[CERT-daily] Tageszusammenfassung - Mittwoch 19-06-2013

Daily end-of-shift report team at cert.at
Wed Jun 19 18:10:17 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 18-06-2013 18:00 − Mittwoch 19-06-2013 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter




*** Sybase EAServer Multiple Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities have been reported in Sybase EAServer, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/53733




*** Java SE Critical Patch Update - June 2013 ***
---------------------------------------------
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 40 new security fixes across Java SE products of which 4 are applicable to server deployments of Java.
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html




*** Java 7 update 25 released (Tue, Jun 18th) ***
---------------------------------------------
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=16025




*** Critical Update Plugs 40 Security Holes in Java ***
---------------------------------------------
Oracle today released a critical patch update for its Java software that fixes at least 40 security vulnerabilities in this widely deployed program and browser plugin. Updates are available for Java 7 on both Mac and Windows.
---------------------------------------------
https://krebsonsecurity.com/2013/06/critical-update-plugs-40-security-holes-in-java/




*** Siemens WinCC 7.2 Multiple Vulnerabilities ***
---------------------------------------------
This advisory provides mitigation details for vulnerabilities that impact the Siemens WinCC Web Navigator 7.2.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-13-169-02




*** Remote code execution vuln appears in Puppet ***
---------------------------------------------
Big trouble in automated clouds - Puppet Labs has blasted out a security advisory about a vulnerability in the popular infrastructure management tool Puppet.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/06/18/puppet_security_vuln/




*** Solaris 10 patch cluster File clobbering vulnerability ***
---------------------------------------------
Topic: Solaris 10 patch cluster File clobbering vulnerability Risk: Medium Text:File clobbering vulnerability in Solaris 10 patch cluster 3/27/2013 Larry W. Cashdollar @_larry0 Hello, The 147147-2...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013060154




*** Joomla 1.5.26, 2.5.11, 3.1.1 crypto vulnerability ***
---------------------------------------------
Topic: Joomla 1.5.26, 2.5.11, 3.1.1 crypto vulnerability Risk: Medium Text:# Vulnerable Application All current and past versions of Joomla (http://www.joomla.org) up to 1.5.26, 2.5.11, 3.1.1. Also th...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013060146




*** Symantec Endpoint Protection Manager Buffer Overflow Vulnerability ***
---------------------------------------------
A vulnerability has been reported in Symantec Endpoint Protection Manager, which can be exploited by malicious people to compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/53864




*** Angestellte wollen Hilfe bei IT-Sicherheit ***
---------------------------------------------
Der Umgang mit Informationstechnik gehört auch für Angestellte in kleinen und mittelständischen Unternehmen zum täglichen Alltag. Einer Studie zufolge fühlten sie sich bei dieser Aufgabe jedoch vielfach alleingelassen.
---------------------------------------------
http://futurezone.at/b2b/16584-angestellte-wollen-hilfe-bei-it-sicherheit.php?rss=fuzo


More information about the Daily mailing list