Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities

http://www.kb.cert.org/vuls/id/279472

RedDoor: Erpresser drohen mit DDoS-Attacken auf deutsche Webseiten

Zahlt uns 3 Bitcoin oder wir legen eure Webseite lahm – mit dieser Drohung erpresst eine Gruppe gerade Firmen in Deutschland, Österreich und der Schweiz. Angeblich soll es sich dabei allerdings um einen Bluff handeln.

http://heise.de/-3151565

Emergency Java Patch Re-Issued for 2013 Vulnerability

Oracle yesterday released an emergency patch for a Java vulnerability that was improperly patched in 2013.

http://threatpost.com/emergency-java-patch-re-issued-for-2013-vulnerability/116967/