[CERT-daily] Tageszusammenfassung - Montag 1-02-2016

Mon Feb 1 18:06:05 CET 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 29-01-2016 18:00 − Montag 01-02-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** FreeBSD Linux Support issetugid(2) Error Lets Local Users Gain Elevated Privileges ***
---------------------------------------------
The Linux compatibility layer issetugid(2) system call may return incorrect information. A local user may be able to exploit an application that uses this system call to gain elevated privileges.
---------------------------------------------
http://www.securitytracker.com/id/1034872


*** QEMU Firmware Configuration Processing Access Flaw Lets Local Users on a Guest System Gain Elevated Privileges on the Host System ***
---------------------------------------------
A privileged local user with CAP_SYS_RAWIO capabilities on the guest system can trigger an out-of-bounds read/write access error when processing firmware configurations and cause denial of service conditions or gain elevated privileges on the host system.
---------------------------------------------
http://www.securitytracker.com/id/1034858


*** HP integrated Lights Out (iLO) TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections ***
---------------------------------------------
A remote user that can conduct a man-in-the-middle attack can cause the target system to downgrade the Diffie-Hellman algorithm to 512-bit export-grade cryptography. The remote user may then be able to decrypt the connection.
---------------------------------------------
http://www.securitytracker.com/id/1034884


*** Hippo CMS 10.1 XML External Entity Information Disclosure Vulnerability ***
---------------------------------------------
XXE (XML External Entity) processing through upload of SVG images in the CMS, and through XML import in the CMS Console application.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5301.php


*** Hippo CMS 10.1 Stored Cross-Site Scripting Vulnerability ***
---------------------------------------------
Hippo CMS suffers from a stored XSS vulnerability. Input passed thru the POST parameters groupname and description is not sanitized allowing the attacker to execute HTML code into users browser session on the affected site.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5300.php


*** HP Client Security Manager 8.3.4 Cross-Site Scripting Vulnerability ***
---------------------------------------------
HP Client Security Manager is prone to XSS attacks because of lacking sanitization of data from HTML forms. It makes any site vulnerable even without XSS presence on the site.
---------------------------------------------
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5299.php


*** Now VirusTotal can scan your firmware image for bad executables ***
---------------------------------------------
VirusTotal presented a new malware scanning engine that allows users to analyze their firmware images searching for malicious codes. VirusTotal has recently announced the launch of a new malware scanning service for firmware ..
---------------------------------------------
http://securityaffairs.co/wordpress/44097/malware/virustotal-firmware-scan.html


*** 6 Millionen US-Dollar für Sicherheitslücken in Google-Produkten ***
---------------------------------------------
Google zeigt sicher weiterhin spendabel, wenn Sicherheitsforscher neue Lücken in Chrome, Android & Co. an den Konzern melden. 
---------------------------------------------
http://heise.de/-3088182


*** DSA-3460 privoxy - security update ***
---------------------------------------------
It was discovered that privoxy, a web proxy with advanced filteringcapabilities, contained invalid reads that could enable a remoteattacker to crash the application, thus causing a Denial of Service.
---------------------------------------------
https://www.debian.org/security/2016/dsa-3460


*** Is security outfit Norse Corp dead or just temporarily TITSUP? ***
---------------------------------------------
Imploding says Brian Krebs Security startup Norse Corp has gone ominously dark.
---------------------------------------------
www.theregister.co.uk/2016/02/01/is_norse_corp_dead_or_just_temporarily_titsup/


*** LibreSSL emits new versions, says not vulnerable to OpenSSL bug ***
---------------------------------------------
Ciscos pedalling hard to prepare patches too Corrected LibreSSL sysadmins should keep an eye on their mirrors for a soon-to-land update.
---------------------------------------------
www.theregister.co.uk/2016/02/01/openbsd_rolls_in_libressl_bug_fixes/


*** DSA-3463 prosody - security update ***
---------------------------------------------
It was discovered that insecure handling of dialback keys may allowa malicious XMPP server to impersonate another server.
---------------------------------------------
https://www.debian.org/security/2016/dsa-3463


*** Schluss mit "123456": 1. Februar ist "Change your password"-Tag ***
---------------------------------------------
Zahlreiche Nutzer verwenden noch immer haarsträubend unsichere Passwörter
---------------------------------------------
http://derstandard.at/2000030144886


*** Aktuell im Umlauf: Trojaner-Mail im Namen des Kopierers verschickt ***
---------------------------------------------
Kriminelle versenden dieser Tage gehäuft E-Mails mit Schadcode im Anhang über gefälschte Absenderadressen von Netzwerk-Kopierern.
---------------------------------------------
http://heise.de/-3088536


*** GAME OVER: HOW A COLOURFUL GAME TURNED INTO A SUBSCRIPTION TRAP - App from the Google Play store automatically set up two subscriptions in the Netherlands ***
---------------------------------------------
Premium SMS messages were the first attacks on Android users - almost six years ago, malware with this functionality was the primary risk. Since then of course, the malware landscape for mobile devices has moved on significantly. For this very ..
---------------------------------------------
https://blog.gdatasoftware.com/blog/article/game-over-how-a-colourful-game-turned-into-a-subscription-trap.html


*** Theres a lot of vulnerable OS X applications out there. ***
---------------------------------------------
Lately, I was doing research connected with different updating strategies, and I tested a few applications working under Mac OS X. This short weekend research revealed that we have many insecure applications in the wild. As a result, I have found a vulnerability which allows an attacker take control of another computer on the same network (via MITM).
---------------------------------------------
https://vulnsec.com/2016/osx-apps-vulnerabilities/


*** Illegaler Bezahldienst Liberty Reserve: Gründer bekennt sich der Geldwäsche schuldig ***
---------------------------------------------
US-Behörden bezeichnen den 2013 abgestellten Onlinedienst Liberty Reserve als "die Bank der Wahl für die kriminelle Unterwelt". Der Gründer hat sich nun schuldig bekannt, über 250 Millionen US-Dollar gewaschen zu haben.
---------------------------------------------
http://heise.de/-3088621