[CERT-daily] Tageszusammenfassung - Freitag 11-01-2013

Fri Jan 11 18:37:44 CET 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 10-01-2013 18:00 − Freitag 11-01-2013 18:00
Handler:     Stephan Richter
Co-Handler:  Christian Wojner


*** European Cybercrime Centre opens for business ***
---------------------------------------------
"The European Cybercrime Centre (EC3) will officially start operating on 11 January with a mission to protect European citizens and businesses from cybercrime. "Cybercriminals are smart and quick in using new technologies for criminal purposes; the EC3 will help us become even smarter and quicker to help prevent and fight their crimes" said European Commissioner for Home Affairs Cecilia Malmstrm at the launch of the EC3 project ahead of the official opening of the centre at...
---------------------------------------------
http://www.h-online.com/security/news/item/European-Cybercrime-Centre-opens-for-business-1780747.html


*** Bugtraq: DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit ***
---------------------------------------------
DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit
---------------------------------------------
http://www.securityfocus.com/archive/1/525269


*** Bugtraq: Detailed examples of two vulnerabilities in whitelisting software: SE46 (Cryptzone) and Application Control (McAfee) ***
---------------------------------------------
Detailed examples of two vulnerabilities in whitelisting software: SE46 (Cryptzone) and Application Control (McAfee)
---------------------------------------------
http://www.securityfocus.com/archive/1/525268


*** What Else runs Telnets? Or, Pentesters Love Video Conferencing Units Too!, (Thu, Jan 10th) ***
---------------------------------------------
As a side note to todays iSeries / Mainframe story, and a follow-up to one I wrote last year (https://isc.sans.edu/diary/12103), another thing Im seeing is more and more on telnets (tcp port 992 - https://isc.sans.edu/port.html?port=992) is voice gateway and videoconferencing unit problems.    Specifically, when scanning for port tcp/992, you will likely run across more videoconferencing systems than mainframes. Theyll often show up with less fingerprinting than the SNA platforms we discussed,...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=14902&rss


*** HPSBMU02838 SSRT100789 rev.1 - HP Serviceguard on Linux, Remote Denial of Service (DoS) ***
---------------------------------------------
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03621178


*** TYPO3-EXT-SA-2013-001: Several vulnerabilities in third party extensions ***
---------------------------------------------
Several vulnerabilities have been found in the following third-party
TYPO3 extensions: news, onetimeaccount, phpunit, div2007, t3mootools,
t3jquery, oneclicklogin
---------------------------------------------
https://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-001/


*** .NET-Update beeinträchtigt Windows Server 2012 ***
---------------------------------------------
Ein seit Dienstag ausgeliefertes Update für die .NET-Laufzeitumgebung 4.5 führt unter Windows Server 2012 zu Problemen mit dem Failover Cluster Manager. Microsoft hat das Problem bereits bestätigt.
---------------------------------------------
http://rss.feedsportal.com/c/32407/f/463925/s/276e67d9/l/0L0Sheise0Bde0Cmeldung0CNET0EUpdate0Ebeeintraechtigt0EWindows0EServer0E20A120E17823310Bhtml0Cfrom0Crss0A9/story01.htm