[CERT-daily] Tageszusammenfassung - Montag 27-07-2015

Mon Jul 27 18:04:24 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 24-07-2015 18:00 − Montag 27-07-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Multiple Cisco Products LDAP Server SSL Certificate Validation Vulnerability ***
---------------------------------------------
A vulnerability in SSL certificate validation of multiple Cisco products could allow an unauthenticated, remote attacker to stage a man-in-the-middle attack. The vulnerability is due to lack of SSL certificate validation for secure LDAP. An attacker could exploit this vulnerability to stage a man-in-the-middle attack when ..
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=40137


*** IT-Sicherheit bei smarten Autos "viel zu lange ignoriert" ***
---------------------------------------------
Nach dem Hack eines Jeeps gibt es Einigung darüber, dass noch viel Nachholbedarf besteht
---------------------------------------------
http://derstandard.at/2000019712190


*** DSA-3317 lxc - security update ***
---------------------------------------------
Several vulnerabilities have been discovered in LXC, the LinuxContainers userspace tools. Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files. A local attacker could exploit this flaw to create an arbitrary ..
---------------------------------------------
https://www.debian.org/security/2015/dsa-3317


*** Hacking Team: "Wir sind das Opfer" ***
---------------------------------------------
Der Hersteller von aggressiver Überwachungs-Software sieht sich als einziges Opfer in der Affäre um die Veröffentlichung von Daten, die die Zusammenarbeit des Unternehmens mit autoritären Staaten belegen sollen.
---------------------------------------------
http://heise.de/-2763077


*** WP Statistics <= 9.4 - SQL Injection ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8116


*** WP Slimstat <= 4.1.5.2 - Referer Header Cross-Site Scripting (XSS) ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8117


*** Password Hashing Competition: Hashfunktion Argon2 gewinnt Wettbewerb ***
---------------------------------------------
In einem Wettbewerb ist nach neuen Hashfunktionen gesucht worden, die sich für das Hashen von Passwörtern eignen. Jetzt steht der Gewinner fest: Argon2, entwickelt von einem Team an der Universität Luxemburg.
---------------------------------------------
http://www.golem.de/news/password-hashing-competition-hashfunktion-argon2-gewinnt-wettbewerb-1507-115433.html


*** Security: Zahlreiche Steam-Konten gehackt ***
---------------------------------------------
Die Steam-Konten mehrerer Twitch-Streamer wurden offenbar von Unbekannten übernommen. Sie nutzen einen Fehler in der Anmeldefunktion aus. Valve hat bereits ein Update bereitgestellt.
---------------------------------------------
http://www.golem.de/news/security-zahlreiche-steam-konten-gehackt-1507-115440.html


*** Advertising hijacking made by Invisible rogue mobile apps are wasting petabytes of data a day ***
---------------------------------------------
Mobile Malware is growing and crooks are targeting the advertising industry to redirect users to ad pages in a sort of Advertising hijacking. Mobile Malware is growing and crooks are targeting the advertising industry with malicious ..
---------------------------------------------
http://securityaffairs.co/wordpress/38885/cyber-crime/mobile-advertising-hijacking.html


*** Citrix XenServer Multiple Security Updates ***
---------------------------------------------
A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the host ...
---------------------------------------------
http://support.citrix.com/article/CTX201145


*** ManageEngine Exchange Reporter Plus Auth Bypass / Arbitrary SQL Statement Execution ***
---------------------------------------------
The ManageEngine Exchange Reporter product installs a JBoss server which listens on default port 8181 (tcp/http) for incoming requests. It offers an admin panel on that port. Without authorization/authentication it is possible to ..
---------------------------------------------
https://blogs.securiteam.com/index.php/archives/2533


*** Experts Found a Unicorn in the Heart of Android ***
---------------------------------------------
Gaining remote code execution privileges merely by having access to the mobile number? Enter Stagefright. The targets for this kind of attack can be anyone from Prime ministers, govt. officials, company executives, security officers to IT managers.
---------------------------------------------
http://blog.zimperium.com/experts-found-a-unicorn-in-the-heart-of-android/