[CERT-daily] Tageszusammenfassung - 06.03.2018

Daily end-of-shift report team at cert.at
Tue Mar 6 18:11:36 CET 2018 

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 05-03-2018 18:00 − Dienstag 06-03-2018 18:00
Handler:     Nina Bieringer
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ E-Mail-Clients für Android: Kennwörter werden an Entwickler der App übermittelt ∗∗∗
---------------------------------------------
Der E-Mail-Client sollte mit Bedacht gewählt werden. Zwei Apps für Android übermitteln die Kennwörter an den Anbieter der App. Der Entdecker des Sicherheitsrisikos rät zur Deinstallation der Apps und zur Zurücksetzung des E-Mail-Kennworts.
---------------------------------------------
https://www.golem.de/news/e-mail-clients-fuer-android-kennwoerter-werden-im-klartext-an-betreiber-uebermittelt-1803-133172-rss.html



=====================
=  Vulnerabilities  =
=====================

∗∗∗ DFN-CERT-2018-0432/">NetIQ Identiy Manager: Eine Schwachstelle ermöglicht das Ausspähen von Passwörtern ∗∗∗
---------------------------------------------
Ein vermutlich lokaler, einfach authentisierter Angreifer kann Passwörter ausspähen, welche unter Umständen in Logdateien gespeichert werden. NetIQ stellt den NetIQ Identiy Manager in der Version 4.6 zur Behebung der Schwachstelle bereit.
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0432/


∗∗∗ DFN-CERT-2018-0431/">GitLab: Mehrere Schwachstellen ermöglichen u.a. einen kompletten Denial-of-Service (DoS)-Angriff ∗∗∗
---------------------------------------------
Zwei Schwachstellen betreffen GitLab Enterprise und ermöglichen einem vermutlich entfernten und einfach authentisierten Angreifer das Bewirken kompletter Denial-of-Service (DoS)-Zustände. Weitere Schwachstellen ermöglichen dem Angreifer das Umgehen von Sicherheitsvorkehrungen, das Ausspähen von Informationen und Darstellen falscher Informationen.
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0431/


∗∗∗ Android: März-Update schließt Fülle an kritischen Lücken ∗∗∗
---------------------------------------------
Den ersten Montag des Monats nutzt Google üblicherweise, um Sicherheitslücken in Android zu bereinigen. Und so gibt es auch jetzt wieder ein neues Update, das sich vor allem der Bereinigung solcher Probleme bereinigt.
---------------------------------------------
http://derstandard.at/2000075574454


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (dhclient and dhcp), Debian (tomcat7 and xen), Fedora (dhcp), Mageia (glibc and xerces-c), SUSE (xen), and Ubuntu (irssi, memcached, postgresql-9.3, postgresql-9.5, postgresql-9.6, and twisted).
---------------------------------------------
https://lwn.net/Articles/748625/


∗∗∗ Bugtraq: DefenseCode Security Advisory: Magento Stored Cross-Site Scripting - Product Attributes ∗∗∗
---------------------------------------------
http://www.securityfocus.com/archive/1/541839


∗∗∗ Bugtraq: DefenseCode Security Advisory: Magento Stored Cross-Site Scripting - Downloadable Products ∗∗∗
---------------------------------------------
http://www.securityfocus.com/archive/1/541838


∗∗∗ Bugtraq: DefenseCode Security Advisory: Magento Multiple Stored Cross-Site Scripting Vulnerabilities ∗∗∗
---------------------------------------------
http://www.securityfocus.com/archive/1/541840


∗∗∗ Bugtraq: DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery ∗∗∗
---------------------------------------------
http://www.securityfocus.com/archive/1/541837


∗∗∗ IBM Security Bulletin: IBM Tivoli Federated Identity Manager is affected by a Security Assertion Markup Language (SAML)-based single sign-on (SSO) systems vulnerability (CVE-2018-1443 ) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014161


∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by a Security Assertion Markup Language (SAML)-based single sign-on (SSO) systems vulnerability (CVE-2018-1443) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014160


∗∗∗ IBM Security Bulletin: IBM Security Guardium has released patch in response to the vulnerabilities known as Spectre and Meltdown ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013322


∗∗∗ IBM Security Bulletin: Response Time Monitoring Agent is affected by a NoSQL Injection vulnerability ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22013500


∗∗∗ IBM Security Bulletin: Vulnerabilities in Samba affect IBM Spectrum Scale SMB protocol access method (CVE-2017-14746, CVE-2017-15275) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1012067


∗∗∗ IBM Security Bulletin: A vulnerability in IBM Java Runtime affects Rational Asset Analyzer ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013972


∗∗∗ IBM Security Bulletin: Monitoring Agent for WebSphere Applications is affected by a potential for sensitive personal information to be visible when you use the diagnostics or transaction tracking capability of the agent ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014035


∗∗∗ IBM Security Bulletin: Rational Asset Analyzer (RAA) is affected by a vulnerability in WAS ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013974


∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Emptoris Strategic Supply Management Suite of Products ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014235


∗∗∗ IBM Security Bulletin: IBM’s Pulse App for QRadar is vulnerable to sensitive information exposure. (CVE-2017-1625) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014284


∗∗∗ Apache Tomcat 6.x vulnerability CVE-2016-0706 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K18174924


∗∗∗ Apache Tomcat 6.x vulnerabilities CVE-2016-0714 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K58084500


∗∗∗ Apache Tomcat 6.x vulnerability CVE-2015-5345 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K34341852

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

More information about the Daily mailing list