Happy Friday!

Security professionals, and other interested parties, that made it to Ruxcon and/or Breakpoint last week are probably feeling a little tired this week. I won't go into details of the conference other than to say there were some creative hacks and a particularly energetic panel session. There doesn't appear to be slides up on the Ruxcon website at the moment, however have a look at the schedule. Many of the speakers have slides available on their own websites, for example this one by Snare.

Speaking of conferences, the Call for Papers for the AusCERT 2013 "This Time, it's Personal" conference have opened! Please visit our website to find out more.

In other (non-security) news, this Mac Fangirl was excited to read about the new super thin iMac and iPad Mini. Not so pleasing was the 6 month early release of the next generation iPad, considering that I only bought my 3rd gen iPad a few weeks ago. I'm feeling a bit like that guy in the Oatmeal comic "What it's like to own an Apple Product". The comic is not entirely SFW but have a Google for it at some stage for some Friday afternoon lulz.

Finally, AusCERT has increased it's social presence with the addition of a Facebook page. For those with Facebook accounts please visit our page and like us. If you don't have an account, the page is publicly available so check it out anyway. We are also on Twitter.

Now for the top bulletins of the week:

1) ESB-2012.1025 - ALERT [Appliance] Korenix JetPort 5600: Root compromise - Remote/unauthenticated

This one is quite a doozy. The Korenix JetPort 5600 has hard coded root credentials which a remote, unauthenticated attacker could use to not only compromise the device, but also any attached serial devices. But wait, there's more. Exploits that target the vulnerability are publicly available. We're not certain how common these are in Australia, however like all SCADA devices the impact could be severe.

2) ESB-2012.1017.2 - UPDATE [Appliance] HP, 3COM, and H3C routers and switches: Access confidential data - Remote/unauthenticated

Another nasty one. A number of HP routers and switches can be remotely exploited without authentication in order to obtain sensitive information. No known publicly available exploits, however a large number of products are affected.

3) ESB-2012.1024 - [Win][Mac][OSX] Adobe Shockwave Player: Execute arbitrary code/commands - Remote with user interaction

Adobe Shockwave Player is worth a mention due to its popularity. Please note that this vulnerability affects Windows and Macintosh operating systems. *nix systems are not affected.

4) Multiple bulletins addressing BIND vulnerability CVE-2012-5166

ESB-2012.1009 - [Debian] bind9: Denial of service - Remote/unauthenticated
ASB-2012.0145 - [Appliance] McAfee Firewall Enterprise: Denial of service - Remote/unauthenticated
ESB-2012.1023 - [AIX] bind: Denial of service - Remote/unauthenticated
ESB-2012.1026 - [HP-UX] BIND: Denial of service - Remote/unauthenticated

In brief, the vulnerability can be remotely exploited and cause BIND to freeze. Note that the HP bulletin also addresses other vulnerabilities.

That's all for this week, safe browsing and have a great weekend,
Olivia