[CERT-daily] Tageszusammenfassung - Dienstag 18-08-2015

Daily end-of-shift report team at cert.at
Tue Aug 18 18:19:00 CEST 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 17-08-2015 18:00 − Dienstag 18-08-2015 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** Attacking ECMAScript Engines with Redefinition ***
---------------------------------------------
Posted by Natalie Silvanovich = function () { return n; }ECMAScript has a property where almost all functions and variables can be dynamically redefined. This can lead to vulnerabilities in situations where native code assumes a function or variable behaves a certain way when accessed or does not have certain side effects when it can in fact be redefined. Project Zero has discovered 24 vulnerabilities involving ECMAScript redefinition in Adobe Flash in the past few months and similar issues...
---------------------------------------------
http://googleprojectzero.blogspot.com/2015/08/attacking-ecmascript-engines-with.html




*** Tool Tip: Kansa Stafford released, PowerShell for DFIR, (Mon, Aug 17th) ***
---------------------------------------------
In his most recent post, Guy asked Are You a Hunter?. Heres one way to become one. Dave Hull has just published the Stafford release of his exemplary PowerShell DFIR tool, Kansa. For the uninitiated, Kansa is amodular incident response framework in Powershell.(PS v3 or higher preferred)that uses Powershell Remoting to run user contributed modules across hosts in an enterprise to collect data for use during incident response, breach hunts, or for building an environmental baseline. Per Daves...
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20049&rss




*** Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched ***
---------------------------------------------
Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON.
---------------------------------------------
http://threatpost.com/risky-schneider-electric-scada-vulnerabilities-remain-unpatched/114305




*** Ransomware goes OPEN SOURCE in the name of education ***
---------------------------------------------
Won't somebody think of the script kiddies? Turkish security bod Utku Sen has published what appears to be the first open source ransomware that anyone to download and spread.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2015/08/18/ransomware_goes_open_source/




*** How Not to Start an Encryption Company ***
---------------------------------------------
Probably the quickest way for a security company to prompt an overwhelmingly hostile response from the security research community is to claim that its products and services are "unbreakable" by hackers. The second-fastest way to achieve that outcome is to have that statement come from an encryption company CEO who served several years in federal prison for running a $210 million Ponzi scheme. Heres the story of a company that managed to accomplish both at the same time and is now...
---------------------------------------------
http://krebsonsecurity.com/2015/08/how-not-to-start-an-encryption-company/




*** Sicherheitsrisiko Mainframe: Großrechner aus dem Internet erreichbar ***
---------------------------------------------
Ein Sicherheitsforscher warnt, dass Mainframes zu einem leichten Angriffsziel werden könnten.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Sicherheitsrisiko-Mainframe-Grossrechner-aus-dem-Internet-erreichbar-2781347.html?wt_mc=rss.ho.beitrag.rdf




*** 1&1, GMX und Web.de: Millionen E-Mail-Postfächer waren angreifbar ***
---------------------------------------------
Bei den E-Mail-Anbietern 1&1, Gmx und Web.de klaffte bis vor wenigen Tagen eine Sicherheitslücke, über die Angreifer unter bestimmten Umständen Zugriff auf fremde Konten bekommen konnten.
---------------------------------------------
http://heise.de/-2782618




*** When You Can't ARPSpoof ***
---------------------------------------------
There are times during a penetration test when you are having difficulty gaining the credentials you want from a host that has already been compromised. You have successfully socially engineered a system administrator or other user with privileges to a web application and you have established a meterpreter shell. You can dump the password hashes...
---------------------------------------------
http://resources.infosecinstitute.com/when-you-cant-arpspoof/




*** Reflection DDoS Attacks Abusing RPC Portmapper ***
---------------------------------------------
Level 3 Communications has discovered a new type of reflection DDoS attack that takes advantage of RPC Portmapper to overwhelm networking services.
---------------------------------------------
http://threatpost.com/reflection-ddos-attacks-abusing-rpc-portmapper/114318




*** SAP Afaria 7 Buffer Overflow ***
---------------------------------------------
Topic: SAP Afaria 7 Buffer Overflow Risk: High Text:Application: SAP Afaria 7 Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Buffer Overflow ...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2015080088




*** DSA-3336 nss - security update ***
---------------------------------------------
Several vulnerabilities have been discovered in nss, the Mozilla NetworkSecurity Service library. The Common Vulnerabilities and Exposures projectidentifies the following problems:...
---------------------------------------------
https://www.debian.org/security/2015/dsa-3336




*** Bugtraq: EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) ***
---------------------------------------------
http://www.securityfocus.com/archive/1/536244




*** ZDI-15-393: Foxit Reader TIFF Conversion Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-15-393/




*** GnuTLS ServerKeyExchange Validation Flaw May Let Remote Users Forge Signatures ***
---------------------------------------------
http://www.securitytracker.com/id/1033225




*** DFN-CERT-2015-1277. Linux-Kernel: Mehrere Schwachstellen ermöglichen einen Denial-of-Service-Angriff ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2015-1277/




*** Security Notice - Statement about the Stagefright Security Vulnerability in Android OS Disclosed by Zimperium ***
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/hw-445925.htm




*** Security Advisory - DoS Vulnerability in Huawei MBB Product ***
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-450877.htm




*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM UrbanCode Deploy and IBM UrbanCode Deploy with Patterns ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21964039




*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM GPFS Native RAID (CVE-2015-2638, CVE-2015-4760, CVE-2015-2619, CVE-2015-2613) ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=isg3T1022565




*** IBM Security Bulletin: Vulnerabilities in OpenSSL affect Rational RequisitePro (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791) ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21964441




*** Apache ActiveMQ Directory Traversal Flaw Lets Remote Users Upload Files and Execute Arbitrary Code ***
---------------------------------------------
http://www.securitytracker.com/id/1033315




*** USN-2710-2: OpenSSH regression ***
---------------------------------------------
Ubuntu Security Notice USN-2710-218th August, 2015openssh regressionA security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTSSummaryUSN-2710-1 introduced a regression in OpenSSH.Software description openssh - secure shell (SSH) for secure access to remote machines  DetailsUSN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix forCVE-2015-5600 caused a regression resulting in random authenticationfailures in non-default...
---------------------------------------------
http://www.ubuntu.com/usn/usn-2710-2/




*** VU#248692: Trend Micro Deep Discovery threat appliance contains multiple vulnerabilities ***
---------------------------------------------
Vulnerability Note VU#248692 Trend Micro Deep Discovery threat appliance contains multiple vulnerabilities Original Release date: 18 Aug 2015 | Last revised: 18 Aug 2015   Overview Multiple versions of the Trend Micro Deep Discovery threat appliance are vulnerable to cross-site scripting and authentication bypass.  Description The Trend Micro Deep Discovery platform "enables you to detect, analyze, and respond to today's stealthy, targeted attacks in real time." It may be...
---------------------------------------------
http://www.kb.cert.org/vuls/id/248692




*** Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/viewAlert.x?alertId=40523


More information about the Daily mailing list