[CERT-daily] Tageszusammenfassung - Mittwoch 26-02-2014

Wed Feb 26 18:07:07 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 25-02-2014 18:00 − Mittwoch 26-02-2014 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Chameleon: Forschungsvirus verbreitet sich von WLAN zu WLAN ***
---------------------------------------------
Britische Wissenschaftler haben unter dem Namen "Chameleon" einen vollständigen Router-Wurm geschaffen, der das Internet nicht braucht. Die Malware kopiert sich von einem Router zum anderen per WLAN und kann sich so epidemieartig ausbreiten. Aber auch Wege zur Abwehr solcher Gefahren sind absehbar. (WLAN, Virus)
---------------------------------------------
http://www.golem.de/news/chameleon-forschungs-virus-verbreitet-sich-von-wlan-zu-wlan-1402-104804-rss.html


*** DDoSing a Cell Phone Network ***
---------------------------------------------
Interesting research: Abstract: The HLR/AuC is considered to be one of the most important network elements of a 3G network. It can serve up to five million subscribers and at least one transaction with HLR/AuC is required for every single phone call or data session. This paper presents experimental results and observations that can be exploited to perform a novel...
---------------------------------------------
https://www.schneier.com/blog/archives/2014/02/ddosing_a_cell.html


*** IE Zero-day Exploit Being Used in Widespread Attacks ***
---------------------------------------------
The number of attacks exploiting a yet-to-be-patched vulnerability in Internet Explorer has increased dramatically over the past few days, indicating the exploit is no longer used just in targeted attacks against particular groups of people.
---------------------------------------------
http://www.cio.com/article/748778/IE_Zero_day_Exploit_Being_Used_in_Widespread_Attacks


*** QuickTime 7.7.5 für Windows behebt diverse Sicherheitslücken ***
---------------------------------------------
Apples Multimediaumgebung enthält unter Windows eine ganze Reihe von sicherheitsrelevanten Bugs. Version 7.7.5 soll sie beheben - ein schnelles Update ist angeraten.
---------------------------------------------
http://www.heise.de/security/meldung/QuickTime-7-7-5-fuer-Windows-behebt-diverse-Sicherheitsluecken-2124553.html


*** Announcing EMET 5.0 Technical Preview ***
---------------------------------------------
Today, we are thrilled to announce a preview release of the next version of the Enhanced Mitigation Experience Toolkit, better known as EMET. You can download EMET 5.0 Technical Preview here. This Technical Preview introduces new features and enhancements that we expect to be key components of the final EMET 5.0 release. We are releasing this technical preview to gather customer feedback about the new features and enhancements. Your feedback will affect the final EMET 5.0 technical
---------------------------------------------
https://blogs.technet.com/b/srd/archive/2014/02/25/announcing-emet-5-0-technical-preview.aspx


*** VU#684412: libpng denial-of-service vulnerability ***
---------------------------------------------
Vulnerability Note VU#684412 libpng denial-of-service vulnerability Original Release date: 25 Feb 2014 | Last revised: 25 Feb 2014   Overview libpng versions 1.6.0 through 1.6.9 contain a denial-of-service vulnerability.  Description CWE-835: Loop with Unreachable Exit Condition (Infinite Loop) - CVE-2014-0333Glenn Randers Pehrson of the PNG Development Group reports:The progressive decoder in libpng16 enters an infinite loop, thus hanging the application, when it encounters a zero-length IDAT...
---------------------------------------------
http://www.kb.cert.org/vuls/id/684412


*** Schneider Electric SCADA Products Exception Handler Vulnerability ***
---------------------------------------------
Researcher Carsten Eiram of Risk Based Security has identified an exception handling vulnerability in Schneider Electric’s CitectSCADA application. The original vulnerability reported by Mr. Eiram had already been fixed in CitectSCADA v7.20SP2. While investigating this vulnerability report, Schneider Electric discovered additional related vulnerabilities and has produced a patch that mitigates them in SCADA Expert Vijeo Citect, CitectSCADA, and PowerSCADA Expert.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01


*** IBM AIX OpenSSL Multiple Denial of Service Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/57041


*** Python Buffer Overflow in socket.recvfrom_into() Lets Remote Users Execute Arbitrary Code ***
---------------------------------------------
http://www.securitytracker.com/id/1029831


*** Cisco Unified Communications Manager CAPF Unauthenticated Device Information Update Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0743


*** Cisco Unified Communications Manager OS Administration CSRF Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0740


*** Cisco Unified Contact Center Express CCMConfig Sensitive Information Disclosure Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2102


*** Cisco Unified Contact Center Express Serviceability Page CSRF Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0745