[CERT-daily] Tageszusammenfassung - Donnerstag 20-10-2016

Thu Oct 20 18:02:16 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 19-10-2016 18:00 − Donnerstag 20-10-2016 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


*** Cisco ASA Software Local Certificate Authority Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system.The vulnerability is due to improper handling of ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-ca


*** Cisco Firepower Detection Engine HTTP Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort


*** Cisco Meeting Server Information Disclosure Vulnerability ***
---------------------------------------------
A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server.The vulnerability is due to missing bounds checks in the Web Bridge functionality. An ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-cms1


*** Cisco Meeting Server Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-cms


*** Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability ***
---------------------------------------------
A vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw


*** Adult FriendFinder Vulnerability Leaves Millions Exposed ***
---------------------------------------------
Security experts are reporting popular adult website Adult FriendFinder has been compromised by hackers who have gained access to the sites backend servers.
---------------------------------------------
http://threatpost.com/adult-friendfinder-vulnerability-leaves-millions-exposed/121372/


*** The new .LNK between spam and Locky infection ***
---------------------------------------------
Just when it seems the Ransom:Win32/Locky activity has slowed down, our continuous monitoring of the ransomware family reveals a new workaround that the authors ..
---------------------------------------------
https://blogs.technet.microsoft.com/mmpc/2016/10/19/the-new-lnk-between-spam-and-locky-infection/


*** Hack.lu 2016 Wrap-Up Day #2 ***
---------------------------------------------
I'm just back from the second day of hack.lu. The day started early with Patrice Auffret about Metabrik! Patrice is a Perl addict and developed lot of CPAN ..
---------------------------------------------
https://blog.rootshell.be/2016/10/20/hack-lu-2016-wrap-day-2/


*** Researchers Bypass ASLR Protection On Intel Haswell CPUs ***
---------------------------------------------
An anonymous reader writes: "A team of scientists from two U.S. universities has devised ..
---------------------------------------------
https://news.slashdot.org/story/16/10/19/2358209/researchers-bypass-aslr-protection-on-intel-haswell-cpus


*** OWASP ModSecurity CRS Version 3.0 RC2 Released ***
---------------------------------------------
http://trustwave.com/Resources/SpiderLabs-Blog/OWASP-ModSecurity-CRS-Version-3-0-RC2-Released/


*** Novell: Storage Manager for eDirectory 5.0.0 ***
---------------------------------------------
https://download.novell.com/Download?buildid=4x6-1FswplA~


*** Security research tool had security problem ***
---------------------------------------------
Plugin for popular disassembler OllyDGB allowed man-in-the-middle diddle Security ..
---------------------------------------------
www.theregister.co.uk/2016/10/20/ollydgb_vulnerability/


*** Can I spam from here: An Unusually Clever Spambot Tests Blacklists ***
---------------------------------------------
Unit 42 researchers recently observed an unusually clever spambot's attempts to increase delivery efficacy by abusing reputation blacklist service ..
---------------------------------------------
http://researchcenter.paloaltonetworks.com/2016/10/unit42-can-i-spam-from-here-an-unusually-clever-spambot-tests-blacklists/


*** Bugtraq: [security bulletin] HPSBGN03663 rev.1 - HPE ArcSight WINC Connector, Remote Code Execution ***
---------------------------------------------
http://www.securityfocus.com/archive/1/539609


*** Skyping and Typing the Latest Threat to Privacy ***
---------------------------------------------
Typing while using Skype or over other Voice over Internet Protocol (VoIP) services presents an opportunity for an attacker to record the conversation, separate ..
---------------------------------------------
https://threatpost.com/skyping-and-typing-the-latest-threat-to-privacy/121387/


*** The Kings In Your Castle Part #1 ***
---------------------------------------------
In March 2016 I presented together with Raphael Vinot at this year�s Troopers conference in Heidelberg. The talk treated research of targeted malware, ..
---------------------------------------------
https://cyber.wtf/2016/10/12/the-kings-in-your-castle-all-the-lame-threats-that-own-you-but-will-never-make-you-famous/


*** Palo Alto PAN-OS Input Validation Flaw in Monitor Tab Lets Remote Authenticated Users Conduct Cross-Site Scripting Attacks ***
---------------------------------------------
http://www.securitytracker.com/id/1037063