[CERT-daily] Tageszusammenfassung - Freitag 13-09-2013

Fri Sep 13 18:25:00 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 12-09-2013 18:00 − Freitag 13-09-2013 18:00
Handler:     Robert Waldner
Co-Handler:  n/a


*** Symantec to start revoking customers SSL certificates by October 1 ***
---------------------------------------------
... Symantec will revoke SSL certificates that are using something other than 2048-bit keys.
The security giant is making this move as a preemptive measure against the pending December 31 deadline imposed by the Certification Authority/Browser (CA/B) Forum and the National Institute of Standards and Technology (NIST) for Certificate Authorities to halt the issue of 1024-bit certificates.
---------------------------------------------
http://www.csoonline.com/article/739590/symantec-to-start-revoking-customer-s-ssl-certificates-by-october-1?source=rss_application_security


*** Verdacht auf Zero-Day-Lücke in OpenX und Revive ***
---------------------------------------------
Wie heise berichtet, gibt es aktuell einen Verdacht auf eine Zero-Day-Lücke in der Ad-Server-Software OpenX (und dem Fork Revive). Diese wird angeblich auch bereits aktiv ausgenützt. Wir können das mangels Detailwissen nicht nachvollziehen, und haben bisher auch keine anderen Meldungen über aktive Ausnutzung dieser Lücke gehört.
---------------------------------------------
http://www.cert.at/services/blog/20130912163815-950.html


*** Debian update for mediawiki ***
---------------------------------------------
Debian has issued an update for mediawiki. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information.
---------------------------------------------
https://secunia.com/advisories/54787


*** Apple veröffentlicht OS X 10.8.5 ***
---------------------------------------------
Die jüngste Mountain-Lion-Version soll unter anderem Probleme bei Apple Mail und Dateitransfers über 802.11ac lösen. Außerdem wurden Sicherheitsupdates für Lion und Snow Leopard veröffentlicht.
---------------------------------------------
http://www.heise.de/security/meldung/Apple-veroeffentlicht-OS-X-10-8-5-1955905.html


*** WordPress Multiple Vulnerabilities ***
---------------------------------------------
A weakness, a security issue, and a vulnerability have been reported in WordPress, which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system and by malicious people to conduct spoofing attacks.
---------------------------------------------
https://secunia.com/advisories/54803


*** IBM WebSphere Message Broker Information Center Multiple Vulnerabilities ***
---------------------------------------------
A security issue and a vulnerability have been reported in IBM WebSphere Message Broker, which can be exploited by malicious people to disclose certain sensitive information and conduct cross-site scripting attacks.
---------------------------------------------
https://secunia.com/advisories/54835


*** Stealthy Dopant-Level Hardware Trojans ***
---------------------------------------------
DoctorBit writes "A team of researchers funded in part by the NSF has just published a paper in which they demonstrate a way to introduce hardware Trojans into a chip by altering only the dopant masks of a few of the chips transistors. From the paper: Instead of adding additional circuitry to the target design, we insert our hardware Trojans by changing the dopant polarity of existing transistors. Since the modified circuit appears legitimate on all wiring layers (including all metal and
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/wd-ZoysTfmA/story01.htm


*** Cisco Unified MeetingPlace Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
A vulnerability has been reported in Cisco Unified MeetingPlace, which can be exploited by malicious people to conduct cross-site request forgery attacks.
---------------------------------------------
https://secunia.com/advisories/54768


*** Security Bulletin: Vulnerability in IBM Analytical Decision Management (CVE-2013-4047, CVE-2013-4048, CVE-2013-4049 & CVE-2013-5369) ***
---------------------------------------------
Vulnerabilities have been identified in IBM Analytical Decision Management which make the product vulnerable to attacks using script injection and remote code execution.
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg21648929


*** Rootkit Cafe ***
---------------------------------------------
Have you ever wondered about the ads you might have seen being shown on the desktop or in the browser during web browsing sessions at Internet cafes? One of our Analysts, Wayne, certainly did.He recently analyzed a sample (SHA1: c8c643df81df5f60d5cd8cf46cb3902c5f630e96) that gave him an interesting answer. The sample was a rootkit named in its code as LanEx, though we detect it as Rootkit:W32/Sfuzuan.A:Wayne traced the sample back to an advertising company in China called 58wangwei that runs an
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002607.html


*** D-Link DIR-505 Wireless Router Security Bypass Security Issue ***
---------------------------------------------
Alessandro Di Pinto has reported a security issue in D-Link DIR-505 Wireless Router, which can be exploited by malicious people to bypass certain security restrictions.
---------------------------------------------
https://secunia.com/advisories/54752


*** Server Security Scan for WordPress ***
---------------------------------------------
Server Security Scan checks WordPress installations for unsafe PHP settings and functions, write permissions of directories, errors and error levels, and the presence of security modules. It's worth noting that the tool doesn't fix any of the found issues.
---------------------------------------------
http://news.softpedia.com/news/Security-App-of-the-Week-Server-Security-Scan-for-WordPress-382348.shtml