[CERT-daily] Tageszusammenfassung - Freitag 29-11-2013

Daily end-of-shift report team at cert.at
Fri Nov 29 18:07:34 CET 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 28-11-2013 18:00 − Freitag 29-11-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** Stealing Credit Cards - A WordPress and vBulletin Hack ***
---------------------------------------------
What better way to celebrate Thanksgiving than to share an interesting case that involves two of the most popular CMS applications out there - vBulletin and WordPress. Here is a real case that we just worked on this week, involving an attacker dead set on stealing credit card information. Enjoy! The Environment The client runs...
---------------------------------------------
http://blog.sucuri.net/2013/11/stealing-credit-cards-a-wordpress-and-vbulletin-hack.html




*** JPEG Files Used For Targeted Attack Malware ***
---------------------------------------------
We recently came across some malware of the SOGOMOT and MIRYAGO families that update themselves in an unusual way: they download JPEG files that contain encrypted configuration files/binaries. Not only that, we believe that this activity has been ongoing since at least the middle of 2010. A notable detail of the malware we came across...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/l94pQWbJ28g/




*** Security Bulletin: IBM BladeCenter Advanced Management Module Account Information Exposure (CVE-2013-6718) ***
---------------------------------------------
An interface on the IBM BladeCenter Advanced Management Module (AMM) may expose user account names and passwords that have been configured on that AMM.    CVE(s): CVE-2013-6718    Affected product(s) and affected version(s):  These IBM BladeCenter Advanced Management Module Firmware versions are affected:   v3.64B (BPET64B, BBET64B, and BPEO64B)  v3.64C (BPET64C, BBET64C, and BPEO64C)  v3.64G (BPET64G, BBET64G, and BPEO64G)   This applies to the following hardware products:   BladeCenter
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_bladecenter_advanced_management_module_account_information_exposure_cve_2013_6718?lang=en_us




*** Google Android com.android.settings Lets Local Applications Remove Device Locks ***
---------------------------------------------
http://www.securitytracker.com/id/1029410




*** Cisco IOS XR SNMP Memory Leak Lets Remote Users Deny Service ***
---------------------------------------------
http://www.securitytracker.com/id/1029408




*** Cisco IOS XE MPLS Processing Flaw Let Remote Users Deny Service ***
---------------------------------------------
http://www.securitytracker.com/id/1029407




*** Joomla! All Video Share Component "avssearch" SQL Injection Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/55888




*** FFmpeg Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/55802




*** WordPress Highlight - Powerful Premium Theme Arbitrary File Upload Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/55671




*** WordPress Store Locator Plugin Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/55276


More information about the Daily mailing list