[CERT-daily] Tageszusammenfassung - Freitag 25-04-2014

Fri Apr 25 18:40:57 CEST 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 24-04-2014 18:00 − Freitag 25-04-2014 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Number of Sites Vulnerable to Heartbleed Plunges by Two-Thirds ***
---------------------------------------------
Two weeks ago, we talked about how many sites in the top 1 million domains (as judged by Alexa) were vulnerable to the Heartbleed SSL vulnerability. How do things stand today? Figure 1. Sites vulnerable to Heartbleed as of April 22 Globally, the percentage of sites that is vulnerable to Heartbleed has fallen by two-thirds,...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/qyKz0tQVjAY/


*** Fareit trojan observed spreading Necurs, Zbot and CryptoLocker ***
---------------------------------------------
The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.
---------------------------------------------
http://feedproxy.google.com/~r/SCMagazineHome/~3/XrcbQ8kwwQo/


*** It's Insanely Easy to Hack Hospital Equipment ***
---------------------------------------------
When Scott Erven was given free reign to roam through all of the medical equipment used at a chain of large midwest health care facilities, he knew he would find security problems with the systems -- but he wasnt prepared for just how bad it would be.
---------------------------------------------
http://feeds.wired.com/c/35185/f/661467/s/39be98e1/sc/36/l/0L0Swired0N0C20A140C0A40Chospital0Eequipment0Evulnerable0C/story01.htm


*** Update für Windows 7 außer der Reihe ***
---------------------------------------------
Windows-7-Nutzer bekommen von der Update-Funktion derzeit ein Update mit der Nummer 2952664 angeboten. Irritierend daran: Es erscheint außer der Reihe und Microsoft verrät auch nicht, welche Probleme das Update genau behebt.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Update-fuer-Windows-7-ausser-der-Reihe-2177165.html


*** Acunetix 8 Scanner Buffer overflow ***
---------------------------------------------
Topic: Acunetix 8 Scanner Buffer overflow Risk: High Text:#!/usr/bin/python # Title: Acunetix Web Vulnerability Scanner Buffer Overflow Exploit # Version: 8 # Build: 20120704 # Test...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014040162


*** Security Notice-Statement on Patch Bypassing of Apache Struts2 ***
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-333420.htm


*** Hitachi Multiple Products OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/58022


*** Global Technology Associates GB-OS OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/58007


*** Certec atvise scada OpenSSL Heartbleed Vulnerability ***
---------------------------------------------
Researcher Bob Radvanovsky of Infracritical has notified NCCIC/ICS-CERT that Certec has released new libraries that mitigate the OpenSSL Heartbleed vulnerability in atvise scada.This vulnerability could be exploited remotely. Exploits that target the OpenSSL Heartbleed vulnerability are known to be publicly available.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-114-01


*** Siemens SIMATIC S7-1200 CPU Web Vulnerabilities ***
---------------------------------------------
Siemens ProductCERT and Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training have reported two vulnerabilities in the Siemens SIMATIC S7-1200 CPU family. Siemens has produced a new product release that mitigates these vulnerabilities.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-114-02


*** InduSoft Web Studio Directory Traversal Vulnerability ***
---------------------------------------------
This advisory was originally posted to the US-CERT secure Portal library on April 17, 2014, and is now being released to the NCCIC/ICS-CERT web site.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02


*** Festo CECX-X-(C1/M1) Controller Vulnerabilities ***
---------------------------------------------
K. Reid Wightman of IOActive, Inc. has identified vulnerabilities in Festo’s CECX-X-C1 and CECX-X-M1 controllers. Festo has decided not to resolve these vulnerabilities because of compatibility reasons with existing engineering tools. This places critical infrastructure asset owners using this product at risk. This advisory is being published to alert critical infrastructure asset owners of the risk of using this equipment and for them to increase compensating measures if possible.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01


*** Oracle Solaris ntpd Query Function Lets Remote Users Conduct Amplified Denial of Service Attacks ***
---------------------------------------------
http://www.securitytracker.com/id/1030142


*** Synology DiskStation Manager cUrl Connection Re-use and Certificate Verification Security Issues ***
---------------------------------------------
https://secunia.com/advisories/58145


*** SSA-635659 (Last Update 2014-04-25): Heartbleed Vulnerability in Siemens Industrial Products ***
---------------------------------------------
https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-635659.pdf


*** Halon Security Router Multiple Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/57507


*** HP Security Bulletins ***
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262495
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262472
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03822422
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04263038
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04264271
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04262670