[CERT-daily] Tageszusammenfassung - Donnerstag 8-10-2015

Thu Oct 8 18:00:52 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 07-10-2015 18:00 − Donnerstag 08-10-2015 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


*** ZDI-15-461: Solarwinds Log and Event Manager Command Injection Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Solarwinds Log and Event Manager. Authentication is not required to exploit this vulnerability.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-15-461/


*** ZDI-15-460: Solarwinds Storage Manager ProcessFileUpload.jsp File Upload Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Solarwinds Storage Manager. Authentication is not required to exploit this vulnerability.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-15-460/


*** Forscher demonstriert Lücke im PGP-Standard ***
---------------------------------------------
Durch die Rückwärtskompatibilität könnten Angreifer verschlüsselte und signierte Nachrichten nachträglich manipulieren. Immerhin geben aktuelle GnuPG-Versionen dann einen Hinweis auf mögliche Probleme.
---------------------------------------------
http://heise.de/-2840052


*** SHA1 algorithm securing e-commerce and software could break by year's end ***
---------------------------------------------
Researchers warn widely used algorithm should be retired sooner.
---------------------------------------------
http://arstechnica.com/security/2015/10/sha1-crypto-algorithm-securing-internet-could-break-by-years-end/


*** Zero-Day Exploit Found in Avast Antivirus ***
---------------------------------------------
Avast was vulnerable to malicious HTTPS connections One of Googles security experts found a zero-day exploit inside the Avast antivirus, which the company has recently patched.
---------------------------------------------
http://news.softpedia.com/news/zero-day-exploit-found-in-avast-antivirus-493958.shtml


*** New mystery Windows-smashing RAT found in corporate network ***
---------------------------------------------
Tin foil VXer wraps new Trojan in cloak and evasion tricks Malware man Yotam Gottesman has found a somewhat mysterious remote access Trojan on a corporate network that sports highly capable evasion techniques.
---------------------------------------------
www.theregister.co.uk/2015/10/08/monker_rat/


*** Hack gegen Looppay: Samsung betont Sicherheit von Samsung Pay ***
---------------------------------------------
Im Februar schluckte Samsung das Startup Looppay und integrierte dessen Technik in den mobilen Bezahldienst Samsung Pay. Kurz darauf schlichen sich Hacker in die Rechner des Startups, wie nun herauskam.
---------------------------------------------
http://heise.de/-2840660


*** Wieder WLAN/SOHO router - remote root ***
---------------------------------------------
Wie viele der kleinen WLAN Router (auch "SOHO" Router - small home and office router - genannt), hat auch Netgear bei der Sicherheit vom Web Interface gepatzt - so scheint es. Heute wurde bekannt, dass Netgear WNR1000v4 Router (eventuell sind auch andere Modelle betroffen) mit den folgenden Firmware ..
---------------------------------------------
http://www.cert.at/services/blog/20151008163157-1605.html


*** How I Hacked Hotmail ***
---------------------------------------------
At Synack we really enjoy great vulnerabilities, whether in web, mobile, host or even in completely outrageous devices and systems (satellite hacking anyone?). But we always keep the great findings that we and the SRT have made for our customers confidential. So while this ..
---------------------------------------------
https://www.synack.com/labs/blog/how-i-hacked-hotmail/