[CERT-daily] Tageszusammenfassung - Montag 24-02-2014

Mon Feb 24 18:10:35 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 21-02-2014 18:00 − Montag 24-02-2014 18:00
Handler:     Stephan Richter
Co-Handler:  n/a


*** Researchers Develop Complete Microsoft EMET Bypass ***
---------------------------------------------
Researchers at Bromium Labs are expected to deliver a paper today that explains how they were able to bypass all of the memory protection mitigations in Microsofts Enhanced Mitigation Experience Toolkit
---------------------------------------------
http://threatpost.com/researchers-develop-complete-microsoft-emet-bypass/104437


*** Apples SSL/TLS bug (22 Feb 2014) ***
---------------------------------------------
Yesterday, Apple pushed a rather spooky security update for iOS that suggested that something was horribly wrong with SSL/TLS in iOS but gave no details. Since the answer is at the top of the Hacker News thread, I guess the cats out of the bag already and were into the misinformation-quashing stage now.
---------------------------------------------
https://www.imperialviolet.org/2014/02/22/applebug.html


*** An In-depth Analysis of Linux/Ebury ***
---------------------------------------------
ESET has been analyzing and tracking an OpenSSH backdoor and credential stealer named Linux/Ebury. The result of this work on the Linux/Ebury malware family is part of a joint research effort with CERT‑Bund, the Swedish National Infrastructure for Computing, the European Organization for Nuclear Research (CERN) and other organizations forming an international Working Group.
---------------------------------------------
http://www.welivesecurity.com/2014/02/21/an-in-depth-analysis-of-linuxebury/


*** Microsoft Windows Crash Reports Reveal New APT, POS Attacks ***
---------------------------------------------
You never know what youll glean from a Windows crash report: security researchers recently unearthed a previously unknown advanced persistent threat campaign as well as a new point-of-sale system attack by perusing and analyzing those crash reports also known as Dr. Watson.
---------------------------------------------
http://www.darkreading.com/attacks-breaches/microsoft-windows-crash-reports-reveal-n/240166207


*** NIST Unveils Crypto Standards Proposal ***
---------------------------------------------
Because of concerns of possible National Security Agency meddling with its cryptographic standards, the National Institute of Standards and Technology has issued a draft report proposing revisions in how it develops cryptographic standards.
---------------------------------------------
http://www.govinfosecurity.com/nist-unveils-crypto-standards-proposal-a-6519


*** Freier Zugriff auf Fernsteuerungen für Industrieanlagen ***
---------------------------------------------
Ein Projekt der FU Berlin dokumentiert, dass weltweit tausende Industrieanlagen über das Internet erreichbar, aber nur unzureichend geschützt sind. Es entstand eine interaktive Karte, auf der potenziell angreifbare Anlagen eingezeichnet sind.
---------------------------------------------
http://www.heise.de/security/meldung/Freier-Zugriff-auf-Fernsteuerungen-fuer-Industrieanlagen-2114521.html


*** Security vulnerabilities found in 80% of best-selling SOHO wireless routers ***
---------------------------------------------
Tripwire has analyzed the security provided by the most popular wireless routers used in many small and home offices and found that 80 percent of Amazon's top 25 best-selling SOHO wireless router models have security vulnerabilities.
---------------------------------------------
http://www.net-security.org/secworld.php?id=16399


*** eGroupWare Multiple PHP Object Injection Vulnerabilities ***
---------------------------------------------
https://secunia.com/advisories/57047


*** JBoss RichFaces Malformed Push Request Denial of Service Vulnerability ***
---------------------------------------------
https://secunia.com/advisories/57053


*** Barracuda Firewall Exception Handling Cross Site Scripting ***
---------------------------------------------
Topic: Barracuda Firewall Exception Handling Cross Site Scripting Risk: Low Text:Document Title: Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability References ...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014020186


*** DSA-2866 gnutls26 ***
---------------------------------------------
certificate verification flaw
---------------------------------------------
http://www.debian.org/security/2014/dsa-2866


*** ICONICS GENESIS32 Insecure ActiveX Control ***
---------------------------------------------
NCCIC/ICS-CERT discovered a vulnerability in the ICONICS GENESIS32 application during resolution of unrelated products. ICONICS has produced a patch for all vulnerable versions of its GENESIS32 product. ICONICS GENESIS32 Version 9.0 and newer are not vulnerable to this ActiveX vulnerability.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-14-051-01


*** HPSBMU02964 rev.1 - HP Service Manager, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access, Disclosure of Information and Authentication Issues ***
---------------------------------------------
Potential security vulnerabilities have been identified with HP Service Manager. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, unauthorized access, disclosure of Information, and authentication issues.
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04117626


*** ASUS router drive-by code execution via XSS and authentication bypass ***
---------------------------------------------
Several ASUS routers include reflected Cross-Site Scripting (CWE-79) and authentication bypass (CWE-592) vulnerabilities. An attacker who can lure a victim to browse to a web site containing a specially crafted JavaScript payload can execute arbitrary commands on the router as administrator (root). No user interaction is required.
---------------------------------------------
https://sintonen.fi/advisories/asus-router-auth-bypass.txt