[CERT-daily] Tageszusammenfassung - Donnerstag 7-03-2013

Daily end-of-shift report team at cert.at
Thu Mar 7 18:25:45 CET 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 06-03-2013 18:00 − Donnerstag 07-03-2013 18:00
Handler:     Stephan Richter
Co-Handler:  Otmar Lendl




*** Programm-Aktualisierer für kleine Unternehmen ***
---------------------------------------------
Den Patch-Stand von Microsoft- sowie Drittanbieter-Programmen überprüfen die Werkzeuge von Secunia. Nun gibt es eine Version für KmU.
---------------------------------------------
http://rss.feedsportal.com/c/32407/f/463925/s/2946529e/l/0L0Sheise0Bde0Csecurity0Cmeldung0CProgramm0EAktualisierer0Efuer0Ekleine0EUnternehmen0E18178430Bhtml0Cfrom0Crss0A9/story01.htm




*** D-Link fixes router vulnerabilities very quietly ***
---------------------------------------------
"In November last year D-Link fixed critical vulnerabilities in its cylinder-shaped DIR-645 wireless router, but neglected to let its customers in on the secret. Users looking for firmware updates on D-Links US customer site for the router will come across a version 1. 03, dated 21 November 2012...."
---------------------------------------------
http://www.h-online.com/security/news/item/D-Link-fixes-router-vulnerabilities-very-quietly-1816873.html




*** Vuln: WordPress Events Manager Plugin Multiple Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/bid/57477
http://www.securityfocus.com/archive/1/525914




*** Java pfuscht bei Zertifikatschecks ***
---------------------------------------------
Auf den Seiten der TU Chemnitz platzierten Gauner ein Java-Applet, das Rechner infizierte. Allerdings hätte das trotz digitaler Signatur nicht so einfach funktionieren sollen, weil das Zertifikat bereits gesperrt war. Aber wir reden ja von Oracle.
---------------------------------------------
http://rss.feedsportal.com/c/32407/f/463925/s/29482e3c/l/0L0Sheise0Bde0Csecurity0Cmeldung0CJava0Epfuscht0Ebei0EZertifikatschecks0E18177750Bhtml0Cfrom0Crss0A9/story01.htm




*** IPv6 Focus Month: Guest Diary: Stephen Groat - Geolocation Using IPv6 Addresses, (Wed, Mar 6th) ***
---------------------------------------------
[Guest Diary: Stephen Groat] [Geolocation Using IPv6 Addresses]  Today we bring you a guest diary from Stephen Groat where he speaks about validating that IPv6 address tracking and monitoring are possible.  IPv6 designers developed a technique called stateless address autoconfiguration (SLAAC) to reduce the administrative burden of managing the immense IPv6 address space. To most operating systems current accepted definition of SLAAC, a nodes IPv6 addresss interface identifier (IID), or host...
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=15349&rss




*** Bugtraq: Verax NMS (CVE-2013-1350) (CVE-2013-1631) (CVE-2013-1352 (CVE-2013-1351) ***
---------------------------------------------
http://www.securityfocus.com/archive/1/525907
http://www.securityfocus.com/archive/1/525918
http://www.securityfocus.com/archive/1/525917
http://www.securityfocus.com/archive/1/525916




*** 99 percent of web apps vulnerable to attack ***
---------------------------------------------
"A new Cenzic report demonstrates that the overwhelming presence of web application vulnerabilities remains a constant problem, with an astounding 99 percent of applications tested revealing security risks, while additionally shedding light on pressing vulnerabilities within mobile application security. The report reveals the massive number of vulnerabilities prevalent in web and mobile applications today. It highlights the type, frequency and severity of vulnerabilities found and predicts...
---------------------------------------------
http://www.net-security.org/secworld.php?id=14556




*** Ruby Entity expansion DoS vulnerability in REXML (XML bomb) ***
---------------------------------------------
Topic: Ruby Entity expansion DoS vulnerability in REXML (XML bomb) Risk: Medium Text:http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/ == Unrestricted entity expansion can lead to a DoS vul...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/R4X5eZcZsGY/WLB-2013030060




*** Heads-Up - Cybersecurity directive faces uncertain fate in Parliament ***
---------------------------------------------
"EU attempts to introduce comprehensive new cybersecurity rules risk failure in the European Parliament, where senior administrators doubt the package will pass before the legislatures mandate expires, EurActiv has learned. In addition to the launch of its new over-arching Cybersecurity Strategy, the European Commission last month proposed a Directive with measures to ensure harmonised network and information security across the EU. The proposed legislation will oblige companies to be...
---------------------------------------------
http://www.euractiv.com/specialreport-cybersecurity/cybersecurity-directive-faces-pa-news-518314




*** [TYPO3-announce] Announcing TYPO3 CMS 4.5.25, 4.6.18,	4.7.10 and 6.0.4 ***
---------------------------------------------
The TYPO3 Community has just released TYPO3 CMS versions 4.5.25,
4.6.18, 4.7.10 and 6.0.4, which are now ready for you to download.

These versions are maintenance releases and contain bug fixes only.
All packages fix one regression that has been introduced with the
security releases yesterday:
---------------------------------------------
http://typo3.org/news/article/typo3-cms-4525-4618-4710-and-604-released/
http://typo3.org/download/packages/



*** Cybercriminals Predicted To Expand Use Of Browser Proxies ***
---------------------------------------------
"A technique for controlling a compromised systems browser, widely used in Brazilian banking schemes, will likely become popular amongst global cybercriminals in the next few years, say security experts. The technique abuses a legitimate way to control where a browser sends its requests, known as proxy auto-configuration or PAC, to take over a victims browser and send traffic--say, requests to a bank--to an attacker-controlled server instead. While the attackers still have to find a way to...
---------------------------------------------
http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240150191/cybercriminals-predicted-to-expand-use-of-browser-proxies.html




*** [security bulletin] HPSBMU02849 SSRT101124 rev.1 - HP ServiceCenter, Remote Denial of Service (DoS) ***
---------------------------------------------
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03680085


*** [security bulletin] HPSBPI02851 SSRT101078 rev.1 - Certain HP LaserJet Pro Printers, Unauthorized Access to Data ***
---------------------------------------------
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03684249


More information about the Daily mailing list