[CERT-daily] Tageszusammenfassung - Donnerstag 26-02-2015

Daily end-of-shift report team at cert.at
Thu Feb 26 18:11:43 CET 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 25-02-2015 18:00 − Donnerstag 26-02-2015 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** 2014 Spam Landscape: UPATRE Trojan Still Top Malware Attached to Spam ***
---------------------------------------------
The malware UPATRE was first spotted in August 2013 following the demise of the Blackhole Exploit kit. It was since known as one of the top malware seen attached to spammed messages and continues to be so all throughout 2014 with particularly high numbers seen in the fourth quarter of the year. We have released...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/jUSb_mMOQCc/




*** Webnic Registrar Blamed for Hijack of Lenovo, Google Domains ***
---------------------------------------------
Two days ago, attackers allegedly associated with the fame-seeking group Lizard Squad briefly hijacked Googles Vietnam domain (google.com.vn). On Wednesday, Lenovo.com was similarly attacked. Sources now tell KrebsOnSecurity that both hijacks were possible because the attackers seized control over Webnic.cc, the Malaysian registrar that serves both domains and 600,000 others.
---------------------------------------------
http://krebsonsecurity.com/2015/02/webnic-registrar-blamed-for-hijack-of-lenovo-google-domains/




*** Why Websites Get Hacked ***
---------------------------------------------
I spend a good amount of time engaging with website owners across a broad spectrum of businesses. Interestingly enough, unless I'm talking large enterprise, there is a common question that often comes up: Why would anyone ever hack my website? Depending on who you are, the answer to this can vary. Nonetheless, it often revolves...
---------------------------------------------
http://blog.sucuri.net/2015/02/why-websites-get-hacked.html




*** 5 New Vulnerabilities Uncovered In SAP ***
---------------------------------------------
ERP security researchers at Onapsis have discovered five new vulnerabilities in SAP BusinessObjects and SAP HANA, three of them high-risk. One in particular gives attackers the power to overwrite data within mission-critical systems.
---------------------------------------------
http://www.darkreading.com/application-security/5-new-vulnerabilities-uncovered--in-sap/d/d-id/1319239




*** Electronic Arts Origin Client 9.5.5 Multiple Privilege Escalation Vulnerabilities ***
---------------------------------------------
Title: Electronic Arts Origin Client 9.5.5 Multiple Privilege | Escalation Vulnerabilities | Advisory ID: ZSL-2015-5231 | Type: Local | Impact: Privilege Escalation | Risk: (3/5) | Release Date: 26.02.2015
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5231.php




*** Ubisoft Uplay 5.0 Insecure File Permissions Local Privilege Escalation ***
---------------------------------------------
Title: Ubisoft Uplay 5.0 Insecure File Permissions Local Privilege | Escalation | Advisory ID: ZSL-2015-5230 | Type: Local | Impact: Privilege Escalation | Risk: (2/5) | Release Date: 25.02.2015
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5230.php




*** HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities ***
---------------------------------------------
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04580241 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04580241 Version: 1 HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04580241




*** HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites ***
---------------------------------------------
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04556853 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04556853 Version: 2 HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites
---------------------------------------------
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04556853




*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM Sterling Connect:Direct File Agent (CVE-2014-3065, CVE-2014-6468) ***
---------------------------------------------
2015-02-26T11:42:30-05:00
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21696580




*** Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution (CVE-2014-3566, CVE-2014-6558) ***
---------------------------------------------
2015-02-25T12:49:31-05:00
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21697112




*** Security Advisory-Multiple Vulnerabilities on Huawei Tecal Server Products ***
---------------------------------------------
Feb 26, 2015 09:44
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-408100.htm




*** Security Advisory-Glibc Buffer Overflow Vulnerability ***
---------------------------------------------
Feb 26, 2015 16:35
---------------------------------------------
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-415364.htm




*** EasyCart 1.1.30 - 3.0.20 - Privilege Escalation ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/7808




*** WP All Import Pro <= 4.1.0 - RCE ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/7810




*** WP All Import <= 3.2.3 - RCE ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/7809




*** Security Advisories for Drupal Third-Party Modules ***
---------------------------------------------
*** SA-CONTRIB-2015-062 - Watchdog Aggregator - Cross Site Request Forgery (CSRF) - Unsupported ***
https://www.drupal.org/node/2437993

*** SA-CONTRIB-2015-061 - Ubercart Webform Integration - Cross Site Scripting (XSS) - Unsupported ***
https://www.drupal.org/node/2437991

*** SA-CONTRIB-2015-060 - Custom Sitemap - Cross Site Request Forgery (CSRF) - Unsupported ***
https://www.drupal.org/node/2437985

*** SA-CONTRIB-2015-059 - Spider Video Player - Multiple vulnerabilities - Unsupported ***
https://www.drupal.org/node/2437981

*** SA-CONTRIB-2015-058 - Spider Catalog - Cross Site Request Forgery (CSRF) - Unsupported ***
https://www.drupal.org/node/2437977

*** SA-CONTRIB-2015-057 - Spider Contacts - Multiple vulnerabilities - Unsupported ***
https://www.drupal.org/node/2437973

*** SA-CONTRIB-2015-056 - inLinks Integration - Cross Site Scripting (XSS) - Unsupported ***
https://www.drupal.org/node/2437969

*** SA-CONTRIB-2015-055 - Services single sign-on server helper - Open Redirect - Unsupported ***
https://www.drupal.org/node/2437965

*** SA-CONTRIB-2015-054 - SMS Framework - Cross Site Scripting (XSS) ***
https://www.drupal.org/node/2437943

*** SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS) ***
https://www.drupal.org/node/2437905

*** SA-CONTRIB-2015-041 - Feature Set - Cross Site Request Forgery (CSRF) ***
https://www.drupal.org/node/2424409
---------------------------------------------


More information about the Daily mailing list