End-of-Shift report
Timeframe: Dienstag 10-09-2013 18:00 − Mittwoch 11-09-2013 18:00
Handler: Robert Waldner
Co-Handler: n/a
Juniper Junos J-Web Arbitrary Command Execution Vulnerability
Sense of Security has reported a vulnerability in Juniper Junos, which can be exploited by malicious users to compromise a vulnerable system.
The vulnerability is caused due to the application not properly restricting access to /jsdm/ajax/port.php and can be exploited to execute arbitrary OS commands with root privileges.
https://secunia.com/advisories/54731
Android Mobile: Following In the Windows Footsteps
FireEye discovered an email spam campaign, currently ongoing, which is dropping the well-known Android malware Android FakeDefender. Looking through our DTI platform, we believe that this campaign started on the 6th of September. Vector of Propagation FireEye Labs has identified … Continue reading →
http://www.fireeye.com/blog/technical/2013/09/android-malware.html
BlackBerry Patches Flash, WebKit and Libexif Flaws on Mobile Devices
BlackBerry issued four security advisories, patching vulnerabilities in the Z10 and Q10 smartphones and the PlayBook tablet.
http://threatpost.com/blackberry-patches-flash-webkit-and-libexif-flaws-on-mobile-devices/102249
Macs need to patch too!, (Tue, Sep 10th)
Our regular readers know this, but on Patch Tuesday aka Black Tuesday we get a bit wider audience and hence its worth repeating it even more: Do not forget to also patch your Macs! E.g. a Trojan was recently discoverd that targets Macs with unpatched java flaws. See the Intego writeup. Not only that. Microsoft Office, Adobe Flash, shockwave, reader or acrobat all need to get update too. -- Swa Frantzen -- Section 66 (c) SANS Internet Storm Center.
http://isc.sans.edu Creative Commons
http://isc.sans.edu/diary.html?storyid=16544&rss
Investigating the Security of the Firefox OS
Firefox OS is Mozilla’s foray into the mobile operating system field and promises a more adaptive mobile OS. But as mobile threats, in particular in the Android platform, has gained momentum, the question in everyone’s mind is – how safe is it? About a month ago, Telefonica announced that it had launched the Firefox OS […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroInvestigating the Security of the Firefox OS
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/b6Lw53NWiz4/
FreeBSD Network ioctl(2) Lets Local Users Gain Elevated Privileges
A vulnerability was reported in the FreeBSD Kernel. A local user can cause denial of service conditions. A local user may be able to obtain elevated privileges on the target system.
http://www.securitytracker.com/id/1029014
Managed Malicious Java Applets Hosting Service Spotted in the Wild
In a series of blog posts, we’ve been profiling the tactics and DIY tools of novice cybercriminals, whose malicious campaigns tend to largely rely on social engineering techniques, on their way to trick users into thinking that they’ve been exposed to a legitimate Java applet window. These very same malicious Java applets, continue representing a popular infection vector among novice cybercriminals, who remain the primary customers of the DIY tools/attack platforms that we’ve
http://feedproxy.google.com/~r/WebrootThreatBlog/~3/3tgS8jmgHQQ/
Summary for September 2013 - Version: 1.0
Unter anderem:
- Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution
- Vulnerability in Microsoft Outlook Could Allow Remote Code Execution
- Vulnerability in OLE Could Allow Remote Code Execution
- Vulnerability in Windows Theme File Could Allow Remote Code Execution
- Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
- Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
- Vulnerabilities in Microsoft Access Could Allow Remote Code Execution
http://technet.microsoft.com/en-gb/security/bulletin/ms13-sep
Bugtraq: Synology DSM multiple vulnerabilities
Synology DiskStation Manager (DSM) it's a Linux based operating system, used for the DiskStation and RackStation products.
http://www.securityfocus.com/archive/1/528543
Java 7u40 ist da – diesmal kein Critical Patch Update
Das als Funktions-Update angedachte neue Java-Release bringt etliche Sicherheits-Features und ein an die frührere JRockit Mission Control Suite erinnerndes Werkzeug zur Überwachung und zum Profiling der JVM.
http://www.heise.de/security/meldung/Java-7u40-ist-da-diesmal-kein-Critical-Patch-Update-1954140.html
Xen - libxl partially sets up HVM passthrough even with disabled iommu
Impact: A HVM domain, given access to a device which bus mastering capable in the absence of a functioning IOMMU, can mount a privilege escalation or denial of service attack affecting the whole system.
http://seclists.org/oss-sec/2013/q3/578
Adobe Security Bulletins Posted
Today, we released the following Security Bulletins: APSB13-21 – Security updates available for Adobe Flash Player APSB13-22 – Security updates available for Adobe Acrobat and Reader APSB13-23 – Security updates available for Shockwave Player Customers of the affected products should … Continue reading →
http://blogs.adobe.com/psirt/2013/09/adobe-security-bulletins-posted-9.html
RouterOS sshd Denial of Service Vulnerability
Kingcope has reported a vulnerability in RouterOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within sshd when processing requests and can be exploited to corrupt memory and subsequently cause a crash of the daemon.
https://secunia.com/advisories/54633