======================= = End-of-Shift report = ======================= Timeframe: Donnerstag 06-09-2012 18:00 - Freitag 07-09-2012 18:00 Handler: Stephan Richter Co-Handler: Otmar Lendl
*** Microsoft Security Bulletin Advance Notification for September 2012 *** --------------------------------------------- "This is an advance notification of security bulletins that Microsoft is intending to release on September 11, 2012. This bulletin advance notification will be replaced with the September bulletin summary on September 11, 2012. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification...." --------------------------------------------- http://technet.microsoft.com/en-us/security/bulletin/ms12-sep
*** Bugtraq: [security bulletin] HPSBMU02811 SSRT100937 rev.1 - HP Business Availability Center (BAC) Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Web Session Hijacking *** --------------------------------------------- [security bulletin] HPSBMU02811 SSRT100937 rev.1 - HP Business Availability Center (BAC) Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Web Session Hijacking --------------------------------------------- http://www.securityfocus.com/archive/1/524119
*** Flash-Lücke im Internet Explorer 10 *** --------------------------------------------- Die mit Windows 8 ausgelieferte Flash-Version ist von einer Sicherheitslücke betroffen, die in Verbindung mit dem Internet Explorer 10 auftritt. Der entsprechende Patch von Adobe kann nicht auf den neuen Internet Explorer angewandt werden. --------------------------------------------- http://futurezone.at/produkte/11190-flash-luecke-im-internet-explorer-10.php...
*** ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow *** --------------------------------------------- Topic: ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... --------------------------------------------- http://feedproxy.google.com/~r/securityalert_database/~3/uDV-PB41E8E/WLB-201...
*** N24 Dokumentation *** --------------------------------------------- Wenn das Web zur Waffe wird
Mit der Weiterentwicklung der Technik von Computern und des Internets werden auch immer neue Angriffsmöglichkeiten für virtuelle Kriminelle geschaffen. Die Zeiten, in denen Computerviren lediglich Spam verursachten, sind vorbei. Die Doku zeigt, welch folgenschwere Schäden durch Cyber-Attacken in der modernen Welt verursacht werden können: --------------------------------------------- http://www.n24.de/mediathek/cyber-war-wenn-das-web-zur-waffe-wird_1552737.ht...
*** Vuln: Webmin Multiple Input Validation Vulnerabilities *** --------------------------------------------- Webmin Multiple Input Validation Vulnerabilities --------------------------------------------- http://www.securityfocus.com/bid/55446
*** SSL BEASTie boys develop follow-up CRIME web attack *** --------------------------------------------- Ill Communication The security researchers who developed the infamous BEAST attack that broke SSL/TLS encryption are cooking up a new assault on the same crucial protocols. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2012/09/07/https_sesh_h...
*** [remote] - SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow *** --------------------------------------------- SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow --------------------------------------------- http://www.exploit-db.com/exploits/21034
*** US-CERT Alert TA12-251A - Microsoft Update For Minimum Certificate Key Length *** --------------------------------------------- FOR IMMEDIATE PUBLIC RELEASE
National Cyber Awareness System
US-CERT Alert TA12-251A Microsoft Update For Minimum Certificate Key Length
Original release date: September 07, 2012 --------------------------------------------- http://www.us-cert.gov/cas/techalerts/TA12-251A.html