[CERT-daily] Tageszusammenfassung - Donnerstag 21-02-2013

Thu Feb 21 18:11:59 CET 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 20-02-2013 18:00 − Donnerstag 21-02-2013 18:00
Handler:     Stephan Richter
Co-Handler:  Christian Wojner


*** SANS SCADA Summit at Orlando - Bigger problems and so far from getting them solved, (Wed, Feb 20th) ***
---------------------------------------------
7 days ago finished the eight version of the SANS SCADA Summit at Orlando. Conferences were really great and it was a great opportunity to see that I am not the only CISO that is having trouble developing and implementing an information security program to the ICS world of the company. The most important conclusions obtained back there are:   Operators and professionals from the industrial world does only care about the process: they want it efficient, reliable, available all the time and...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15160&rss


*** Vuln: Jenkins Cross-Site Scripting, Security Bypass, and Denial of Service Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/bid/57994


*** Vuln: Drupal Core Image Derivatives Denial of Service Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/58069

*** Vuln: Drupal Ubercart Views and Ubercart Modules full name field HTML Injection Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/58065

*** Vuln: Drupal Menu Reference Module HTML Injection Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/58067

*** Vuln: Drupal Banckle Chat Module Access Bypass Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/57942


*** Bugtraq: [CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏ ***
---------------------------------------------
http://www.securityfocus.com/archive/1/525758