[CERT-daily] Tageszusammenfassung - Montag 30-09-2013

Mon Sep 30 18:04:36 CEST 2013

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 27-09-2013 18:00 − Montag 30-09-2013 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

*** IBM WebSphere DataPower XC10 unauthorized access ***
---------------------------------------------
An unspecified vulnerability in IBM WebSphere DataPower could allow unauthenticated access to administrative operations and data.
---------------------------------------------
http://xforce.iss.net/xforce/xfdb/87299


*** Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599) ***
---------------------------------------------
Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-0585, CVE-2013-3034, CVE-2013-3040 and CVE-2013-0599)  CVE(s): CVE-2013-0585 , CVE-2013-3034 , CVE-2013-3040 , CVE-2013-0599, CVE-2013-0585, CVE-2013-3034, CVE-2013-3040, and CVE-2013-0599  Affected product(s) and affected version(s): IBM InfoSphere Information Server versions 8.1, 8.5, 8.7, 9.1.0, and 9.1.2 running on all platforms   
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_security_vulnerabilities_exist_in_ibm_infosphere_information_server_cve_2013_0585_cve_2013_3034_cve_2013_3040_and_cve_2013_05992?lang=en_us


*** Security Bulletin: Vulnerability in IBM Rational ClearQuest Web Client with potential for JSON Hijacking Attack (CVE-2013-3041) ***
---------------------------------------------
A JSON Hijacking Attack vulnerability exists in IBM Rational ClearQuest Web Client.  CVE(s): CVE-2013-3041  Affected product(s) and affected version(s): Upgrade to IBM Rational ClearQuest version: 7.1.2.12, 8.0.0.8, or 8.0.1.1   Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21648086 X-Force Database: http://xforce.iss.net/xforce/xfdb/84724
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_vulnerability_in_ibm_rational_clearquest_web_client_with_potential_for_json_hijacking_attack_cve_2013_3041?lang=en_us


*** Security Bulletin: Vulnerability in IBM Rational ClearQuest Web Client with potential for Cross-Site Request Forgery (CVE-2013-0598) ***
---------------------------------------------
A Cross-Site Request Forgery (CSRF) Attack vulnerability exists in IBM Rational ClearQuest Web Client   CVE(s): CVE-2013-0598  Affected product(s) and affected version(s): Rational ClearQuest Web v7.1 through 7.1.2.10, v8.0 through 8.0.0.7, and v8.0.1  Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21648665 X-Force Database: http://xforce.iss.net/xforce/xfdb/83611
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_vulnerability_in_ibm_rational_clearquest_web_client_with_potential_for_cross_site_request_forgery_cve_2013_0598?lang=en_us


*** Security Bulletin: Multiple JRE vulnerabilities addressed in IBM Sterling Secure Proxy (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169) ***
---------------------------------------------
The IBM JRE embedded in the IBM Sterling Secure Proxy Configuration Manager has security vulnerabilities that affect SSL connections to the configuration GUI.   CVE(s): CVE-2013-0440, CVE-2013-0443, and CVE-2013-0169  Affected product(s) and affected version(s): Sterling Secure Proxy 3.4.1 Sterling Secure Proxy 3.4.0 Sterling Secure Proxy 3.3.01  Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:
---------------------------------------------
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_jre_vulnerabilities_addressed_in_ibm_sterling_secure_proxy_cve_2013_0440_cve_2013_0443_cve_2013_0169?lang=en_us


*** As Hurricane Season Looms, Its Disaster-Preparedness Time ***
---------------------------------------------
Nervals Lobster writes "In 2012, hurricane Sandy smacked the East Coast and did significant damage to New Jersey, New York City, and other areas. Flooding knocked many datacenters in Manhattan offline, temporarily taking down a whole lot of Websites in the process. Now that fall (and the tail end of hurricane season) is upon us again, any number of datacenters and IT companies are probably looking over their disaster-preparedness checklists in case another storm comes barreling through.
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/fMCJ586KPYE/story01.htm


*** Internet-Ombudsmann warnt vor Onlineshop-Falle ***
---------------------------------------------
Der österreichische Internet-Ombudsmann warnt vor der Firma Factory Store OHG, da sie angeblich Kunden mit günstigen Angeboten in eine Falle lockt.
---------------------------------------------
http://www.heise.de/security/meldung/Internet-Ombudsmann-warnt-vor-Onlineshop-Falle-1969291.html


*** Gesicherte BlackBerrys in Deutschland zugelassen ***
---------------------------------------------
Ein vom Düsseldorfer Anbieter Secusmart abgesichertes BlackBerry-Modell wurde in Deutschland die Zulassung für den Dienstgebrauch in Regierungsbehörden erteilt.
---------------------------------------------
http://futurezone.at/digital-life/gesicherte-blackberrys-in-deutschland-zugelassen/28.955.419


*** ReadMore CMS Multiple Vulnerability ***
---------------------------------------------
Topic: ReadMore CMS Multiple Vulnerability 
Risk: Medium
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013090190


*** Metasploit creator seeks crowds help for vuln scanning ***
---------------------------------------------
Project Sonar combines tools, data and research Security outfit Rapid7 has decided that theres just too much security vulnerability information out there for any one group to handle, so its solution is to try and crowd-source the effort.…
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2013/09/30/hd_more_seeks_crowd_help_for_vuln_scanning/


*** The Ghost in the (Portable) Machine: Securing Mobile Banking ***
---------------------------------------------
Online banking is one of the many tasks that have been made more convenient by mobile technology. Now, users can purchase products and/or services, pay their bills and manage their finances from anywhere, and anytime. However, there are threats against mobile banking exist, which need to be addressed and secured against. Some of these threats […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroThe Ghost in the (Portable) Machine: Securing Mobile Banking
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/ftep24zpfWE/


*** Wordpress 3.7 Beta 1 verspricht mehr Sicherheit ***
---------------------------------------------
Das Wordpress-Projekt hat beschlossen, den Release-Zyklus für Version 3.7 zu verkürzen und bereits die erste Betaversion veröffentlicht. Wordpress 3.7 Beta 1 bringt vor allem einige neue Funktionen, die die Sicherheit der Blog-Software erhöhen sollen.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Wordpress-3-7-Beta-1-verspricht-mehr-Sicherheit-1969473.html


*** Bugtraq: [IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert ***
---------------------------------------------
PHP Net_IDNA is a class to convert between the Punycode and Unicode formats. Punycode is a standard described in RFC 3492 and part of IDNA
(Internationalizing Domain Names in Applications [RFC3490]) . This class allows PHP scripts to convert these domain names without having one of
the PHP extensions installed. It supports both IDNA 2003 and IDNA 2008.
---------------------------------------------
http://www.securityfocus.com/archive/1/528934


*** Sicherheit von SHA-3 angeblich verringert ***
---------------------------------------------
Forscher werfen dem NIST vor, den SHA-3-Algorithmus Keccak für die Standardisierung durch Modifikationen unsicherer zu machen. Sichere Hashverfahren werden insbesondere für digitale Signaturen und Integritätschecks von Software benötigt.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Kryptographie-NIST-will-angeblich-Sicherheit-von-SHA-3-schmaelern-1969456.html


*** Emerson Multiple Products Security Issue and Arbitrary Code Execution Vulnerability ***
---------------------------------------------
Emerson Multiple Products Security Issue and Arbitrary Code Execution Vulnerability
---------------------------------------------
https://secunia.com/advisories/54936


*** Needle in a Haystack: Detecting Zero-Day Attacks ***
---------------------------------------------
People often ask me what differentiates FireEye from its rivals. The real question is “What should I look for in a solution to advanced persistent threats, regardless of the provider?” (And while I can rattle off a long list of … Continue reading →
---------------------------------------------
http://www.fireeye.com/blog/corporate/2013/09/needle-in-a-haystack-detecting-zero-day-attacks.html


*** 7 Sneak Attacks Used By Todays Most Devious Hackers ***
---------------------------------------------
Here are some of the latest techniques of note that have piqued my interest as a security researcher and the lessons learned. Some stand on the shoulders of past malicious innovators, but all are very much in vogue today as ways to rip off even the savviest users.
---------------------------------------------
http://www.cio.com/article/740598/7_Sneak_Attacks_Used_By_Today_s_Most_Devious_Hackers?taxonomyId=3089


*** Apache Camel Simple Language Expression Arbitrary Code Execution Vulnerability ***
---------------------------------------------
A vulnerability has been reported in Apache Camel, which can be exploited by malicious users to compromise an application using the framework.
---------------------------------------------
https://secunia.com/advisories/54888