[CERT-daily] Tageszusammenfassung - Mittwoch 23-03-2016
Daily end-of-shift report
team at cert.at
Wed Mar 23 19:22:10 CET 2016
=======================
= End-of-Shift report =
=======================
Timeframe: Dienstag 22-03-2016 18:00 − Mittwoch 23-03-2016 18:00
Handler: Robert Waldner
Co-Handler: Alexander Riepl
*** What was all that about a scary iMessage flaw? Your three-minute guide ***
---------------------------------------------
On Sunday, we were warned that hackers could read our iMessages texts, photos and videos. Should I be worried? As it turns out: no. If youre even a little curious about cryptography and secure programming, though, it should interest and amuse you.
---------------------------------------------
http://www.theregister.co.uk/2016/03/23/imessages_flaw_details/
*** Google publishes list of Certificate Authorities it doesnt trust ***
---------------------------------------------
Thawte experiment aims to expose issuers of dodgy creds Googles announced another expansion to the security information offered in its transparency projects: its now going to track certificates you might not want to trust.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2016/03/23/google_now_publishing_a_list_of_cas_it_doesnt_trust/
*** Abusing Oracles, (Wed, Mar 23rd) ***
---------------------------------------------
No, no this has nothing to do with Oracle Corporation! This diary is about abusing encryption and decryption Oracles. First a bit of a background story. Most of the days I do web and mobile application penetration testing. While technical vulnerabilities, such as SQL Injection, XSS and similar are still commonly found, in last couple of years I would maybe dare to say that the Direct Object Reference (DOR) vulnerabilities have become prevalent.
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=20875&rss
*** Libmcrypt - Incorrect S-Boxes for GOST cipher (2008, unfixed) ***
---------------------------------------------
PHP just decided to abandon the trash fire that is libmcrypt. There were (are?) still other projects that use(d) it, so Im sharing this link in the interest of strongly encouraging projects to drop it like a lead balloon. This is far from the only problem with it ...
---------------------------------------------
https://www.reddit.com/r/netsec/comments/4bl8xu/libmcrypt_incorrect_sboxes_for_gost_cipher_2008/
*** Microsoft Adds New Feature in Office 2016 That Can Block Macro Malware ***
---------------------------------------------
Microsoft is finally addressing the elephant in the room in terms of security for Office users and has announced a new feature in the Office 2016 suite that will make it harder for attackers to exploit macro malware. ... Sysadmins can now block macros that connect to the Internet ... "This feature can be controlled via Group Policy and configured per application," Microsoft explains. "It enables enterprise administrators to block macros from running in Word, Excel and PowerPoint
---------------------------------------------
http://news.softpedia.com/news/microsoft-adds-new-feature-in-office-2016-that-can-block-macro-malware-502058.shtml
*** GroupWise 2014 R2 Hot Patch 1 - Windows Full Multilingual ***
---------------------------------------------
Abstract: GroupWise 2014 R2 Hot Patch 1 has been released. Be aware that there are security fixes in this release. Please see the Security section for details.
---------------------------------------------
https://download.novell.com/Download?buildid=AA7ZB93KAjc~
*** GroupWise 2014 R2 Hot Patch 1 - Windows Client Multilingual ***
---------------------------------------------
Abstract: GroupWise 2014 R2 Hot Patch 1 has been released. Be aware that there are security fixes in this release. Please see the Security section for details.
---------------------------------------------
https://download.novell.com/Download?buildid=dxd3rzvGvig~
*** GroupWise 2014 R2 Hot Patch 1 - Linux Full Multilingual ***
---------------------------------------------
Abstract: GroupWise 2014 R2 Hot Patch 1 has been released. Be aware that there are security fixes in this release. Please see the Security section for details.
---------------------------------------------
https://download.novell.com/Download?buildid=Wxix0_fCdmI~
*** sol51518670: Linux kernel vulnerability CVE-2015-2922 ***
---------------------------------------------
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. (CVE-2015-2922)
---------------------------------------------
https://support.f5.com/kb/en-us/solutions/public/k/51/sol51518670.html
*** F5 Security Advisory: Apache Tomcat 6.x vulnerabilities CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, and CVE-2016-0714 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/30/sol30971148.html?ref=rss
---------------------------------------------
*** Cisco Security Advisories ***
---------------------------------------------
*** Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp
---------------------------------------------
*** Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi
---------------------------------------------
*** Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f
---------------------------------------------
*** Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2
---------------------------------------------
*** Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
---------------------------------------------
*** ZDI-16-210: IBM Informix portmap Service Privilege Escalation Vulnerability ***
---------------------------------------------
This vulnerability allows local users to execute arbitrary code on vulnerable installations of IBM Informix. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
www.zerodayinitiative.com/advisories/ZDI-16-210/
*** ZDI-16-209: IBM Informix nsrexecd Service Privilege Escalation Vulnerability ***
---------------------------------------------
This vulnerability allows local users to execute arbitrary code on vulnerable installations of IBM Informix. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-16-209/
*** ZDI-16-208: IBM Informix nsrd Service Privilege Escalation Vulnerability ***
---------------------------------------------
This vulnerability allows local users to execute arbitrary code on vulnerable installations of IBM Informix. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-16-208/
More information about the Daily
mailing list