[CERT-daily] Tageszusammenfassung - Donnerstag 22-10-2015

Thu Oct 22 18:05:26 CEST 2015

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 21-10-2015 18:00 − Donnerstag 22-10-2015 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Cisco ASA Software DNS Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the DNS code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1


*** Cisco ASA Software DNS Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the DNS code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns2


*** Google Moving Gmail to Strict DMARC Implementation ***
---------------------------------------------
Google said it will move gmail.com to a policy of rejecting any messages that don't pass the authentication checks spelled out in the DMARC specification.
---------------------------------------------
http://threatpost.com/google-moving-gmail-to-strict-dmarc-implementation/115125/


*** IBM Runs World's Worst Spam-Hosting ISP? ***
---------------------------------------------
This author has long sought to shame Web hosting and Internet service providers who fail to take the necessary steps to keep spammers, scammers and other online neer-do-wells ..
---------------------------------------------
http://krebsonsecurity.com/2015/10/ibm-runs-worlds-worst-spam-hosting-isp


*** Apple Releases Updates for iOS, WatchOS, OS X, Safari and iTunes. ***
---------------------------------------------
Apple published one of its usual updates for everything. Below I took a shot at a quick summary. You can find ..
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20285


*** Drupal Core - Overlay - Less Critical - Open Redirect - SA-CORE-2015-004 ***
---------------------------------------------
The Overlay module in Drupal core displays administrative pages as a layer over the current page (using JavaScript), rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect vulnerability.
---------------------------------------------
https://www.drupal.org/SA-CORE-2015-004


*** jQuery Update - Less Critical - Open Redirect - SA-CONTRIB-2015-158 ***
---------------------------------------------
The jQuery Update module enables you to update jQuery on your site. The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack (see SA-CORE-2015-004).
---------------------------------------------
https://www.drupal.org/node/2598426


*** Hack.lu 2015 Wrap-Up Day #2 ***
---------------------------------------------
Here we go with my wrap-up for the second day. After some coffee and pastries, the day started hardly with a very technical talk. Samuel Chevet & Clement Rouault presented their research about Windows local kernel debugging. Kernel debugging ..
---------------------------------------------
https://blog.rootshell.be/2015/10/21/hack-lu-2015-wrap-up-day-2/


*** E-Mail-Sicherheit: Was Provider beitragen können ***
---------------------------------------------
https://www.rtr.at/de/inf/E_Mail_Sicherheit05112015


*** Drahtlose Infektion: Erste Malware für Fitnesstracker entwickelt ***
---------------------------------------------
Übertragung auf Fitbit Flex in zehn Sekunden möglich – Schadsoftware befällt PC von Opfer
---------------------------------------------
http://derstandard.at/2000024345670


*** Geplante Obsoleszenz: Diese Software lässt Computer rasend schnell altern ***
---------------------------------------------
Forscher haben ein Programm entwickelt, das Prozessoren in kurzer Zeit so abnutzt, dass sie unbrauchbar werden. Mögliche Nutznießer: Hersteller, Kunden - oder Militärs. 
---------------------------------------------
http://www.golem.de/news/geplante-obsoleszenz-diese-software-laesst-computer-rasend-schnell-altern-1510-117064.html


*** [20151001] - Core - SQL Injection ***
---------------------------------------------
http://developer.joomla.org/security-centre/628-20151001-core-sql-injection.html


*** [20151002] - Core - ACL Violations ***
---------------------------------------------
http://developer.joomla.org/security-centre/629-20151002-core-acl-violations.html


*** [20151003] - Core - ACL Violations ***
---------------------------------------------
http://developer.joomla.org/security-centre/630-20151003-core-acl-violations.html


*** [2015-10-22] Lime Survey Multiple Critical Vulnerabilities ***
---------------------------------------------
Lime Survey contains multiple vulnerabilities which can be used by unauthenticated attackers to execute administrative functions. Moreover, in certain conditions unauthenticated attackers can run arbitrary PHP code and gain access to the filesystem and the Lime Survey database.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151022-0_Lime_Survey_multiple_critical_vulnerabilities_v10.txt


*** NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability ***
---------------------------------------------
Unauthenticated off-path attackers can force ntpd processes to peer with malicious time sources of the attacker's choosing allowing the attacker to make arbitrary changes to system time. This attack leverages a logic error in ntpd's handling of ..
---------------------------------------------
http://talosintel.com/reports/TALOS-2015-0069/