[CERT-daily] Tageszusammenfassung - Montag 25-01-2016

Mon Jan 25 18:12:45 CET 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 22-01-2016 18:00 − Montag 25-01-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a


*** ZDI-16-023: Oracle GoldenGate Veridata File Upload Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GoldenGate. Authentication is not required to exploit this vulnerability.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-16-023/


*** Hospira Multiple Products Buffer Overflow Vulnerability ***
---------------------------------------------
Jeremy Richards of SAINT Corporation has identified a buffer overflow vulnerability in Hospira's LifeCare PCA Infusion System. Hospira has determined that LifeCare PCA Infusion Systems released prior to July 2009 that are running Communication Engine (CE) Version 1.0 or earlier are vulnerable. In response to Jeremy ..
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-15-337-02


*** Security Advisory: Stored XSS in Magento ***
---------------------------------------------
During our regular research audits for our Cloud-based WAF, we discovered a Stored XSS vulnerability affecting the Magento platform that can be easily exploited remotely. We notified the Magento team and worked with them to get it fixed.
---------------------------------------------
https://blog.sucuri.net/2016/01/security-advisory-stored-xss-in-magento.html


*** 'Deliberate' Backdoor Removed From Secure Conferencing Gear ***
---------------------------------------------
AMX, a provider of audio-visual conferencing gear used in sensitive government and military locations, has removed a 'deliberate' backdoor in one of its central controller system products.
---------------------------------------------
http://threatpost.com/deliberate-backdoor-removed-from-secure-conferencing-gear/115993/


*** Rsync Symlink Path Validation Flaw Lets Remote Users Write Files on the Target System ***
---------------------------------------------
http://www.securitytracker.com/id/1034786


*** JavaScript Backdoor ***
---------------------------------------------
Casey Smith recently shared his research on twitter, which is to reverse HTTP Shell by using JavaScript. I found it rather interesting and further analyzed this technique.
---------------------------------------------
http://en.wooyun.io/2016/01/18/JavaScript-Backdoor.html


*** Snowden enttarnt falsche "Krypto-Mail" in IS-Video ***
---------------------------------------------
Terrororganisation hatte in Botschaft mit weiteren Angriffen gedroht
---------------------------------------------
http://derstandard.at/2000029688150


*** Fortinet: Mehr Hintertüren, mehr Patches ***
---------------------------------------------
Erst in der vergangenen Woche war bekanntgeworden, dass einige Fortinet-Firewall-Produkte einen Zugang mit Standardpasswörtern ermöglichen. Jetzt hat das Unternehmen seine eigenen Produkte analysiert - und weitere verwundbare Geräte gefunden. 
---------------------------------------------
http://www.golem.de/news/fortinet-mehr-hintertueren-mehr-patches-1601-118720.html


*** CVE-2015-8651 (Flash up to 20.0.0.228/235) and Exploit Kits ***
---------------------------------------------
http://malware.dontneedcoffee.com/2016/01/cve-2015-8651.html


*** Multi-Faktor-Authentifizierung: Neue vPro-Generation bringt Intel Authenticate ***
---------------------------------------------
Mit der sechsten Generation des Core i (Skylake) und dem Start der entsprechenden Geschäftskundenplattform will Intel nun verstärkt auch Sicherheitslösungen in vPro anbieten. Eine betriebssystemunabhängige Firmware und direktes Ansprechen der Grafikkarte sollen Keylogger chancenlos lassen. 
---------------------------------------------
http://www.golem.de/news/multi-faktor-authentifizierung-neue-vpro-generation-bringt-intel-authenticate-1601-118728.html


*** RSA Conference disables Twitter password-collecting form ***
---------------------------------------------
After a storm of criticism and shaming over the blurb-tweeting feature, the organizers said that they had used OAuth and hadnt collected passwords.
---------------------------------------------
https://nakedsecurity.sophos.com/2016/01/25/rsa-conference-disables-twitter-password-collecting-form/


*** Linux kernel : Denial of service with specially crafted key file. ***
---------------------------------------------
An issue with ASN1.1 DER decoder was reported that a specially created key can lead to a kernel panic via x509 certificate DER signature parsing.
---------------------------------------------
http://www.openwall.com/lists/oss-security/2016/01/25/2


*** Sicherheitspatches: Angreifer können Webseiten mit Magento-Shop kapern ***
---------------------------------------------
Magento sichert sein Shop-System ab. Dabei schließt der Anbieter zwei als kritisch eingestufte Lücken, über die Angreifer Admin-Sessions übernehmen können. 
---------------------------------------------
http://heise.de/-3083645


*** Hard-Coded Password Found in Lenovo File-Sharing App ***
---------------------------------------------
Lenovos SHAREit file-sharing app for Windows and Android has been patched against vulnerabilities that put private data at risk.
---------------------------------------------
http://threatpost.com/hard-coded-password-found-in-lenovo-file-sharing-app/115998/


*** Hack Brief: Don't Be Trolled by This iPhone-Crashing Link Meme ***
---------------------------------------------
Pranksters are passing a link to "crashsafari.com" around social media, which immediately crashes iPhones and iPads.
---------------------------------------------
http://www.wired.com/2016/01/hack-brief-dont-be-trolled-by-this-iphone-crashing-link-meme/