[CERT-daily] Tageszusammenfassung - Donnerstag 6-03-2014

Thu Mar 6 18:25:46 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 05-03-2014 18:00 − Donnerstag 06-03-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Stephan Richter


*** Apple OpenSSL Verification Surprises ***
---------------------------------------------
Apple ships a patched version of OpenSSL with OS X. If no precautions are taken, their changes rob you of the power to choose your trusted CAs, and break the semantics of a callback that can be used for custom checks and verifications in client software.
---------------------------------------------
https://hynek.me/articles/apple-openssl-verification-surprises/


*** Sefnit's Tor botnet C&C details ***
---------------------------------------------
We have talked about the impact that resulted from the Sefnit botnet Tor hazard as well as the clean-up effort that went into that threat. In this post we'd like to introduce some of the details regarding the Tor component's configuration and its communication with the Tor service. Specifically, we'll talk about how Trojan:Win32/Sefnit.AT communicates with the Tor network, what domains it tries to contact, and where it keeps its configuration data. After Sefnit...
---------------------------------------------
https://blogs.technet.com/b/mmpc/archive/2014/03/05/sefnit-s-tor-botnet-c-amp-c-details.aspx


*** Cisco-Router mit Passwörtern im Quellcode des Web-Interfaces ***
---------------------------------------------
In zwei Routern und einer Firewall von Cisco klafft eine Sicherheitslücke, die es Angreifern erlaubt, sich mit Administratorrechnern anzumelden. Die Geräte geben die Passwörter im Quelltext des Anmeldefensters preis.
---------------------------------------------
http://www.heise.de/security/meldung/Cisco-Router-mit-Passwoertern-im-Quellcode-des-Web-Interfaces-2136212.html


*** Akute Angriffsserie auf D-Link-Modems ***
---------------------------------------------
Tausende Internetanschlüsse sind aufgrund einer Sicherheitslücke in DSL-Modems von D-Link akut gefährdet - allein in Deutschland. Die Schwachstelle wird bereits systematisch für Angriffe missbraucht. Wer betroffene Geräte betreibt, muss umgehend handeln.
---------------------------------------------
http://www.heise.de/security/meldung/Akute-Angriffsserie-auf-D-Link-Modems-2135158.html


*** Joomla! Core - Multiple Vulnerabilities ***
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/xcttKR2_t_4/578-20140301-core-sql-injection.html
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/-FMP5B4UydI/579-20140302-core-xss-vulnerability.html
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/3SC6NBuk13g/580-20140303-core-xss-vulnerability.html
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/oiSyKvvYgXA/581-20140304-core-unauthorised-logins.html


*** SA-CONTRIB-2014-028 - Masquerade - Access bypass ***
---------------------------------------------
Advisory ID: DRUPAL-SA-CONTRIB-2014-028Project: Masquerade (third-party module)Version: 6.x, 7.xDate: 2014-March-05Security risk: Highly criticalExploitable from: RemoteVulnerability: Access bypassDescriptionThis module allows a user with the right permissions to switch users. When a user has been limited to only masquerading as certain users via the "Enter the users this user is able to masquerade as" user profile field, they can still masquerade as any user on the site by using the...
---------------------------------------------
https://drupal.org/node/2211401


*** Security Bulletins: Citrix NetScaler Application Delivery Controller Multiple Security Vulnerabilities ***
---------------------------------------------
A number of security vulnerabilities have been identified in Citrix NetScaler Application Delivery Controller (ADC). 
---------------------------------------------
http://support.citrix.com/article/CTX139049


*** HP Data Protector Backup Client Service Remote Code Execution ***
---------------------------------------------
Topic: HP Data Protector Backup Client Service Remote Code Execution Risk: High Text:## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-fr...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014030052


*** PHP date() is evil (XSS'able) ***
---------------------------------------------
Topic: PHP date() is evil (XSS'able) Risk: Low Text:I was playing with PHP (As usual) and i was thinking about date() It's a PHP function that displays date in different ...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014030046