[CERT-daily] Tageszusammenfassung - Dienstag 14-01-2014

Daily end-of-shift report team at cert.at
Tue Jan 14 18:08:54 CET 2014 

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 13-01-2014 18:00 − Dienstag 14-01-2014 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner

*** HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS) ***
---------------------------------------------
A potential security vulnerability has been identified with HP-UX running NTP. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04084148




*** Security: Mathematische Formel für den Cyberwar ***
---------------------------------------------
Zwei Wissenschaftler aus den USA haben eine Formel entwickelt, mit sie ausrechnen können, wann der beste Zeitpunkt ist, um einen Cyberangriff auf ein bestimmtes Ziel mit bestimmten Mitteln durchzuführen. (Cyberwar, Security)
---------------------------------------------
http://www.golem.de/news/security-mathematische-formel-fuer-den-cyberwar-1401-103894-rss.html




*** Router-Backdoor: Cisco, Netgear und Linksys versprechen Schutz ***
---------------------------------------------
Erst Ende Januar will Cisco ein Update liefern, das die in einigen Geraten gefundene Hintertür beseitigt; Netgear und Linksys nennen noch keinen Termin. Support-Anfragen zeigen, dass die Hintertür seit mindestens 10 Jahren aktiv ist.
---------------------------------------------
http://www.heise.de/security/meldung/Router-Backdoor-Cisco-Netgear-und-Linksys-versprechen-Schutz-2084884.html




*** Spamming and scanning botnets - is there something I can do to block them from my site?, (Tue, Jan 14th) ***
---------------------------------------------
Spamming and scanning botnets - is there something I can do to block them from my site?    This question keeps popping up on forums and all places popular with those beleaguer souls despondent of the random spamming and over filled logs from scanning. Although this isnt a Magic ball question answer does come out a: Maybe, Maybe not.    The reason behind the ambiguity is logical, to a degree; it's easy trying to hinder, frustrate and reduce the effectiveness of automated botnet processes,
---------------------------------------------
http://isc.sans.edu/diary.html?storyid=17426&rss




*** ISC BIND NSEC3-Signed Zones Queries Handling Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when handling queries for NSEC3-signed zones and can be exploited to cause a crash with an "INSIST" failure by sending a specially crafted query.
Successful exploitation requires an authoritative nameservers serving at least one NSEC3-signed zone.
---------------------------------------------
https://secunia.com/advisories/56427

More information about the Daily mailing list