[CERT-daily] Tageszusammenfassung - Montag 26-01-2015

Daily end-of-shift report team at cert.at
Mon Jan 26 18:08:22 CET 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 23-01-2015 18:00 − Montag 26-01-2015 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

*** System Center Endpoint Protection support for Windows Server 2003 ***
---------------------------------------------
>From July 14, 2015, Windows Server 2003 will cease to be a supported operating system. 
---------------------------------------------
http://blogs.technet.com/b/mmpc/archive/2015/01/23/system-center-endpoint-protection-support-for-windows-server-2003.aspx




*** Sicherheitslücke in Millionen Android-Geräten: Google empfiehlt Chrome oder Firefox als Abhilfe ***
---------------------------------------------
Scharfe Kritik gibt es seit bekannt wurde, dass Google Sicherheitslücken im alten Standard-Browser von Android nicht mehr schließen will. Die Abhilfe, die Google nun empfiehlt, ist nicht so recht befriedigend.
---------------------------------------------
http://heise.de/-2528130




*** OS X 10.10.2: Apple patcht "Thunderstrike"-Angriff und Googles Zeroday-Lücken ***
---------------------------------------------
In der jüngsten Yosemite-Beta sollen gleich mehrere problematische Fehler behoben sein. Wann die Finalversion erscheint, bleibt unklar. Der Entdeckter von "Thunderstrike" kritisierte Apple.
---------------------------------------------
http://www.heise.de/newsticker/meldung/OS-X-10-10-2-Apple-patcht-Thunderstrike-Angriff-und-Googles-Zeroday-Luecken-2528347.html/from/rss09?wt_mc=rss.ho.beitrag.rdf




*** Firewall-Update: IPFire 2.15 auf Core Update 86 aktualisiert ***
---------------------------------------------
Die Aktualisierung stopft etliche Sicherheitslücken in diversen Paketen. Die Entwickler empfehlen daher dringend, das Update umgehend einzuspielen und die Firewall anschließend neu zu starten.
---------------------------------------------
http://heise.de/-2528391




*** Adobe stiftet Verwirrung mit falschen Versionsangaben für Flash ***
---------------------------------------------
Die Flash-Macher haben die kritische Lücke in ihrer Software endlich geschlossen. Leider vermitteln sie auf der offiziellen Flash-Webseite noch den Eindruck, die verwundbare Version wäre die neueste und damit sicher.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Adobe-stiftet-Verwirrung-mit-falschen-Versionsangaben-fuer-Flash-2528458.html/from/rss09?wt_mc=rss.ho.beitrag.rdf




*** Factsheet: Help! My website is vulnerable to SQL injection ***
---------------------------------------------
SQL injection is a popular and frequently used attack on websites, which attackers use to steal large volumes of (client) information. Although there are other types of attacks for capturing this information, SQL injection appears to be a frequently used method.A website becomes vulnerable to SQL injection when attackers are able to influence the queries sent by a website to a database. 
---------------------------------------------
https://www.ncsc.nl/english/services/expertise-advice/knowledge-sharing/factsheets/factsheet-help-my-website-is-vulnerable-to-sql-injection.html




*** Demystifying Cross-Site Request Forgery ***
---------------------------------------------
Continuously ranked in the OWASP Top Ten, a large majority of the development community still doesnt understand Cross-Site Request Forgery (CSRF). After years of penetration tests and code reviews, my experiences show that a high percentage of applications, especially new applications, do not have proper CSRF protections in place. This post provides a refresher on CSRF and provides a common defense for this issue.
---------------------------------------------
http://software-security.sans.org/blog/2015/01/23/demystifying-cross-site-request-forgery




*** Analyzing CVE-2015-0311: Flash Zero Day Vulnerability ***
---------------------------------------------
Last week a major zero-day vulnerability (was found in Adobe Flash Player. Over the weekend, Adobe started releasing an update to fix the vulnerability: users who have enabled auto-update have already received the newest version (16.0.0.296). Our analysis has confirmed that the vulnerable code has been modified.
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/2RZECpZzdak/




*** Cisco 2900 Series Integrated Services Router Network-Based Application Recognition Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the Network-Based Application Recognition (NBAR) protocol process of the Cisco 2900 Series Integrated Services Router could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability occurs when the NBAR process locks. An attacker could exploit this vulnerability by sending simple IP version 4 (IPv4) packets through the router. An exploit could allow the attacker to cause a DoS condition that would require a router restart.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0586






More information about the Daily mailing list