[CERT-daily] Tageszusammenfassung - Freitag 7-06-2013

Fri Jun 7 18:15:10 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 06-06-2013 18:00 − Freitag 07-06-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Advanced Notification Service for the June 2013 Security Bulletin Release ***
---------------------------------------------
Today we're providing Advance Notification of five bulletins for release on Tuesday, June 11, 2013. This release brings one Critical- and four Important-class bulletins. The Critical-rated bulletin addresses issues in Internet Explorer, and the Important-rated bulletins address issues in Microsoft Windows and Office. We will publish the bulletins on the second Tuesday of the month, at approximately 10 a.m. PT. Please revisit this blog at that time for our official risk and impact...
---------------------------------------------
http://blogs.technet.com/b/msrc/archive/2013/06/06/advanced-notification-service-for-the-june-2013-security-bulletin-release.aspx


*** Plesk 0-day: Real or not?, (Fri, Jun 7th) ***
---------------------------------------------
Yesterday, a poster to the full disclosure mailing list described a possible new 0-day vulnerability against Plesk. Contributing to the vulnerability is a very odd configuration choice to expose "/usr/bin" via a ScriptAlias, making executables inside the directory reachable via URLs.  The big question that hasnt been answered so far is how common this configuration choice is. Appaerently, some versions of Plesk on CentOS 5 are configured this way, but not necessarily exploitable. The...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15950&rss


*** 100% Compliant (for 65% of the systems), (Fri, Jun 7th) ***
---------------------------------------------
At a community college where Im helping out whenever they panic on security issues, I recently was confronted with the odd reality of a lingering malware infection on their network, even though they had deployed a custom anti-virus (AV) pattern ("extra.dat") to eradicate the problem. Of course, these days, reliance on anti-virus is somewhat moot to begin with, our recent tally of fresh samples submitted to VirusTotal had AV lagging behind about 8 days or so. If you caught a keylogger...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15959&rss


*** PHP "php_quot_print_encode()" Buffer Overflow Vulnerability ***
---------------------------------------------
A vulnerability has been reported in PHP, which can be exploited by malicious people to compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/53736


*** Vuln: Drupal Services Module Cross Site Request Forgery Vulnerability ***
---------------------------------------------
The Services module for Drupal is prone to a cross-site request-forgery vulnerability. 
---------------------------------------------
http://www.securityfocus.com/bid/60356