[CERT-daily] Tageszusammenfassung - Montag 5-10-2015

Mon Oct 5 18:15:48 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 02-10-2015 18:00 − Montag 05-10-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner


*** Two Games Released in Google Play Can Root Android Devices ***
---------------------------------------------
By Wish Wu, Ecular Xu Android malware creators have recently been mixing business with play. We found two malicious gaming apps that were published on Google Play and are capable of rooting Android devices. If the apps Brain Test and RetroTetris ring a bell, better check your devices. RetroTetris can be installed in Android versions starting from...
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/uDbQy75DLZo/


*** VMware vCenter and ESXi updates address critical security issues. ***
---------------------------------------------
Problem Description
a. VMware ESXi OpenSLP Remote Code Execution
b. VMware vCenter Server JMX RMI Remote Code Execution
c. VMware vCenter Server vpxd denial-of-service vulnerability
---------------------------------------------
http://www.vmware.com/security/advisories/VMSA-2015-0007.html


*** Patreon crowdfunding site hacked and data leaked online ***
---------------------------------------------
The Crowdfunding website Patreon has been hacked and about 15 gigabytes of data including names, addresses and donations have been published online. The data have been available on different servers online locations, including this source.
---------------------------------------------
http://securityaffairs.co/wordpress/40665/cyber-crime/patreon-crowdfunding-hacked.html


*** Samsung Decides Not To Patch Kernel Vulnerabilities In Some S4 Smartphones ***
---------------------------------------------
An anonymous reader writes: QuarksLAB, a security research company, has stumbled upon two kernel vulnerabilities for Samsung Galaxy S4 devices, which Samsung has decided to patch only for recent devices running Android Lollipop, but not Jelly Bean or KitKat. The two vulnerabilities (kernel memory disclosure and kernel memory corruption) were discovered in February 2014 and reported to Samsung in August 2014, affecting the samsung_extdisp driver of Samsung S4 (GT-I9500) devices.
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/xM6Nt9ttxc4/samsung-decides-not-to-patch-kernel-vulnerabilities-in-some-s4-smartphones


*** Virus oder Impfstoff? WiFatch befällt Router und schützt vor Malware ***
---------------------------------------------
"Linux.Wifatch" infiziert Router und mit dem Internet verbundene Geräte, bindet sie in ein Botnetz ein, entfernt Malware und stärkt sie gegen weiterere Infektion.
---------------------------------------------
http://heise.de/-2837158


*** Zertifikats-Schmu bei Windows Update beunruhigt Nutzer ***
---------------------------------------------
Zertifikate, mit denen Microsoft die SSL-Verbindungen zur Windows-Update-Webseite absichert und Dateien des Update-Prozesses signiert, sind nicht vertrauenswürdig. Das führt zu Warnungen und fehlgeschlagenen Updates.
---------------------------------------------
http://www.heise.de/newsticker/meldung/Zertifikats-Schmu-bei-Windows-Update-beunruhigt-Nutzer-2837537.html?wt_mc=rss.ho.beitrag.rdf


*** IBM ***
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in WSS4J affects IBM Cúram (CVE-2015-0226 & CVE-2015-0227 ) ***
http://www.ibm.com/support/docview.wss?uid=swg21964133
---------------------------------------------
*** IBM Security Bulletin: Information disclosure vulnerability reported in IBM Emptoris Sourcing (CVE-2015-5024) ***
http://www.ibm.com/support/docview.wss?uid=swg21967255
---------------------------------------------
*** IBM Security Bulletin: Multiple Cross-Site scripting vulnerabilities in IBM Business Process Manager dashboards (CVE-2015-4955) ***
http://www.ibm.com/support/docview.wss?uid=swg21966010
---------------------------------------------
*** IBM Security Bulletin: IBM Cloud Manager with OpenStack Keystone Vulnerability (CVE-2015-3646) ***
http://www.ibm.com/support/docview.wss?uid=isg3T1022663
---------------------------------------------
*** IBM GNU C library (glibc) vulnerabilities affect IBM SmartCloud Entry (CVE-2013-7423 CVE-2015-1781) ***
http://www.ibm.com/support/docview.wss?uid=isg3T1022665
---------------------------------------------


*** Cisco ***
---------------------------------------------
*** VoIPshield Reported Vulnerabilities in Cisco Unity Server ***
http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20081008-unity
---------------------------------------------
*** Cisco Secure ACS Denial Of Service Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20080903-csacs
---------------------------------------------
*** Wide Area Application Services (WAAS) Common UNIX Printing System (CUPS) Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20080625-waas
---------------------------------------------