[CERT-daily] Tageszusammenfassung - Dienstag 24-09-2013

Tue Sep 24 18:10:29 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 23-09-2013 18:00 − Dienstag 24-09-2013 18:00
Handler:     L. Aaron Kaplan
Co-Handler:  L. Aaron Kaplan

*** ICS Vendor Fixes Hard-Coded Credential Bugs Nearly Two Years After Advisory ***
---------------------------------------------
Nearly two years after a security researcher published details of the hard-coded credentials that ship with a slew of industrial control system products made by Schneider Electric, the company has released updated firmware that fix the problems. The vulnerabilities, which were discovered by researcher Ruben Santamarta and published in December 2011, affect dozens of products 
---------------------------------------------
http://threatpost.com/ics-vendor-fixes-hard-coded-credential-bugs-nearly-two-years-after-advisory/102391


*** Security Bulletin: Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2013-4025, CVE-2013-4024, CVE-2013-4022) ***
---------------------------------------------
Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows which could allow an attacker to view sensitive information or perform actions as a compromised user.    CVE(s):  CVE-2013-4025, CVE-2013-4024, CVE-2013-4022  Affected product(s) and affected version(s): IBM Data Studio Web Console versions v3.1.x Optim Performance Manager for DB2 on LUW v5.1.x IBM InfoSphere
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_vulnerabilities_exist_in_ibm_data_studio_web_console_optim_performance_manager_ibm_infosphere_optim_configuration_manager_and_db2_recovery_expert_for_linux_unix_and_wind


*** Vuln: Moodle CVE-2013-4313 SQL Injection Vulnerability ***
---------------------------------------------
Moodle CVE-2013-4313 SQL Injection Vulnerability
---------------------------------------------
http://www.securityfocus.com/bid/62410


*** Citrix XenClient XT Multiple Vulnerabilities ***
---------------------------------------------
Citrix XenClient XT Multiple Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/54625


*** Cybercriminals experiment with Android compatible, Python-based SQL injecting releases ***
---------------------------------------------
Throughout the years, cybercriminals have been perfecting the process of automatically abusing Web application vulnerabilities to achieve their fraudulent and malicious objectives. From the utilization of botnets and search engines to perform active reconnaissance, the general availability of DIY mass SQL injecting tools as well as proprietary malicious script injecting exploitation platforms, the results have been evident ever since in the form of tens of thousands of affected Web sites on a
---------------------------------------------
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/uFxqe3lj6ak/


*** Joomla JVideoClip Blind SQL Injection ***
---------------------------------------------
Topic: Joomla JVideoClip Blind SQL Injection Risk: Medium Text: == Joomla Component com_jvideoclip (cid|uid|id) Blind SQL Injection / SQL Injection ...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013090161


*** WordPress fGallery_Plus Cross Site Scripting ***
---------------------------------------------
Topic: WordPress fGallery_Plus Cross Site Scripting Risk: Low Text: # Iranian Exploit DataBase Forum # http://iedb.ir/acc # http://iedb...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013090160


*** AspxCommerce 2.0 Shell Upload ***
---------------------------------------------
Topic: AspxCommerce 2.0 Shell Upload Risk: High Text:# Exploit Title: AspxCommerce v2.0 - Arbitrary File Upload Vulnerability # Exploit Author: SANTHO (@s4n7h0) # Vendor Homepage...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013090159


*** H1 2013 Threat Report ***
---------------------------------------------
Our H1 2013 Threat Report is now online:Youll find it as well as our previous reports  available for download: here. On 24/09/13 At 06:57 AM
---------------------------------------------
http://www.f-secure.com/weblog/archives/00002611.html


*** Attacks Using Microsoft IE Exploit Tied to Hacking Crew Linked to Bit9 Breach ***
---------------------------------------------
Security researchers at FireEye have observed a campaign targeting organizations in Japan that is leveraging the Internet Explorer zero-day Microsoft warned users about last week. The campaign has been dubbed Operation DeputyDog, and is believed to have begun as early as August 19. According to FireEye, the attackers behind the operation may be the same ones involved in last years attack on Bit9  a group researchers at Symantec recently identified as a hacking crew called Hidden Lynx
---------------------------------------------
http://www.securityweek.com/attacks-using-microsoft-ie-exploit-tied-hacking-crew-linked-bit9-breach


*** D-Link DSL-2740B Router Cross-Site Request Forgery Vulnerability ***
---------------------------------------------
D-Link DSL-2740B Router Cross-Site Request Forgery Vulnerability
---------------------------------------------
https://secunia.com/advisories/54795


*** Blog: Exposing the security weaknesses we tend to overlook ***
---------------------------------------------

---------------------------------------------
http://www.securelist.com/en/blog/8132/Exposing_the_security_weaknesses_we_tend_to_overlook


*** Cyberwar gegen das Heidiland - Protokoll einer Attacke ***
---------------------------------------------
Sie versuchen Beweise zu zerstören. Der IT-Forensiker ist seit Wochen auf der Fährte von Hackern, die eine der grössten Cyberattacken weltweit lanciert haben. Eine Offensive gegen militärische und zivile Ziele. Gegen einen Telekommunikationskonzern in Norwegen, gegen den Autohersteller Porsche, einen internationalen Flughafen in Indien und politische Gruppierungen in Pakistan.
---------------------------------------------
http://www.sonntagszeitung.ch/wirtschaft/artikel-detailseite/?newsid=262774


*** "3": Schwere Sicherheitslücke ermöglichte Zugriff auf Kundendaten ***
---------------------------------------------
Fehlerhafte Passwortröcksetzung erlaubte unter anderem Zugriff auf Kontaktdaten und Sprachnachrichten
---------------------------------------------
http://derstandard.at/1379291849554


*** Inoffizielle iMessage-App für Android schürt Sicherheitsbedenken ***
---------------------------------------------
App soll Kommunikation über Server in China leiten - User werden vor Nutzung gewarnt
---------------------------------------------
http://derstandard.at/1379291880414


*** TRENDnet Multiple Products libupnp Buffer Overflow Vulnerabilities ***
---------------------------------------------
TRENDnet Multiple Products libupnp Buffer Overflow Vulnerabilities
---------------------------------------------
https://secunia.com/advisories/54762


*** [remote] - Raidsonic NAS Devices Unauthenticated Remote Command Execution ***
---------------------------------------------
Raidsonic NAS Devices Unauthenticated Remote Command Execution
---------------------------------------------
http://www.exploit-db.com/exploits/28508


*** [local] - IBM AIX 6.1 / 7.1 - Local root Privilege Escalation ***
---------------------------------------------
IBM AIX 6.1 / 7.1 - Local root Privilege Escalation
---------------------------------------------
http://www.exploit-db.com/exploits/28507


*** Tenable SecurityCenter "message" Cross-Site Scripting Vulnerability ***
---------------------------------------------
Tenable SecurityCenter "message" Cross-Site Scripting Vulnerability
---------------------------------------------
https://secunia.com/advisories/54997


*** IBM Rational ClearCase / ClearQuest GSKit Information Disclosure Weakness ***
---------------------------------------------
IBM Rational ClearCase / ClearQuest GSKit Information Disclosure Weakness
---------------------------------------------
https://secunia.com/advisories/54928


*** 7 Characteristics of a Secure Mobile App ***
---------------------------------------------
Keeping a mobile application secure is tough, but not impossible, and certain aspects of session management can go a long way in helping.
---------------------------------------------
http://www.csoonline.com/article/740266/7-characteristics-of-a-secure-mobile-app?source=rss_application_security