[CERT-daily] Tageszusammenfassung - Freitag 6-06-2014

Fri Jun 6 18:06:11 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 05-06-2014 18:00 − Freitag 06-06-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Hunderttausende Server über Fernwartungsprotokolle angreifbar ***
---------------------------------------------
Das Fernwartungsprotokoll IPMI, mit dem Server über die Firmware des Motherboards gewartet werden können, hat gravierende Sicherheitslücken. Forscher haben bei einem Scan des Internets haufenweise Server gefunden, die angreifbar sind.
---------------------------------------------
http://www.heise.de/security/meldung/Hunderttausende-Server-ueber-Fernwartungsprotokolle-angreifbar-2216899.html


*** Microsoft Security Bulletin Advance Notification for June 2014 - Version: 1.0 ***
---------------------------------------------
https://technet.microsoft.com/en-us/library/security/MS14-JUN


*** Microsoft to Patch Critical Internet Explorer Zero-Day Vulnerability Next Tuesday ***
---------------------------------------------
Today Microsoft has released its Advance Notification for the month of June 2014 Patch Tuesday releasing seven security Bulletins, which will address several vulnerabilities in its products, out of which two are marked critical and rest are important in severity. This Tuesday, Microsoft will issue Security Updates to ..
---------------------------------------------
http://thehackernews.com/2014/06/microsoft-to-patch-critical-internet.html


*** Linux Kernel futex privilege escalation ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/93593


*** Linux: Kernel-Bug erlaubt Sandbox-Ausbrüche ***
---------------------------------------------
Ein Fehler im Futex-Code von Linux erlaubt Nutzern vollen Zugriff auf den Kernel. Damit liesse sich etwa aus der Chrome-Sandbox ausbrechen. Patches sind bereits verfügbar.
---------------------------------------------
http://www.golem.de/news/linux-kernel-bug-erlaubt-sandbox-ausbrueche-1406-107021-rss.html


*** Bugtraq: ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/archive/1/532311


*** Hacking Apple ID? ***
---------------------------------------------
The many announcements at Apple's 2014 Worldwide Developers Conference (WWDC) this week was welcome news to the throngs of Apple developers and enthusiasts. It was also welcome news for another group of people with less than clean motives: cybercriminals. Last week we got a concrete example of how some ..
---------------------------------------------
blog.trendmicro.com/trendlabs-security-intelligence/hacking-apple-id/


*** Daktronics Vanguard Hardcoded Credentials (Update A) ***
---------------------------------------------
http://ics-cert.us-cert.gov//alerts/ICS-ALERT-14-155-01A


*** Noch mehr Herzbluten bei OpenSSL ***
---------------------------------------------
Der Verursacher der Heartbleed-Lücke hat weiteren Code zum Open-Source-Projekt beigetragen. Und auch der hat offensichtliche Sicherheitslücken.
---------------------------------------------
http://www.heise.de/security/meldung/Noch-mehr-Herzbluten-bei-OpenSSL-2217286.html


*** Phish or legit - Can you tell the difference? ***
---------------------------------------------
I recently received two emails, sent to two different addresses and both from different senders. The first email was allegedly from Apple and was sent to my work account. The second email was allegedly from the Bank of Montreal (BMO) and was sent to my personal account. Both were unsolicited and were asking me to click on links contained in the body of the email.
---------------------------------------------
http://nakedsecurity.sophos.com/2014/06/06/phish-or-legit-can-you-tell-the-difference/


*** Web-Browser: Neues History-Leck schwer zu stopfen ***
---------------------------------------------
Eine Javascript-Funktion erlaubt es indirekt, die Ladezeiten einer Webseite zu messen. Damit lässt sich herausfinden, ob ein Besucher bestimmte Links schon einmal aufgerufen hat.
---------------------------------------------
http://www.heise.de/security/meldung/Web-Browser-Neues-History-Leck-schwer-zu-stopfen-2217402.html


*** [2014-06-06] Multiple critical vulnerabilities in WebTitan ***
---------------------------------------------
Multiple critical security vulnerabilities have been identified in the WebTitan web filtering solution. Exploiting these vulnerabilities potential attackers could take control over the entire appliance.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140606-0_WebTitan_Multiple_Vulnerabilities_v10.txt