[CERT-daily] Tageszusammenfassung - Dienstag 2-04-2013

Tue Apr 2 18:04:35 CEST 2013

=======================
= End-of-Shift report =
=======================
Timeframe:   Freitag 29-03-2013 18:00 − Dienstag 02-04-2013 18:00
Handler:     Stephan Richter
Co-Handler:  Robert Waldner

*** IPv6-Migrationsleitfaden für öffentliche Verwaltungen ***
---------------------------------------------
Das Bundesinnenministerium hat zusammen mit einigen Partnern ein dickes "Kochbuch" für die IPv6-Einführung vorgelegt und wirbt darin für die Vorzüge des Protokolls im täglichen Einsatz.
---------------------------------------------
http://heise.de.feedsportal.com/c/35207/f/653902/s/2a23a3bf/l/0L0Sheise0Bde0Cnewsticker0Cmeldung0CIPv60EMigrationsleitfaden0Efuer0Eoeffentliche0EVerwaltungen0E18328960Bhtml0Cfrom0Catom10A/story01.htm


*** IBM Storwize V7000 Unified Samba Bug Lets Remote Authenticated Users Modify Files ***
---------------------------------------------
A remote authenticated user can exploit a flaw in the Samba implementation to perform operations on the target Storwize V7000 Unified CIFS export that are not permitted by the CIFS share access control settings. This may include writing to read-only shares.
---------------------------------------------
http://www.securitytracker.com/id/1028365


*** US-CERT Alert TA13-088A: DNS Amplification Attacks ***
---------------------------------------------
A Domain Name Server (DNS) Amplification attack is a popular form of Distributed Denial of Service (DDoS) that relies on the use of publically accessible open recursive DNS servers to overwhelm a victim system with DNS response traffic.
---------------------------------------------
http://www.us-cert.gov/ncas/alerts/TA13-088A


*** IBM Lotus iNotes Input Validation Flaws Permit Cross-Site Scripting Attacks ***
---------------------------------------------
Two vulnerabilities were reported in IBM Lotus iNotes. A remote user can conduct cross-site scripting attacks.
---------------------------------------------
http://www.securitytracker.com/id/1028363


*** Perl Bug in Rehash Mechanism Lets Remote Users Deny Service ***
---------------------------------------------
A vulnerability was reported in Perl. 
A remote user can send specially crafted data to cause the target Perl application to consume excessive memory and crash. Applications that provide arbitrary user-supplied data as input to hash keys are affected.
---------------------------------------------
http://www.securitytracker.com/id/1028346


*** Fortinet FortiMail IBE Appliance Application Filter Bypass ***
---------------------------------------------
Topic: Fortinet FortiMail IBE Appliance Application Filter Bypass Risk: Medium Text:Title: Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities Date: == 2013-01-23 References: == http...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/UZi8QdV4Kiw/WLB-2013010217


*** Foxit Reader <= 5.4.4.1128 npFoxitReaderPlugin.dll Stack Buffer Overflow ***
---------------------------------------------
Topic: Foxit Reader
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/mNx5SSGJYF4/WLB-2013010048


*** DIY Java-based RAT (Remote Access Tool) spotted in the wild ***
---------------------------------------------
By Dancho Danchev While the authors/support teams of some of the market leading Web malware exploitation kits are competing on their way to be the first kit to introduce a new exploit on a mass scale, others, largely influenced by the re-emergence of the DIY (do-it-yourself) trend across the cybercrime ecosystem, continue relying on good [...]
---------------------------------------------
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/yE_PNzkr8w8/


*** Bugtraq: Authentication bypass on Netgear WNR1000 ***
---------------------------------------------
Authentication bypass on Netgear WNR1000
---------------------------------------------
http://www.securityfocus.com/archive/1/526148


*** HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities ***
---------------------------------------------
Potential security vulnerabilities have been identified with HP-UX Apache running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass, unauthorized modification, and other vulnerabilities.
---------------------------------------------
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03716627


*** IBM InfoSphere Information Server Input Validation Flaw Permits Cross-Site Scripting Attacks ***
---------------------------------------------
A vulnerability was reported in IBM InfoSphere Information Server. A remote user can conduct cross-site scripting attacks.
---------------------------------------------
http://www.securitytracker.com/id/1028372


*** Splunk Web Input Validation Flaw Permits Cross-Site Scripting Attacks ***
---------------------------------------------
A vulnerability was reported in Splunk Web. A remote user can conduct cross-site scripting attacks.
---------------------------------------------
http://www.securitytracker.com/id/1028371


*** Cyber Security Bulletin (SB13-091) - Vulnerability Summary for the Week of March 25, 2013 ***
---------------------------------------------
"The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains
---------------------------------------------
http://www.us-cert.gov/ncas/bulletins/SB13-091


*** Vuln: Mitsubishi MX Component ActiveX Control ActUWzd.dll Remote Buffer Overflow Vulnerability ***
---------------------------------------------
Mitsubishi MX Component ActiveX Control ActUWzd.dll Remote Buffer Overflow Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/58692


*** Cisco Connected Grid Network Management System Multiple Vulnerabilities ***
---------------------------------------------
Cisco Connected Grid Network Management System Multiple Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/52834


*** VMSA-2013-0004 - VMware ESXi security update for third party library ***
---------------------------------------------
The ESXi userworld libxml2 library has been updated to resolve a security issue.
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2013-0004.html


*** ICS-CERT Advisory ICSA-13-091-01 - Wind River VXWorks SSH and Web Server Multiple Vulnerabilities ***
---------------------------------------------
This advisory provides mitigation details for six vulnerabilities in the Wind River VxWorks Remote Terminal Operating System (RTOS).
---------------------------------------------
http://ics-cert.us-cert.gov/pdf/ICSA-13-091-01.pdf


*** ModSecurity XML External Entity Processing Vulnerability ***
---------------------------------------------
ModSecurity XML External Entity Processing Vulnerability
---------------------------------------------
https://secunia.com/advisories/52847