National Computer Board - CERT-MU

National Computer Board
Computer Emergency Response Team of Mauritius
(CERT-MU)
Weekly Security Bulletin
CERT-MU Weekly Security Bulletin provides a summary of information security news,
vulnerabilities, advisories and virus alerts for the week of April 20, 2015. This information is
uploaded on CERT-MU website on a daily basis. For details, refer to CERT-MU website:
http://cert-mu.org.mu.
Information Security News
 Hottest News of the Week
Pushdo spamming botnet gains strength again
Computers in more than 50 countries are infected with a new version of Pushdo, a spamming
botnet that has been around since 2007 and survived several attempts to shut it down. At one
time, Pushdo-infected computers sent as many as 7.7 billion spam messages per day. Security
analysts have tried to kill it four times by commandeering its infrastructure, but a new version of
the malware has emerged once again, with high concentrations of infections in countries such as
India, Indonesia, Turkey and Vietnam.
Read More
Vulnerabilities
The table below shows the vulnerabilities related to various Operating Systems, Application
software and Network devices discovered during the week of April 20, 2015. More details about
the vulnerabilities and their countermeasures are available on the CERT-MU website. The
vulnerabilities are organized according to their severity – High, Medium and Low.
Vulnerabilities – Medium
Vendor /
Product
Vulnerability
Published Date
Red Hat
Red Hat JBoss Operations
Network API Lets Remote
Users Execute Arbitrary Java
Methods and Deny Service
April 24, 2015
CERT-MU References
VN-2015-66
1
Novell
Cisco
Symantec
Novell ZENworks Bugs Let
Remote Users Inject SQL
Commands, Execute Arbitrary
Code, and Obtain Potentially
Sensitive Information
Cisco Web Security Appliance
Input Validation Flaw in Filter
Search Forms Permits CrossSite Scripting Attacks
Symantec Workspace
Streaming Agent Unquoted
Service Path Local Elevation of
Privilege
April 22, 2015
VN-2015-65
April 21, 2015
VN-2015-64
April 20, 2015
VN-2015-63
Virus Alerts
The latest viruses and risks for this week are listed below. Users are required to follow the links
on CERT-MU website for the removal instructions as proposed by the specific vendors.
Virus Alerts
Name
Type
Damage
Level
W32.Ransomlock.AO!gen1
Virus
Medium
W32.Ransomlock.AO!inf2
Virus
Medium
Exp.CVE-2015-1701
Trojan
Low
Downloader.Ponik!gen13
Trojan
Medium
Systems Affected






















Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 8
Windows NT
Windows Vista
Windows XP

Windows 2000
Release Date
April 23, 2015
April 23, 2015
April 23, 2015
April 22, 2015
2
Linux.Susiribot
Trojan
Medium
Backdoor.Darpapox
Trojan
Medium
Trojan.Ransomcrypt.S
Trojan
Medium
Downloader.Dromedan!gm
Trojan
Medium
Backdoor.Memsyl
Trojan
Medium







Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Vista
Windows XP






































Linux
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server 2003
Windows Server 2008
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server 2003
Windows Server 2008
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server 2003
Windows Server 2008
Windows Vista
April 22, 2015
April 22, 2015
April 22, 2015
April 21, 2015
April 21, 2015
3
SONAR.LowSec!gen4
Trojan
Medium

Windows XP










Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server 2003
Windows Server 2008
Windows Vista
Windows XP
April 20, 2015
Please note that the members who do not want to receive the weekly security bulletin, they can
unsubscribe from CERT-MU mailing list by sending an e-mail to the following address:
[email protected]
For more information please contact CERT-MU team on:
Hotline No: (+230) 800 2378
Fax No: (+230) 208 0119
Gen. Info. : [email protected]
Incident: [email protected]
Website: http://cert-mu.org.mu
4