[CERT-daily] Tageszusammenfassung - 27.02.2018

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 26-02-2018 18:00 − Dienstag 27-02-2018 18:00
Handler:     Nina Bieringer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ SAML Vulnerability Lets Attackers Log in as Other Users ∗∗∗
---------------------------------------------
Security researchers from Duo Labs and the US Computer Emergency Response Team (US-CERT) will release security advisories today detailing a new SAML vulnerability that allows malicious attackers to authenticate as legitimate users without knowledge of the victims password.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/saml-vulnerability-lets-attackers-log-in-as-other-users/


∗∗∗ New Guide on How to Clean a Hacked Website ∗∗∗
---------------------------------------------
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are eager to share with you some tips on how to clean your hacked website. We are happy to help the community learn the steps they can follow to get rid of a website hack. You can find all our guides to website security in a section of our website dedicated to providing concise and comprehensive tips on different areas of
---------------------------------------------
https://blog.sucuri.net/2018/02/new-guide-clean-hacked-website.html


∗∗∗ Memcached Amplification Attack: Neuer DDoS-Angriffsvektor aufgetaucht ∗∗∗
---------------------------------------------
Öffentlich erreichbare Memcached-Installationen werden von Angreifern für mächtige DDoS-Attacken missbraucht. Die Besitzer dieser Server wissen oft nicht, dass sie dabei helfen, Webseiten aus dem Internet zu spülen.
---------------------------------------------
https://www.heise.de/security/meldung/Memcached-Amplification-Attack-Neuer-DDoS-Angriffsvektor-aufgetaucht-3980440.html



=====================
=  Vulnerabilities  =
=====================

∗∗∗ OS command injection, arbitrary file upload & SQL injection in ClipBucket ∗∗∗
---------------------------------------------
Critical security issues such as OS command injection or arbitrary file upload allow an attacker to fully compromise the web server which has the video and media management solution “ClipBucket” installed. Potentially sensitive data might get exposed through this attack.
---------------------------------------------
https://www.sec-consult.com/en/blog/advisories/os-command-injection-arbitrary-file-upload-sql-injection-in-clipbucket/index.html


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (exim, irssi, php-phpmyadmin-motranslator, php-phpmyadmin-sql-parser, phpMyAdmin, and seamonkey), Mageia (cups, flatpak, golang, jhead, and qpdf), Oracle (gcab, java-1.7.0-openjdk, and kernel), Red Hat (gcab, java-1.7.0-openjdk, and java-1.8.0-ibm), Scientific Linux (gcab and java-1.7.0-openjdk), and Ubuntu (sensible-utils).
---------------------------------------------
https://lwn.net/Articles/748179/


∗∗∗ DFN-CERT-2018-0389: Jenkins-Plugins: Mehrere Schwachstellen ermöglichen u.a. das Ausspähen von Informationen ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0389/


∗∗∗ IBM Security Bulletin: Potential hard-coded password vulnerability affects Rational Publishing Engine ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22013961


∗∗∗ IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale that could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements (CVE-2017-1654) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010869


∗∗∗ IBM Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Public disclosed vulnerability from Apache Struts vulnerability (CVE-2017-15707) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013305


∗∗∗ IBM Security Bulletin: IBM Security Guardium is affected by Open Source Apache Struts 2.5 Vulnerability (CVE-2017-7525 ) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22012547


∗∗∗ GNU C Library vulnerability CVE-2018-6551 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K11274054


∗∗∗ XSA-256 - x86 PVH guest without LAPIC may DoS the host ∗∗∗
---------------------------------------------
http://xenbits.xen.org/xsa/advisory-256.html


∗∗∗ XSA-255 - grant table v2 -> v1 transition may crash Xen ∗∗∗
---------------------------------------------
http://xenbits.xen.org/xsa/advisory-255.html


∗∗∗ XSA-252 - DoS via non-preemptable L3/L4 pagetable freeing ∗∗∗
---------------------------------------------
http://xenbits.xen.org/xsa/advisory-252.html

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily