======================= = End-of-Shift report = =======================
Timeframe: Dienstag 22-10-2013 18:00 − Mittwoch 23-10-2013 18:00 Handler: Stephan Richter Co-Handler: n/a
*** WellinTech KingView ActiveX Vulnerabilities *** --------------------------------------------- OVERVIEW: This advisory is a follow-up to the alert titled ICS-ALERT-13-256-01 WellinTech KingView ActiveX Vulnerabilitiesa that was published September 13, 2013, on the NCCIC/ICS-CERT Web site. --------------------------------------------- http://ics-cert.us-cert.gov/advisories/ICSA-13-295-01
*** Apache Fixes Information Disclosure Vulnerability in Shindig *** --------------------------------------------- The Apache Software Foundation released a new version of Shindig, a framework for web applications, yesterday, fixing what the collective has deemed an important information disclosure vulnerability. --------------------------------------------- http://threatpost.com/apache-fixes-information-disclosure-vulnerability-in-s...
*** Xerox WorkCentre and ColorQube Let Remote Users Gain Unauthorized Access *** --------------------------------------------- A vulnerability was reported in Xerox WorkCentre and ColorQube. A remote user can gain unauthorized access. --------------------------------------------- http://www.securitytracker.com/id/1029224
*** Security Bulletins: Vulnerability in XenDesktop 7.0 upgrade could result in policy bypass *** --------------------------------------------- A vulnerability has been identified in Citrix XenDesktop 7.0 that could prevent policy rules from being correctly applied following an upgrade from earlier versions of Citrix XenDesktop. --------------------------------------------- http://support.citrix.com/article/CTX138627
*** MantisBT 1.2.15 XSS vulnerability *** --------------------------------------------- Topic: MantisBT 1.2.15 XSS vulnerability Risk: Low Text:Greetings Roland Becker (MantisBT developer) discovered and fixed [1] an XSS vulnerability issue affecting MantisBT releases... --------------------------------------------- http://cxsecurity.com/issue/WLB-2013100159
*** Fixes from Apple (iOS 7.0.3, OS X Mavericks v10.9, Safari 6.1, Keynote 6.0, OS X Server 3.0, Remote Desktop, iTunes 11.1.2) *** --------------------------------------------- http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00002.htm... http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00003.htm... http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00004.htm... http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00005.htm... http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00006.htm... http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00007.htm... http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00008.htm... http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00009.htm...