[CERT-daily] Tageszusammenfassung - 27.11.2017

Mon Nov 27 18:23:25 CET 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 24-11-2017 18:00 − Montag 27-11-2017 18:00
Handler:     Nina Bieringer
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ Mobile Menace Monday: Chrome declares war on unwanted redirects ∗∗∗
---------------------------------------------
Google is initiating their plan to implement a few new changes in Chrome to defend against unwanted web redirects. A redirect happens when a different website from the URL that was entered opens in the browser. Sometimes redirects are intentional, as in when an organization/website is bought out by another entity and their traffic is redirected to the new owner. However, sometimes redirects are malicious and unwanted.
---------------------------------------------
https://blog.malwarebytes.com/cybercrime/2017/11/chrome-declares-war-unwanted-redirects/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ [Pdns-announce] PowerDNS Authoritative Server 4.0.5 and Recursor 4.0.7 Available ∗∗∗
---------------------------------------------
We're happy to release PowerDNS Authoritative Server 4.0.5 and Recursor 4.0.7 which contain a lot of backports from the 4.1.x branch. These releases also drop support for Botan 1.10 in favor of Botan 2.x.
More importantly there are fixes for the following security advisories:
- Authoritative Server
  - PowerDNS Security Advisory 2017-04[1]: Missing check on API operations (CVE-2017-15091)
- Recursor
  - PowerDNS Security Advisory 2017-03[2]: Insufficient validation of DNSSEC signatures (CVE-2017-15090)
  - PowerDNS Security Advisory 2017-05[3]: Cross-Site Scripting in the web interface (CVE-2017-15092)
  - PowerDNS Security Advisory 2017-06[4]: Configuration file injection in the API (CVE-2017-15093)
  - PowerDNS Security Advisory 2017-07[5]: Memory leak in DNSSEC parsing (CVE-2017-15094)
---------------------------------------------
https://mailman.powerdns.com/pipermail/pdns-announce/2017-November/001077.html


∗∗∗ Schwerwiegende Sicherheitsprobleme in Mailserver-Software Exim - Workaround verfügbar ∗∗∗
---------------------------------------------
Das Exim-Projekt hat am 25. 11. 2017 Informationen zu einer schwerwiegenden Sicherheitslücke veröffentlicht.
Details: Durch Ausnutzen eines Use-after-free Fehlers können Angreifer potentiell beliebigen Code auf betroffenen Mailservern ausführen.
CVE-Nummern dazu: CVE-2017-16943, CVE-2017-16944 
---------------------------------------------
http://www.cert.at/warnings/all/20171127.html


∗∗∗ Security Advisory - Improper Access Control Vulnerability in Some Huawei OceanStor products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171122-01-oceanstor-en


∗∗∗ Security Advisory - Stack Overflow Vulnerability in Baseband Module of Some Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171125-01-baseband-en


∗∗∗ Security Advisory - Multiple Vulnerabilities of WPA and WPA2 Protocol in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171117-01-wpa-en


∗∗∗ IBM Security Bulletin: Security Bulletin: Samba vulnerability affects IBM SONAS (CVE-2017-9461) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1010656


∗∗∗ IBM Security Bulletin: Vulnerability CVE-2017-15906 in OpenSSH affects IBM i ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=nas8N1022349


∗∗∗ IBM Security Bulletin: Vulnerability CVE-2017-14919 in Node.js affects IBM i ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=nas8N1022348


∗∗∗ IBM Security Bulletin: Vulnerability in curl affects IBM Chassis Management Module (CVE-2017-7407) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099640


∗∗∗ IBM Security Bulletin: Vulnerabilities in NTP affect IBM Chassis Management Module ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099639

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily