[CERT-daily] Tageszusammenfassung - Freitag 12-07-2013

Fri Jul 12 18:00:49 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 11-07-2013 18:00 − Freitag 12-07-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Otmar Lendl

*** SQUID 3.3.6 buffer overflow in HTTP request handling ***
---------------------------------------------
This problem allows any trusted client or client script who can
generate HTTP requests to trigger a buffer overflow in Squid,
resulting in a termination of the Squid service.
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070089


*** php 5.3.26 heap corruption in the XML parser ***
---------------------------------------------
Badly formed XML might corrupt the heap.
Warning: xml_parse_into_struct(): Maximum depth exceeded - Results truncated
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070090


*** Of TrueType Font Vulnerabilities and the Windows Kernel ***
---------------------------------------------
This months Patch Tuesday security bulletins called attention to vulnerabilities in the Windows kernels font-processing engine, which had been exploited previously in Duqu and other targeted attacks.
---------------------------------------------
http://threatpost.com/of-truetype-font-vulnerabilities-and-the-windows-kernel/101263


*** Critical Patch Update - July 2013 - Pre-Release Announcement ***
---------------------------------------------
This Critical Patch Update Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for July 2013, which will be released on Tuesday, July 16, 2013. 
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html


*** OpenSSH User Enumeration Time-Based Attack ***
---------------------------------------------
Topic: OpenSSH User Enumeration Time-Based Attack Risk: Low Text:Hi List, today, we will show a bug concerning OpenSSH. OpenSSH is the most used remote control software nowadays on *nix li...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013070092


*** HP: Neue Hintertüren in Server-Produkten ***
---------------------------------------------
HP hat zugegeben, dass auch die StoreVirtual-Server des Herstellers undokumentierte Hintertüren besitzen. Ein in Kürze erscheinender Patch soll Abhilfe schaffen.
---------------------------------------------
http://www.heise.de/security/meldung/HP-Neue-Hintertueren-in-Server-Produkten-1916292.html


*** Juniper Junos PIM Packet Handling Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when handling Protocol-Independent Multicast (PIM) packets and can be exploited to crash the Flow Daemon (flowd) via specially crafted PIM packets that transit the device.
---------------------------------------------
https://secunia.com/advisories/54157


*** How Microsoft handed the NSA access to encrypted messages ***
---------------------------------------------
Secret files show scale of Silicon Valley co-operation on Prism Outlook.com encryption unlocked even before official launch Skype worked to enable Prism collection of video calls Company says it is legally compelled to comply
---------------------------------------------
http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data


*** Bugtraq: CVE-2013-3568 - Linksys CSRF + Root Command Injection ***
---------------------------------------------
Hi list, I would like to inform you that the latest available Linksys WRT110 firmware is prone to root shell command injection via cross-site request forgery. This vulnerability is the result of the web interface's failure to sanitize ping targets as well as a lack of csrf tokens. 
---------------------------------------------
http://www.securityfocus.com/archive/1/527226


*** Amazons Einkaufshilfe spioniert Nutzer aus ***
---------------------------------------------
Eine von Amazon angebotene Browser-Erweiterung meldet dem Elektronikhändler alle Webseiten, die man ansurft. Die Daten werden zudem an einen Statistikdienst geschickt, der sich besonders für die Google-Nutzung interessiert.
---------------------------------------------
http://www.heise.de/security/meldung/Amazons-Einkaufshilfe-spioniert-Nutzer-aus-1916578.html