[CERT-daily] Tageszusammenfassung - Mittwoch 28-08-2013

Wed Aug 28 18:02:23 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 27-08-2013 18:00 − Mittwoch 28-08-2013 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

*** Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed under a security manager. ***
---------------------------------------------
IBM Tivoli Monitoring ships and uses a Java Runtime Environment (JRE). This alert addresses several vulnerabilities for the Tivoli Enterprise Portal browser JRE which might allow remote untrusted Java WebStart applications and untrusted Java applets to affect confidentiality, availability and integrity.  CVE(s):  CVE-2013-2467,  CVE-2013-2448,  CVE-2013-2459,  CVE-2013-2463,  CVE-2013-2464,  CVE-2013-2465,  CVE-2013-2466,  CVE-2013-2468,  CVE-2013-2469,  CVE-2013-2470,  CVE-2013-2471, 
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_tivoli_monitoring_clients_affected_by_vulnerabilities_in_ibm_jre_executed_under_a_security_manager2?lang=en_us


*** Firefox Extension HTTP Nowhere Allows Users to Browse in Encrypted-Only Mode ***
---------------------------------------------
It’s no secret that the Web wasn’t really meant to be a secure platform, for communications or commerce or anything else. But it’s used for all of these functions every day, and for the most part they depend upon the sites they deal with using SSL and doing so correctly. That’s not always a sure [...]
---------------------------------------------
http://threatpost.com/firefox-extension-http-nowhere-allows-users-to-browse-in-encrypted-only-mode/102108


*** Microsoft Releases Revisions to 4 Existing Updates, (Tue, Aug 27th) ***
---------------------------------------------
Four patches have undergone signficant revision according to Microsoft. The following patches were updated today by Microsoft, and are set to roll in the automatic updates:  MS13-057 - Critical  - https://technet.microsoft.com/security/bulletin/MS13-057 - Reason for Revision: V3.0 (August 27, 2013): Bulletin revised to rerelease security update 2803821 for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008; security update 2834902 for Windows XP and Windows Server 2003;
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16448&rss


*** Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service ***
---------------------------------------------
Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service
---------------------------------------------
http://www.securitytracker.com/id/1028957


*** Linux-Trojaner analysiert ***
---------------------------------------------
Avast hat den bislang wohl ersten Online-Banking-Trojaner, der es auf Linux-Nutzer abgesehen hat, in seinem Virenlabor untersucht: Der Entwickler hat sich große Mühe gegeben, damit sein Baby unentdeckt bleibt.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Erster-Banking-Trojaner-fuer-Linux-analysiert-1943718.html


*** Exploit für ungepatchte Lücke in Java 6 aufgetaucht ***
---------------------------------------------
Ein Werkzeug enthält Code, der eine seit Juni bekannte Lücke in Java 6 ausnutzt. Oracle hat die Wartung für diese Version eingestellt, die sich jedoch noch häufig im Einsatz befindet.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Exploit-fuer-ungepatchte-Luecke-in-Java-6-aufgetaucht-1944261.html


*** Cybercriminals offer spam-ready SMTP servers for rent/direct managed purchase ***
---------------------------------------------
By Dancho Danchev We continue to observe an increase in underground market propositions for spam-ready bulletproof SMTP servers, with the cybercriminals behind them trying to differentiate their unique value proposition (UVP) in an attempt to attract more customers. Let’s profile the underground market propositions of what appears to be a novice cybercriminal offering such spam-ready […]
---------------------------------------------
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/eWR3avR3M7k/


*** IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability ***
---------------------------------------------
IBM FileNet Content Manager / Content Foundation XML Parser Denial of Service Vulnerability
---------------------------------------------
https://secunia.com/advisories/54632


*** IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities ***
---------------------------------------------
IBM TRIRIGA Application Platform Multiple Cross-Site Scripting Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/54641


*** Bugtraq: Two Instagram Android App Security Vulnerabilities ***
---------------------------------------------
Two Instagram Android App Security Vulnerabilities
---------------------------------------------
http://www.securityfocus.com/archive/1/528292