[CERT-daily] Tageszusammenfassung - Montag 21-11-2016

Mon Nov 21 18:22:50 CET 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 18-11-2016 18:00 − Montag 21-11-2016 18:00
Handler:     Robert Waldner
Co-Handler:  n/a


*** Vuln: Huawei Smart Phones Multiple Local Denial of Service Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/bid/94404


*** Vuln: Multiple Lenovo ThinkPad Products CVE-2016-8222 Local Security Bypass Vulnerability ***
---------------------------------------------
Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. 
---------------------------------------------
http://www.securityfocus.com/bid/94409


*** Security Advisory: PHP vulnerability CVE-2016-6289 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/52/sol52430518.html?ref=rss


*** SSA-672373 (Last Update 2016-11-18): Vulnerabilities in SIMATIC CP 1543-1 ***
---------------------------------------------
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-672373.pdf


*** SSA-701708 (Last Update 2016-11-18): Local Privilege Escalation in Industrial Products ***
---------------------------------------------
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf


*** SAP NetWeaver AS ABAP 7.4 Directory Traversal ***
---------------------------------------------
The code provides access to the file specified after the READ DATASET
statement. The variable transmitted to the input of the statement is
entered in it by user input. Thus, the user can access the files
stored on the operating system. This vulnerability is called a
Directory Traversal.
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016110168


*** Update wichtig: Sicherheitswarnung zu Symantec-Software ***
---------------------------------------------
Das BSI hat eine Sicherheitswarnung der Stufe 4 bezüglich der Symantec-Produkte Endpoint Security herausgegeben und empfiehlt ein sofortiges Update.
---------------------------------------------
https://heise.de/-3492125


*** Second Chinese Firm In a Week Found Hiding a Backdoor In Android Firmware ***
---------------------------------------------
An anonymous reader quotes Bleeping Computer: Security researchers have discovered that third-party firmware included with over 2.8 million low-end Android smartphones allows attackers to compromise Over-the-Air (OTA) update operations and execute commands on the targets phone with root privileges. This is the second issue of its kind that came to light this week after researchers from Kryptowire discovered a similar secret backdoor in the firmware of Chinese firm Shanghai Adups Technology Co.
---------------------------------------------
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/A1TnPdkseTU/second-chinese-firm-in-a-week-found-hiding-a-backdoor-in-android-firmware


*** Putty Cleartext Password Storage ***
---------------------------------------------
Putty.exe stores Passwords unencrypted for sessions that use a Proxy connection and specify a password to save.
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016110172


*** WordPress Plugin MailChimp 4.0.7 - Cross-Site Request Forgery / XSS ***
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016110174


*** Vuln: Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability ***
---------------------------------------------
Apache OpenOffice is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue to gain elevated privileges.
Apache OpenOffice 4.1.2 and prior versions are vulnerable. 
---------------------------------------------
http://www.securityfocus.com/bid/94418


*** DFN-CERT-2016-1916/">GStreamer-Plugin: Eine Schwachstelle ermöglicht die Ausführung beliebigen Programmcodes ***
---------------------------------------------
Ein entfernter, nicht authentifizierter Angreifer kann mit Hilfe einer speziell präparierten Mediendatei einen Pufferüberlauf auf dem Heap erzeugen, dadurch große Speicherbereiche kontrollieren und in der Folge beliebigen Programmcode ausführen.
Die Schwachstelle kann im Kombination mit anderen Sicherheitslücken und Design-Entscheidungen auf bestimmten Linux-Systemen einfach durch den Besuch einer speziell präparierten Webseite ausgenutzt werden. Es ist dabei keine Interaktion des Benutzers notwendig.
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2016-1916/


*** Bugtraq: [security bulletin] HPSBHF03675 rev.1 - HPE Integrated Lights-Out 3 and 4 (iLO 3, iLO 4), Cross-Site Scripting (XSS) ***
---------------------------------------------
HPE has made the following firmware updates available to resolve the
vulnerability in iLO 3 and iLO 4:
    For iLO3, please upgrade to firmware v1.88
    For iLO4, please upgrade to firmware v2.44
---------------------------------------------
http://www.securityfocus.com/archive/1/539791


*** Oil and Gas Cybersecurity part 3: Midstream Security for Oil ***
---------------------------------------------
I hope you enjoyed the previous parts of Oil and Gas Cyber Security series (Upstream Cyber Security and Oil and Gas Cyber Security 101). Today we will talk about OT and ICS with a special focus on the Midstream sector of the petroleum industry.
---------------------------------------------
http://resources.infosecinstitute.com/oil-and-gas-cybersecurity-part-3-midstream-security-for-oil/


*** Nemucod Infections Spreading Locky Over Facebook ***
---------------------------------------------
Researchers have spotted an increase in Nemucod downloader infections moving via Facebook Messenger spam, with some victims being infected with Locky ransomware.
---------------------------------------------
http://threatpost.com/nemucod-infections-spreading-locky-over-facebook/122062/


*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Cross-Site Scripting Vulnerability in IBM Social Rendering Templates for Digital Data Connector (CVE-2016-8936) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21993895
---------------------------------------------
*** IBM Security Bulletin: IBM Tivoli Netcool Configuration Manager (ITNCM) is affected by a vulnerability discovered in XSTREAM (CVE-2016-3674) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21992217
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Directors and Switches (CVE-2016-0701, CVE-2015-3197) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1009610
---------------------------------------------
*** IBM Security Bulletin: Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco MDS Directors and switches (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1009608
---------------------------------------------