[CERT-daily] Tageszusammenfassung - Dienstag 15-10-2013

Tue Oct 15 18:04:34 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 14-10-2013 18:00 − Dienstag 15-10-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Robert Waldner

*** Fingerprinting Ubuntu OS Versions using OpenSSH ***
---------------------------------------------
Over the past couples weeks, I’ve been working on enhancing the operating system detection logic in the TrustKeeper Scan Engine.  Having the capability to detect a target’s operating system can be very useful. Whether you’re performing a simple asset identification scan or doing an in depth review, this information helps you make more informed decisions. In this blog post, I’ll be talking about a technique that that you can use to fingerprint a server operating system
---------------------------------------------
http://feedproxy.google.com/~r/SpiderlabsAnterior/~3/e7s2jWmx7bU/fingerprinting-ubuntu-os-versions-using-openssh.html


*** October 2013 Security Bulletin Webcast, Q&A, and Slide Deck ***
---------------------------------------------
Today we’re publishing the October 2013 Security Bulletin Webcast Questions & Answers page. We fielded 11 questions during the webcast, with specific bulletin questions focusing primarily on the SharePoint (MS13-084) and Kernel-Mode Drivers (MS13-081) bulletins. There was one additional question that we were unable to answer on air, and we have included a response to that question on the Q&A page. We invite our customers to join us for the next public webcast on Wednesday,
---------------------------------------------
http://blogs.technet.com/b/msrc/archive/2013/10/14/october-2013-security-bulletin-webcast-q-amp-a-and-slide-deck.aspx


*** Vuln: osCommerce products_id Parameter HTML Injection Vulnerability ***
---------------------------------------------
osCommerce is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input.
Hostile HTML and script code may be injected into vulnerable sections of the application. When an unsuspecting user visits the affected site and views the affected section, the attacker-supplied code is rendered in the user's browser in the context of that site.
osCommerce 2.3.3 is vulnerable. Other versions may also be affected. 
---------------------------------------------
http://www.securityfocus.com/bid/62997


*** Insecurities in the Linux /dev/random ***
---------------------------------------------
New paper: "Security Analysis of Pseudo-Random Number Generators with Input: /dev/random is not Robust, by Yevgeniy Dodis, David Pointcheval, Sylvain Ruhault, Damien Vergnaud, and Daniel Wichs. Abstract: A pseudo-random number generator (PRNG) is a deterministic algorithm that produces numbers whose distribution is indistinguishable from uniform. A formal security model for PRNGs with input was proposed in 2005 by Barak and...
---------------------------------------------
https://www.schneier.com/blog/archives/2013/10/insecurities_in.html


*** Thousands of Sites Hacked Via vBulletin Hole ***
---------------------------------------------
Attackers appear to have compromised tens of thousands of Web sites using a security weakness in sites powered by the forum software vBulletin, security experts warn.
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/Mc94cSf4_Mc/


*** Juniper Junos SRX Series Gateway Buffer Overflow in Telnet Firewall Lets Remote Users Execute Arbitrary Code ***
---------------------------------------------
Juniper Junos SRX Series Gateway Buffer Overflow in Telnet Firewall Lets Remote Users Execute Arbitrary Code
---------------------------------------------
http://www.securitytracker.com/id/1029175


*** Sensoren verraten Identität des Smartphones ***
---------------------------------------------
Die Messwerte eines Smartphones können den Benutzer wie ein digitaler Fingerabdruck verraten. Das haben Forscher der US-Universität Stanford nachgewiesen.
---------------------------------------------
http://futurezone.at/digital-life/sensoren-verraten-identitaet-des-smartphones/31.072.647


*** Steam-Client verhilft Angreifern zu Systemrechten ***
---------------------------------------------
Die Windows-Version der Spieleplattform Steam enthält eine Schwachstelle, die es einem Angreifer ermöglicht, Schadcode mit Systemrechten auszuführen. Valve schweigt zu der Lücke.
---------------------------------------------
http://www.heise.de/security/meldung/Steam-Client-verhilft-Angreifern-zu-Systemrechten-1979143.html


*** We scanned the Internet for port 22 ***
---------------------------------------------
We scanned the entire Internet for port 22 - the port reserved for SSH, the protocol used by sysadmins to remotely log into machines. Unlike our normal scans of port 80 or 443, this generated a lot more abuse complaints, so I thought Id explain the scan.
---------------------------------------------
http://blog.erratasec.com/2013/09/we-scanned-internet-for-port-22.html


*** Blog: Pharmaceutical ‘phishing’ ***
---------------------------------------------
Adverts for medication to improve male sex drive are a staple of spam mailings. Like any other unsolicited messages, emails of this nature have evolved with time and today’s versions no longer merely contain promises of enahnced potency and a link to a site selling pills. In August and September we noted a series of mailings that used the names of well-known companies, that looked just like typical phishing messages. However, instead of a phishing site the links they contained led to an advert for “male medication”. 
---------------------------------------------
http://www.securelist.com/en/blog/8135/Pharmaceutical_phishing


*** Cisco Video Surveillance 4000 Series IP Camera Analytics Page Hardcoded Credentials Security Issue ***
---------------------------------------------
A security issue has been reported in Cisco Video Surveillance 4000 Series IP Camera, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to the device allowing access to the analytics page using hardcoded credentials, which can be exploited to gain access to an otherwise restricted video feed.
The security issue is reported in versions 2.4(0.1) and 3.1(0.52).
---------------------------------------------
https://secunia.com/advisories/55283


*** [2013-10-15] Multiple critical vulnerabilities in SpamTitan ***
---------------------------------------------
SpamTitan suffers from multiple critical vulnerabilities. Unauthenticated attackers are able to completely compromise the system and extract or manipulate database contents.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20131015-0_SpamTitan_multiple_vulnerabilities_v10.txt


*** WordPress security threats, protection tips and tricks ***
---------------------------------------------
To start off with, there are some things that you can do just once to improve the security of your WordPress blog or website, but you still have to always follow a number of rules while using WordPress. By following such rules you will be safe from most of the automated targeted WordPress attacks which typically spread like wild fires ...
---------------------------------------------
http://www.net-security.org/article.php?id=1895


*** D-link to Padlock Router Backdoor By Halloween ***
---------------------------------------------
D-Link will address by the end of October a security issue in some of its routers that could allow attackers to change the device settings without requiring a username and password.The issue consists of a backdoor-type function built into the firmware of some D-Link routers that can be used to bypass the normal authentication procedure on their Web-based user interfaces.
---------------------------------------------
http://www.cio.com/article/741414/D_link_to_Padlock_Router_Backdoor_By_Halloween?taxonomyId=3089