[CERT-daily] Tageszusammenfassung - Montag 22-08-2016

Mon Aug 22 18:19:17 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 19-08-2016 18:00 − Montag 22-08-2016 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Shadow Brokers Release of Hacking Code ***
---------------------------------------------
Juniper responds to hacking code released by The Shadow Brokers.
---------------------------------------------
https://forums.juniper.net/t5/Security-Incident-Response/Shadow-Brokers-Release-of-Hacking-Code/ba-p/296128


*** Cisco ASA SNMP Remote Code Execution Vulnerability, (Sun, Aug 21st) ***
---------------------------------------------
Looking back through all the vulnerabilities announced this week, one caught my eye. CVE-2016-6366 is a vulnerability in the Cisco ASA products which could allow a remote attacker to remotely execute code. This vulnerability is part of the Equation Group disclosures and was not previously known by Cisco.The vulnerability is in the SNMP code on the ASA and would allow an attacker with knowledge of the SNMP community stringto send craftedIPv4SNMP traffic which could be used to reload the system...
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=21389&rss


*** I got the power - over your IoT power-point ***
---------------------------------------------
It never gets better, does it? The latest "your IoT security is rubbish" takes the world one step closer to "burn it all and try again": a "smart" electrical outlet thats actually a whole-of-network attack vector.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2016/08/22/i_got_the_power_over_your_iot_powerpoint/


*** How to get your network and security teams working together ***
---------------------------------------------
Its not surprising that network and security teams arent always on the same page. After all, networks need to be fast and efficient, while security is about slowing things down and implementing extra steps to help meet security measures. While both teams are a part of the IT department, and need to work together in the event of a breach, each group has its own objectives and expectations. But when a data breach or security threat strikes, businesses need both teams working together to help get...
---------------------------------------------
http://www.cio.com/article/3110264/careers-staffing/how-to-get-your-network-and-security-teams-working-together.html#tk.rss_security


*** Threat intelligence report for the telecommunications industry ***
---------------------------------------------
The telecoms sector is under fire on all sides - hit by direct attacks on organizations and networks, indirect attacks in search of subscribers, and collateral damage from unrelated, targeted campaigns. This report reveals the many layers of vulnerability.
---------------------------------------------
http://securelist.com/analysis/publications/75846/threat-intelligence-report-for-the-telecommunications-industry/


*** Open sourced: Cyber reasoning system that won third place in DARPA's Cyber Grand Challenge ***
---------------------------------------------
Earlier this month, the DARPA-backed Cyber Grand Challenge (CGC) has shown that a future in which computer systems will (wholly or partially) replace bug hunters and patchers looms near. Now, the team that has won third place in the contest - Shellphish of Santa Barbara, California - has open sourced many of the components of its winning Mechanical Phish cyber reasoning system. But individuals and teams interested in testing and advancing the system will have...
---------------------------------------------
https://www.helpnetsecurity.com/2016/08/22/cyber-reasoning-system/


*** Finding and Enumerating Processes within Memory-Part 3 ***
---------------------------------------------
Continuing with the series, in this article, we will learn about enumeration of important structures like heaps, environment variables, DLLs pointed by main PEB. Just to recap in the previous two articles, we have looked at the way of finding the processes within memory and then enumerated structures like Page Tables, VADs, and PEB. Dynamic...
---------------------------------------------
http://resources.infosecinstitute.com/finding-enumerating-processes-within-memory-part-3/


*** Announcing the Heimdal Cyber Security Glossary ***
---------------------------------------------
Not too long ago, I was a total newbie in the cyber security field. Although I understood some of the basics, there was an entire universe for me to explore, from concepts to how they translate into action. What I found most baffling in the beginning were some of the technical terms. Of course I...
---------------------------------------------
https://heimdalsecurity.com/blog/heimdal-cyber-security-glossary/


*** Young European white hat hackers meet for the 2nd Cyber Security Challenge competition ***
---------------------------------------------
On the 7th of November, young European white hat hackers will meet at Düsseldorf to measure their skills in attacking and defending computer systems.
---------------------------------------------
https://www.enisa.europa.eu/news/enisa-news/young-european-white-hat-hackers-meet-for-the-2nd-cyber-security-challenge-competition


*** Bugtraq: [security bulletin] HPSBNS03635 rev.1 - HPE NonStop Servers OSS Script Languages running Perl and PHP, Multiple Local and Remote Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/archive/1/539280


*** Vuln: MatrixSSL Multiple Information Disclosure Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/bid/91488


*** ZDI-16-487: AVG Internet Security avgtdix.sys Kernel Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability ***
---------------------------------------------
This vulnerability allows local attackers to escalate privileges on vulnerable installations of AVG Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-16-487/


*** Security Advisory: Linux file utility vulnerabilities CVE-2014-8116 and CVE-2014-8117 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/16000/300/sol16347.html?ref=rss


*** Self Service Password Reset 3.3.1.6 ***
---------------------------------------------
Abstract: These files contain all updates made to SSPR 3.3.1 since the release of SSPR 3.3.1. This is a complete build of SSPR. SSPR 3.3.1 Patch 6 includes several new fixes. It also includes a security fix which was originally included in SSPR 3.3.1 HF2. Without this fix SSPR is vulnerable to a cross-site-scripting (XSS) attack (CVE-2016-1599, reported by Tom Ravenscroft of Datacom TSS). For more details see TID # 7017399 at https://www.netiq.com/support/kb/doc.php?id=7017399. It is mandatory...
---------------------------------------------
https://download.novell.com/Download?buildid=AYDcXUSlNzI~


*** WordPress 4.5.3 - Authenticated Denial of Service (DoS) ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8606


*** Newtec Satellite Modem MDM6000 2.2.5 Cross-Site Scripting Vulnerability ***
---------------------------------------------
Newtec Satellite Modem MDM6000 suffers from multiple reflected cross-site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a users browser session in context of an affected site.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5359.php


*** Sakai 10.7 Multiple Vulnerabilities ***
---------------------------------------------
Sakai suffers from multiple reflected cross-site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a users browser session in context of an affected site. Also there is a file disclosure vulnerability when calling custom tool script. It is not properly verified before being used to read files. This can be exploited to disclose...
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5358.php


*** tcPbX - (tcpbx_lang) Local File Inclusion ***
---------------------------------------------
Topic: tcPbX - (tcpbx_lang) Local File Inclusion Risk: Medium Text:Vulnerable hardware : tcpbx voip distro Vendor : www.tcpbx.org Author : Ahmed sultan (@0x4148) Email : 0x4148 at gmail.com ...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016080196


*** ZYCOO IP Phone System - Remote Command Execution ***
---------------------------------------------
Topic: ZYCOO IP Phone System - Remote Command Execution Risk: High Text:Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan (@0x4148) Email : 0x4148 at gmail.com ...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016080195


*** C2S DVR Management Remote Credentials Disclosure & Authentication Bypass ***
---------------------------------------------
Topic: C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Risk: High Text:1. Advisory Information = Title : C2S DVR Management Remote Credentials Disclosure & Authentic...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016080192


*** IP-Camera Vulnerabilities ***
---------------------------------------------
*** MESSOA NIC990 IP-Camera auth bypass configuration download ***
https://cxsecurity.com/issue/WLB-2016080194
---------------------------------------------
*** TOSHIBA IK-WP41A IP-Camera auth bypass configuration download ***
https://cxsecurity.com/issue/WLB-2016080193
---------------------------------------------
*** JVC IP-Camera (VN-T216VPRU) Remote Credentials Disclosure ***
https://cxsecurity.com/issue/WLB-2016080191
---------------------------------------------
*** Vanderbilt IP-Camera (CCPW3025-IR + CVMW3025-IR) Remote Credentials Disclosure ***
https://cxsecurity.com/issue/WLB-2016080190
---------------------------------------------