======================= = End-of-Shift report = =======================
Timeframe: Donnerstag 08-09-2016 18:00 − Freitag 09-09-2016 18:00 Handler: Stephan Richter Co-Handler: Alexander Riepl
*** Cisco ACE30 Application Control Engine Module and Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability *** --------------------------------------------- A vulnerability in the SSL/TLS functions of the Cisco ACE30 Application Control Engine Module and the Cisco ACE 4700 Series Application Control Engine Appliances could allow an unauthenticated, remote attacker to cause a denial of .. --------------------------------------------- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
*** DSA-3662 inspircd - security update *** --------------------------------------------- It was discovered that incorrect SASL authentication in the InspircdIRC server may lead to users impersonating other users. --------------------------------------------- https://www.debian.org/security/2016/dsa-3662
*** ZDI-16-505: AlienVault Unified Security Management get_directive_kdb directive_id SQL Injection Remote Code Execution Vulnerability *** --------------------------------------------- This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault Unified Security Management. Authentication is not required to exploit this vulnerability. --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-16-505/
*** ZDI-16-504: AlienVault Unified Security Management Multiple PHP Scripts Remote Code Execution Vulnerabilities *** --------------------------------------------- This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault Unified Security Management. Authentication is not required to exploit this vulnerability. --------------------------------------------- http://www.zerodayinitiative.com/advisories/ZDI-16-504/
*** Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware *** --------------------------------------------- A number of security vulnerabilities have been identified in firmware used in the Lights Out Management (LOM) component across all NetScaler .. --------------------------------------------- http://support.citrix.com/article/CTX216642
*** iPrint Appliance 2.0 Hot Patch 1 *** --------------------------------------------- https://download.novell.com/Download?buildid=S7GK9olwBDk~
*** iPrint Appliance 2.1 Hot Patch 1 *** --------------------------------------------- https://download.novell.com/Download?buildid=lVbNSynhgHU~
*** Asterisk RTP Session Management Bug Lets Remote Authenticated Users Consume Excessive Resources on the Target System *** --------------------------------------------- http://www.securitytracker.com/id/1036750
*** Asterisk Error in Processing Unknown Endpoints Lets Remote Users Cause the Target Service to Crash *** --------------------------------------------- http://www.securitytracker.com/id/1036749
*** Collecting Users Credentials from Locked Devices, (Fri, Sep 9th) *** --------------------------------------------- Its a fact: When a device can be physically accessed, you may consider it as compromised. And if the device is properly hardened, its just a matter of time. The best .. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=21461
*** Samsung Android Security Updates *** --------------------------------------------- SMR-SEP-2016 - Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung. --------------------------------------------- http://security.samsungmobile.com/smrupdate.html
*** Picture Perfect: CryLocker Ransomware Uploads User Information as PNG Files *** --------------------------------------------- Taking advantage of legitimate sites for command-and-control (C&C) purposes is typically done by most malware to avoid rousing suspicion from their targets. While .. --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/picture-perfect-c...
*** Your Seagate Central NAS could be hosting mining malware *** --------------------------------------------- If you have discovered cryptocurrency mining malware on your system, have removed it, and got compromised again without an idea about how it happened, it could be that the .. --------------------------------------------- https://www.helpnetsecurity.com/2016/09/09/seagate-central-nas-hosting-malwa...
*** Chrome soll vor nicht verschlüsselnden Webseiten warnen *** --------------------------------------------- Zunächst brandmarkt der Browser nur Seiten, die Passwörter oder Kreditkarteninformationen enthalten. Nach und nach soll die Warnung dann ausgeweitet werden. --------------------------------------------- http://heise.de/-3317393
*** Red Hat JBoss Enterprise Application Platform Input Validation Flaw Lets Remote Users Conduct HTTP Response Splitting and Content Injection Attacks *** --------------------------------------------- http://www.securitytracker.com/id/1036758
*** HTTPS: Google Chrome will vor unverschlüsselten Webseiten warnen *** --------------------------------------------- Wie umgehen mit unverschlüsselten Webseiten? Google will in Chrome künftig warnen, wenn unverschlüsselte Webseiten Passwörter und Kreditkartendaten abfragen. Doch das ist nur der Beginn der Planungen. --------------------------------------------- http://www.golem.de/news/https-google-chrome-will-vor-unverschluesselten-web...
*** Asterisk RTP Session Management Bug Lets Remote Authenticated Users Consume Excessive Resources on the Target System *** --------------------------------------------- http://www.securitytracker.com/id/1036750
*** Asterisk Error in Processing Unknown Endpoints Lets Remote Users Cause the Target Service to Crash *** --------------------------------------------- http://www.securitytracker.com/id/1036749
*** Collecting Users Credentials from Locked Devices, (Fri, Sep 9th) *** --------------------------------------------- Its a fact: When a device can be physically accessed, you may consider it as compromised. And if the device is properly hardened, its just a matter of time. The best .. --------------------------------------------- https://isc.sans.edu/diary.html?storyid=21461
*** Samsung Android Security Updates *** --------------------------------------------- SMR-SEP-2016 - Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung. --------------------------------------------- http://security.samsungmobile.com/smrupdate.html
*** Picture Perfect: CryLocker Ransomware Uploads User Information as PNG Files *** --------------------------------------------- Taking advantage of legitimate sites for command-and-control (C&C) purposes is typically done by most malware to avoid rousing suspicion from their targets. While .. --------------------------------------------- http://blog.trendmicro.com/trendlabs-security-intelligence/picture-perfect-c...
*** Your Seagate Central NAS could be hosting mining malware *** --------------------------------------------- If you have discovered cryptocurrency mining malware on your system, have removed it, and got compromised again without an idea about how it happened, it could be that the .. --------------------------------------------- https://www.helpnetsecurity.com/2016/09/09/seagate-central-nas-hosting-malwa...
*** Chrome soll vor nicht verschlüsselnden Webseiten warnen *** --------------------------------------------- Zunächst brandmarkt der Browser nur Seiten, die Passwörter oder Kreditkarteninformationen enthalten. Nach und nach soll die Warnung dann ausgeweitet werden. --------------------------------------------- http://heise.de/-3317393
*** Red Hat JBoss Enterprise Application Platform Input Validation Flaw Lets Remote Users Conduct HTTP Response Splitting and Content Injection Attacks *** --------------------------------------------- http://www.securitytracker.com/id/1036758