[CERT-daily] Tageszusammenfassung - Mittwoch 9-04-2014

Daily end-of-shift report team at cert.at
Wed Apr 9 18:07:46 CEST 2014


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 08-04-2014 18:00 − Mittwoch 09-04-2014 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

*** Security updates available for Adobe Flash Player (APSB14-09) ***
---------------------------------------------
A Security Bulletin (APSB14-09) has been published regarding security updates for Adobe Flash Player. These updates address critical vulnerabilities, and Adobe recommends users update their product installations to the latest versions using the instructions referenced in the security bulletin.
---------------------------------------------
http://blogs.adobe.com/psirt/?p=1081





*** Assessing risk for the April 2014 security updates ***
---------------------------------------------
Today we released four security bulletins addressing 11 unique CVE’s. Two bulletins have a maximum severity rating of Critical while the other two have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.
---------------------------------------------
http://blogs.technet.com/b/srd/archive/2014/04/08/assessing-risk-for-the-april-2014-security-updates.aspx




*** Summary for April 2014 - Version: 1.0 ***
---------------------------------------------
 * Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution
 * Cumulative Security Update for Internet Explorer
 * Vulnerability in Windows File Handling Component Could Allow Remote Code Execution
 * Vulnerability in Microsoft Publisher Could Allow Remote Code Execution 
---------------------------------------------
http://technet.microsoft.com/en-ca/security/bulletin/ms14-apr




*** WordPress 3.8.2 Security Release ***
---------------------------------------------
WordPress 3.8.2 is now available. This is an important security release for all previous versions and we strongly encourage you to update your sites immediately.
This releases fixes a weakness that could let an attacker force their way into your site by forging authentication cookies
---------------------------------------------
http://wordpress.org/news/2014/04/wordpress-3-8-2/




*** OSISoft PI Interface for DNP3 Improper Input Validation ***
---------------------------------------------
OVERVIEWAdam Crain of Automatak and Chris Sistrunk, Sr. Consultant for Mandiant, have identified an improper input validation vulnerability in the OSIsoft PI Interface for DNP3 product. OSIsoft has produced an update that mitigates this vulnerability. OSIsoft and Automatak have tested the new version to validate that it resolves the vulnerabilityThis vulnerability can be remotely exploited.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-098-01




*** WellinTech KingSCADA Stack-Based Buffer Overflow ***
---------------------------------------------
An anonymous researcher working with HP’s Zero Day Initiative has identified a stack-based buffer overflow in the WellinTech KingSCADA Stack. WellinTech has produced a patch that mitigates this vulnerability.This vulnerability could be exploited remotely.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02





*** OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products ***
---------------------------------------------
Multiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed




*** The April 2014 Security Updates ***
---------------------------------------------
Today, we release four bulletins to address 11 CVEs in Microsoft Windows, Internet Explorer and Microsoft Office. 
---------------------------------------------
http://blogs.technet.com/b/msrc/archive/2014/04/08/the-april-2014-security-updates.aspx




*** Heartbleed SSL-GAU: Neue Zertifikate braucht das Land ***
---------------------------------------------
Ein simples Update reicht nicht: Nach der OpenSSL-Lücke müssen Serverbetreiber Zertifikate austauschen. Bei manchen CAs geht das kostenlos, andere Zertifikats-Anbieter und Hoster belassen es bei Warnungen.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Heartbleed-SSL-GAU-Neue-Zertifikate-braucht-das-Land-2166639.html/from/rss09?wt_mc=rss.ho.beitrag.rdf




*** Juniper SSL VPN (IVEOS) OpenSSL TLS Heartbeat Information Disclosure Vulnerability ***
---------------------------------------------
Juniper has acknowledged a vulnerability in Juniper SSL VPN (IVEOS), which can be exploited by malicious people to disclose potentially sensitive information.
---------------------------------------------
https://secunia.com/advisories/57758




*** Bugtraq: CVE-2014-0160 mitigation using iptables ***
---------------------------------------------
Following up on the CVE-2014-0160 vulnerability, heartbleed. We've created some iptables rules to block all heartbeat queries using the very powerful u32 module.
The rules allow you to mitigate systems that can't yet be patched by blocking ALL the heartbeat handshakes. We also like the capability to log external scanners :)
---------------------------------------------
http://www.securityfocus.com/archive/1/531779




*** Heartbleed vendor notifications, (Wed, Apr 9th) ***
---------------------------------------------
As people are running around having an entertaining day we thought it might be a good idea to keep track of the various vendor notifications. Id like to start a list here and either via comments or sending it let us know of vendor notifications relating to this issue. Please provide comments to the original article relating to the vulnerability itself, and use this post to only provide links to vendor notifications rather than articles etc about the issue.
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=17929&rss




*** Bugtraq: SQL Injection in Orbit Open Ad Server ***
---------------------------------------------
High-Tech Bridge Security Research Lab discovered vulnerability in Orbit Open Ad Server, which can be exploited to perform SQL Injection attacks, alter SQL requests to database of vulnerable application and potentially gain control over the vulnerable website.
---------------------------------------------
http://www.securityfocus.com/archive/1/531781




*** Office für Mac: Update stopft kritische Lücke ***
---------------------------------------------
Mit einer neuen OS-X-Version von Office 2011 hat Microsoft die RTF-Schwachstelle in Word beseitigt. Die Aktualisierung soll verschiedene Probleme in Outlook, Excel und Word beheben.
---------------------------------------------
http://www.heise.de/security/meldung/Office-fuer-Mac-Update-stopft-kritische-Luecke-2166963.html




*** Sophos Web Appliance Security Bypass Vulnerability ***
---------------------------------------------
A vulnerability has been reported in Sophos Web Appliance, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to an unspecified error related to the "Change Password" dialog box and can be exploited to change the administrative password.
---------------------------------------------
https://secunia.com/advisories/57706




*** Security Notice-Statement on OpenSSL Heartbeat Extension Vulnerability ***
---------------------------------------------
Huawei has noticed information regarding OpenSSL heartbeat extension security vulnerability and immediately launched a thorough investigation.
The investigation is still ongoing. Huawei PSIRT will keep updating the SN and will provide conclusions as soon as possible. Please stay tuned.
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-331856.htm






More information about the Daily mailing list