[CERT-daily] Tageszusammenfassung - Freitag 30-08-2013

Fri Aug 30 18:10:19 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 29-08-2013 18:00 − Freitag 30-08-2013 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** CoreText Font Rendering Bug Leads To iOS, OS X Exploit ***
---------------------------------------------
redkemper writes with this news from BGR.com (based on a report at Hacker News), excerpting: "Android might be targeted by hackers and malware far more often than Apples iOS platform, but that doesnt mean devices like the iPhone and iPad are immune to threats. A post on a Russian website draws attention to a fairly serious vulnerability that allows nefarious users to remotely crash apps on iOS 6, or even render them unusable. The vulnerability is seemingly due to a bug in Apples CoreText...
---------------------------------------------
http://apple.slashdot.org/story/13/08/29/155221/coretext-font-rendering-bug-leads-to-ios-os-x-exploit


*** Cloud-Dienst als Malware-Einfallstor ***
---------------------------------------------
IT-Sicherheitsforscher haben eine Methode gezeigt, mit der über Dropbox und Co. Sicherheitsmechanismen von Firmen überwunden werden können.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Cloud-Dienst-als-Malware-Einfallstor-1945606.html


*** Sicherheitsforscher knacken Dropbox ***
---------------------------------------------
Client entschlüsselt - Zwei-Weg-Authentifizierung kann umlaufen werden
---------------------------------------------
http://derstandard.at/1376535110812


*** TeleGeographys Interactive Submarine Cable Map ***
---------------------------------------------
....Ever want to know where all the submarine cables are that provide part of the physical infrastructure of the Internet? Or which cities in the world have the most connectivity via submarine cables? (or which regions might be single points of failure?) In doing some research I stumbled across this excellent site from the folks at TeleGeography ...
---------------------------------------------
http://www.submarinecablemap.com/


*** FinFisher range of attack tools ***
---------------------------------------------
FinFisher is a range of attack tools developed and sold by a company called Gamma Group.Recently, some FinFisher sales brochures and presentations were leaked on the net. They contain many interesting details about these tools.In the background part of the FinFisher presentation, they go on to explain how Gamma hired the (at-the-time) main developer of Backtrack Linux to build attack tools for Gamma. This is a reference to Martin Johannes Münch. They also boast how their developers have...
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002601.html


*** vBulletin users warned of potential exploit ***
---------------------------------------------
The forum softwares developers advise users to delete the install folder
---------------------------------------------
http://www.csoonline.com/article/738959/vbulletin-users-warned-of-potential-exploit?source=rss_application_security


*** MatrikonOPC SCADA DNP3 Master Station Improper Input Validation ***
---------------------------------------------
OVERVIEW: This updated advisory was originally posted to the US-CERT secure Portal library on August 02, 2013, and is now being released to the ICS-CERT Web page.Adam Crain of Automatak and independent researcher Chris Sistrunk have identified a buffer overflow vulnerability in MatrikonOPC’s SCADA DNP3 OPC Server application. MatrikonOPC has produced a patch that mitigates this vulnerability. The researchers tested the patch to validate that it resolves the vulnerability.This vulnerability...
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A


*** Cisco Identity Services Engine Discloses Authentication Credentials to Remote Users ***
---------------------------------------------
http://www.securitytracker.com/id/1028965


*** IBM InfoSphere Information Server Web Console Cross-Site Scripting Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/54698


*** Schneider Electric OFS XML External Entities Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/54616


*** Cisco ASA Software TFTP Protocol Inspection Denial of Service Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/54699


*** LibTIFF Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/54628


*** VMSA-2013-0011 ***
---------------------------------------------
VMware ESXi and ESX address an NFC Protocol Unhandled Exception
---------------------------------------------
http://www.vmware.com/support/support-resources/advisories/VMSA-2013-0011.html