[CERT-daily] Tageszusammenfassung - Donnerstag 18-07-2013

Thu Jul 18 18:10:59 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 17-07-2013 18:00 − Donnerstag 18-07-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Multiple Vulnerabilities in Cisco Unified Communications Manager ***
---------------------------------------------
Cisco Unified Communications Manager (Unified CM) contains multiple vulnerabilities that could be used together to allow an unauthenticated, remote attacker to gather user credentials, escalate privileges, and execute commands to gain full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify information in Cisco Unified CM.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm


*** Multiple Vulnerabilities in Cisco Intrusion Prevention System Software ***
---------------------------------------------
Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability
Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability
Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability
Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips


*** On "FBI" "Ransomware" and Macs ***
---------------------------------------------
On Monday, Malwarebytes researcher Jerome Segura posted a nice write up (and video) about FBI themed ransom scams targeting users of Apple Mac OS X.The basics are as such: • Segura discovered the scam via a Bing Images search for Taylor Swift. • A compromised site hosting the image linked to a webpage mimicking police ransomware. • Only it isnt really "ware" in the normal sense of a ransomware trojan. • The scam uses clever persistent JavaScript in its attempt to...
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002577.html


*** New commercially available Web-based WordPress/Joomla brute-forcing tool spotted in the wild ***
---------------------------------------------
By Dancho Danchev Thanks to the fact that users not only continue to use weak passwords, but also, re-use them across multiple Web properties, brute-forcing continues to be an effective tactic in the arsenal of every cybercriminal. With more malicious underground market releases continuing to utilize this technique in an attempt to empower potential cybercriminals with […]
---------------------------------------------
http://blog.webroot.com/2013/07/17/new-commercially-available-web-based-wordpressjoomla-brute-forcing-tool-spotted-in-the-wild/


*** ePhoto Transfer v1.2.1 iOS Multiple Web Vulnerabilities ***
---------------------------------------------
Topic: ePhoto Transfer v1.2.1 iOS Multiple Web Vulnerabilities Risk: Medium Text:Title: ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities Date: == 2013-07-17 References: == http...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070132


*** Flux Player v3.1.0 iOS File Include & Arbitrary File Upload Vulnerability ***
---------------------------------------------
Topic: Flux Player v3.1.0 iOS File Include & Arbitrary File Upload Vulnerability Risk: High Text:Title: Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Date: == 2013-07-16 Refere...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070136


*** HPSBST02896 rev.2 - HP StoreVirtual Storage, Remote Unauthorized Access ***
---------------------------------------------
A potential security vulnerability has been identified with the HP StoreVirtual Storage. This vulnerability could be remotely exploited to gain unauthorized access to the device.
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03825537


*** BlackBerry späht Mail-Login aus ***
---------------------------------------------
Wer auf einem aktuellen BlackBerry seinen Mail-Account konfiguriert hat, sollte besser sein Passwort ändern. Die dort eingegebenen Zugangsdaten kennt nämlich auch der Hersteller.
---------------------------------------------
http://www.heise.de/security/meldung/BlackBerry-spaeht-Mail-Login-aus-1919718.html


*** Autodesk Multiple Products DWG Processing Code Execution Vulnerability ***
---------------------------------------------
A vulnerability has been reported in multiple Autodesk products, which can be exploited by malicious people to compromise a user's system.
---------------------------------------------
https://secunia.com/advisories/54198


*** Hackers crippled OVER HALF of worlds financial exchanges - report ***
---------------------------------------------
Repeated assaults leave bankers in quivering heaps Half of all the worlds critical financial exchanges have suffered cyber attacks in the past year, a report has found...
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/07/18/half_of_all_financial_exchanges_hit_by_cyber_attacks/


*** IBM API Management Security Bulletin: security vulnerability in IBM API Management V2.0 ***
---------------------------------------------
There is an unspecified security vulnerability in IBM API Management which may allow an unauthorized user to gain access to the system.
---------------------------------------------
https://www-304.ibm.com/support/docview.wss?uid=swg21643847


*** RuggedCom Rugged Operating System Multiple Vulnerabilities ***
---------------------------------------------
RuggedCom has acknowledged multiple vulnerabilities in Rugged Operating System, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/54223


*** Joomla! Googlemaps Plugin "url" Cross-Site Scripting Vulnerability ***
---------------------------------------------
MustLive has discovered a vulnerability in the Googlemaps plugin for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.
---------------------------------------------
https://secunia.com/advisories/54055


*** Drupal Hostmaster (Aegir) Module Security Bypass Security Issue ***
---------------------------------------------
A security issue has been reported in the Hostmaster (Aegir) module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
---------------------------------------------
https://secunia.com/advisories/54136


*** Cisco 9900 Series Phone Arbitrary File Download Vulnerability ***
---------------------------------------------
A vulnerability in the Serviceability servlet of fourth-generation Cisco IP phones could allow an unauthenticated, remote attacker to download arbitrary files from the phones file system.
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=30110