[CERT-daily] Tageszusammenfassung - Freitag 27-05-2016

Daily end-of-shift report team at cert.at
Fri May 27 18:03:35 CEST 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 26-05-2016 18:00 − Freitag 27-05-2016 18:00
Handler:     Stephan Richter
Co-Handler:  Alexander Riepl



*** VU#482135: MEDHOST Perioperative Information Management System contains hard-coded database credentials ***
---------------------------------------------
MEDHOST Perioperative Information Management System (PIMS) versions prior to 2015R1 contain hard-coded credentials that are used for customer database access.
---------------------------------------------
http://www.kb.cert.org/vuls/id/482135




*** Environmental Systems Corporation Data Controllers Vulnerabilities ***
---------------------------------------------
This advisory contains mitigation details for data controller vulnerabilities in the Environmental Systems Corporation (ESC) 8832 Data Controller.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-147-01




*** Sixnet BT Series Hard-coded Credentials Vulnerability ***
---------------------------------------------
This advisory contains mitigation details for a hard-coded credential vulnerability in Sixnet's BT series routers.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-147-02




*** Black Box AlertWerks ServSensor Credential Management Vulnerability ***
---------------------------------------------
This advisory contains mitigation details for a credential management vulnerability in Black Box's AlertWerks ServSensor devices.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03




*** Bugtraq: ESA-2016-061: EMC Isilon OneFS SMB Signing Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/archive/1/538499




*** Up to a dozen banks are reportedly investigating potential SWIFT breaches ***
---------------------------------------------
More banks have reportedly launched investigations into potential security breaches on their networks after hackers stole US$81 million from the Bangladesh ..
---------------------------------------------
http://www.cio.com/article/3075448/up-to-a-dozen-banks-are-reportedly-investigating-potential-swift-breaches.html




*** Cisco WebEx Meeting Center Site Access Control User Account Enumeration Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc




*** Security Advisory: NTP vulnerability CVE-2016-2519 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/41/sol41613034.html




*** Security Advisory: NTP vulnerability CVE-2016-2517 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/61/sol61200338.html




*** Multiple Buffalo wireless LAN routers vulnerable to information disclosure ***
---------------------------------------------
http://jvn.jp/en/jp/JVN75813272/




*** Multiple Buffalo wireless LAN routers vulnerable to directory traversal ***
---------------------------------------------
http://jvn.jp/en/jp/JVN81698369/




*** Link (.lnk) to Ransom ***
---------------------------------------------
We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior. This ransom leverages removable and network drives to propagate ..
---------------------------------------------
https://blogs.technet.microsoft.com/mmpc/2016/05/26/link-lnk-to-ransom/




*** Spoofer ***
---------------------------------------------
Seeking to minimize Internets susceptibility to spoofed DDoS attacks, we are developing and supporting open-source software tools to assess and report on the deployment of source address validation (SAV) best anti-spoofing practices. This ..
---------------------------------------------
http://www.caida.org/projects/spoofer/




*** Security Advisory - Apache Struts2 Remote Code Execution Vulnerability in Huawei Products ***
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20160527-01-struts2-en




*** Path Traversal in extension "Media management" (media) ***
---------------------------------------------
https://typo3.org/news/article/path-traversal-in-extension-media-management-media/




*** Cross-Site Scripting in extension "Formhandler" (formhandler) ***
---------------------------------------------
https://typo3.org/news/article/cross-site-scripting-in-extension-formhandler-formhandler/




*** Global companies arent quick to patch 'high' severity flaw in OpenSSL ***
---------------------------------------------
Yet another Padding Oracle flaw (CVE-2016-2107), allowing decrypting TLS traffic in a MITM attack, remains exploitable on the most popular web and email servers.
---------------------------------------------
https://www.htbridge.com/blog/CVE-2016-2107-padding-oracle-exploit.html




*** TLS-Zertifikate: Google zieht Daumenschrauben der CAs weiter an ***
---------------------------------------------
Ab Juni müssen alle Symantec-CAs ihre Aktivitäten via Certificate Transparency registrieren. Sonst werden die Zertifikats-Inhaber abgestraft. Das könnte auch andere CAs treffen.
---------------------------------------------
http://heise.de/-3215053




*** Cisco Firepower Management Center Web Interface Code Injection Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160527-fmc




*** Android Banking Trojan 'SpyLocker' Targets More Banks in Europe ***
---------------------------------------------
Since the discovery of the Android banking Trojan SpyLocker, Intel Security has closely monitored this threat. SpyLocker first appeared disguised as Adobe Flash Player and targeted customers of banks in Australia, New Zealand, and ..
---------------------------------------------
https://blogs.mcafee.com/mcafee-labs/android-banking-trojan-spylocker-targets-more-banks-in-europe/



More information about the Daily mailing list