[CERT-daily] Tageszusammenfassung - 29.11.2017

Daily end-of-shift report team at cert.at
Wed Nov 29 18:13:54 CET 2017


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 28-11-2017 18:00 − Mittwoch 29-11-2017 18:00
Handler:     Nina Bieringer
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ Annual Incident Analysis Report for the Trust Service Providers ∗∗∗
---------------------------------------------
One year after the eIDAS Regulation entered into force, ENISA publishes the first comprehensive overview of the annual summary reporting by the Member States.
---------------------------------------------
https://www.enisa.europa.eu/news/enisa-news/annual-incident-analysis-report-for-the-trust-service-providers


∗∗∗ Teure Angriffe auf ISDN-Anlagen ∗∗∗
---------------------------------------------
Neuartige Angriffe auf ISDN-Anlagen unterlaufen die Betrugserkennung der Telefongesellschaften durch die Nutzung von Call-by-Call-Vorwahlen und maximieren damit den Schaden. Gefährdet sind auch Besitzer älterer Anlagen ohne Internetanbindung.
---------------------------------------------
https://www.heise.de/newsticker/meldung/Teure-Angriffe-auf-ISDN-Anlagen-3904511.html



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Apple Security Update 2017-001 ∗∗∗
---------------------------------------------
Available for: macOS High Sierra 10.13.1
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
---------------------------------------------
https://support.apple.com/kb/HT208315


∗∗∗ [webapps] Synology StorageManager 5.2 - Root Remote Command Execution ∗∗∗
---------------------------------------------
Vulnerability Summary
The following advisory describes a remote command execution vulnerability
found in Synology StorageManager.
---------------------------------------------
https://www.exploit-db.com/exploits/43190/?rss


∗∗∗ RSA Authentication Agent SDK for C Error Handling Flaw May Let Remote Users Bypass Authentication on the Target System ∗∗∗
---------------------------------------------
In applications that do not properly handle return codes from the API/SDK, a remote user may be able to trigger an error handling flaw and bypass authentication on the target system.
Systems with the API/SDK used in TCP asynchronous mode may be affected.
The RSA Authentication Agent API/SDK for Java is not affected.
---------------------------------------------
http://www.securitytracker.com/id/1039877


∗∗∗ RSA Authentication Agent for Web for Apache Web Server Lets Remote Users Bypass Authentication on the Target System ∗∗∗
---------------------------------------------
A remote user can supply specially crafted data to trigger an input validation flaw and bypass authentication and gain access to resources ostensibly protected by the target agent. Agents configured to use the TCP protocol to communicate with the RSA Authentication Manager server are affected. The default configuration (UDP) is not affected.
---------------------------------------------
http://www.securitytracker.com/id/1039876


∗∗∗ Siemens SCALANCE W1750D, M800, and S615 ∗∗∗
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-332-01


∗∗∗ Vuln: Multiple EMC RSA products CVE-2017-14378 Authentication Bypass Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/101979


∗∗∗ Vuln: Multiple Siemens SCALANCE Products Multiple Security Vulnerabilities ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/101977


∗∗∗ Cisco Secure Access Control System Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-acs


∗∗∗ Cisco WebEx Meeting Center URL Redirection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-wmc


∗∗∗ Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex5


∗∗∗ Cisco WebEx Event Center Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex4


∗∗∗ Cisco WebEx Meeting Server Unauthorized Welcome Message Modification Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex3


∗∗∗ Cisco WebEx Network Recording Player Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex1


∗∗∗ Multiple Vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex-players


∗∗∗ Cisco WebEx Network Recording Player Buffer Overflow Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex


∗∗∗ Multiple Vulnerabilities in Cisco UCS Central Software ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-central


∗∗∗ Cisco Multilayer Director, Nexus 7000 Series, and Nexus 7700 Series Switches Bash Shell Unauthorized Access Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-switch


∗∗∗ Cisco Prime Service Catalog SQL Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-prime


∗∗∗ Cisco Nexus Series Switches Open Agent Container Code Execution Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos9


∗∗∗ Cisco NX-OS System Software Patch Installation Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos8


∗∗∗ Cisco NX-OS System Software CLI Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos7


∗∗∗ Cisco NX-OS System Software CLI Arbitrary File Read Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos6


∗∗∗ Cisco NX-OS System Software Interactive TCL Shell Escape Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos5


∗∗∗ Cisco NX-OS System Software CLI Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos4


∗∗∗ Cisco NX-OS System Software CLI Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos3


∗∗∗ Cisco NX-OS System Software Image Signature Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos2


∗∗∗ Cisco NX-OS System Software Guest Shell Unauthorized Internal Interface Access Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos10


∗∗∗ Cisco NX-OS System Software Patch Installation Arbitrary File Write Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos1


∗∗∗ Cisco NX-OS System Software Patch Signature Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos


∗∗∗ Cisco Nexus Series Switches CLI Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nss


∗∗∗ Cisco Jabber Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2


∗∗∗ Cisco Jabber Clients Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber1


∗∗∗ Cisco Jabber Clients Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber


∗∗∗ Cisco IP Phone 8800 Series Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ipp


∗∗∗ Cisco IOS XR Software Local Packet Transport Services Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ios-xr


∗∗∗ Cisco FXOS and NX-OS System Software CLI Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-fxnx


∗∗∗ Cisco Email Security Appliance Malformed MIME Header Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-esa


∗∗∗ Multiple Vulnerabilities in Cisco Data Center Network Manager Software ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-dcnm


∗∗∗ Cisco Unified Communications Manager Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-cucm


∗∗∗ Cisco Meeting Server Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-cms


∗∗∗ Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-apic


∗∗∗ Security Advisory - Use After Free Vulnerability in Some Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-phone-en


∗∗∗ Security Advisory - Multiple NTPd Vulnerabilities in Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-ntpd-en


∗∗∗ Security Advisory - Two Vulnerabilities in H323 protocol of Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-h323-en


∗∗∗ Security Advisory - DoS Vulnerability in Some Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-smartphone-en


∗∗∗ Security Advisory - A CGI application vulnerability in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-httpproxy-en


∗∗∗ Security Advisory - Memory Leak Vulnerability in Some Huawei Network Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-command-en


∗∗∗ Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-samba-en


∗∗∗ Security Advisory - Insufficient Input Validation Vulnerability in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-routers-en


∗∗∗ Security Advisory - Denial of Service Vulnerability on Several Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-cert-en


∗∗∗ Security Advisory - Buffer Overflow Vulnerability on Several Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-02-sctp-en


∗∗∗ Security Advisory - Integer Overflow Vulnerability on Several Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171129-01-sctp-en


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MQ Internet Pass Thru ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22009183


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security AppScan Enterprise ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22010003


∗∗∗ IBM Security Bulletin: Vulnerability in OpenSSL affects QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter systems (CVE-2016-7055) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099697

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list