[CERT-daily] Tageszusammenfassung - Montag 8-07-2013

Daily end-of-shift report team at cert.at
Mon Jul 8 18:08:27 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 05-07-2013 18:00 − Montag 08-07-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Stephan Richter




*** Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host ***
---------------------------------------------
A local administrative user on a PV guest can exploit a memory management page reference counting error to gain access on the target host server.
Systems running only HVM guests are not affected.
---------------------------------------------
http://www.securitytracker.com/id/1028740




*** WordPress post.php cross-site scripting ***
---------------------------------------------
WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the post.php script. A remote attacker could exploit this vulnerability using the excerpt and content fields to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/85439




*** Debian Security Advisory DSA-2720 icedove ***
---------------------------------------------
several vulnerabilities
---------------------------------------------
http://www.debian.org/security/2013/dsa-2720




*** Multiple D-Link Devices - OS-Command Injection via UPnP Interface ***
---------------------------------------------
The vulnerability is caused by missing input validation in different XML parameters. This vulnerability could be exploited to inject and execute arbitrary shell commands.
WARNING: You do not need to be authenticated to the device to insert and execute malicious commands.
---------------------------------------------
http://www.exploit-db.com/exploits/26664




*** OpenNetAdmin Remote Code Execution ***
---------------------------------------------
This exploit works because adding modules can be done without any sort
of authentication.
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070055




*** Styx Exploit Pack: Domo Arigato, PC Roboto ***
---------------------------------------------
Not long ago, miscreants who wanted to buy an exploit kit -- automated software that helps booby-trap hacked sites to deploy malicious code -- had to be fairly well-connected, or at least have access to semi-private underground forums. These days, some exploit kit makers are brazenly advertising and offering their services out in the open, marketing their wares as browser vulnerability "stress-test platforms."
---------------------------------------------
https://krebsonsecurity.com/2013/07/styx-exploit-pack-domo-arigato-pc-roboto/




*** Debian Security Advisory DSA-2721 nginx ***
---------------------------------------------
buffer overflow
---------------------------------------------
http://www.debian.org/security/2013/dsa-2721




*** What Does Facebook Know About You - An Analysis ***
---------------------------------------------
If you've read a news website, turned on the TV or not been under a rock over the past few weeks, then there is a good chance you've heard of a guy named Edward Snowden. He's the US analyst who is currently stuck in a Russian airport looking for asylum because he exposed that - surprise, surprise - the US government/NSA had been spying on pretty much everyone.
---------------------------------------------
http://daylandoes.com/facebook-and-your-data/




*** 15 MILLION dodgy login attempts spaffed all over Nintendo loyalists ***
---------------------------------------------
Thousands of players plundered for their hard-earned booty Hackers broke into 24,000 Club Nintendo accounts after pummelling the loyalty-reward website in a month-long assault.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/07/08/nintendo_brute_force_attack/




*** Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability ***
---------------------------------------------
Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/50218




*** DropBox account hacking bypassing two-factor authentication ***
---------------------------------------------
Zouheir Abdallah revealed that a hacker already knows the victim's credentials for Dropbox account that has 2FA authentication enabled, is able to hack it.
---------------------------------------------
http://securityaffairs.co/wordpress/15944/hacking/dropbox-account-hacking.html




*** Spam blizzards sometimes seed malware, AppRiver study warns ***
---------------------------------------------
Digital desperadoes have begun hiding their larcenous activities behind blizzards of spam aimed at their victims inboxes, according to a report released last week by a cloud security provider. The technique, called Distributed Spam Distraction (DSD), began appearing early this year, AppRiver revealed in its Global Threat & Spamscape Report for the first half of 2013.
---------------------------------------------
http://www.techhive.com/article/2043764/spam-blizzards-sometimes-seed-malware-appriver-study-warns.html




*** cPanel cpanellogd Two Privilege Escalation Vulnerabilities ***
---------------------------------------------
cPanel cpanellogd Two Privilege Escalation Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/53921




*** FFmpeg Multiple Vulnerabilities ***
---------------------------------------------
FFmpeg Multiple Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/54044




*** Several vulnerabilities in third party extensions ***
---------------------------------------------
Several vulnerabilities have been found in the following third-party TYPO3 extensions: accessible_is_browse_results, maag_formcaptcha, meta_feedit, rzautocomplete, sb_folderdownload, sg_zfelib, sg_zlib, tq_seo
---------------------------------------------
http://typo3.org/news/article/several-vulnerabilities-in-third-party-extensions-4/


More information about the Daily mailing list