[CERT-daily] Tageszusammenfassung - Freitag 22-03-2013

Daily end-of-shift report team at cert.at
Fri Mar 22 18:04:45 CET 2013


=======================
= End-of-Shift report =
=======================
Timeframe:   Donnerstag 21-03-2013 18:00 − Freitag 22-03-2013 18:00
Handler:     Matthias Fraidl
Co-Handler:  Robert Waldner

*** Symantec Enterprise Vault privilege escalation ***
---------------------------------------------
Symantec Enterprise Vault privilege escalation
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/82989




*** Symantec NetBackup Appliance Management Console Lets Remote Authenticated Users Download Files ***
---------------------------------------------
A vulnerability was reported in Symantec NetBackup Appliance. A remote authenticated user can view files on the target system.
---------------------------------------------
http://www.securitytracker.com/id/1028329




*** Symantec finds Linux wiper malware used in S. Korean attacks ***
---------------------------------------------
"Security vendors analyzing the code used in the cyberattacks against South Korea are finding nasty components designed to wreck infected computers. Tucked inside a piece of Windows malware used in the attacks is a component that erases Linux machines, an analysis from Symantec has found. The malware, which it called Jokra, is unusual, Symantec said.
---------------------------------------------
http://www.csoonline.com/article/730574/symantec-finds-linux-wiper-malware-used-in-s.-korean-attacks




*** LibreOffice 4.0.1.2 Update Spoofing ***
---------------------------------------------
Topic: LibreOffice 4.0.1.2 Update Spoofing Risk: Medium Text:[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2 = Author: Janek Vind "waraxe" Date...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/5kWhqQ69Ci0/WLB-2013030187




*** Joomla Component com_wordpress XSS Vulnerability ***
---------------------------------------------
Topic: Joomla Component com_wordpress XSS Vulnerability Risk: Low Text:# Title : joomla Component com_wordpress XSS Vulnerability # Date: 2013-03-15
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/xJniCtV-cHo/WLB-2013030182




*** Spotted: cybercriminals working on new Western Union based 'money mule management' script ***
---------------------------------------------
By Dancho Danchev Risk-forwarding is an inseparable part of the cybercrime ecosystem. Whether it's the use of malware-infected hosts as stepping-stones, the issuing of License Agreements for your latest rootkit release stating that it's meant to be tested against the customer's own systems you wish or the selling of cheap access to verified PayPal accounts....
---------------------------------------------
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/lnqwrG1Fm4A/




*** EuroForensics 2013: 4th International Forensic Sciences Conference & Exhibition ***
---------------------------------------------
"4th International Forensic Sciences, Cyber Security and Surveillance Technologies Conference & Exhibition takes place in Harbiye Military Museum Istanbul, Turkey 27-29 March 2013. The 4th Euroforensics has been designed as the primary international conference and exhibition for sourcing digital forensics products, equipment and services, and to provide a complete source of education, best practice, training and networking for the entire forensics and security sector and supply chain.
---------------------------------------------
http://www.forensicfocus.com/News/article/sid=2018/




*** IBM Lotus Notes Multiple Vulnerabilities ***
---------------------------------------------
IBM Lotus Notes Multiple Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/52599




*** RealPlayer Heap Overflow in Processing MP4 Lets Remote Users Execute Arbitrary Code ***
---------------------------------------------
A vulnerability was reported in RealPlayer. A remote user can cause arbitrary code to be executed on the target user's system.
---------------------------------------------
http://www.securitytracker.com/id/1028332




*** CoreFTP "DELE" Buffer Overflow Vulnerability ***
---------------------------------------------
CoreFTP "DELE" Buffer Overflow Vulnerability
---------------------------------------------
https://secunia.com/advisories/52736




*** Links im Tarnkleid ***
---------------------------------------------
Der Link soll zu Heise führen, aber dann landet der Nutzer woanders. Der "Mouse-Over"-Test enttarnt die Umleitung nicht. auch ein Blick in den Quellcode hilft nicht gleich weiter. Links lassen sich so manipulieren, dass es im Zweifel zu spät auffällt.
---------------------------------------------
http://www.heise.de/security/meldung/Links-im-Tarnkleid-1828362.html




*** Privacy 101: Skype Leaks Your Location ***
---------------------------------------------
The events of the past week reminded me of a privacy topic Ive been meaning to revisit: That voice-over-IP telephony service Skype constantly exposes your Internet address to the entire world, and that there are now numerous free and commercial tools that can be used to link Skype user account names to numeric Internet addresses.Related Posts:Rogue Antivirus Via Skype Phone Call?Google Adds 1-Time Passwords to Gmail, AppsThe Scrap Value of a Hacked PC, RevisitedEarn a Diploma from Scam UThe
---------------------------------------------
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/pOQV1cF-XH8/




*** Apple Adds Two-Factor Authentication to iTunes Accounts ***
---------------------------------------------
Apple has introduced a new two-factor authentication system designed to help protect users iTunes and App Store accounts and prevent attackers or unauthorized users from taking over users accounts. The system is similar to the one that Google has implemented for Gmail, utilizing verification codes sent via SMS. The move by Apple comes years after Google made the change with Gmail two-factor authentication in response to a series of targeted attacks against Gmail users....
---------------------------------------------
http://threatpost.com/en_us/blogs/apple-adds-two-factor-authentication-itunes-accounts-032213




*** vbulletin 4.1.5 attachment SQLI ***
---------------------------------------------
Topic: vbulletin 4.1.5 attachment SQLI Risk: Medium Text:vbulletin 4.1.5 attachment SQLI examine variables came across sq-injection, as later found to be inherent to all vbulletin ...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/8PX5zvE7-bM/WLB-2013030192




*** vBulletin x.x.x Customer Area 0day ***
---------------------------------------------
Topic: vBulletin x.x.x Customer Area 0day Risk: Medium Text:vBulletin x.x.x Customer Area 0day - vBulletin x.x.x Customer Area 0day Perl script got leaked so decided ...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/nLzgCibjUrQ/WLB-2013030191




*** vBulletin 5.0.0 all Beta releases SQL Injection Exploit 0day ***
---------------------------------------------
Topic: vBulletin 5.0.0 all Beta releases SQL Injection Exploit 0day Risk: Medium Text:vBulletin 5.0.0 all Beta releases SQL Injection Exploit 0day ************************************************** ************...
---------------------------------------------
http://feedproxy.google.com/~r/securityalert_database/~3/ovrdpW5le4o/WLB-2013030193






More information about the Daily mailing list