[CERT-daily] Tageszusammenfassung - Montag 18-01-2016
Daily end-of-shift report
team at cert.at
Mon Jan 18 18:08:07 CET 2016
=======================
= End-of-Shift report =
=======================
Timeframe: Freitag 15-01-2016 18:00 − Montag 18-01-2016 18:00
Handler: Stephan Richter
Co-Handler: Alexander Riepl
*** Cisco FireSIGHT Management Center Stored Cross-Site Scripting Vulnerabilities ***
---------------------------------------------
Multiple vulnerabilities in the web framework of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to execute a stored cross-site scripting (XSS) attack against a user of the Cisco FireSIGHT Management Center web interface.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT
*** Easily Exploitable Vulnerability Could Cause Physical Damage to Industrial Motors ***
---------------------------------------------
http://www.sans.org/newsletters/newsbites/r/18/4/307
*** Cisco FireSIGHT Management Center DOM-Based Cross-Site Scripting Vulnerability ***
---------------------------------------------
Cisco FireSIGHT Management Center (MC) contains a DOM-based cross-site scripting vulnerability (XSS) in the management page. An unauthenticated, remote attacker could persuade a user to perform a malicious action, allowing the attacker to perform a XSS attack.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1
*** IBM Security Bulletin: Vulnerabilities in GNU grep utility affect IBM Security Network Protection (CVE-2012-5667, and CVE-2015-1345) ***
---------------------------------------------
The grep utility searches through textual input for lines that contain a match to a specified pattern and then prints the matching lines. Security vulnerabilities have been discovered in grep utility used with IBM Security Network Protection.
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21972209
*** IBM Security Bulletin: IBM WebSphere Application Server Liberty Profile vulnerability affects IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2015-2017) ***
---------------------------------------------
WebSphere Application Server Liberty Profile that is embedded in TADDM could allow a remote attacker to has access to the customer app or a form which sends the contents in a header will be able to split the response and add headers to the response. The customer application will allow cross-site scripting, web cache poisoning, and other similar exploits.
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg21974782
*** Cisco Adaptive Security Appliance Information Disclosure Vulnerability ***
---------------------------------------------
A vulnerability in the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional attacks.
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa
*** The SLOTH attack and IKE/IPsec ***
---------------------------------------------
The IKE daemons in RHEL7 (libreswan) and RHEL6 (openswan) are not vulnerable to the SLOTH attack. But the attack is still interesting to look at . The SLOTH attack released today is a new transcript collision attack against ..
---------------------------------------------
https://securityblog.redhat.com/2016/01/15/the-sloth-attack-and-ikeipsec/
*** Schwere Lücke bei Überwachungskameras von Hofer und Aldi ***
---------------------------------------------
Sicherheitsexperten warnen vor Überwachungskameras der Marke Maginon. Diese erlauben den ungeschützten Zugriff auf Bild und Ton, aber auch WLAN- und E-Mail-Passwörter.
---------------------------------------------
http://futurezone.at/produkte/schwere-luecke-bei-ueberwachungskameras-von-hofer-und-aldi/175.586.501
*** LostPass ***
---------------------------------------------
I have discovered a phishing attack against LastPass that allows an attacker to steal a LastPass users email, password, and even two-factor auth code, giving full access to all passwords and documents stored in LastPass.
---------------------------------------------
https://www.seancassidy.me/lostpass.html
*** Privilege Escalation on Windows 7,8,10, Server 2008, Server 2012 - and a new network attack ***
---------------------------------------------
Hot Potato (aka: Potato) takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay (specifically HTTP->SMB relay) and NBNS spoofing.
---------------------------------------------
http://foxglovesecurity.com/2016/01/16/hot-potato/
*** HTTP Evasions Explained - Part 10 - Lazy Browsers ***
---------------------------------------------
The previous parts of this series looked at firewalls and browsers as black boxes which just behave that way for unknown reason. For this part I took a closer look at the source code of Chromium and Firefox. This way Ive found even more ways to construct HTTP which is insanely broken but still gets accepted by the ..
---------------------------------------------
http://noxxi.de/research/http-evader-explained-10-lazy-browsers.html
*** nic.at bringt "Security-Lock" für Domains ***
---------------------------------------------
Schutz soll verhindern, dass eine Domain irrtümlich unerreichbar oder manipuliert wird
---------------------------------------------
http://derstandard.at/2000029286062
More information about the Daily
mailing list