[CERT-daily] Tageszusammenfassung - Mittwoch 5-10-2016

Daily end-of-shift report team at cert.at
Wed Oct 5 18:21:13 CEST 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 04-10-2016 18:00 − Mittwoch 05-10-2016 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter




*** Security Advisory: XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2015-1470 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/16000/800/sol16838.html?ref=rss




*** Android Security Bulletin October 2016 ***
---------------------------------------------
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air (OTA) update.
---------------------------------------------
https://source.android.com/security/bulletin/2016-10-01.html




*** Security Advisory: OpenSSL vulnerability CVE-2016-2183 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/13/sol13167034.html?ref=rss




*** WordPress Hack Modifies Core Files to Share Spam ***
---------------------------------------------
One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without proper security measures in place, even website owners with the best intentions can lose control of their website. When hackers gain access to your site, they can use it to host phishing content, distribute malware, steal sensitive information and more. In this analysis, we look at a website that was unintentionally sharing spam content in the form of Windows keys.
---------------------------------------------
https://blog.sucuri.net/2016/10/wordpress-hack-shares-spam-when-core-modified.html




*** Researchers spot remote code execution flaw in FreeImage ***
---------------------------------------------
Cisco Talos researchers spotted a remote code execution vulnerability in the FreeImage Library XMP Image Handling affecting version 3.17.0.
---------------------------------------------
http://www.scmagazine.com/remote-code-execution-flaw-spotted-in-freeimage-library/article/526888/




*** Security Advisory: OpenSSL vulnerability CVE-2016-6303 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/35/sol35543324.html?ref=rss




*** INDAS Web SCADA Path Traversal Vulnerability ***
---------------------------------------------
This advisory contains mitigation details for a path traversal vulnerability in the INDAS Web SCADA application.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-278-01




*** Beckhoff Embedded PC Images and TwinCAT Components Vulnerabilities ***
---------------------------------------------
This advisory contains mitigation details for vulnerabilities in Beckhoff's Embedded PC Images and TwinCAT Components.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02




*** Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities (Update B) ***
---------------------------------------------
This updated advisory is a follow-up to the advisory update titled ICSA-16-208-01A Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities that was published August 16, 2016, on the NCCIC/ICS-CERT web site. This advisory contains mitigation details for two vulnerabilities in the Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01




*** Lets not meet up with JPEG 2000 - researchers find security hole in image codec ***
---------------------------------------------
Wont it be strange when were all fully pwned? Researchers are warning about a newly discovered security vulnerability in a popular open-source JPEG 2000 parser that could let corrupted image files trigger remote code execution.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2016/10/04/jpeg_2000_security_hole/




*** DressCode-Malware: 400 Trojaner-Apps infiltrieren Google Play ***
---------------------------------------------
Sicherheitsforscher warnen vor getarnten Android-Spionage-Apps, die aus Firmen-Netzwerken Informationen absaugen sollen.
---------------------------------------------
https://heise.de/-3340921




*** Xen Security Advisory CVE-2016-7777 / XSA-190 version 5: CR0.TS and CR0.EM not always honored for x86 HVM guests ***
---------------------------------------------
A malicious unprivileged guest user may be able to obtain or corrupt sensitive information (including cryptographic material) in other programs in the same guest.
---------------------------------------------
http://xenbits.xen.org/xsa/advisory-190.html




*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in IBM Financial Transaction Manager for Corporate Payment Services (CVE-2016-5920) ***
http://www.ibm.com/support/docview.wss?uid=swg21989062
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) and Rational Directory Administrator ***
http://www.ibm.com/support/docview.wss?uid=swg21989495
---------------------------------------------
*** IBM Security Bulletin: IBM Security Guardium is affected by Open Source XMLsoft Libxml2 Vulnerabilities (CVE-2016-3705) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21990231
---------------------------------------------
*** IBM Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Open Source XMLsoft Libxml2 Vulnerabilities (CVE-2016-3627) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21991063
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in Open Source GNU glibc affect IBM Workload Deployer (CVE-2014-9761, CVE-2015-8778, CVE-2015-8779) ***
http://www.ibm.com/support/docview.wss?uid=swg21991777
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in Open Source GNU glibc affects IBM Workload Deployer. (CVE-2015-8776) ***
http://www.ibm.com/support/docview.wss?uid=swg21991465
---------------------------------------------
*** IBM Security Bulletin: Cross-Site Scripting Vulnerability (CVE-2016-0243) Affects IBM Connections Mail ***
http://www.ibm.com/support/docview.wss?uid=swg21991265
---------------------------------------------
*** IBM Security Bulletin: IBM Security Guardium is affected by Cross-Site Scripting vulnerability (CVE-2016-0246) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21990377
---------------------------------------------





More information about the Daily mailing list