[CERT-daily] Tageszusammenfassung - Mittwoch 14-08-2013

Daily end-of-shift report team at cert.at
Wed Aug 14 18:05:17 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 13-08-2013 18:00 − Mittwoch 14-08-2013 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

*** Start isolating critical XP systems now, experts warn ***
---------------------------------------------
Lack of updates after April 8, 2014 adds security complications for companies, retailers running specialty software dependent on XP
---------------------------------------------
http://www.csoonline.com/article/738085/start-isolating-critical-xp-systems-now-experts-warn?source=rss_application_security



*** Security Bulletin: Tivoli Workload Scheduler Distributed and Tivoli Workload Scheduler for Applications Openssl Multiple Vulnerabilities ***
---------------------------------------------
OpenSSL versions prior to 1.0.0 do not follow best security practices and need to upgrade.    CVE(s):   CVE-2013-0169   CVE-2013-0166   CVE-2012-2686   CVE-2012-2131  CVE-2012-2110   CVE-2012-0884   CVE-2012-0050   CVE-2011-4108   CVE-2011-4576   CVE-2011-4577   CVE-2011-4619   CVE-2011-3210   CVE-2011-0014   CVE-2010-3864    Affected product(s) and affected version(s):  Tivoli
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_tivoli_workload_scheduler_distributed_and_tivoli_workload_scheduler_for_applications_openssl_multiple_vulnerabilities?lang=en_us




*** Python SSL module NULL bytes spoofing ***
---------------------------------------------
Python SSL module NULL bytes spoofing
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/86383




*** BIND Vulnerablilty Enables DNS Cache Poisoning Attack ***
---------------------------------------------
A vulnerability in the BIND domain name system (DNS) software could give an attacker the ability to easily and reliably control queried name servers chosen by the most widely deployed DNS software on the Internet, according to new research presented at the Woot Conference in Washington D.C. today.
---------------------------------------------
http://threatpost.com/bind-vulnerablilty-enables-dns-cache-poisoning-attack/101988




*** Apache Struts2 2.3.15 OGNL Injection ***
---------------------------------------------
Topic: Apache Struts2 2.3.15 OGNL Injection Risk: Medium Text:CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Softw...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080115




*** DotNetNuke (DNN) Cross-Site Scripting Vulnerability ***
---------------------------------------------
Topic: DotNetNuke (DNN) Cross-Site Scripting Vulnerability Risk: Low Text:Title: DotNetNuke (DNN) Cross-Site Scripting Vulnerability References: CVE-2013-4649 Discovered by: Sajjad Pourali , Nasser S...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013080113




*** Vuln: TYPO3 Static Methods since 2007 Extension Unspecified Cross Site Scripting Vulnerability ***
---------------------------------------------
TYPO3 Static Methods since 2007 Extension Unspecified Cross Site Scripting Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/57288




*** Lücke gestopft ***
---------------------------------------------
Endlich gibt es ein Sicherheitsupdate für die Steuerungsanlagen von Saia-Burgess und ihre Lücke.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Kritisches-Sicherheitsupdate-fuer-200-000-Industriesteuerungen-1934787.html




*** Summary for August 2013 - Version: 1.0 ***
---------------------------------------------
This bulletin summary lists security bulletins released for August 2013.
---------------------------------------------
http://technet.microsoft.com/en-gb/security/bulletin/ms13-aug




*** Die August-Patches ***
---------------------------------------------
Microsoft hat acht Patch-Pakete herausgegeben, die nun insgesamt 23 Lücken schließen sollen.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Microsofts-August-Patches-und-die-Rueckkehr-des-Ping-of-Death-1934998.html



*** Bugtraq: Subverting BINDs SRTT Algorithm: Derandomizing NS Selection ***
---------------------------------------------
Subverting BINDs SRTT Algorithm: Derandomizing NS Selection
---------------------------------------------
http://www.securityfocus.com/archive/1/528013





*** Chinese Underground Creates Tool Exploiting Apache Struts Vulnerability ***
---------------------------------------------
About a month ago, the Apache Software Foundation released Struts 2.3.15.1, an update to the popular Java Web application development framework. The patch was released because vulnerabilities in older versions of Struts could allow attackers to run arbitrary code on vulnerable servers. Since then, we've found that hackers in the Chinese underground have created an [...]Post from: Trendlabs Security Intelligence Blog - by Trend MicroChinese Underground Creates Tool Exploiting Apache
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/LkrHQVJNU9U/




*** OSIsoft PI Interface for IEEE C37.118 Configuration Packets Processing Denial of Service Vulnerability ***
---------------------------------------------
OSIsoft PI Interface for IEEE C37.118 Configuration Packets Processing Denial of Service Vulnerability
---------------------------------------------
https://secunia.com/advisories/54498





*** .GOV zones may not resolve due to DNSSEC problems., (Wed, Aug 14th) ***
---------------------------------------------
Currently, many users are reporting that .gov domain names (e.g. fbi.gov) will not resolve. The problem appears to be related to an error in the DNSSEC configuration of the .gov zone.  According to a quick check with dnsviz.net, it appears that there is no DS record for the current .gov ZSK deposited with the root zone.    (excerpt from: http://dnsviz.net/d/fbi.gov/dnssec/)   DNSSEC relies on two types of keys each zone uses:  - A "key signing key" (KSK) and - A "zone signing
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16367&rss




*** cPanel Multiple Vulnerabilities ***
---------------------------------------------
cPanel Multiple Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/54455






More information about the Daily mailing list