[CERT-daily] Tageszusammenfassung - Freitag 31-10-2014

Fri Oct 31 18:10:36 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 30-10-2014 18:00 − Freitag 31-10-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Multiple vulnerabilities in Cisco products ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/: CVE-2014-3371
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3372
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3366
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3374
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3373
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3375


*** Security Advisory - Medium Severity - WP eCommerce WordPress Plugin ***
---------------------------------------------
If you're using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall (WAF), we ..
---------------------------------------------
http://blog.sucuri.net/2014/10/security-advisory-medium-severity-wp-ecommerce-wordpress-plugin.html


*** Nordex NC2 XSS Vulnerability ***
---------------------------------------------
This advisory provides mitigation details for a cross-site scripting vulnerability in the Nordex Control 2 (NC2) application.
---------------------------------------------
https://ics-cert.us-cert.gov//advisories/ICSA-14-303-01


*** Meinberg Radio Clocks LANTIME M-Series XSS ***
---------------------------------------------
This advisory provides mitigation details for vulnerabilities in the Meinberg Radio Clocks LANTIME M-Series XSS.
---------------------------------------------
https://ics-cert.us-cert.gov//advisories/ICSA-14-275-01


*** Accuenergy Acuvim II Authentication Vulnerabilities ***
---------------------------------------------
This advisory provides mitigation details for two authentication vulnerabilities within the Accuenergy AXM-NET Ethernet module's web server.
---------------------------------------------
https://ics-cert.us-cert.gov//advisories/ICSA-14-275-02


*** [2014-10-31] XXE and XSS vulnerabilities in Scalix Web Access ***
---------------------------------------------
Scalix Web Access is vulnerable to XML external entity injection (XXE) and reflected cross site scripting (XSS) attacks. An unauthenticated attacker can get read access to the filesystem of the Scalix Web Access host and thus obtain sensitive information.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141031-0_Scalix_Web_Access_XXE_v10.txt


*** Spotting Malicious Injections in Otherwise Benign Code ***
---------------------------------------------
Being able to spot suspicious code, and then determine whether it is benign or malicious is a very important skill for a security researcher. Every day we scan through megabytes of HTML, JS and PHP. It's quite easy to miss something bad, especially ..
---------------------------------------------
http://blog.sucuri.net/2014/10/spotting-malicious-injections-in-otherwise-benign-code.html


*** Setting HoneyTraps with ModSecurity: Adding Fake Cookies ***
---------------------------------------------
This blog post continues with the topic of setting "HoneyTraps" within your web applications to catch attackers. Please review the previous posts for more ..
---------------------------------------------
http://blog.spiderlabs.com/2014/10/setting-honeytraps-with-modsecurity-adding-fake-cookies.html


*** Facebook geht ins Tor-Netz ***
---------------------------------------------
Das soziale Netz will zukünftig eine Nutzung der Dienste auch über das Anonymisierungsnetz Tor möglich machen. Dafür setzt der Konzern einen eigenen Onion-Dienst im Tor-Netz auf.
---------------------------------------------
http://www.heise.de/security/meldung/Facebook-geht-ins-Tor-Netz-2440221.html


*** Schwachstellen in Samsung Knox ***
---------------------------------------------
Bei einer Analyse von der auf vielen Geräten vorinstallierten Security-App Samsung Knox Personal kamen Mängel ans Licht. Der Hersteller erklärte die App für überholt, Ersatz gibt es allerdings nur für zwei aktuelle Spitzengeräte.
---------------------------------------------
http://www.heise.de/security/meldung/Schwachstellen-in-Samsung-Knox-2440119.html


*** Google to kill off SSL 3.0 in Chrome 40 ***
---------------------------------------------
Google plans to remove support for the aging Secure Sockets Layer (SSL) version 3.0 protocol in Google Chrome 40, which is expected to ship in about two months.The decision comes after Google security researchers recently discovered a dangerous design flaw in SSL 3.0. Dubbed "POODLE," the vulnerability ..
---------------------------------------------
http://www.csoonline.com/article/2841837/application-security/google-to-kill-off-ssl-30-in-chrome-40.html