[CERT-daily] Tageszusammenfassung - 29.08.2018

Daily end-of-shift report team at cert.at
Wed Aug 29 18:11:42 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 28-08-2018 18:00 − Mittwoch 29-08-2018 18:00
Handler:     Alexander Riepl
Co-Handler:  n/a

=====================
=       News        =
=====================


∗∗∗ Active Attacks Detected Using Apache Struts Vulnerability CVE-2018-11776 ∗∗∗
---------------------------------------------
After last week a security researcher revealed a vulnerability in Apache Struts, a piece of very popular enterprise software, active exploitation attempts have started this week.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/active-attacks-detected-using-apache-struts-vulnerability-cve-2018-11776/


∗∗∗ OpenSSH Versions Since 2011 Vulnerable to Oracle Attack ∗∗∗
---------------------------------------------
OpenSSH continues to be vulnerable to oracle attacks, and the issue affects all versions of the suite since September 2011. Developers fixed a similar bug less than a week ago.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/openssh-versions-since-2011-vulnerable-to-oracle-attack/


∗∗∗ Loki Bot: On a hunt for corporate passwords ∗∗∗
---------------------------------------------
Starting in early July, we have seen malicious spam activity that has targeted corporate mailboxes. Messages ..
---------------------------------------------
https://securelist.com/loki-bot-stealing-corporate-passwords/87595/


∗∗∗ 3D Printers in The Wild, What Can Go Wrong?, (Wed, Aug 29th) ∗∗∗
---------------------------------------------
Richard wrote a quick diary yesterday about an interesting information that we received from one of our readers. It&#;x26;#;39;s about a huge amount of OctoPrint interfaces that are publicly facing the Internet. Octoprint[1] is a web interface for ..
---------------------------------------------
https://isc.sans.edu/diary/rss/24044


∗∗∗ PHP-Paket-Repository Packagist.org war für Schadcode anfällig ∗∗∗
---------------------------------------------
In der Webseite Packagist.org klaffte eine gefährliche Sicherheitslücke. Angreifer hätten mit vergleichsweise wenig Aufwand Schadcode ausführen können.
---------------------------------------------
http://heise.de/-4149216


=====================
=  Vulnerabilities  =
=====================


∗∗∗ DSA-4281 tomcat8 - security update ∗∗∗
---------------------------------------------
Several issues were discovered in the Tomcat servlet and JSPengine. They could lead to unauthorized access to protected resources, denial-of-service, or information leak.
---------------------------------------------
https://www.debian.org/security/2018/dsa-4281


∗∗∗ Cisco Data Center Network Manager Path Traversal Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system.The vulnerability is due to improper validation of user requests within the management interface. An attacker could exploit this vulnerability by sending ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180828-dcnm-traversal

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list