Daily

daily@lists.cert.at

1 participants
3083 discussions

Tageszusammenfassung - Freitag 6-09-2013
by Daily end-of-shift report 06 Sep '13

06 Sep '13

======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 05-09-2013 18:00 − Freitag 06-09-2013 18:00 Handler: Robert Waldner Co-Handler: n/a *** Advance Notification Service for September 2013 Security Bulletin Release *** --------------------------------------------- In celebration of kids heading back to school, today we're providing advance notification for the release of 14 bulletins, four Critical and 10 Important, for September 2013. The Critical updates address issues in Internet Explorer, Outlook, SharePoint and Windows. As always, we've scheduled the bulletin release for the second Tuesday of the month, Sept. 10, 2013, at approximately 10:00 a.m. PDT. Revisit this blog then for our analysis of the risk and impact, as well as our --------------------------------------------- http://blogs.technet.com/b/msrc/archive/2013/09/05/advance-notification-ser… *** Windows 8s Picture Passwords Weaker Than Users Might Hope *** --------------------------------------------- colinneagle writes with word of work done by researchers at Arizona State University, Delaware State University and GFS Technology Inc., who find that the multiple-picture sequence security option of Windows 8 suffers from various flaws -- some of them specific to a password system based on gestures, and some analogous to weaknesses in conventional passwords entered by keyboard. "The research found that the strength of picture gesture password has a strong connection to how long a person --------------------------------------------- http://rss.slashdot.org/~r/Slashdot/slashdot/~3/28mhP0YmW7c/story01.htm *** The NSA's work to make crypto worse and better *** --------------------------------------------- Leaked documents say that the NSA has compromised encryption specs. It wasnt always this way. --------------------------------------------- http://feeds.arstechnica.com/~r/arstechnica/security/~3/b8hGFShwJ6E/story01… *** August 2013 Virus Activity Overview *** --------------------------------------------- September 2, 2013 In August, Doctor Web specialists analysed a myriad of new malware. At the beginning of the month, they discovered a malicious program that compromised sites making use of popular CMSs. In the second half of August, a Trojan-Spy was found that represents a serious risk to Linux machines. Viruses According to the statistical information collected on computers by Dr.Web CureIt!, Trojan.Loadmoney.1 became the leader among the threats identified Trojan.Hosts.6815, which in an --------------------------------------------- http://news.drweb.com/show/?i=3885&lng=en&c=9 *** IKEd AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL *** --------------------------------------------- Topic: IKEd AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL Risk: Medium Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013090054 *** Vuln: Citrix CloudPortal Services Manager CVE-2013-2939 Unspecified Security Vulnerability *** --------------------------------------------- Citrix CloudPortal Services Manager CVE-2013-2939 Unspecified Security Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/62236 *** Patch-Dienstag: Microsoft flickt 14 Mal, Adobe einmal *** --------------------------------------------- Sowohl Microsoft als auch Adobe wollen am kommenden Dienstag wieder diverse Probleme in ihrer Software beheben. Microsoft plant, vier kritische Lücken zu schließen, wovon eine alle unterstützten Versionen des Internet Explorers betrifft. --------------------------------------------- http://www.heise.de/newsticker/meldung/Patch-Dienstag-Microsoft-flickt-14-M… *** Cisco Jabber for Windows SSL Certificate Verification Security Issue *** --------------------------------------------- Cisco Jabber for Windows SSL Certificate Verification Security Issue --------------------------------------------- https://secunia.com/advisories/54622

1 0

Tageszusammenfassung - Donnerstag 5-09-2013
by Daily end-of-shift report 05 Sep '13

05 Sep '13

======================= = End-of-Shift report = ======================= Timeframe: Mittwoch 04-09-2013 18:00 − Donnerstag 05-09-2013 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter *** Mit Typo 3 zum Server-Admin *** --------------------------------------------- Angemeldete Benutzer konnten unter Typo 3 Konfigurationsdateien auslesen und Dateien kopieren, löschen und ausführen. Nachdem die Experten der SySS GmbH diese Fehler schon vor Monaten an die Entwickler gemeldet hatten, wurden die Probleme nun behoben. --------------------------------------------- http://www.heise.de/newsticker/meldung/Mit-Typo-3-zum-Server-Admin-1949243.… *** AVG 2014: Das Interessanteste gibts umsonst *** --------------------------------------------- AVG stellt die Version 2014 seiner Virenschutzprodukte vor. Das darin enthaltene Modul PrivacyFix überprüft, welche Daten man auf sozialen Netzwerken über sich preisgibt. --------------------------------------------- http://www.heise.de/security/meldung/AVG-2014-Das-Interessanteste-gibts-ums… *** Whatever Happened to Facebook Likejacking? *** --------------------------------------------- Back in 2010, Facebook likejacking (a social engineering technique of tricking people into posting a Facebook status update) was a trending problem. So, whatever happened to likejacking scams and spam? Well, Facebook beefed-up its security - and the trend significantly declined, at least when compared to peak 2010 numbers.But you cant keep a good spammer down. Cant beat them? Join them.Today, some of the same junk which was spread via likejacking... is now spread via Facebook... --------------------------------------------- http://www.f-secure.com/weblog/archives/00002602.html *** Java's Losing Security Legacy *** --------------------------------------------- Javas code-signing requirements have proven to be a bust, security researchers say, and now even longtime developers are losing faith in the programming language. --------------------------------------------- http://threatpost.com/javas-losing-security-legacy/102176 *** Sham G20 Summit Email Carries "Split" Backdoor *** --------------------------------------------- The upcoming G20 Summit in St. Petersburg, Russia might have already spewed several messages aimed at both common users and specific groups. A recent email we saw is only the latest in these threats. The said message is purportedly from the event's planning team and refers to a "pre-summit meeting":... --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/sham-g20-summit-… *** Leicht zu enttarnen *** --------------------------------------------- Wissenschaftler haben die Möglichkeiten untersucht, die Anonymität von Tor-Nutzern aufzuheben - mit ziemlich erschreckenden Resultaten. --------------------------------------------- http://www.heise.de/newsticker/meldung/Tor-Benutzer-leicht-zu-enttarnen-194… *** Blog: Obad.a Trojan now being distributed via mobile botnets *** --------------------------------------------- In late May we reported on the details of Backdoor.AndroidOS.Obad.a, the most sophisticated mobile Trojan to date. At the time we had almost no information about how this piece of malware gets onto mobile devices. We have since been examining how the Trojan is distributed and discovered that the malware owners have... --------------------------------------------- http://www.securelist.com/en/blog/8131/Obad_a_Trojan_now_being_distributed_… *** Bugcrowd organisiert Schwachstellensuche für Unternehmen *** --------------------------------------------- Das australisch-amerikanische Startup will es Firmen ermöglichen, ihre eigenen Bug-Bounty-Programme einfach auf die Beine zu stellen. Firmen wie Google und Mozilla profitieren schon seit längerem von eigenen Programmen dieser Art. --------------------------------------------- http://www.heise.de/security/meldung/Bugcrowd-organisiert-Schwachstellensuc… *** Don't Install The Google Authenticator For iOS Update *** --------------------------------------------- Google today pushed an update out for Google Authenticator for iOS, the two-factor authentication companion app that makes your Google account and services where you use it to login more secure. But it's an update users will want to avoid for now, as it erases all your existing stored data and connected accounts,... --------------------------------------------- http://techcrunch.com/2013/09/04/dont-install-the-google-authenticator-for-… *** Samsungs Android-Geräte bekommen Verschlüsselungstechnik Knox *** --------------------------------------------- Samsung hat die ersten Android-Geräte mit der Sicherheitstechnik ausgerüstet und erste Hinweise geliefert, welche älteren Modelle ein Update bekommen. --------------------------------------------- http://www.heise.de/newsticker/meldung/Samsungs-Android-Geraete-bekommen-Ve… *** Large botnet cause of recent Tor network overload *** --------------------------------------------- Recently, Roger Dingledine described a sudden increase in Tor users on the Tor Talk mailinglist. To date there has been a large amount of speculation as to why this may have happened. A large number of articles seem to suggest this to be the result of the recent global espionage events, the evasion of the Pirate Bay blockades using the PirateBrowser or the Syrian civil war. --------------------------------------------- http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-… *** Linux Kernel 3.10.10 scm_check_creds() PID spoofing Privileges Escalation *** --------------------------------------------- Topic: Linux Kernel 3.10.10 scm_check_creds() PID spoofing Privileges Escalation Risk: High Text:A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated pri... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013090044 *** Drupal Core CSS Selectors Allow Remote Users to Insert Hidden Text and Links to Obtain Potentially Sensitive Information *** --------------------------------------------- http://www.securitytracker.com/id/1028978 *** Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players *** --------------------------------------------- Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players --------------------------------------------- http://www.securityfocus.com/archive/1/528432 *** Symantec Endpoint Protection un-installation password bypass *** --------------------------------------------- Topic: Symantec Endpoint Protection un-installation password bypass Risk: High Text: Description: A weakness has been revealed on SEP installation that allows user to uninstall this product w... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013090045 *** IBM WebSphere MQ Multiple Java Vulnerabilities *** --------------------------------------------- https://secunia.com/advisories/54721 *** Cisco GSS Global Site Selector Cross-Site Request Forgery Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54727

1 0

Tageszusammenfassung - Mittwoch 4-09-2013
by Daily end-of-shift report 04 Sep '13

04 Sep '13

======================= = End-of-Shift report = ======================= Timeframe: Dienstag 03-09-2013 18:00 − Mittwoch 04-09-2013 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter *** Hintergrund: Browser-SSL entschlüsselt *** --------------------------------------------- Mit einem kleinen Trick speichern Firefox und Chrome die verwendeten Schlüssel so, dass Wireshark die damit verschlüsselten Daten gleich dekodieren kann. --------------------------------------------- http://www.heise.de/security/artikel/Browser-SSL-entschluesselt-1948431.html *** Software Developer Says Mega Master Keys Are Retrievable *** --------------------------------------------- hypnosec writes that software developer Michael Koziarski has released a bookmarklet "which he claims has the ability to reveal Mega users master key. Koziarski went on to claim that Mega has the ability to grab its users keys and use them to access their files. Dubbed MegaPWN, the tool not only reveals a users master key, but also gives away a users RSA private key exponent. MEGApwn is a bookmarklet that runs in your web browser and displays your supposedly secret MEGA master key, showing --------------------------------------------- http://yro.slashdot.org/story/13/09/03/1720223/software-developer-says-mega… *** Cidox Trojan Spoofs HTTP Host Header to Avoid Detection *** --------------------------------------------- Lately, we have seen a good number of samples generating some interesting network traffic through our automated framework. The HTTP network pattern generated contains a few interesting parameters, names like "&av" (for antivirus?) and "&vm="(VMware?), The response received looked to be encrypted, which drew my attention. Also, all the network traffic contained the same host Read more... --------------------------------------------- http://blogs.mcafee.com/mcafee-labs/cidox-trojan-spoofs-http-host-header-to… *** Styx-like Cool Exploit Kit: How It Works *** --------------------------------------------- While the Blackhole Exploit Kit is the most well-known of the exploit kits that affect users, other exploit kits are also well known in the Russian underground. In this post, we will look at how these other kits work, and its differences from other exploit kits. One well-known Blackhole alternative is the Styx Exploit Kit. --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/styx-exploit-pac… *** Researchers: Oracle's Java Security Fails *** --------------------------------------------- Faced with an onslaught of malware attacks that leverage vulnerabilities and design weaknesses in Java, Oracle Corp. recently tweaked things so that Java now warns users about the security risks of running Java content. But new research shows that the integrity and accuracy of these warning messages can be subverted easily in any number of ways, and that Oracles new security scheme actually punishes Java application developers who adhere to it. --------------------------------------------- http://krebsonsecurity.com/2013/09/researchers-oracles-java-security-fails/ *** The Red Book - The SysSec Roadmap for Systems Security Research *** --------------------------------------------- The SysSec Red Book is a Roadmap in the area of Systems Security, as prepared by the SysSec consortium and its constituency. For preparing this roadmap a Task Force of young researchers with proven track of record in the area was assembled and collaborated with the senior researchers of SysSec. Additionally, the SysSec Community has been consulted to provide input on the contents of the roadmap. --------------------------------------------- http://www.red-book.eu/ *** [Video] ThreatVlog, Episode 3: NYT, Twitter, and HuffPost hacked by Syrian Electronic Army *** --------------------------------------------- In this episode of ThreatVlog, Grayson Milbourne covers the information behind the Syrian Electronic Army's hacking of New York Times, Twitter, and Huffington Post. Grayson includes a breakdown of the hack as well as information on how to keep your own websites protected form this malicious behavior.The post [Video] ThreatVlog, Episode 3: NYT, Twitter, and HuffPost hacked by Syrian Electronic Army appeared first on Webroot Threat Blog. --------------------------------------------- http://www.webroot.com/blog/2013/09/04/video-threatvlog-episode-3-nyt-twitt… *** Bugtraq: SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities *** --------------------------------------------- http://www.securityfocus.com/archive/1/528420 *** Samsung Galaxy S4 Polaris Viewer DOCX Buffer Overflow Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54701 *** MediaWiki Security Release *** --------------------------------------------- I would like to announce the release of MediaWiki 1.21.2, 1.20.7 and 1.19.8. These releases fix 3 security related bugs that could affect users of MediaWiki. --------------------------------------------- http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-September/0001… *** OpenVZ update for kernel *** --------------------------------------------- https://secunia.com/advisories/54311 *** Linux Kernel PID Spoofing Privilege Escalation Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54675 *** Sixnet Universal Protocol Undocumented Function Codes (Update A) *** --------------------------------------------- OVERVIEW: This updated advisory is a follow-up to the original advisory titled ICSA-13-231-01 Sixnet Universal Protocol Undocumented Function Codes that was published August 19, 2013, on the ICS-CERT Web page.Independent researcher Mehdi Sabraoui has identified undocumented function codes in Sixnet's universal protocol. Sixnet has produced a new version of the remote terminal unit (RTU) firmware that mitigates this vulnerability. --------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01A *** Tridium Niagara Vulnerabilities (Update A) *** --------------------------------------------- OVERVIEW--------- Begin Update A Part 1 of 2 --------This updated advisory is a follow-up to the original advisory titled ICSA-12-228-01 Tridium Niagara Multiple Vulnerabilities that was published August 15, 2012, on the ICS-CERT Web page. It is also a follow-up to ICS-ALERT-12-195-01 Tridium Niagara Directory Traversal and Weak Credential Storage Vulnerability that was published July 13, 2012, on the ICS-CERT Web page. --------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-12-228-01A *** Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously *** --------------------------------------------- http://www.securitytracker.com/id/1028972 *** Cisco Secure Access Control System (ACS) TACACS+ Socket Denial of Service Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54687 *** SAP NetWeaver "ABAD0_DELETE_DERIVATION_TABLE" SQL Injection Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54702 *** Vuln: Supermicro IPMI Web Interface Multiple Vulnerabilities *** --------------------------------------------- http://www.securityfocus.com/bid/62094 http://www.securityfocus.com/bid/62097 http://www.securityfocus.com/bid/62098 *** Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599) *** --------------------------------------------- Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599) CVE(s): CVE-2013-0585, CVE-2013-3034, CVE-2013-3040, and CVE-2013-0599 Affected product(s) and affected version(s): IBM InfoSphere Information Server version 9.1 running on all platforms Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin: --------------------------------------------- https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_mul…

1 0

Tageszusammenfassung - Dienstag 3-09-2013
by Daily end-of-shift report 03 Sep '13

03 Sep '13

======================= = End-of-Shift report = ======================= Timeframe: Montag 02-09-2013 18:00 − Dienstag 03-09-2013 18:00 Handler: Robert Waldner Co-Handler: n/a *** Blog: NetTraveler Is Back: The Red Star APT Returns With New Tricks *** --------------------------------------------- NetTraveler, which we described in depth in a previous post, is an APT that infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler (also known as ‘Travnet’ or “Netfile”) include Tibetan/Uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors. --------------------------------------------- http://www.securelist.com/en/blog/208214039/NetTraveler_Is_Back_The_Red_Sta… *** 353,436 Exposed ZTE Devices Found In Net Census *** --------------------------------------------- mask.of.sanity writes "Hundreds of thousands of internet-accessible devices manufactured Chinese telco ZTE have been found with default or hardcoded usernames and passwords. The devices were discovered in analysis of the huge dataset from the Internet Census run this year. ZTE topped the charts, accounting for 28 percent of all affected devices worldwide. Only one manufacturer has responded to the researchers bid to supply the data in efforts to stop production of insecure devices." --------------------------------------------- http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Ev4LKChpZbQ/story01.htm *** USB-Tastatur kapert Linux-Kern *** --------------------------------------------- Der Speicher eines Linux-Systems kann durch USB-Endgeräte fast beliebig manipuliert werden, wie ChromeOS-Entwickler Kees Cook entdeckte. Einen Patch für das Problem lieferte er gleich mit. --------------------------------------------- http://www.heise.de/newsticker/meldung/USB-Tastatur-kapert-Linux-Kern-19475… *** cPanel Multiple Vulnerabilities *** --------------------------------------------- A security issue and multiple vulnerabilities have been reported in cPanel, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, and gain escalated privileges and by malicious users to conduct script insertion attacks, bypass certain security restrictions, and compromise a vulnerable system. --------------------------------------------- https://secunia.com/advisories/54601 *** Bugtraq: PayPals "invalid" aksession Padding Oracle Flaw *** --------------------------------------------- The main PayPal web site sets a cookie named "aksession" which contains a blob of base64-encoded ciphertext. This ciphertext is encrypted using a 64-bit block cipher in CBC mode and does not have any other integrity protection. Naturally, this means the aksession cookie is vulnerable to a padding oracle attack allowing full decryption and forgery. --------------------------------------------- http://www.securityfocus.com/archive/1/528403 *** [remote] - Mikrotik RouterOS sshd (ROSSSH) - Remote Preauth Heap Corruption *** --------------------------------------------- During an audit the Mikrotik RouterOS sshd (ROSSSH) has been identified to have a remote previous to authentication heap corruption in its sshd component. Exploitation of this vulnerability will allow full access to the router device. --------------------------------------------- http://www.exploit-db.com/exploits/28056 *** [webapps] - TP-Link TD-W8951ND - Multiple Vulnerabilities *** --------------------------------------------- Tested on TP-Link TD-W8951ND Firmware 4.0.0 Build 120607 Rel.30923 --------------------------------------------- http://www.exploit-db.com/exploits/28055

1 0

Tageszusammenfassung - Montag 2-09-2013
by Daily end-of-shift report 02 Sep '13

02 Sep '13

======================= = End-of-Shift report = ======================= Timeframe: Freitag 30-08-2013 18:00 − Montag 02-09-2013 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter *** Njw0rm - Brother From the Same Mother *** --------------------------------------------- FireEye Labs has discovered an intriguing new sibling of the njRAT remote access tool (RAT) that one-ups its older "brother" with a couple of diabolically clever features. Created by the same author as njRAT - a freelance coder who goes by... --------------------------------------------- http://www.fireeye.com/blog/technical/malware-research/2013/08/njw0rm-broth… *** US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet *** --------------------------------------------- An anonymous reader sends this news from the Washington Post: "U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents [from Edward Snowden]. Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget... --------------------------------------------- http://yro.slashdot.org/story/13/08/31/2223212/us-mounted-231-offensive-cyb… *** Boffins follow TOR breadcrumbs to identify users *** --------------------------------------------- Anonymity? Fuggedaboutit! Watching TOR for months reveals true names Its easier to identify TOR users than they believe, according to research published by a group of researchers from Georgetown University and the US Naval Research Laboratory (USNRL). --------------------------------------------- http://www.theregister.co.uk/2013/09/01/tor_correlation_follows_the_breadcr… *** Cisco IOS TCP ACK Processing Lets Remote Users Deny Service *** --------------------------------------------- http://www.securitytracker.com/id/1028969 *** Cisco ASA Idle Timeout Processing Flaw Lets Remote Users Deny Service *** --------------------------------------------- http://www.securitytracker.com/id/1028968 *** IBM WebSphere Commerce Search Denial of Service Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54734

1 0

Tageszusammenfassung - Freitag 30-08-2013
by Daily end-of-shift report 30 Aug '13

30 Aug '13

======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 29-08-2013 18:00 − Freitag 30-08-2013 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter *** CoreText Font Rendering Bug Leads To iOS, OS X Exploit *** --------------------------------------------- redkemper writes with this news from BGR.com (based on a report at Hacker News), excerpting: "Android might be targeted by hackers and malware far more often than Apples iOS platform, but that doesnt mean devices like the iPhone and iPad are immune to threats. A post on a Russian website draws attention to a fairly serious vulnerability that allows nefarious users to remotely crash apps on iOS 6, or even render them unusable. The vulnerability is seemingly due to a bug in Apples CoreText... --------------------------------------------- http://apple.slashdot.org/story/13/08/29/155221/coretext-font-rendering-bug… *** Cloud-Dienst als Malware-Einfallstor *** --------------------------------------------- IT-Sicherheitsforscher haben eine Methode gezeigt, mit der über Dropbox und Co. Sicherheitsmechanismen von Firmen überwunden werden können. --------------------------------------------- http://www.heise.de/newsticker/meldung/Cloud-Dienst-als-Malware-Einfallstor… *** Sicherheitsforscher knacken Dropbox *** --------------------------------------------- Client entschlüsselt - Zwei-Weg-Authentifizierung kann umlaufen werden --------------------------------------------- http://derstandard.at/1376535110812 *** TeleGeographys Interactive Submarine Cable Map *** --------------------------------------------- ....Ever want to know where all the submarine cables are that provide part of the physical infrastructure of the Internet? Or which cities in the world have the most connectivity via submarine cables? (or which regions might be single points of failure?) In doing some research I stumbled across this excellent site from the folks at TeleGeography ... --------------------------------------------- http://www.submarinecablemap.com/ *** FinFisher range of attack tools *** --------------------------------------------- FinFisher is a range of attack tools developed and sold by a company called Gamma Group.Recently, some FinFisher sales brochures and presentations were leaked on the net. They contain many interesting details about these tools.In the background part of the FinFisher presentation, they go on to explain how Gamma hired the (at-the-time) main developer of Backtrack Linux to build attack tools for Gamma. This is a reference to Martin Johannes Münch. They also boast how their developers have... --------------------------------------------- http://www.f-secure.com/weblog/archives/00002601.html *** vBulletin users warned of potential exploit *** --------------------------------------------- The forum softwares developers advise users to delete the install folder --------------------------------------------- http://www.csoonline.com/article/738959/vbulletin-users-warned-of-potential… *** MatrikonOPC SCADA DNP3 Master Station Improper Input Validation *** --------------------------------------------- OVERVIEW: This updated advisory was originally posted to the US-CERT secure Portal library on August 02, 2013, and is now being released to the ICS-CERT Web page.Adam Crain of Automatak and independent researcher Chris Sistrunk have identified a buffer overflow vulnerability in MatrikonOPC’s SCADA DNP3 OPC Server application. MatrikonOPC has produced a patch that mitigates this vulnerability. The researchers tested the patch to validate that it resolves the vulnerability.This vulnerability... --------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-13-213-04A *** Cisco Identity Services Engine Discloses Authentication Credentials to Remote Users *** --------------------------------------------- http://www.securitytracker.com/id/1028965 *** IBM InfoSphere Information Server Web Console Cross-Site Scripting Vulnerabilities *** --------------------------------------------- https://secunia.com/advisories/54698 *** Schneider Electric OFS XML External Entities Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54616 *** Cisco ASA Software TFTP Protocol Inspection Denial of Service Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54699 *** LibTIFF Multiple Vulnerabilities *** --------------------------------------------- https://secunia.com/advisories/54628 *** VMSA-2013-0011 *** --------------------------------------------- VMware ESXi and ESX address an NFC Protocol Unhandled Exception --------------------------------------------- http://www.vmware.com/support/support-resources/advisories/VMSA-2013-0011.h…

1 0

Tageszusammenfassung - Donnerstag 29-08-2013
by Daily end-of-shift report 29 Aug '13

29 Aug '13

======================= = End-of-Shift report = ======================= Timeframe: Mittwoch 28-08-2013 18:00 − Donnerstag 29-08-2013 18:00 Handler: Robert Waldner Co-Handler: n/a *** Bugtraq: Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability *** --------------------------------------------- Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability --------------------------------------------- http://www.securityfocus.com/archive/1/528295 *** Kelihos Relying on CBL Blacklists to Evaluate New Bots *** --------------------------------------------- The Kelihos botnet is leveraging legitimate security services such as composite blocking lists (CBLs) to test the reliability of victim IP addresses before using them to push spam and malware. --------------------------------------------- http://threatpost.com/kelihos-relying-on-cbl-blacklists-to-evalute-new-bots… *** Java Native Layer Exploits Going Up *** --------------------------------------------- Recently, security researchers disclosed two Java native layer exploits (CVE-2013-2465 and CVE-2013-2471). This caused us too look into native layer exploits more closely, as they have been becoming more common this year. At this year’s Pwn2Own competition at CanSecWest, Joshua Drake showed CVE-2013-1491, which was exploitable on Java 7 running on Windows 8. CVE-2013-1493 has […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroJava Native Layer Exploits Going Up --------------------------------------------- http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/--YBZ1lrFxM/ *** Cisco Secure Access Control Server EAP-FAST Authentication Flaw Lets Remote Users Execute Arbitrary Commands *** --------------------------------------------- Cisco Secure Access Control Server EAP-FAST Authentication Flaw Lets Remote Users Execute Arbitrary Commands --------------------------------------------- http://www.securitytracker.com/id/1028958 *** Unpatched Mac bug gives attackers “super user” status by going back in time *** --------------------------------------------- Exploiting the five-month-old "sudo" flaw in OS X just got easier. --------------------------------------------- http://feeds.arstechnica.com/~r/arstechnica/security/~3/r1T9FKbYWWY/story01… *** Triangle MicroWorks Improper Input Validation *** --------------------------------------------- OVERVIEWAdam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in multiple Triangle MicroWorks’ products and third‑party components. Triangle MicroWorks has produced an update that mitigates this vulnerability. Adam Crain has tested the update to validate that it resolves the vulnerability.This vulnerability could be exploited remotely.AFFECTED PRODUCTSThe following Triangle MicroWorks products are affected: --------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-13-240-01 *** Bugtraq: 30C3 Call for Participation *** --------------------------------------------- 30C3 Call for Participation --------------------------------------------- http://www.securityfocus.com/archive/1/528298 *** Suspect Sendori software, (Thu, Aug 29th) *** --------------------------------------------- Reader Kevin wrote in to alert us of an interesting discovery regarding Sendori. Kevin stated that two of his clients were treated to malware via the auto-update system for Sendori. In particular, they had grabbed Sendori-Client-Win32/2.0.15 from 54.230.5.180 which is truly an IP attributed to Sendori via lookup results. Sendoris reputation is already a bit sketchy; search results for Sendori give immediate pause but this download in particular goes beyond the pale. With claims that "As of --------------------------------------------- http://isc.sans.edu/diary.html?storyid=16466&rss *** WordPress Wordfence 3.8.1 Cross Site Scripting *** --------------------------------------------- Topic: WordPress Wordfence 3.8.1 Cross Site Scripting Risk: Low Text:# Exploit Title: Wordpress Plugin Wordfence 3.8.1 - Cross Site Scripting # Date: 28 de Agosto del 2013 # Exploit Author: Dyla... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013080221 *** Google Docs Information Disclosure *** --------------------------------------------- Topic: Google Docs Information Disclosure Risk: Medium Text:I reported this problem to Google in June but I did not get the usual reply saying they were working on it, so I guess it isn... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013080224 *** Bugtraq: Drupal Node View Permissions module and Flag module Vulnerabilities *** --------------------------------------------- Drupal Node View Permissions module and Flag module Vulnerabilities --------------------------------------------- http://www.securityfocus.com/archive/1/528310 *** Cybercrime-friendly underground traffic exchanges help facilitate fraudulent and malicious activity – part two *** --------------------------------------------- By Dancho Danchev The list of monetization tactics a cybercriminal can take advantage of, once they manage to hijack a huge portion of Web traffic, is virtually limitless and is entirely based on his experience within the cybercrime ecosystem. Through the utilization of blackhat SEO (search engine optimization), RFI (Remote File Inclusion), DNS cache poisoning, or […] --------------------------------------------- http://feedproxy.google.com/~r/WebrootThreatBlog/~3/zWNtszZsWRs/ *** IBM InfoSphere Information Server Multiple Vulnerabilities *** --------------------------------------------- IBM InfoSphere Information Server Multiple Vulnerabilities --------------------------------------------- https://secunia.com/advisories/54666 *** Office 2003s burial will resurrect hacker activity *** --------------------------------------------- The end of Microsofts support for popular suite come April 2014 will usher in an era of infinite zero-day attacks, analyst predicts --------------------------------------------- http://www.csoonline.com/article/738914/office-2003-s-burial-will-resurrect… *** [papers] - Metasploit -The Exploit Learning Tree *** --------------------------------------------- Metasploit -The Exploit Learning Tree --------------------------------------------- http://www.exploit-db.com/download_pdf/27935 *** Outage Analyzer - Track Web Service Outages,in Real Time *** --------------------------------------------- ....Outage Analyzer lets you view internet service outages as they occur around the world. The application lists the outages that are occurring now or can provide a view of outages that have closed recently...... --------------------------------------------- http://www.compuware.com/en_us/application-performance-management/products/…

1 0

Tageszusammenfassung - Mittwoch 28-08-2013
by Daily end-of-shift report 28 Aug '13

28 Aug '13

======================= = End-of-Shift report = ======================= Timeframe: Dienstag 27-08-2013 18:00 − Mittwoch 28-08-2013 18:00 Handler: Robert Waldner Co-Handler: n/a *** Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed under a security manager. *** --------------------------------------------- IBM Tivoli Monitoring ships and uses a Java Runtime Environment (JRE). This alert addresses several vulnerabilities for the Tivoli Enterprise Portal browser JRE which might allow remote untrusted Java WebStart applications and untrusted Java applets to affect confidentiality, availability and integrity. CVE(s): CVE-2013-2467, CVE-2013-2448, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, --------------------------------------------- https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm… *** Firefox Extension HTTP Nowhere Allows Users to Browse in Encrypted-Only Mode *** --------------------------------------------- It’s no secret that the Web wasn’t really meant to be a secure platform, for communications or commerce or anything else. But it’s used for all of these functions every day, and for the most part they depend upon the sites they deal with using SSL and doing so correctly. That’s not always a sure [...] --------------------------------------------- http://threatpost.com/firefox-extension-http-nowhere-allows-users-to-browse… *** Microsoft Releases Revisions to 4 Existing Updates, (Tue, Aug 27th) *** --------------------------------------------- Four patches have undergone signficant revision according to Microsoft. The following patches were updated today by Microsoft, and are set to roll in the automatic updates: MS13-057 - Critical - https://technet.microsoft.com/security/bulletin/MS13-057 - Reason for Revision: V3.0 (August 27, 2013): Bulletin revised to rerelease security update 2803821 for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008; security update 2834902 for Windows XP and Windows Server 2003; --------------------------------------------- http://isc.sans.edu/diary.html?storyid=16448&rss *** Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service *** --------------------------------------------- Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service --------------------------------------------- http://www.securitytracker.com/id/1028957 *** Linux-Trojaner analysiert *** --------------------------------------------- Avast hat den bislang wohl ersten Online-Banking-Trojaner, der es auf Linux-Nutzer abgesehen hat, in seinem Virenlabor untersucht: Der Entwickler hat sich große Mühe gegeben, damit sein Baby unentdeckt bleibt. --------------------------------------------- http://www.heise.de/newsticker/meldung/Erster-Banking-Trojaner-fuer-Linux-a… *** Exploit für ungepatchte Lücke in Java 6 aufgetaucht *** --------------------------------------------- Ein Werkzeug enthält Code, der eine seit Juni bekannte Lücke in Java 6 ausnutzt. Oracle hat die Wartung für diese Version eingestellt, die sich jedoch noch häufig im Einsatz befindet. --------------------------------------------- http://www.heise.de/newsticker/meldung/Exploit-fuer-ungepatchte-Luecke-in-J… *** Cybercriminals offer spam-ready SMTP servers for rent/direct managed purchase *** --------------------------------------------- By Dancho Danchev We continue to observe an increase in underground market propositions for spam-ready bulletproof SMTP servers, with the cybercriminals behind them trying to differentiate their unique value proposition (UVP) in an attempt to attract more customers. Let’s profile the underground market propositions of what appears to be a novice cybercriminal offering such spam-ready […] --------------------------------------------- http://feedproxy.google.com/~r/WebrootThreatBlog/~3/eWR3avR3M7k/ *** IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability *** --------------------------------------------- IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability --------------------------------------------- https://secunia.com/advisories/54632 *** IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities *** --------------------------------------------- IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities --------------------------------------------- https://secunia.com/advisories/54641 *** Bugtraq: Two Instagram Android App Security Vulnerabilities *** --------------------------------------------- Two Instagram Android App Security Vulnerabilities --------------------------------------------- http://www.securityfocus.com/archive/1/528292

1 0

Tageszusammenfassung - Dienstag 27-08-2013
by Daily end-of-shift report 27 Aug '13

27 Aug '13

======================= = End-of-Shift report = ======================= Timeframe: Montag 26-08-2013 18:00 − Dienstag 27-08-2013 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter *** [Video] ThreatVlog, Episode 1: Tor and Apple exploits revealed *** --------------------------------------------- What is Tor? Is it really secure? What about the Apple App Store approval process? Are all these applications really looked at? In today's episode, Grayson Milbourne covers the exploitation of the Tor network through Firefox and a proof of concept showing just how insecure Apple app testing can be. --------------------------------------------- http://blog.webroot.com/2013/08/20/tor-and-apple-exploits-revealed/ *** [Video] ThreatVlog, Episode 2: Keyloggers and your privacy *** --------------------------------------------- Commercial and black hat keyloggers can infect any device, from your PC at home to the phone in your hand. What exactly are these programs trying to steal? How can this data be used harmfully against you? And what can you do to protect all your data and devices from this malicious data gathering? In... --------------------------------------------- http://blog.webroot.com/2013/08/26/video-threatvlog-episode-2-keyloggers-an… *** "thereisnofatebutwhatwemake" - Turbo-charged cracking comes to long passwords *** --------------------------------------------- Cracking really long passwords just got a whole lot faster and easier. --------------------------------------------- http://arstechnica.com/security/2013/08/thereisnofatebutwhatwemake-turbo-ch… *** Feature Phone Hack Can Block Calls, Texts On Some Networks *** --------------------------------------------- Trailrunner7 writes, quoting Threat Post "By tweaking the firmware on certain kinds of phones, a hacker could make it so other phones in the area are unable to receive incoming calls or SMS messages, according to research presented at the USENIX Security Symposium. The hack involves modifying the baseband processor on some Motorola phones and tricking some older 2G GSM networks into not delivering calls and messages. By watching the messages sent from phone towers and not delivering them --------------------------------------------- http://it.slashdot.org/story/13/08/26/2254224/feature-phone-hack-can-block-… *** Patch Management Guidance from NIST, (Tue, Aug 27th) *** --------------------------------------------- The National Institute of Standards and Technology (NIST) released a new version of guidance around Patch Management last week, NIST SP800-40. The latest release takes a broader look at etnerprise patch management than the previous version, so well worth the read. Patch Management is clearly called out as a "Quick Win" in Critical Control #3 "Secure Configurations for Hardware and Software". Additionally, Patch Management is something that is required by many of the cyber --------------------------------------------- http://isc.sans.edu/diary.html?storyid=16445&rss *** NSA: Hardening Tips For Mac OS X *** --------------------------------------------- ....The National Security Agency (NSA) offers "Hardening Tips for Mac OS X" a tri-fold security brochure for the agencys Information Assurance Mission. Its packed with useful tips...... Siehe auch: http://www.nsa.gov/ia/_files/factsheets/macosx_10_6_hardeningtips.pdf --------------------------------------------- http://www.nsa.gov/ia/_files/factsheets/macosx_hardening_tips.pdf *** The SCADA That Cried Wolf: Who's Really Attacking Your ICS Devices- Part 2 *** --------------------------------------------- The concern on ICS/SCADA security gained prominence due to high-profile attacks targeting these devices, most notably Flame and Stuxnet. However, we noted recent findings, which prove that the interest in ICS/SCADA devices as attack platforms is far from waning. We've all read about how insecure ICS/SCADA devices are and how certain threat actors are targeting... --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/the-scada-that-c… *** Malware-Erkennung für Medizingeräte *** --------------------------------------------- US-Informatiker wollen über Veränderungen im Stromverbrauch von Medizingeräten Datenschädlinge im Gesundheitsbereich feststellen. --------------------------------------------- http://www.heise.de/security/meldung/Malware-Erkennung-fuer-Medizingeraete-… *** Security Bulletin: IBM Notes & Domino fixes for multiple vulnerabilities in IBM JRE *** --------------------------------------------- IBM Notes and Domino are vulnerable to multiple attacks listed in the Oracle Java SE Critical Patch Update Advisories (February, April and June 2013) as well as miscellaneous client-side attacks listed below. The repaired IBM JRE is available in Notes and Domino 8.5.3 Fix Pack 5 and is also planned for Notes and Domino 9.0.1. CVE(s): CVE-2013-0464, CVE-2012-3325, and CVE-2011-4858 Affected product(s) and affected version(s): IBM Notes and Domino 9.0 IBM Notes and Domino 8.5.x IBM Notes and... --------------------------------------------- https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm… *** Security Bulletin: IBM Notes & Domino fixes for multiple vulnerabilities in IBM JRE *** --------------------------------------------- IBM Notes and Domino are vulnerable to multiple attacks listed in the Oracle Java SE Critical Patch Update Advisories (February, April and June 2013) as well as miscellaneous client-side attacks listed below. The repaired IBM JRE is available in Notes and Domino 8.5.3 Fix Pack 5 and is also planned for Notes and Domino 9.0.1. CVE(s): CVE-2013-0809, CVE-2013-1493, CVE-2013-3012, CVE-2013-3011, CVE-2013-3010, CVE-2013-3009, CVE-2013-3008, CVE-2013-3007, CVE-2013-3006, CVE-2013-2455, and --------------------------------------------- https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm… *** Security Bulletin: IBM Security SiteProtector System can be affected by a vulnerability in the IBM Eclipse Help System (IEHS) (CVE-2013-0467) *** --------------------------------------------- IBM Security SiteProtector System can be affected by a vulnerability in the IBM Eclipse Help System (IEHS). This vulnerability could allow a remote attacker to obtain the source code of the Help System. CVE(s): and CVE-2013-0467 Affected product(s) and affected version(s): IBM Security SiteProtector System: 2.8.1 and 2.9 Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21647392 --------------------------------------------- https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm… *** Security Bulletin: IBM Content Collector - Eclipse Help System Cross Site Scripting Vulnerability (CVE-2013-0464) *** --------------------------------------------- Cross-Site Scripting vulnerability exists in IBM Eclipse Help System, a component bundled with IBM Content Collector, which is used to display the IBM Content Collector help content. CVE(s): and CVE-2013-0464 Affected product(s) and affected version(s): IBM Content Collector 3.0 Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21646473 X-Force Database: --------------------------------------------- https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm… *** IBM Lotus iNotes Input Validation Flaws Permit Cross-Site Scripting Attacks *** --------------------------------------------- http://www.securitytracker.com/id/1028954 *** Sixnet Universal Protocol Undocumented Function Codes *** --------------------------------------------- OVERVIEW: This updated advisory is a follow-up to the original advisory titled ICSA-13-231-01 Sixnet Universal Protocol Undocumented Function Codes that was published August 19, 2013, on the ICS-CERT Web page. Independent researcher Mehdi Sabraoui has identified undocumented function codes in Sixnet's universal protocol. Sixnet has produced a new version of the remote terminal unit (RTU) firmware that mitigates this vulnerability. --------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01A *** RoundCube Webmail Edit Email Script Insertion Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54536 *** IBM DB2 / DB2 Connect Unspecified Security Bypass Vulnerability *** --------------------------------------------- https://secunia.com/advisories/54644 *** Atlassian 4.x Confluence Sensitive Information Leakage *** --------------------------------------------- Topic: Atlassian 4.x Confluence Sensitive Information Leakage Risk: Low Text:Since vendor does not seem to care about this issue more than a year after initial report (https://jira.atlassian.com/browse/C... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013080213

1 0

Tageszusammenfassung - Montag 26-08-2013
by Daily end-of-shift report 26 Aug '13

26 Aug '13

======================= = End-of-Shift report = ======================= Timeframe: Freitag 23-08-2013 18:00 − Montag 26-08-2013 18:00 Handler: Robert Waldner Co-Handler: n/a *** Mozilla und Chrome erhöhen Anforderungen an Zertifikate *** --------------------------------------------- In Zukunft wollen die beiden freien Browser SSL-Zertifikate mit einer besonders langen Laufzeit nicht mehr akzeptieren. Die Änderungen betreffen jedoch nur relativ wenige Server. --------------------------------------------- http://www.heise.de/newsticker/meldung/Mozilla-und-Chrome-erhoehen-Anforder… *** EU-Meldepflicht bei Datenklau tritt in Kraft *** --------------------------------------------- Ab sofort müssen Kommunikations-Unternehmen innerhalb von 24 Stunden melden, wenn ein Datenschutzverstoß von nicht oder nicht ausreichend gesicherten Personendaten vorliegt. Auch die Betroffenen müssen in einigen Fällen informiert werden. --------------------------------------------- http://futurezone.at/netzpolitik/17910-eu-meldepflicht-bei-datenklau-tritt-… *** RealPlayer Two Vulnerabilities *** --------------------------------------------- 1) An error when handling filenames in RMP can be exploited to cause a stack-based buffer overflow. 2) An error when parsing RealMedia files can be exploited to cause a memory corruption. Successful exploitation may allow execution of arbitrary code. --------------------------------------------- https://secunia.com/advisories/54621 *** OpenSSL erzeugt zu oft den gleichen Zufall *** --------------------------------------------- Der Zufallszahlengenerator der freien Krypto-Bibliothek liefert unter bestimmten Voraussetzungen relativ kurz hintereinander dieselben Zahlen. Noch ist nicht entschieden, ob die OpenSSL-Entwickler oder -Nutzer ihren Code ändern müssen. --------------------------------------------- http://www.heise.de/security/meldung/OpenSSL-erzeugt-zu-oft-den-gleichen-Zu… *** IBM WebSphere Commerce Tools Pages Cross-Site Scripting Vulnerabilities *** --------------------------------------------- IBM WebSphere Commerce Tools Pages Cross-Site Scripting Vulnerabilities --------------------------------------------- https://secunia.com/advisories/54643 *** IBM Tivoli Workload Scheduler OpenSSL Multiple Vulnerabilities *** --------------------------------------------- IBM Tivoli Workload Scheduler OpenSSL Multiple Vulnerabilities --------------------------------------------- https://secunia.com/advisories/54655 *** IBM Lotus iNotes Multiple Cross-Site Scripting Vulnerabilities *** --------------------------------------------- IBM Lotus iNotes Multiple Cross-Site Scripting Vulnerabilities --------------------------------------------- https://secunia.com/advisories/54645 *** Cacti Script Insertion and SQL Injection Vulnerabilities *** --------------------------------------------- Cacti Script Insertion and SQL Injection Vulnerabilities --------------------------------------------- https://secunia.com/advisories/54531 *** Bugtraq: Wordpress post-gallery Plugin Xss vulnerabilities *** --------------------------------------------- Wordpress post-gallery Plugin Xss vulnerabilities --------------------------------------------- http://www.securityfocus.com/archive/1/528243 *** [remote] - Belkin G Wireless Router Firmware 5.00.12 - RCE PoC *** --------------------------------------------- Belkin G Wireless Router Firmware 5.00.12 - RCE PoC --------------------------------------------- http://www.exploit-db.com/exploits/27873

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily