[CERT-daily] Tageszusammenfassung - Donnerstag 25-09-2014

Thu Sep 25 18:20:54 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 24-09-2014 18:00 − Donnerstag 25-09-2014 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Shellshock Bash Vulnerability ***
---------------------------------------------
Current event - 1.0 of post This is a current event and as such this blog post is subject to change over the course of the next few days as we perform further supplementary research and analysis by NCC Group's Cyber Defence Operations and Security Consulting divisions. v1.0 - initial version Background Yesterday (24 September) CVE-2014-6271 was released with a corresponding patch for Bash (a common Linux shell). The risk arises from this vulnerability because of certain use cases. The use...
---------------------------------------------
https://www.nccgroup.com/en/blog/2014/09/shellshock-bash-vulnerability/


*** Update on CVE-2014-6271: Vulnerability in bash (shellshock), (Thu, Sep 25th) ***
---------------------------------------------
(this diary will be updated with links to relevant resources shortly) Yesterday, a vulnerability in bash was announced, that was originally found by,Stephane Schazelas. The vulnerability allows for arbitrary code execution in,bash by setting specific environment variables. Later, Travis Ormandy released,a second exploit that will work on patched systems, demonstration that the,patch released yesterday is incomplete. What is the impact of the vulnerability? At first, the vulnerability doesnt...
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=18707&rss


*** Bash-Lücke: ShellShock ist noch nicht ausgestanden ***
---------------------------------------------
Die Sicherheitslücke in der Linux-Shell Bash, die nun unter dem Namen "ShellShock" firmiert, wird bereits als der schlimmere Bruder von Heartbleed bezeichnet. Sicher ist, dass der am Mittwoch ausgelieferte Patch weitere Lücken enthält.
---------------------------------------------
http://www.heise.de/security/meldung/Bash-Luecke-ShellShock-ist-noch-nicht-ausgestanden-2403607.html


*** "Bash" (CVE-2014-6271) vulnerability - Q&A ***
---------------------------------------------
The "bash" vulnerability is an extremely powerful vulnerability due to its high impact and the ease with which it can be exploited.
---------------------------------------------
https://securelist.com/blog/research/66673/bash-cve-2014-6271-vulnerability-qa-2/


*** Bug in Bash shell creates big security hole on anything with *nix in it [Updated] ***
---------------------------------------------
Could allow attackers to execute code on Linux, Unix, and Mac OS X.
---------------------------------------------
http://feeds.arstechnica.com/~r/arstechnica/security/~3/94xcSgjPriY/


*** Bash Exploit Reported, First Round of Patches Incomplete ***
---------------------------------------------
Reports of the first in-the-wild exploits targeting the Bash vulnerability have surfaced, as have complaints the first patches for the bug are incomplete.
---------------------------------------------
http://threatpost.com/bash-exploit-reported-first-round-of-patches-incomplete/108550


*** RSA-Signaturen: Acht Jahre alte Sicherheitslücke kehrt zurück ***
---------------------------------------------
In der NSS-Bibliothek ist eine Sicherheitslücke entdeckt worden, mit der sich RSA-Signaturen fälschen lassen. Betroffen sind die Browser Chrome und Firefox, für die bereits Updates erschienen sind. Es handelt sich um eine Variante der Bleichenbacher-Attacke von 2006.
---------------------------------------------
http://www.golem.de/news/rsa-signaturen-acht-jahre-alte-sicherheitsluecke-kehrt-zurueck-1409-109453-rss.html


*** iOS-Sicherheitslücke ermöglicht Keylogging in Apps mit integriertem Browser ***
---------------------------------------------
Einem Entwickler ist aufgefallen, dass Apple offenbar beim Trennen von Prozessen geschlampt hat. Bietet eine App eine Browser-Ansicht, kann diese von der App selbst beobachtet werden.
---------------------------------------------
http://www.heise.de/security/meldung/iOS-Sicherheitsluecke-ermoeglicht-Keylogging-in-Apps-mit-integriertem-Browser-2403572.html


*** An Analysis of the CAs trusted by iOS 8.0 ***
---------------------------------------------
iOS 8.0 ships with a number of trusted certificates (also known as "root certificates" or "certificate authorities"), which iOS implicitly trusts. The root certificates are used to trust intermediate certificates, and the intermediate certificates are used to trust web site certificates. When you go to a web site using HTTPS, or an app makes a secure connection to something on the Internet (like your mail server), the web site (or mail server, or whatever) gives iOS its...
---------------------------------------------
http://karl.kornel.us/2014/09/an-analysis-of-the-cas-trusted-by-ios-8-0/


*** GNU bash Environment Variable Processing Flaw Lets Users Execute Arbitrary Code ***
---------------------------------------------
http://www.securitytracker.com/id/1030890


*** DSA-3032 bash ***
---------------------------------------------
security update
---------------------------------------------
http://www.debian.org/security/2014/dsa-3032


*** Security Advisories for Cisco IOS Software ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp


*** Cisco Unified Communications Domain Manager glibc Arbitrary Code Execution Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0475


*** IBM Security Bulletin: Vulnerability in IBM Java SDKs and IBM Java Runtime Technology Edition affecting Rational Functional Tester (CVE-2014-3086) ***
---------------------------------------------
Multiple vulnerabilities exist in IBM SDKs Java Technology Edition and IBM Runtime Environment Java Technology Edition that are used by Rational Functional Tester (RFT). These issues were disclosed as part of the IBM Java SDK updates in July 2014.  CVE(s): CVE-2014-3086  Affected product(s) and affected version(s):   Rational Functional Tester version 8.2.2 and later    Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:...
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_ibm_java_sdks_and_ibm_java_runtime_technology_edition_affecting_rational_functional_tester_cve_2014_3086?lang=en_us


*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool OMNIbus (CVE-2014-4263, CVE-2014-4244) ***
---------------------------------------------
There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Versions 5, 6, and 7 that are used by Tivoli Netcool OMNIbus. These issues were disclosed as part of the IBM Java SDK updates in July 2014.  CVE(s): CVE-2014-4263 and CVE-2014-4244  Affected product(s) and affected version(s):   Tivoli Netcool/OMNIbus 7.3.0 Tivoli Netcool/OMNIbus 7.3.1 Tivoli Netcool/OMNIbus 7.4.0 Tivoli Netcool/OMNIbus 8.1.0    Refer to the following reference URLs for...
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_vulnerabilities_in_ibm_java_runtime_affect_tivoli_netcool_omnibus_cve_2014_4263_cve_2014_4244?lang=en_us


*** Security Advisories for Drupal Third-Party Modules ***
---------------------------------------------
https://www.drupal.org/node/2344383
https://www.drupal.org/node/2344369
https://www.drupal.org/node/2344363
https://www.drupal.org/node/2344389


*** Mozilla Network Security Services certificates security bypass ***
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/96194


*** HPSBST03103 rev.1 - HP Storage EVA Command View Suite running OpenSSL, Remote Unauthorized Access, Disclosure of Information ***
---------------------------------------------
A potential security vulnerability has been identified with HP Storage Enterprise Virtual Array (EVA) Command View Suite. The vulnerability could be exploited to allow remote unauthorized access and disclosure of information.
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04425253


*** Bugtraq: Two SQL Injections in All In One WP Security WordPress plugin ***
---------------------------------------------
http://www.securityfocus.com/archive/1/533519


*** TYPO3-EXT-SA-2014-012: Several vulnerabilities in extension JobControl (dmmjobcontrol) ***
---------------------------------------------
It has been discovered that the extension "JobControl" (dmmjobcontrol) is susceptible to Cross-Site Scripting and SQL Injection.
---------------------------------------------
https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-012/


*** Bugtraq: LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow ***
---------------------------------------------
http://www.securityfocus.com/archive/1/533543