[CERT-daily] Tageszusammenfassung - Donnerstag 8-08-2013

Thu Aug 8 18:14:42 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 07-08-2013 18:00 − Donnerstag 08-08-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** The Reality of Browser-Based Botnets ***
---------------------------------------------
The research on browser-based botnets presented during the recent Blackhat conference in Las Vegas touches on our previous study on the abuse of HTML5. Most importantly, it shows how a simple fake online ad can lead to formidable threats like a distributed denial of service (DDoS) attack. In their briefing, Jeremiah Grossman and Matt Johansen...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/uhrzSyFOloo/


*** "Hand of Thief" banking trojan doesn't do Windows - but it does Linux ***
---------------------------------------------
Priced at $2,000, bank fraud malware has its own sales and support agents.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/RoJzDIPdCXI/story01.htm


*** [papers] - Adventures in Automotive Networks and Control Units ***
---------------------------------------------
Previous research has shown that it is possible for an attacker to get remote code execution on the electronic control units (ECU) in automotive vehicles via various interfaces such as the Bluetooth interface and the telematics unit. This paper aims to expand on the ideas of what such an attacker could do to influence the behavior of the vehicle after that type of attack. In particular, we demonstrate how on two different vehicles that in some circumstances we are able to control the steering, braking,...
---------------------------------------------
http://www.exploit-db.com/download_pdf/27404


*** Cisco TelePresence System Default Credentials Vulnerability ***
---------------------------------------------
A vulnerability in Cisco TelePresence System could allow a remote attacker to access the web server via a user account that is created with default credentials.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130807-tp


*** Vulnerabilities in Drupal Third Party Modules ***
---------------------------------------------
https://drupal.org/node/2059589
https://drupal.org/node/2059599
https://drupal.org/node/2059603
https://drupal.org/node/2059765
https://drupal.org/node/2059823


*** Security Bulletin: IBM Platform Application Center (CVE-2013-4002) ***
---------------------------------------------
A variant of the Apache Xerces-J XML parser (XML4J) shipped with IBM Platform Application Center is vulnerable to a denial of service attack that can be triggered by malformed XML data.    CVE(s): CVE-2013-4002    Affected product(s) and affected version(s):  IBM Platform Application Center V8.3 and V9.1   Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=isg3T1019751 X-Force Database:
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_platform_application_center_cve_2013_4002?lang=en_us


*** IBM Content Analytics with Enterprise Search Multiple Vulnerabilities ***
---------------------------------------------
IBM has acknowledged a weakness and multiple vulnerabilities in IBM Content Analytics with Enterprise Search, which can be exploited by malicious people to disclose certain sensitive information, conduct cross-site scripting attacks, manipulate certain data, and cause a DoS (Denial of Service).
---------------------------------------------
https://secunia.com/advisories/54460


*** Bugtraq: [security bulletin] HPSBHF02912 rev.1 - HP Networking Products including H3C and 3COM Routers and Switches, OSPF Remote Information Disclosure and Denial of Service ***
---------------------------------------------
Potential security vulnerabilities have been identified with HP Networking Products including 3COM and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information and denial of service.
---------------------------------------------
http://www.securityfocus.com/archive/1/527859