[CERT-daily] Tageszusammenfassung - Freitag 9-10-2015
Daily end-of-shift report
team at cert.at
Fri Oct 9 18:04:40 CEST 2015
=======================
= End-of-Shift report =
=======================
Timeframe: Donnerstag 08-10-2015 18:00 − Freitag 09-10-2015 18:00
Handler: Robert Waldner
Co-Handler: n/a
*** Prenotification: Upcoming Security Updates for Adobe Acrobat and Reader (APSB15-24) ***
---------------------------------------------
A prenotification security advisory (APSB15-24) has been posted regarding upcoming Adobe Acrobat and Reader updates scheduled for Tuesday, October 13, 2015.
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1276
*** Brute Force Amplification Attacks Against WordPress XMLRPC ***
---------------------------------------------
Brute Force attacks are one of the oldest and most common types of attacks that we still see on the Internet today. If you have a server online, it's most likely being hit right now. It could be via protocols like SSH or FTP, and if it's a web server, via web-based brute force attempts againstRead More The post Brute Force Amplification Attacks Against WordPress XMLRPC appeared first on Sucuri Blog.
---------------------------------------------
https://blog.sucuri.net/2015/10/brute-force-amplification-attacks-against-wordpress-xmlrpc.html
*** PostgreSQL: 2015-10-08 Security Update Release ***
---------------------------------------------
Two security issues have been fixed in this release which affect users of specific PostgreSQL features: CVE-2015-5289: json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service. CVE-2015-5288: The crypt() function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed.
---------------------------------------------
http://www.postgresql.org/about/news/1615/
*** PowerShell Command Line Logging ***
---------------------------------------------
The problem is that, by default, Windows only logs that PowerShell was launched. No additional details about what exactly happened are preserved. The only thing we can tell is that PowerShell called additional programs and possibly opened up a few network sessions. However, there is a way to gather additional details on PowerShell sessions and the command line in general.
---------------------------------------------
https://logrhythm.com/blog/powershell-command-line-logging/
*** MYSQL v5.6.24 Buffer Overflows ***
---------------------------------------------
SUMMARY During a manual source code audit of MYSQL Version 5.6.24, various buffer overflow issues have been realized.
---------------------------------------------
http://www.securityfocus.com/archive/1/536652
*** Aktive Angriffe auf Cisco-VPN-Zugänge ***
---------------------------------------------
Vornehmlich über bekannte Sicherheitsprobleme kapern Unbekannte in großem Stil Firmenzugänge über Cisco Clientless SSL VPN (Web VPN), berichtet die Sicherheitsfirma Volexity.
---------------------------------------------
http://heise.de/-2841963
*** IBM Security Bulletins ***
---------------------------------------------
*** Multiple vulnerabilities of Mozilla Firefox in IBM Storwize V7000 Unified ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005332
---------------------------------------------
*** Mozilla Firefox vulnerability issues in IBM SONAS ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005333
---------------------------------------------
*** Vulnerabilities in Java affect the IBM FlashSystem V9000 (CVE-2015-1931, CVE-2015-2601, CVE-2015-2613, and CVE-2015-2625) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005411
---------------------------------------------
*** Vulnerabilities in Java affect the IBM FlashSystem V840 (CVE-2015-1931, CVE-2015-2601, CVE-2015-2613, and CVE-2015-2625) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005412
---------------------------------------------
*** Vulnerabilities in Java affect the IBM FlashSystem models 840 and 900 (CVE-2015-1931, CVE-2015-2601, CVE-2015-2613, and CVE-2015-2625) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005413
---------------------------------------------
*** Vulnerabilities in IBM Java SDK affect IBM Storwize V7000 Unified (CVE-2015-2613, CVE-2015-2601, CVE-2015-4000, CVE-2015-2625, and CVE-2015-1931) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005342
---------------------------------------------
*** Multiple vulnerabilities in IBM Java Runtime Version 6 affect IBM Cognos Business Viewpoint (CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931) ***
http://www.ibm.com/support/docview.wss?uid=swg21967563
---------------------------------------------
*** Vulnerabilities in Open Source OpenSSL affects the IBM FlashSystem V840 (CVE-2015-1788, CVE-2015-1789, CVE-2015-1791, and CVE-2015-3216) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005376
---------------------------------------------
*** Vulnerabilities in OpenSSL affect IBM SONAS (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1005313
---------------------------------------------
More information about the Daily
mailing list