[CERT-daily] Tageszusammenfassung - Montag 5-08-2013

Mon Aug 5 18:30:44 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 02-08-2013 18:00 − Montag 05-08-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** DMARC: another step forward in the fight against phishing?, (Mon, Aug 5th) ***
---------------------------------------------
I’m always searching to find facts and figures on the effectiveness of security measures on phishing attacks, which is harder that it would first seem. This is all is in aid of framing a picture to the boss on why to spend money, energy and resources on this most insidious and highly successful type of attack. That makes it very important to understand what happens towards your company, then you’re industry sector and, finally, how other non-related sectors are doing to create an
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16297&rss


*** Samsung Smart TV: Basically a Linux Box Running Vulnerable Web Apps ***
---------------------------------------------
chicksdaddy writes "Two researchers at the Black Hat Briefings security conference Thursday said Smart TVs from electronics giant Samsung are rife with vulnerabilities in the underlying operating system and Java-based applications. Those vulnerabilities could be used to steal sensitive information on the device owner, or even spy on the televisions surroundings using an integrated webcam. Speaking in Las Vegas, Aaron Grattafiori and Josh Yavor, both security engineers at the firm ISEC
---------------------------------------------
http://entertainment.slashdot.org/story/13/08/03/2250247/samsung-smart-tv-basically-a-linux-box-running-vulnerable-web-apps


*** Firefox Zero-Day Used in Child Porn Hunt? ***
---------------------------------------------
A claimed zero-day vulnerability in Firefox 17 has some users of the latest Mozilla Firefox browser (Firefox 22) shrugging their shoulders. Indeed, for now it appears that this flaw is not a concern for regular, up-to-date Firefox end users. But several experts say the vulnerability was instead exposed and used in tandem with a recent U.S. law enforcement effort to discover the true Internet addresses of people believed to be browsing child porn sites via the Tor Browser -- an online anonymity
---------------------------------------------
https://krebsonsecurity.com/2013/08/firefox-zero-day-used-in-child-porn-hunt/


*** Bad timing: New HTML5 trickery lets hackers silently spy on browsers ***
---------------------------------------------
Sub-millisecond precision in your rendering engine. What could possibly go wrong? New time-measuring features in HTML5 can be exploited by malicious websites to illicitly peek at pages open on a victims browser, it is claimed.…
---------------------------------------------
http://www.theregister.co.uk/2013/08/05/html5_timing_attacks/


*** Microsoft Security Advisory (2876146): Wireless PEAP-MS-CHAPv2 Authentication Could Allow Information Disclosure - Version: 1.0 ***
---------------------------------------------
Microsoft is aware of a public report that describes a known weakness in the Wi-Fi authentication protocol known as PEAP-MS-CHAPv2 (Protected Extensible Authentication Protocol with Microsoft Challenge Handshake Authentication Protocol version 2), used by Windows Phones for WPA2 wireless authentication. In vulnerable scenarios, an attacker who successfully exploited this issue could achieve information disclosure against the targeted device.
---------------------------------------------
http://technet.microsoft.com/en-us/security/advisory/2876146


*** [2013-08-05] Vodafone EasyBox default WPS PIN algorithm weakness ***
---------------------------------------------
The algorithm that generates the default WPS-PIN is entirely based on the MAC address (=BSSID) and serial number of the device. The serial number can be derived from the MAC address. An unauthenticated attacker within the range of the access point can capture the BSSID (eg. from 802.11 Beacon Frames) and calculate the default WPS PIN for it.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130805-0_Vodafone_EasyBox_Default_WPS_PIN_Vulnerability_v10.txt


*** rgpg gem for Ruby command execution ***
---------------------------------------------
rgpg gem for Ruby could allow a remote attacker to execute arbitrary commands on the system, caused by the improper validation of input by GpgHelper module (lib/rgpg/gpg_helper.rb). An attacker could exploit this vulnerability to inject and execute arbitrary commands on the system.
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/86148


*** HP LaserJet Pro Printer Bug Lets Remote Users Access Data ***
---------------------------------------------
A vulnerability was reported in HP Printer. A remote user can obtain potentially sensitive information.
---------------------------------------------
http://www.securitytracker.com/id/1028869


*** Bugtraq: FTP OnConnect v1.4.11 iOS - Multiple Web Vulnerabilities ***
---------------------------------------------
The Vulnerability Laboratory Research Team discovered a command/path inject vulnerability in the FTP OnConnect v1.4.11 application (Apple iOS - iPad & iPhone).
---------------------------------------------
http://www.securityfocus.com/archive/1/527760


*** Bugtraq: PuTTY SSH handshake heap overflow ***
---------------------------------------------
PuTTY versions 0.62 and earlier - as well as all software that
integrates these versions of PuTTY - are vulnerable to an integer overflow leading to heap overflow during the SSH handshake before authentication,...
---------------------------------------------
http://www.securityfocus.com/archive/1/527763


*** Bugtraq: Joomla core <= 3.1.5 reflected XSS vulnerability ***
---------------------------------------------
Joomla core package <= 3.1.5 includes a PHP script that suffers from
reflected XSS vulnerability that allows to inject HTML and malicious
scripts that can access any cookies, session tokens, or other...
---------------------------------------------
http://www.securityfocus.com/archive/1/527765


*** IBM InfoSphere BigInsights Multiple Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been reported in IBM InfoSphere BigInsights, which can be exploited by malicious people to conduct spoofing, cross-site scripting, and request forgery attacks.
---------------------------------------------
https://secunia.com/advisories/54447


*** HPSBUX02909 SSRT101289 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS) ***
---------------------------------------------
Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS).
---------------------------------------------
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03883001


*** TYPO3: Several vulnerabilities in extensions ***
---------------------------------------------
https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-011/
https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-012/
https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013/


*** phpMyAdmin Clickjacking Vulnerabilies ***
---------------------------------------------
https://secunia.com/advisories/54381
https://secunia.com/advisories/54409