[CERT-daily] Tageszusammenfassung - Dienstag 2-07-2013

Tue Jul 2 18:13:43 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 01-07-2013 18:00 − Dienstag 02-07-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Bugtraq: [SECURITY] CVE-2013-1777: Apache Geronimo 3 RMI classloader exposure ***
---------------------------------------------
A misconfigured RMI classloader in Apache Geronimo 3.0 may enable an attacker to send a serialized object via JMX that could compromise the system.
---------------------------------------------
http://www.securityfocus.com/archive/1/527022


*** Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Script Injection Vulnerabilities ***
---------------------------------------------
Topic: Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Script Injection Vulnerabilities Risk: Low Text:Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Script Injection Vulnerabilities Vendor: Barracuda Networks, Inc. Product web ...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070014


*** Hackers Aggressively Scanning ICS, SCADA Default Credentials, Vulnerabilities ***
---------------------------------------------
Attacks against industrial control systems and SCADA equipment are progressing beyond automated scans for vulnerabilities or default credentials hitting honeypots, and are leading to service disruptions.
---------------------------------------------
http://threatpost.com/hackers-aggressively-scanning-ics-scada-default-credentials-vulnerabilities/


*** Bugtraq: Linksys EA - 2700, 3500, 4200, 4500 w/ Lighttpd 1.4.28 Unauthenticated Remote Administration Access ***
---------------------------------------------
- Unauthenticated remote access to all pages of the router
administration GUI, bypassing any credential prompts under certain
common configurations (see below)
- Direct access to several other critical files, unauthenticated as well
---------------------------------------------
http://www.securityfocus.com/archive/1/527027


*** Symantec Security Information Manager Console Multiple Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been reported in Symantec Security Information Manager, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to disclose sensitive information and conduct cross-site scripting attacks.
---------------------------------------------
https://secunia.com/advisories/53990


*** IBM Rational Automation Framework Java JSSE Denial of Service Vulnerability ***
---------------------------------------------
IBM has acknowledged a vulnerability in IBM Rational Automation Framework, which can be exploited by malicious people to cause a DoS (Denial of Service).
---------------------------------------------
https://secunia.com/advisories/54034


*** IBM Sterling B2B Integrator / IBM Sterling File Gateway Multiple Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been reported in IBM Sterling B2B Integrator and IBM Sterling File, where one has an unknown impact and others can be exploited by malicious users to conduct SQL injection attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/53850


*** HPSBHF02888 rev.1 - HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution ***
---------------------------------------------
Potential security vulnerabilities have been identified with HP, 3COM, and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information and execution of code.
---------------------------------------------
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03808969


*** Cisco TC Software SIP Implementation Error May Affect Communications Integrity ***
---------------------------------------------
A vulnerability in the Session Initiation Protocol (SIP) implementation used in TC Software could allow an unauthenticated, remoteattacker to cause an endpoint to process unintended SIP NOTIFY messages.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3401


*** TRENDnet Multiple Products Security Bypass Security Issue ***
---------------------------------------------
A security issue has been reported in multiple TRENDnet products, which can be exploited by malicious users to bypass certain security restrictions.
---------------------------------------------
https://secunia.com/advisories/53926


*** HTTPS Side-Channel Attack A Tool For Encrypted Secret Theft ***
---------------------------------------------
Researchers to release details on how SSL vulnerability gives attackers ability to steal everything from OAuth tokens to PII through an enterprise app in just 30 seconds.
---------------------------------------------
http://www.darkreading.com/vulnerability/https-side-channel-attack-a-tool-for-enc/240157583


*** IBM Storwize V7000 Unified Multiple Vulnerabilities ***
---------------------------------------------
IBM has acknowledged multiple vulnerabilities in IBM Storwize V7000 Unified, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
---------------------------------------------
https://secunia.com/advisories/54036


*** HP-UX update for Java ***
---------------------------------------------
HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/53999
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03809278


*** Fortinet FortiOS (FortiGate) Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
A vulnerability has been reported in Fortinet FortiOS (FortiGate), which can be exploited by malicious people to conduct cross-site request forgery attacks.
---------------------------------------------
https://secunia.com/advisories/53996


*** Hacker Holes in Server Management System Allows ‘Almost-Physical’ Access ***
---------------------------------------------
Major vulnerabilities in a protocol for remotely monitoring and managing servers would allow attackers to hijack the computers to gain control of them, access or erase data, or lock others out. The vulnerabilities exist in more than 100,000 servers connected ...
---------------------------------------------
http://www.wired.com/threatlevel/2013/07/ipmi/


*** HP-UX update for Apache with Tomcat Servlet Engine ***
---------------------------------------------
HP has issued an update for Apache with Tomcat Servlet Engine. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
---------------------------------------------
https://secunia.com/advisories/53989


*** Alcatel-Lucent OmniTouch Multiple Products Cross-Site Scripting Vulnerability ***
---------------------------------------------
A vulnerability has been reported in multiple Alcatel-Lucent OmniTouch products, which can be exploited by malicious people to conduct cross-site scripting attacks.
---------------------------------------------
https://secunia.com/advisories/54000