Deutsch | English

[CERT-daily] Tageszusammenfassung - Dienstag 30-04-2013

Daily end-of-shift report team at cert.at
Tue Apr 30 18:14:25 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 29-04-2013 18:00 − Dienstag 30-04-2013 18:00
Handler:     Stephan Richter




*** Yahoo! Browser for Android Address Bar Spoofing Weakness ***
---------------------------------------------
https://secunia.com/advisories/53214




*** Ruggedcom ROS Hard-Coded RSA SSL Private Key Update ***
---------------------------------------------
OverviewThis Updated Advisory is a follow-up to the original advisory titled ICSA-12-354-01 RuggedCom ROS Hard-Coded RSA SSL Private Key that was published December 18, 2012, on the ICS-CERT Web page.Independent researcher Justin W. Clarke of Cylance Inc., has identified the use of hard-coded RSA SSL private key in RuggedCom's Rugged Operating System (ROS). RuggedCom, an independent subsidiary of Siemens, has produced a new version of the ROS that mitigates this vulnerability.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A




*** Admin beware: Attack hitting Apache websites is invisible to the naked eye ***
---------------------------------------------
Newly discovered Linux/Cdorked evades detection by running in shared memory.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/MpO11h_pn5M/




*** Apache attack drives traffic to malware ***
---------------------------------------------
Blackhole redirect served by modified daemon binary A security researcher is warning that an attack on the Apache Web server is increasingly showing up in the wild, and has published a free Python tool to check their configurations.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/04/30/apache_dcorked_blackhole_vulnerability/




*** TinyMCE Ajax File Manager Remote Code Execution *youtube ***
---------------------------------------------
http://cxsecurity.com/wlb/WLB-2013040207




*** phpMyAdmin 3.5.8 Authenticated Remote Code Execution Exploit ***
---------------------------------------------
http://cxsecurity.com/wlb/WLB-2013040203




*** WordPress Easy AdSense Lite Plugin Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/52953




*** FreeBSD NFS Server Input Validation Bug May Let Remote Users Execute Arbitrary Code ***
---------------------------------------------
http://www.securitytracker.com/id/1028491




*** HP Service Manager Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/53260




*** [TYPO3-announce] [TYPO3-dev] Announcing TYPO3 CMS 6.1.0 Final Release ***
---------------------------------------------
http://typo3.org/download/release-notes/typo3-61-release-notes/




Next End-of-Shift report on 2013-05-02


More information about the Daily mailing list
Kontakt
Email: reports@cert.at
Tel.: +43 1 5056416 78
mehr ...
Warnungen
mehr ...
Blog
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

(HTML, PDF).
Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung