[CERT-daily] Tageszusammenfassung - Mittwoch 2-12-2015

Wed Dec 2 18:10:56 CET 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 01-12-2015 18:00 − Mittwoch 02-12-2015 18:00
Handler:     Stephan Richter
Co-Handler:  Robert Waldner


*** Cisco Unified Computing System Central Software Cross-Site Scripting Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151201-ucs


*** DSA-3408 gnutls26 - security update ***
---------------------------------------------
It was discovered that GnuTLS, a library implementing the TLS and SSLprotocols, incorrectly validates the first byte of padding in CBC modes.A remote attacker can possibly take advantage of this flaw to perform apadding oracle attack.
---------------------------------------------
https://www.debian.org/security/2015/dsa-3408


*** VU#630239: Epiphany Cardio Server version 3.3 is vulnerable to SQL and LDAP injection ***
---------------------------------------------
The Epiphany Cardio Server prior to version 4.0 is vulnerable to SQL injection and LDAP injection, allowing an unauthenticated attacker to gain administrator rights.
---------------------------------------------
http://www.kb.cert.org/vuls/id/630239


*** Cisco UCS Central Software Server-Side Request Forgery Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151201-ucs1


*** Saia Burgess Controls PCD Controller Hard-coded Password Vulnerability ***
---------------------------------------------
This advisory provides mitigation details for a hard-coded password vulnerability in Saia Burgess Controls's family of PCD controllers.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-01


*** Schneider Electric ProClima ActiveX Control Vulnerabilities ***
---------------------------------------------
This advisory provides mitigation details for remote code execution vulnerabilities in the Schneider Electric ProClima F1 Bookview ActiveX control application.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02


*** Siemens SIMATIC Communication Processor Vulnerability ***
---------------------------------------------
This advisory provides mitigation details for an authentication bypass vulnerability in the Siemens SIMATIC Communication Processor devices.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-03


*** DSA-3409 putty - security update ***
---------------------------------------------
A memory-corrupting integer overflow in the handling of the ECH (erasecharacters) control sequence was discovered in PuTTYs terminalemulator. A remote attacker can take advantage of this flaw to mount adenial of service or potentially to execute arbitrary code.
---------------------------------------------
https://www.debian.org/security/2015/dsa-3409


*** Security Advisory - Privilege Escalation Vulnerability in Huawei LogCenter ***
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-464243.htm


*** Security Advisory - DoS Vulnerability in Huawei LogCenter ***
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-464247.htm


*** Entropy drought hits Raspberry Pi harvests, weakens SSH security ***
---------------------------------------------
Hotfix posted online to shore up Raspbian key generation Raspberry Pis running Raspbian - a flavor of Debian GNU/Linux tuned for the credit-card-sized computers - apparently generate weak SSH host keys.
---------------------------------------------
www.theregister.co.uk/2015/12/02/raspberry_pi_weak_ssh_keys/


*** DSA-3410 icedove - security update ***
---------------------------------------------
Multiple security issues have been found in Icedove, Debians version ofthe Mozilla Thunderbird mail client: Multiple memory safety errors,integer overflows, buffer overflows and other implementation errors maylead to the execution of arbitrary code or denial of service.
---------------------------------------------
https://www.debian.org/security/2015/dsa-3410


*** Chrome für Linux: Google streicht 32-Bit-Version ***
---------------------------------------------
Support endet März 2016 – Community kann weiterhin eigene Builds bauen
---------------------------------------------
http://derstandard.at/2000026808558


*** BSides Vienna 2015 Slides ***
---------------------------------------------
The slides of the BSides Vienna are available online and linked directly at the schedule page: https://bsidesvienna.at/talks/ You can also wget them: wget http://bsidesvienna.at/slides/2015/a_case_study_on_the_security_of_application_whitelisting.pdf wget http://bsidesvienna.at/slides/2015/closing_slides.pdf wget http://bsidesvienna.at/slides/2015/crypto_wars_2.0.pdf wget http://bsidesvienna.at/slides/2015/digital_supply_chain_security.pdf wget
---------------------------------------------
http://www.reddit.com/r/netsec/comments/3v50y7/bsides_vienna_2015_slides/


*** Security: Bug Bounty für Barbie-Puppen ***
---------------------------------------------
Nicht nur Vtech-Spielzeug ist unsicher: Die umstrittene WLAN-Barbie von Mattel hält es mit der Sicherheit ebenfalls nicht so genau. Ein Hacker konnte aus der Puppe zahlreiche Informationen auslesen - und glaubt, auch die Serveranbindung manipulieren zu können. 
---------------------------------------------
http://www.golem.de/news/security-bug-bounty-fuer-barbie-puppen-1512-117769.html


*** Nessus and Powershell is like Chocolate and Peanut Butter!, (Wed, Dec 2nd) ***
---------------------------------------------
In a typical security assessment, youll do authenticated scans of internal hosts, looking for vulnerabilities due to missed patches or configuration issues. I often use Nessus for this, but find that for a typical IT manager, the Nessus ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20431


*** Ponmocup ***
---------------------------------------------
Ponmocup2. Dezember 2015Aktuell ist das Botnet, zu dem wir die meisten Infektionen gemeldet bekommen, immer noch Conficker. Weit abgeschlagen dahinter finden sich "gozi", "nymaim", "ZeuS" (incl. Varianten), "tinba" und "dyre". Die genauen Zahlen variieren stark, da ist die Konsistenz der Messungen nicht die beste.Jetzt haben wir einen neuen Namen hoch oben in der Liste: "Ponmocup". Die Malware selber ist nicht neu, manche setzten die
---------------------------------------------
http://www.cert.at/services/blog/20151202163506-1641.html


*** The Perils of Vendor Bloatware ***
---------------------------------------------
In todays Stormcast, Johannes summarizes the current issue with some of the software that comes pre-installed on Dell Laptops. In short, Dell Foundation Services, which is used for remote management, allows unauthenticated WMI queries to be processed, ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20433


*** IBM Security Bulletin: A potential security vulnerability in WebSphere Liberty Profile affects InfoSphere Streams (CVE-2015-1927) ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21967767


*** IBM Security Bulletin: IBM Cognos Business Intelligence Server 2015Q4 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities. ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21959874


*** IBM Security Bulletin: Multiple vulnerabilities in Apache HttpComponents affect IBM Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577) ***
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21970193


*** Dell verschlimmbessert die Foundation-Services-Lücke ***
---------------------------------------------
Angreifer aus dem Web können bei bestimmten Dell-Rechnern den Service-Tag auslesen und die Nutzer so tracken. Dell hat diese Lücke nun geschlossen. Seit dem Update kann man allerdings unter anderem die gesamte Hardware-Konfiguration auslesen.
---------------------------------------------
http://www.heise.de/security/meldung/Dell-verschlimmbessert-die-Foundation-Services-Luecke-3029552.html