[CERT-daily] Tageszusammenfassung - Mittwoch 17-06-2015

Wed Jun 17 18:16:03 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 16-06-2015 18:00 − Mittwoch 17-06-2015 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Unpatched OS X, iOS flaws allow password, token theft from keychain, apps ***
---------------------------------------------
Six researchers from Indiana University Bloomington, Peking University and Georgia Tech have recently published a paper in which they detail the existence of critical security weaknesses in Apples OS...
---------------------------------------------
http://www.net-security.org/secworld.php?id=18523


*** Security: Unverschlüsselte App-Updates gefährden Samsungs Smartphones ***
---------------------------------------------
Wenn Apps ihre Aktualisierungen unverschlüsselt abholen, sind sie leicht zu manipulieren. Vor allem bei systemnahen Anwendungen ist das ein gravierendes Problem, wie ein aktueller Fall belegt, der vor allem die Galaxy-Reihe von Samsung betrifft.
---------------------------------------------
http://www.golem.de/news/security-unverschluesselte-app-updates-gefaehrden-samsungs-smartphones-1506-114711-rss.html


*** CVE-2014-4114 and an Interesting AV Bypass Technique, (Tue, Jun 16th) ***
---------------------------------------------
Citizenlabs recently reported on a CVE-2014-4114 campaign against pro-democracy / pro-Tibetian groups in Hong Kong. The attacks happening should not surprise anyone, nor that the attacks were sophisticated. The vulnerability itself was patched with MS14-060 and has been used by APT and crime groups for sometime. Trend Micro wrote a good write-up of the issue here. What is interesting is what, in effect, is an anti-virus bypass that was employed by the actors. This bypass was discussed in this...
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=19809&rss


*** VU#155412: Samsung Galaxy S phones fail to properly validate Swiftkey language pack updates ***
---------------------------------------------
Vulnerability Note VU#155412 Samsung Galaxy S phones fail to properly validate Swiftkey language pack updates Original Release date: 16 Jun 2015 | Last revised: 16 Jun 2015   Overview Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, fail to properly validate Swiftkey language pack updates.  Description CWE-345: Insufficient Verification of Data Authenticity - CVE-2015-2865Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, are pre-installed with a version of Swiftkey...
---------------------------------------------
http://www.kb.cert.org/vuls/id/155412


*** EMC Unified Infrastructure Manager/Provisioning Authentication Flaw Lets Remote Users Access the System ***
---------------------------------------------
http://www.securitytracker.com/id/1032589


*** Red Hat OpenSSL Locking Error in ssleay_rand_bytes() Lets Remote Users Deny Service ***
---------------------------------------------
http://www.securitytracker.com/id/1032587


*** Vulnerabilities in Cisco Products ***
---------------------------------------------

*** Cisco Cloud Portal Appliance Pregenerated Default Host Keys Vulnerability ***
http://tools.cisco.com/security/center/viewAlert.x?alertId=39380

*** Cisco Prime Collaboration Manager SQL Injection Vulnerability ***
http://tools.cisco.com/security/center/viewAlert.x?alertId=39365

*** Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability ***
http://tools.cisco.com/security/center/viewAlert.x?alertId=31998

*** Cisco Adaptive Security Appliance Encrypted IPSec or IKEv2 Packet Modification Vulnerability ***
http://tools.cisco.com/security/center/viewAlert.x?alertId=39366


*** [HTB23261]: OS Command Injection in Vesta Control Panel ***
---------------------------------------------
Product: Vesta Control Panel v0.9.8Vulnerability Type: OS Command Injection [CWE-78]Risk level: Critical Creater: http://vestacp.comAdvisory Publication: May 20, 2015 [without technical details]Public Disclosure: June 17, 2015 CVE Reference: CVE-2015-4117 CVSSv2 Base Score: 9 (AV:N/AC:L/Au:S/C:C/I:C/A:C) Vulnerability Details: High-Tech Bridge Security Research Lab discovered critical vulnerability in Vesta Control Panel, which can be exploited to execute arbitrary system commands and gain...
---------------------------------------------
https://www.htbridge.com/advisory/HTB23261


*** VU#842780: Vesta Control Panel is vulnerable to cross-site request forgery ***
---------------------------------------------
Vulnerability Note VU#842780 Vesta Control Panel is vulnerable to cross-site request forgery Original Release date: 16 Jun 2015 | Last revised: 16 Jun 2015   Overview Vesta Control Panel is vulnerable to a cross-site request forgery (CSRF) attack.  Description CWE-352: Cross-Site Request Forgery (CSRF) - CVE-2015-2861Vesta Control Panel contains a cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has
---------------------------------------------
http://www.kb.cert.org/vuls/id/842780


*** Bugtraq: ESA-2015-043: RSA Validation Manager Security Update for Multiple Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/archive/1/535777


*** GarrettCom Magnum Series Devices Vulnerabilities ***
---------------------------------------------
This advisory provides mitigation details for multiple vulnerabilities in GarrettCom's Magnum 6k and Magnum 10k product lines.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01-0


*** Security update available for Adobe Photoshop CC ***
---------------------------------------------
Adobe has released an update for Photoshop CC for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.
---------------------------------------------
https://helpx.adobe.com/security/products/photoshop/apsb15-12.html


*** Security update available for Adobe Bridge CC ***
---------------------------------------------
Adobe has released an update for Adobe Bridge CC for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.
---------------------------------------------
https://helpx.adobe.com/security/products/bridge/apsb15-13.html


*** Bugtraq: VCE3570: VCE Vision(TM) Intelligent Operations Cryptographic and Cleartext Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/archive/1/535781


*** [R1] PHP < 5.4.41 Vulnerabilities Affect Tenable SecurityCenter ***
---------------------------------------------
June 15, 2015
---------------------------------------------
http://www.tenable.com/security/tns-2015-06