[CERT-daily] Tageszusammenfassung - Montag 27-03-2017

Mon Mar 27 18:04:52 CEST 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Freitag 24-03-2017 18:00 − Montag 27-03-2017 18:00
Handler:     Robert Waldner
Co-Handler:  n/a


*** SAP NetWeaver J2EE Platform Security ***
---------------------------------------------
In the previous article, we discussed SAP NetWeaver ABAP Platform and its vulnerabilities. Today's topic is the J2EE platform, its architecture, vulnerabilities, and the latest trends in its cyber security.
---------------------------------------------
http://resources.infosecinstitute.com/sap-netweaver-j2ee-platform-security/


*** [Update] Ungepatchte SAP-Systeme angreifbar für Remote Code Execution ***
---------------------------------------------
Wenn die im Rahmen des SAP Security Patch Day im März 2017 veröffentlichten Patches nicht umgehend eingespielt werden, droht die Kompromittierung zentraler Datenbestände, warnen SAP-Kenner.
---------------------------------------------
https://heise.de/-3664479


*** Amazon-Phishingmail: Rechnung über Ihre Verkäufergebühren ***
---------------------------------------------
In einer angeblichen Nachricht von "Europe Amazon" erhalten Kund/innen die Information, dass ihr "Duplikat der elektronisch erzeugten Steuerrechnung" verfügbar sei. Sie können es in einem beigefügten Dokument, das den Login-Bereich von Amazon imitiert, herunterladen. Es handelt sich um einen Phishingversuch.
---------------------------------------------
https://www.watchlist-internet.at/phishing/amazon-phishingmail-rechnung-ueber-ihre-verkaeufergebuehren/


*** Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005 ***
---------------------------------------------
On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The exploit targeted older versions of Windows and allowed attackers to elevate process privileges on these platforms.
---------------------------------------------
https://blogs.technet.microsoft.com/mmpc/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/


*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Dashboard Framework ***
http://www-01.ibm.com/support/docview.wss?uid=swg22000663
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Web Experience Factory ***
http://www-01.ibm.com/support/docview.wss?uid=swg22000643
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Process Designer used in IBM Business Process Manager and WebSphere Lombardi Edition ***
http://www.ibm.com/support/docview.wss?uid=swg22000871
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in zlib affect IBM Sterling Connect:Direct for Microsoft Windows (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843) ***
http://www.ibm.com/support/docview.wss?uid=swg22000608
---------------------------------------------
*** IBM Security Bulletin: Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21993718
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in OpenSSL affects LCM8 & LCM16 KVM Switch Firmware and GCM16 & GCM32 KVM Switch Firmware (CVE-2016-8610) ***
https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=migr-5099549
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012) ***
http://www-01.ibm.com/support/docview.wss?uid=swg22000413&myns=swgws&mynp=OCSS9H2Y&mync=E&cm_sp=swgws-_-OCSS9H2Y-_-E
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect GPFS for Windows V3.5 ***
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024968
---------------------------------------------
*** IBM Security Bulletin: IBM Sterling Selling and Fulfillment Foundation is affected by Cross Site Scripting (XSS) Vulnerability (CVE-2016-8917) ***
http://www.ibm.com/support/docview.wss?uid=swg22000943
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Jazz Team Server affect IBM Rational products based on IBM Jazz technology ***
https://www.ibm.com/support/docview.wss?uid=swg22000784
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in GSKit affects IBM Sterling Connect:Direct for UNIX (CVE-2016-2183) ***
https://www-01.ibm.com/support/docview.wss?uid=swg22000927
---------------------------------------------
*** IBM Security Bulletin: Fix Available for IBM iNotes Cross-site Scripting Vulnerability (CVE-2016-9990) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21998824
---------------------------------------------