======================= = End-of-Shift report = =======================
Timeframe: Donnerstag 17-01-2013 18:00 − Freitag 18-01-2013 18:00 Handler: Stephan Richter Co-Handler: Otmar Lendl
*** Linksys vuln: Cisco responds *** --------------------------------------------- Working on fix for WRT54GL router Cisco has identified the Linksys router affected by the vulnerability published by DefenseCode on January 14... --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2013/01/17/cisco_respon...
*** Anti-Spam SMTP Proxy Server 2.2.1 => Cross Site Scripting *** --------------------------------------------- Topic: Anti-Spam SMTP Proxy Server 2.2.1 => Cross Site Scripting Risk: Low Text:: + Vendor info Anti-Spam SMTP Proxy Server 2.2.1 => Cross Site Scripting (CWE-79) http://sourceforge.net/projects/assp/ ... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/l6FeQIUUAbY/WLB-201...
*** Vuln: Multiple SonicWALL Products CVE-2013-1359 Authentication Bypass Vulnerability *** --------------------------------------------- Multiple SonicWALL Products CVE-2013-1359 Authentication Bypass Vulnerability --------------------------------------------- http://www.securityfocus.com/bid/57445
*** Outbank 2 mit Passwort-Leck *** --------------------------------------------- Die Mac-Version der neuen Banking-Software legt das Programmkennwort in einer Standard-Logdatei ab – unverschlüsselt. Ein Update steht noch aus. --------------------------------------------- http://rss.feedsportal.com/c/32407/f/463925/s/27a7a138/l/0L0Sheise0Bde0Cmeld...
*** Why the Java threat rang every alarm *** --------------------------------------------- "If the IT industry had a color-coded threat-level advisory system, the alerts would have spiked to red this week -- and in a way they did when the Department of Homeland Security, no less, urged users to disable or uninstall Java because of a serious security vulnerability. Judging by the ensuing avalanche of ink (mea culpa for adding to the pileup), you might think this attack took the industry by surprise. Far from it -- as Twitter engineer and security expert Charlie Miller told... --------------------------------------------- http://www.infoworld.com/t/security/why-the-java-threat-rang-every-alarm-211...
*** Bugtraq: CVE-2012-6452 Axway Secure Messenger Username Disclosure *** --------------------------------------------- CVE-2012-6452 Axway Secure Messenger Username Disclosure --------------------------------------------- http://www.securityfocus.com/archive/1/525346