[CERT-daily] Tageszusammenfassung - Mittwoch 22-01-2014

Daily end-of-shift report team at cert.at
Wed Jan 22 18:05:43 CET 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 21-01-2014 18:00 − Mittwoch 22-01-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner

*** [2014-01-22] Backdoor account & command injection vulnerabilities in Allnet IP-Cam ALL2281 ***
---------------------------------------------
The IP camera Allnet ALL2281 is affected by critical vulnerabilities that allow an attacker to gain access to the webinterface via a backdoor account. Furthermore, executing arbitrary OS commands is possible.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140122-1_Allnet_IP-Cam_ALL2281_Backdoors_and_OS_command_execution_v10.txt





*** Feodo Tracker kämpft gegen Rechnungs-Spam ***
---------------------------------------------
Das Feodo-Botnet beschert Deutschland aktuell massenhaft Viren-Spam – vermeintlich im Namen bekannter Mobilfunkprovider und Banken. Der Feodo-Tracker sammelt Indizien, um das Spam-Netzwerk zu bremsen.
---------------------------------------------
http://www.heise.de/security/meldung/Feodo-Tracker-kaempft-gegen-Rechnungs-Spam-2092934.html




*** Security Bulletins: Citrix XenServer Multiple Security Updates ***
---------------------------------------------
A number of security vulnerabilities have been identified in Citrix XenServer. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.2 Service Pack 1.
The following vulnerabilities have been addressed: CVE-2013-4494, CVE-2013-4554, CVE-2013-6885
---------------------------------------------
http://support.citrix.com/article/CTX140038




*** Security Bulletins: Citrix XenClient XT Multiple Security Updates ***
---------------------------------------------
A number of security vulnerabilities have been identified in Citrix XenClient XT. These vulnerabilities affect all currently supported versions of Citrix XenClient XT up to and including version 3.2.
The following vulnerabilities have been addressed: CVE-2013-4355, CVE-2013-4370, CVE-2013-4416, CVE-2013-4494, CVE-2013-4554
---------------------------------------------
http://support.citrix.com/article/CTX139624




*** SSL Labs: Stricter security requirements for 2014 ***
---------------------------------------------
Today, were releasing a new version of SSL Rating Guide as well as a new version of SSL Test to go with it. Because the SSL/TLS and PKI ecosystem continues to move at a fast pace, we have to periodically evaluate our rating criteria to keep up.
---------------------------------------------
http://blog.ivanristic.com/2014/01/ssl-labs-stricter-security-requirements-for-2014.html




*** [2014-01-22] Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12) ***
---------------------------------------------
Attackers are able to completely compromise the T-Mobile Austria HOME NET router (based on Huawei B593u-12) without prior authentication. Depending on the configuration of the router it is also possible to exploit the flaws directly from the Internet.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140122-0_T-Mobile_HOMENET_LTE_Huawei_B593_Router_critical_vulnerabilities_wo_poc_v10.txt




*** Digitally signed data-stealing malware targets Mac users in "undelivered courier item" attack ***
---------------------------------------------
Our colleagues at SophosLabs pointed us at a interesting item of malware the other day, namely a data-stealing Trojan aimed at Mac users. In fact, it was somewhat more than that: it was one of those "undelivered courier item" emails linking to a dodgy web server that guessed whether you were running Windows or OS X, and targeted you accordingly.
---------------------------------------------
http://nakedsecurity.sophos.com/2014/01/21/data-stealing-malware-targets-mac-users-in-undelivered-courier-item-attack/




*** Cisco TelePresence System Software Command Execution Vulnerability ***
---------------------------------------------
Cisco TelePresence System Software contains a vulnerability in the System Status Collection Daemon (SSCD) code that could allow an unauthenticated, adjacent attacker to execute arbitrary commands with the privileges of the root user.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts




*** Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability ***
---------------------------------------------
Cisco TelePresence Video Communication Server (VCS) contains a vulnerability that could allow an unauthenticated, remote attacker to trigger the failure of several critical processes which may cause active call to be dropped and prevent users from making new calls until the affected system is reloaded.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs




*** Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability ***
---------------------------------------------
Cisco TelePresence ISDN Gateway contains a vulnerability that could allow an unauthenticated, remote attacker to trigger the drop of the data channel (D-channel), causing all calls to be terminated and preventing users from making new calls.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-isdngw











More information about the Daily mailing list