[CERT-daily] Tageszusammenfassung - Donnerstag 4-08-2016

Thu Aug 4 18:05:48 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 03-08-2016 18:00 − Donnerstag 04-08-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability ***
---------------------------------------------
A vulnerability in the administrative web interface of Cisco TelePresence Video Communication Server Expressway could allow an authenticated, remote attacker to execute arbitrary commands on the affected system.The ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-vcse


*** Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability ***
---------------------------------------------
A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an authenticated, remote ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_2


*** Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability ***
---------------------------------------------
A vulnerability in the command-line interface (CLI) command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an ..
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w1


*** Administration Views - Critical - Access bypass - SA-CONTRIB-2016-041 ***
---------------------------------------------
https://www.drupal.org/node/2778501


*** Snitches get stitches: Little Snitch bugs were a blessing for malware ***
---------------------------------------------
Now-patched kernel-level flaw in OS X app firewall will be revealed this week DEF CON Vulnerabilities in popular OS X security tool Little Snitch potentially granted malicious applications extra powers, undermining the protection offered by the software.
---------------------------------------------
www.theregister.co.uk/2016/08/03/mac_firewall_littlesnitch/


*** A look into Neutrino EK’s jQueryGate ***
---------------------------------------------
In the cybercrime landscape, Exploit Kits (EKs) are the tools of choice to infect endpoints by exploiting software vulnerabilities. However, a critical component EKs ..
---------------------------------------------
https://blog.malwarebytes.com/threat-analysis/exploits-threat-analysis/2016/08/a-look-into-neutrinos-jquerygate/


*** [20160802] - Core - XSS Vulnerability ***
---------------------------------------------
https://developer.joomla.org/security-centre/653-20160802-core-xss-vulnerability.html


*** [20160801] - Core - ACL Violation ***
---------------------------------------------
https://developer.joomla.org/security-centre/652-20160801-core-core-acl-violations.html


*** [20160803] - Core - CSRF ***
---------------------------------------------
https://developer.joomla.org/security-centre/654-20160803-core-csrf.html


*** XML External Entity Injection Opens Door to Attacks, Theft ***
---------------------------------------------
XML is a popular language for web developers, partially due to its software and hardware independence. Recently, however, XML security is under threat from XML external ..
---------------------------------------------
https://blogs.mcafee.com/mcafee-labs/xml-external-entity-injection-opens-door-attacks-theft/


*** A Plugin’s Expired Domain Poses a Security Threat to Websites ***
---------------------------------------------
Do you keep all your website software (including all third-party themes, plugins and components) up-to-date? You should! We always recommend this to our ..
---------------------------------------------
https://blog.sucuri.net/2016/08/plugin-expired-domain-security-threat.html


*** DSA-3639 wordpress - security update ***
---------------------------------------------
https://www.debian.org/security/2016/dsa-3639


*** Activity Log <= 2.3.2 - Cross-Site Scripting (XSS) ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8584


*** HEIST: Timing- und Kompressionsangriff auf TLS ***
---------------------------------------------
Durch die geschickte Kombination eines Timing-Angriffs in Javascript und der bereits bekannten BREACH-Attacke ist es möglich, Geheimnisse in TLS-Verbindungen zu entschlüsseln. Anders als früher ist dafür kein Man-in-the-Middle-Angriff nötig.
---------------------------------------------
http://www.golem.de/news/heist-timing-und-kompressionsangriff-auf-tls-1608-122508.html


*** Activity Log <= 2.3.2 - Cross-Site Scripting (XSS) in page ***
---------------------------------------------
https://wpvulndb.com/vulnerabilities/8585


*** Phishing-Studie: Neugier siegt über Sicherheitsbedenken ***
---------------------------------------------
Allen Warnungen und Sicherheitsvorkehrungen zum Trotz: Nutzer lassen sich sehr leicht auf eine Webseite locken, wenn die Phishing-Mail verführerisch genug klingt. Das sollte Auswirkungen auf die Sicherheitsarchitektur haben, fordern Forscher.
---------------------------------------------
http://www.golem.de/news/phishing-studie-neugier-siegt-ueber-sicherheitsbedenken-1608-122524.html


*** Social Engineering: Jeder zweite fällt auf USB-Sticks und Facebook-Nachrichten rein ***
---------------------------------------------
Würden Sie einen gerade gefundenen USB-Stick anschließen? Würden Sie auf den Link in einer Facebook-Nachricht einer Ihnen unbekannten Person klicken? Laut zwei Studien beantworten dies viele mit nein – tun es aber trotzdem.
---------------------------------------------
http://heise.de/-3287818


*** DSA-3640 firefox-esr - security update ***
---------------------------------------------
https://www.debian.org/security/2016/dsa-3640


*** DSA-3638 curl - security update ***
----------------------------------------------
https://www.debian.org/security/2016/dsa-3638