[CERT-daily] Tageszusammenfassung - Dienstag 20-06-2017

Tue Jun 20 18:06:15 CEST 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 19-06-2017 18:00 − Dienstag 20-06-2017 18:00
Handler:     Robert Waldner
Co-Handler:  n/a


*** Apache HTTPD Bugs Let Remote Users Deny Service and Bypass Authentication in Certain Cases ***
---------------------------------------------
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.2.0 - 2.2.32, 2.4.0 - 2.4.25
Description:   Several vulnerabilities were reported in Apache HTTPD. A remote user can cause the target service to crash. A remote user can bypass authentication.
---------------------------------------------
http://www.securitytracker.com/id/1038711


*** Bugtraq: [security bulletin] HPESBGN03758 rev.2 - HPE UCMDB, Remote Code Execution ***
---------------------------------------------
http://www.securityfocus.com/archive/1/540745


*** McAfee Labs Threats Report Explores Malware Evasion Techniques, Digital Steganography, Password-Stealer Fareit ***
---------------------------------------------
We got a little carried away in the McAfee Labs Threats Report: June 2017, published today. This quarter's report has expanded to a rather hefty 83 pages! It contains three highly educational topics, in addition to the usual set of threats statistics: We broadly examine evasion techniques and how malware authors use them to accomplish...
---------------------------------------------
https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-labs-threats-report-explores-malware-evasion-techniques-digital-steganography-password-stealer-fareit/


*** Glibc Stack/Heap Memory Allocation Error Lets Local Users Gain Elevated Privileges ***
---------------------------------------------
A local user can supply specially crafted LD_LIBRARY_PATH values to trigger a stack memory allocation flaw in certain cases and execute arbitrary code on the target system with elevated privileges.
The stack guard-page memory gap can be "jumped" in cases where heap memory and stack memory are adjacent.
---------------------------------------------
http://www.securitytracker.com/id/1038712


*** [2017-06-20] Multiple Reflected Cross Site Scripting (XSS) issues in Ubiquiti Networks products ***
---------------------------------------------
Multiple Ubiquiti Networks products with firmware XM v6.0, SW v1.3.3 and AF24 v3.2 are affected by a POST-request based cross site scripting vulnerability. Malicious JavaScript code can be executed in the browser of the user and cookies can be stolen.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170620-0_Ubiquiti_networks_Multiple_XSS_v10.txt


*** DFN-CERT-2017-1052/">Exim: Eine Schwachstelle ermöglicht die Ausführung beliebigen Programmcodes ***
---------------------------------------------
Betroffene Software: Exim <= 4.89
In Exim existiert eine Schwachstelle, weil durch die Mehrfachverwendung von '-p' als Befehlszeilenargument Speicher reserviert werden kann, der nicht wieder freigegeben wird. Ein lokaler, nicht authentisierter Angreifer kann dies nur in Verbindung mit einer anderen Schwachstelle ausnutzen, um beliebigen Programmcode zur Ausführung zu bringen und möglicherweise auch eine Rechteerweiterung auf Root-Privilegien durchzuführen.
Debian stellt für die stabile Distribution Stretch und die alte stabile Distribution Jessie jeweils Backport-Sicherheitsupdates bereit.
CVE-2017-1000369
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1052/


*** Oracle Security Alert for CVE-2017-3629 ***
---------------------------------------------
This Security Alert addresses CVE-2017-3629 and two other vulnerabilities affecting Oracle Solaris. These are local privilege escalation vulnerabilities that may only be exploited over a network with a valid username and password. Together, these vulnerabilities may allow privilege escalation to root.
---------------------------------------------
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-3629-3757403.html


*** Vuln: SAP Business Objects DS Open Redirection Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/99143


*** Xen Security Advisories ***
---------------------------------------------
XSA-216: blkif responses leak backend stack data
XSA-217: page transfer may allow PV guest to elevate privilege
XSA-218: Races in the grant table unmap code
XSA-219: x86: insufficient reference counts during shadow emulation
XSA-220: x86: PKRU and BND* leakage between vCPU-s
XSA-221: NULL pointer deref in event channel poll
XSA-222: stale P2M mappings due to insufficient error checking
XSA-223: ARM guest disabling interrupt may crash Xen
XSA-224: grant table operations mishandle reference
---------------------------------------------
https://lists.xen.org/archives/html/xen-announce/2017-06/


*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i. ***
http://www-01.ibm.com/support/docview.wss?uid=nas8N1022142
---------------------------------------------
*** IBM Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2017-1304) ***
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010230
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM WebSphere MQ Internet Pass-Thru ***
http://www.ibm.com/support/docview.wss?uid=swg22001701
---------------------------------------------
*** IBM Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server Liberty shipped with IBM Security Directory Suite (CVE-2016-0378, CVE-2016-5983 and CVE-2016-5986) ***
http://www.ibm.com/support/docview.wss?uid=swg22002049
---------------------------------------------