[CERT-daily] Tageszusammenfassung - Dienstag 25-03-2014

Tue Mar 25 18:07:22 CET 2014

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 24-03-2014 18:00 − Dienstag 25-03-2014 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

*** Microsoft Security Advisory (2953095): Vulnerability in Microsoft Word Could Allow Remote Code Execution - Version: 1.0 ***
---------------------------------------------
Microsoft is aware of a vulnerability affecting supported versions of Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. 
---------------------------------------------
http://technet.microsoft.com/en-us/security/advisory/2953095


*** Security Advisory 2953095: recommendation to stay protected and for detections ***
---------------------------------------------
Today, Microsoft released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. This blog will discuss mitigations and temporary defensive strategies that will help customers to protect themselves while we are working on a security update. This blog also provides some preliminary details of the exploit code observed in the wild.   Mitigations and Workaround The in the wild
---------------------------------------------
http://blogs.technet.com/b/srd/archive/2014/03/24/security-advisory-2953095-recommendation-to-stay-protected-and-for-detections.aspx


*** [dos] - Windows Media Player 11.0.5721.5230 - Memory Corruption PoC ***
---------------------------------------------
#[+] Exploit Title: Windows Media Player 11.0.5721.5230 Memory Corruption PoC
#[+] Date: 22-03-2014
#[+] Category: DoS/PoC
#[+] Tested on: WinXp/Windows 7 Pro
---------------------------------------------
http://www.exploit-db.com/exploits/32477


*** Security Notice- Allegro RomPager Information Disclosure Vulnerability in Multiple Huawei Routers ***
---------------------------------------------
Huawei has noticed an information disclosure vulnerability on the RomPager embedded web server, which is developed by Allegro. The vulnerability affects Huawei HG520c, MT880, and MT886 access routers. 
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-330381.htm


*** Bugtraq: Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti ***
---------------------------------------------
Summary:
Three vulnerabilities were found in cacti version 0.8.7g.
The vulnerabilities are:
1) Stored Cross-Site Scripting (XSS) (via URL)
2) Missing CSRF (Cross-Site Request Forgery) token allows execution of arbitrary commands
3) The use of exec-like function calls without safety checks allow arbitrary commands
---------------------------------------------
http://www.securityfocus.com/archive/1/531588


*** Bugtraq: Deutsche Telekom CERT Advisory [DTC-A-20140324-003] vulnerabilities in icinga ***
---------------------------------------------
Two vulnerabilities were found in icinga version 1.9.1.
These vulnerabilities are:
1) several buffer overflows
2) Off-by-one memory access
---------------------------------------------
http://www.securityfocus.com/archive/1/531593


*** Bugtraq: Deutsche Telekom CERT Advisory [DTC-A-20140324-002] vulnerabilities in check_mk ***
---------------------------------------------
Several vulnerabilities were found in check_mk version 1.2.2p2.
The vulnerabilities are:
1 - Reflected Cross-Site Scripting (XSS)
2 - Stored Cross-Site Scripting (XSS) (via URL)
3 - Stored Cross-Site Scripting (XSS) (via external data, no link necessary)
4 - Stored Cross-Site Scripting (XSS) (via external data on service port, no link necessary)
5 - Missing CSRF (Cross-Site Request Forgery) token allows execution of arbitrary commands
6 - Multiple use of exec-like function calls which allow arbitrary commands
7 - Deletion of arbitrary files
---------------------------------------------
http://www.securityfocus.com/archive/1/531594


*** Net-snmp snmptrapd Community String Processing Lets Remote Users Deny Service ***
---------------------------------------------
A remote user can send a specially crafted SNMP trap request with an empty community string to trigger a flaw in newSVpv() and cause the target snmptrapd service to crash.
Systems with the Perl handler enabled are affected.
---------------------------------------------
http://www.securitytracker.com/id/1029950


*** Trojan.PWS.OSMP.21 infects payment terminals ***
---------------------------------------------
March 25, 2014 Home users aren't the only ones being targeted by today's threats - various financial organisations are receiving their own share of attention from criminals who are crafting malicious applications for ATMs and payment terminals. Doctor Web has issued a warning regarding one such Trojan, namely, Trojan.PWS.OSMP.21. This malware is infecting the terminals of a major Russian payment system.
---------------------------------------------
http://news.drweb.com/show/?i=4259&lng=en&c=9


*** RSA BSAFE Micro Edition Suite (MES) 4.0.x Denial Of Service ***
---------------------------------------------
Summary:
RSA BSAFE MES 4.0.5 contains fix for a security vulnerability that could potentially be exploited by malicious users to
deny access to the affected system.
Details:
This vulnerability may cause unpredictable application behavior resulting in a server crash due to faulty certificate
chain processing logic.
---------------------------------------------
http://cxsecurity.com/issue/WLB-2014030193


*** PHP Fileinfo libmagic AWK File Processing Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability has been reported in PHP, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the libmagic library bundled in the Fileinfo extension when processing certain AWK scripts, which can be exploited to cause excessive CPU resources consumption via a specially crafted AWK script file.
---------------------------------------------
https://secunia.com/advisories/57564


*** OpenVZ update for kernel ***
---------------------------------------------
OpenVZ has issued an update for kernel. This fixes multiple vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system.
---------------------------------------------
https://secunia.com/advisories/57573


*** Password Hashing Competition ***
---------------------------------------------
Theres a private competition to identify new password hashing schemes. Submissions are due at the end of the month.
---------------------------------------------
https://www.schneier.com/blog/archives/2014/03/password_hashin.html