[CERT-daily] Tageszusammenfassung - Dienstag 7-05-2013

Tue May 7 18:04:09 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 06-05-2013 18:00 − Dienstag 07-05-2013 18:00
Handler:     Stephan Richter
Co-Handler:  Robert Waldner


*** Bugtraq: ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities ***
---------------------------------------------
ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities
---------------------------------------------
http://www.securityfocus.com/archive/1/526542


*** Is there an epidemic of typo squatting?, (Tue, May 7th) ***
---------------------------------------------
One of our readers, Jim, wrote in earlier today to say he has noticed an increase in "working" typo squatting over the last 2 months or so. That is, hes seen users accidently surfing to them or being redirected there by some sort of malicious javascript trickery. His question for us (and the rest of you) is, is this a local phenomenon or are the bad guys making more use of this tactic? Im not currently setup to monitor this type of activity, so I figured Id ask our loyal readers. Do...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15740&rss


*** Security Bulletin: IBM Content Collector affected by vulnerabilities in IBM Java SDK ***
---------------------------------------------
Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with IBM Content Collector.
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg21634236


*** Security Bulletin: IBM Notes PNG integer overflow (CVE-2013-2977) ***
---------------------------------------------
IBM Notes has an integer overflow vulnerability which may be triggered by viewing a malformed PNG image.
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg21635878


*** Security Bulletin: Multiple security vulnerabilities addressed in IBM Sterling Secure Proxy ***
---------------------------------------------
IBM Sterling Secure Proxy is vulnerable to spoofing and information disclosure attacks.
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg21636369


*** MyBB Game Section Plugin "des" and "s" Cross-Site Scripting Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/53296


*** Hacker verschafften sich Zugriff auf alle .edu-Domains ***
---------------------------------------------
Die Hackergruppe "Hack The Planet" veröffentlicht Informationen zu Lücken in MoinMoin und ColdFusion, über die sie sich unter anderem Zugriff auf alle .edu-Domains, die Website des Sicherheitstools Nmap sowie andere prominente Websites verschaffte.
---------------------------------------------
http://www.heise.de/security/meldung/Hacker-verschafften-sich-Zugriff-auf-alle-edu-Domains-1857588.html


*** Wonderware Information Server Vulnerabilities ***
---------------------------------------------
This advisory provides mitigation details for multiple vulnerabilities that impact the Invensys Wonderware Information Server (WIS) software.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-13-113-01


*** Bugtraq: SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager ***
---------------------------------------------
http://www.securityfocus.com/archive/1/526552


*** Honeywords sollen Passwortdiebe in die Falle locken ***
---------------------------------------------
Zwei Krypto-Forscher schlagen vor, Datendiebe mit Köder-Passwörten zu überführen. Loggt sich jemand mit einem der sogenannten Honeywords ein, ist ziemlich sicher etwas faul.
---------------------------------------------
http://www.heise.de/security/meldung/Honeywords-sollen-Passwortdiebe-in-die-Falle-locken-1858156.html


*** nginx "ngx_http_parse_chunked()" Buffer Overflow Vulnerability ***
---------------------------------------------
nginx "ngx_http_parse_chunked()" Buffer Overflow Vulnerability
---------------------------------------------
https://secunia.com/advisories/53248


*** XSS, LFI in Cisco, Linksys E4200 Firmware ***
---------------------------------------------
Reflected XSS + LFI Bugs in the Cisco, Linksys E4200 Wireless Router Firmware Version: 1.0.05 build 7 were discovered by our Researchers in January 2013 and finally acknowledged by Linksys in April 2013. The Vendor is unable to Patch the Vulnerability in a reasonable timeframe.
---------------------------------------------
http://www.cloudscan.me/2013/05/xss-lfi-linksys-e4200-firmware-0d.html