[CERT-daily] Tageszusammenfassung - 08.08.2018

Wed Aug 8 18:08:37 CEST 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 07-08-2018 18:00 − Mittwoch 08-08-2018 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Update Mechanism Flaws Allow Remote Attacks on UEFI Firmware ∗∗∗
---------------------------------------------
The glitch stems from a functionality intended to allow updates to the UEFI firmware.
---------------------------------------------
https://threatpost.com/update-mechanism-flaws-allow-remote-attacks-on-uefi-firmware/134785/


∗∗∗ Cookie Consent Script Used to Distribute Malware ∗∗∗
---------------------------------------------
Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to be compliant with the EU General Data Protection Regulation (GDPR). Even though cookie usage is mentioned only once in GDPR, any organization utilizing them to track users' browsing activity have had to add a warning about how they are using them and ask for the user consent.
---------------------------------------------
https://blog.sucuri.net/2018/08/cookie-consent-script-used-to-distribute-malware.html


∗∗∗ IT-Grundschutz: Neuer Online-Kurs veröffentlicht ∗∗∗
---------------------------------------------
Ein neues Online-Angebot für den modernisierten IT-Grundschutz erleichtert Anwendern den Einstieg in die Umsetzung der IT-Grundschutz-Methodik. Basierend auf dem IT-Grundschutz-Kompendium und den BSI-Standards 200-1,-2 und -3 führt die vom Bundesamt für Sicherheit in der Informationstechnik (BSI) entwickelte und veröffentlichte Web-Schulung die Anwender in unterschiedlichen Lektionen durch die IT-Grundschutz-Vorgehensweise.
---------------------------------------------
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2018/IT-Grundschutz_Neuer_Online-Kurs_08082018.html


∗∗∗ PayPal-Betrug mit eigener E-Mailadrese ∗∗∗
---------------------------------------------
Konsument/innen erhalten von PayPal eine Benachrichtigung darüber, dass sie ihre E-Mailadresse für die Eröffnung eines Kontos bestätigen sollen. Das Konto haben Kriminelle eröffnet. Sie kaufen mit der fremden E-Mailadresse und erfundenen Daten ein. Die Rechnungen und Mahnungen dafür erhalten die Opfer. Diese müssen die offenen PayPal-Forderungen nicht bezahlen.
---------------------------------------------
https://www.watchlist-internet.at/news/paypal-betrug-mit-eigener-e-mailadrese/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Medtronic MyCareLink 24950 Patient Monitor ∗∗∗
---------------------------------------------
This medical device advisory includes mitigation recommendations for insufficient verification of data authenticity and storing passwords in a recoverable format vulnerabilities in the Medtronic MyCareLink 24950 Patient Monitor.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01


∗∗∗ Medtronic MiniMed 508 Insulin Pump ∗∗∗
---------------------------------------------
This medical device advisory includes mitigation recommendations for cleartext transmission of sensitive information and authentication bypass by capture-replay vulnerabilities in the Medtronic MiniMed 508 Insulin Pump.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02


∗∗∗ Delta Electronics CNCSoft and ScreenEditor ∗∗∗
---------------------------------------------
This advisory includes mitigation recommendations for stack-based buffer overflow and out-of-bounds read vulnerabilities in Delta Electronics CNCSoft and ScreenEditor software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-219-01


∗∗∗ What Do I Need To Know about "SegmentSmack", (Wed, Aug 8th) ∗∗∗
---------------------------------------------
"SegmentSmack" is yet another branded vulnerability, also known as CVE-2018-5390. It hit the "news" yesterday. Succesful exploitation may lead to a denial of service against a targeted system. At this point, not a lot is known about this vulnerability. But here are some highlights: [...]
---------------------------------------------
https://isc.sans.edu/forums/diary/What+Do+I+Need+To+Know+about+SegmentSmack/23964/


∗∗∗ HPSBHF03589 rev. 2 - HP Ink Printers Remote Code Execution ∗∗∗
---------------------------------------------
Two security vulnerabilities have been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack or static buffer overflow, which could allow remote code execution.
---------------------------------------------
https://support.hp.com/us-en/document/c06097712


∗∗∗ Android Security Bulletin - August 2018 ∗∗∗
---------------------------------------------
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2018-08-05 or later address all of these issues. [...] The most severe of these issues is a critical vulnerability that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
---------------------------------------------
https://source.android.com/security/bulletin/2018-08-01


∗∗∗ 2018-08 Out of Cycle Security Bulletin: Junos platforms vulnerable to SegmentSmack attack [VU#962459] ∗∗∗
---------------------------------------------
[...] Crafted sequences of TCP/IP packets may allow a remote attacker to create a denial of service (DoS) condition on routing engines (REs) running Junos OS. The attack requires a successfully established two-way TCP connection to an open port. The rate of attack traffic is lower than typical thresholds for built-in Junos OS distributed denial-of-service (DDoS) protection, so additional configuration is required to defend against these issues on affected platforms.
---------------------------------------------
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10876


∗∗∗ VMSA-2018-0019 ∗∗∗
---------------------------------------------
Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2018-0019.html


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (kernel), Fedora (ceph, exiv2, myrepos, and seamonkey), openSUSE (libofx and znc), Oracle (kernel), Red Hat (qemu-kvm-rhev), SUSE (clamav, kernel, and rubygem-sprockets-2_12), and Ubuntu (gnupg, lftp, libxcursor, linux-hwe, linux-azure, linux-gcp, linux-raspi2, and lxc).
---------------------------------------------
https://lwn.net/Articles/762022/


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (slurm-llnl), Fedora (libmspack), openSUSE (cups, kernel, kernel-firmware, libcgroup, and ovmf), Oracle (kernel), and SUSE (cups, enigmail, libcdio, and pidgin).
---------------------------------------------
https://lwn.net/Articles/762098/


∗∗∗ eDirectory 9.1.1 Hot Patch 1 ∗∗∗
---------------------------------------------
https://download.novell.com/Download?buildid=vP3nS-Hctkk~


∗∗∗ IBM Security Bulletin: Security vulnerabilities in IBM® SDK for Node.js™ affect IBM® SDK for Node.js™ in IBM Cloud (CVE-2018-7158, CVE-2018-7159, CVE-2018-7160) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22011860


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium Data Redaction ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10718421


∗∗∗ HPESBHF03850 rev.3 - HPE ProLiant, Synergy, and Moonshot Systems: Local Disclosure of Information, CVE-2018-3639 – Speculative Store Bypass and CVE-2018-3640 – Rogue System Register Read ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us


∗∗∗ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006 ∗∗∗
---------------------------------------------
https://webkitgtk.org/security/WSA-2018-0006.html

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily