[CERT-daily] Tageszusammenfassung - Montag 3-06-2013

Daily end-of-shift report team at cert.at
Mon Jun 3 18:19:07 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 31-05-2013 18:00 − Montag 03-06-2013 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter




*** WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability ***
---------------------------------------------
Topic: WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability Risk: Low Text:Advisory: WordPress Plugin Feedweb 1.8.8 Cross-site Scripting vulnerability Advisory ID: SSCHADV2013-004 Author: Stefan...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013060001




*** ModSecurity 2.7.3 NULL pointer dereference PoC ***
---------------------------------------------
Topic: ModSecurity 2.7.3 NULL pointer dereference PoC Risk: High Text:#!/usr/bin/env python3 #-*- coding: utf-8 -*- # # Created on Mar 29, 2013 # # @author: Younes JAAIDI <yjaaidi at shookalabs.c...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013060006




*** Security Bulletin: Multiple security vulnerabilities in IBM Sales Center for WebSphere Commerce (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-0191, CVE-2012-2159, CVE-2012-2161) ***
---------------------------------------------
Multiple security vulnerabilities have been identified in IBM Sales Center for WebSphere Commerce V6.0 and V7.0    CVEID:    CVE-2008-7271  CVE-2010-4647  CVE-2012-0186  CVE-2012-0191  CVE-2012-2159  CVE-2012-2161    Affected product(s) and affected version(s):   IBM Sales Center for WebSphere Commerce V6.0 (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-2159, CVE-2012-2161)  IBM Sales Center for WebSphere Commerce V7.0 (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-2159,
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_security_vulnerabilities_in_ibm_sales_center_for_websphere_commerce_cve_2008_7271_cve_2010_4647_cve_2012_0186_cve_2012_0191_cve_2012_2159_cve_2012_2161?lang=en_us




*** Besonders tückisches PayPal-Phishing ***
---------------------------------------------
Aufgepasst: Mit persönlicher Anrede und einer eigens registrierten .de-Domain greifen Cyber-Kriminelle derzeit nach den Kreditkartendaten von PayPal-Kunden. Der Schwindel fällt bestenfalls auf den zweiten Blick auf.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Besonders-tueckisches-PayPal-Phishing-1874729.html




*** Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169 ***
---------------------------------------------
Potential Security Exposure with IBM HTTP Server for WebSphere Application Server.  CVEID: CVE-2013-0169  AFFECTED VERSIONS: This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: · Version 8.5 · Version 8 · Version 7 · Version 6.1  Refer to the following reference URLs for remediation and additional vulnerability details.  Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21635988
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_potential_security_exposure_in_ibm_http_server_cve_2013_0169?lang=en_us




*** WordPress AntiVirus FPD and Security bypass vulnerabilities ***
---------------------------------------------
Topic: WordPress AntiVirus FPD and Security bypass vulnerabilities Risk: Low Text:These are Full path disclosure and Security bypass vulnerabilities in AntiVirus for WordPress. This is security plugin for dete...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013060010




*** Compromised FTP/SSH account privilege-escalating mass iFrame embedding platform released on the underground marketplace ***
---------------------------------------------
By Dancho Danchev Utilizing the very best in ‘malicious economies of scale’ concepts, cybercriminals have recently released a privilege-escalating Web-controlled mass iFrame embedding platform that’s not just relying on compromised FTP/SSH accounts, but also automatically gains root access on the affected servers in an attempt to target each and every site hosted there. Similar to […]
---------------------------------------------
http://blog.webroot.com/2013/06/03/compromised-ftpssh-account-privilege-escalating-mass-iframe-embedding-platform-released-on-the-underground-marketplace/




*** IBM Tivoli Netcool/System Service Monitor Multiple OpenSSL Vulnerabilities ***
---------------------------------------------
IBM Tivoli Netcool/System Service Monitor Multiple OpenSSL Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/53720




*** Apache Subversion Hook Scripts Arbitrary Command Injection Vulnerability ***
---------------------------------------------
Apache Subversion Hook Scripts Arbitrary Command Injection Vulnerability
---------------------------------------------
https://secunia.com/advisories/53727




*** Apache Subversion svnserve and FSFS Repositories Denial of Service Vulnerabilities ***
---------------------------------------------
Apache Subversion svnserve and FSFS Repositories Denial of Service Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/53692




*** Researchers Infect iOS Devices With Malware Via Malicious Charger ***
---------------------------------------------
Sparrowvsrevolution writes "At the upcoming Black Hat security conference in late July, three researchers at the Georgia Institute of Technology plan to show off a proof-of-concept charger that they say can be used to invisibly install malware on a device running the latest version of Apples iOS. A description of their talk posted to the conference website describes how they were able to install whatever malware they wished on an Apple device within a minute of the user plugging it into...
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/3xY6_Bverd0/story01.htm




*** Multiple vulnerabilities in Typo3 extensions ***
---------------------------------------------
SQL Injection vulnerability in extension Multishop: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009-1/ Several vulnerabilities in third party extensions: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-007/ Security Bypass Vulnerability in extension powermail: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-006/
---------------------------------------------
http://typo3.org/teams/security/security-bulletins/




*** Erneut Sicherheitslücke bei ClickandBuy ***
---------------------------------------------
Die neue Schwachstelle lauerte auf der Hilfe-Seite für Kunden. Schon einmal hatte der Online-Bezahldienstleister ClickandBuy mit einer XSS-Lücke zu kämpfen.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Erneut-Sicherheitsluecke-bei-ClickandBuy-1874953.html




*** IBM DB2 / DB2 Connect Global Security Toolkit SSL Information Disclosure Weakness ***
---------------------------------------------
IBM DB2 / DB2 Connect Global Security Toolkit SSL Information Disclosure Weakness
---------------------------------------------
https://secunia.com/advisories/53696




*** IBM DB2 / DB2 Connect db2aud Privilege Escalation Vulnerability ***
---------------------------------------------
IBM DB2 / DB2 Connect db2aud Privilege Escalation Vulnerability
---------------------------------------------
https://secunia.com/advisories/52663




*** TYPO3 jQuery Autocomplete for indexed_search Extension SQL Injection Vulnerability ***
---------------------------------------------
TYPO3 jQuery Autocomplete for indexed_search Extension SQL Injection Vulnerability
---------------------------------------------
https://secunia.com/advisories/53633


More information about the Daily mailing list