[CERT-daily] Tageszusammenfassung - Mittwoch 7-08-2013

Daily end-of-shift report team at cert.at
Wed Aug 7 18:09:04 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 06-08-2013 18:00 − Mittwoch 07-08-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** Stop! Yammer time: Microsoft blats biz babble account hijacking bug ***
---------------------------------------------
You cant touch this other users logins, Miss Hacker Microsoft has fixed a potentially nasty set of authentication vulnerabilities involving Yammer, the "Facebook for business" enterprise collaboration and social networking platform.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/08/06/yammer_authentication_flaw/




*** Fort Disco Brute-Force Attack Campaign Targets CMS Websites ***
---------------------------------------------
The Fort Disco botnet targets systems built on content management systems such as WordPress, using a brute-force password attack to control systems and install additional malware.
---------------------------------------------
http://threatpost.com/fort-disco-brute-force-attack-campaign-targets-cms-websites/101723




*** Breaking Down the China Chopper Web Shell - Part I ***
---------------------------------------------
Part I in a two-part series. China Chopper: The Little Malware That Could China Chopper is a slick little web shell that does not get enough exposure and credit for its stealth. Other than a good blog post from security researcher...
---------------------------------------------
http://www.fireeye.com/blog/technical/botnet-activities-research/2013/08/breaking-down-the-china-chopper-web-shell-part-i.html




*** Bugtraq: [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity ***
---------------------------------------------
The Apache CloudStack Security Team was notified of an issue found in
the Apache CloudStack user interface that allows an authenticated user
to execute cross-site scripting attack against other users within the
system.
---------------------------------------------
http://www.securityfocus.com/archive/1/527803




*** McAfee Superscan 4.0 Cross Site Scripting ***
---------------------------------------------
Topic: McAfee Superscan 4.0 Cross Site Scripting Risk: Low Text:Trustwave SpiderLabs Security Advisory TWSL2013-024: Cross Site Scripting (XSS) vulnerability in McAfee Superscan 4.0 Publi...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080058




*** MyBB 1.6.10 url Parameter Arbitrary Site Redirection Vulnerability ***
---------------------------------------------
Topic: MyBB 1.6.10 url Parameter Arbitrary Site Redirection Vulnerability Risk: Low Text:MyBB 1.6.10 url Parameter Arbitrary Site Redirection Vulnerability Vendor: MyBB Group Product web page: http://www.mybb...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080057




*** Atlassian Confluence 5.3 Cross Site Scripting ***
---------------------------------------------
Topic: Atlassian Confluence 5.3 Cross Site Scripting Risk: Low Text:Atlassian Confluence, the Enterprise Wiki Reflected XSS Details Product: Atlassian Confluence ...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080066




*** Atlassian JIRA 6.0.3 Cross Site Scripting ***
---------------------------------------------
Topic: Atlassian JIRA 6.0.3 Cross Site Scripting Risk: Low Text: Atlassian JIRA v6.0.3 Arbitrary HTML/Script Execution Vulnerability Vendor: Atlassian Corporation Pty Ltd. Produc...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080065




*** Bugtraq: Attacking Google Accounts with weblogin: Tokens ***
---------------------------------------------
For those who missed it, I would like to spread awareness about how
conveniences built into the Google eco-system can allow an
application, a physical user, or a forensics expert to access almost
everything in your Google account.
---------------------------------------------
http://www.securityfocus.com/archive/1/527810




*** National Instruments LabVIEW Path Traversal Flaw Lets Remote Users Execute Arbitrary Code ***
---------------------------------------------
A vulnerability was reported in National Instruments LabVIEW. A remote user can execute arbitrary code on the target system.
---------------------------------------------
http://www.securitytracker.com/id/1028889




*** Cacti SQL and Command Injection Vulnerabilities ***
---------------------------------------------
Some vulnerabilities have been reported in Cacti, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/54386




*** IBM Integrated Management Module IPMI default accounts ***
---------------------------------------------
The Integrated Management Module (IMM) and Integrated Management Module II (IMM2) used by multiple IBM servers are preconfigured with one IPMI user account, which has the same default login name and password on all affected systems. If a malicious user gains access to the IPMI interface using this...
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/86172


More information about the Daily mailing list