[CERT-daily] Tageszusammenfassung - 25.05.2018

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 24-05-2018 18:00 − Freitag 25-05-2018 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Z-Shave Attack Could Impact Over 100 Million IoT Devices ∗∗∗
---------------------------------------------
The Z-Wave wireless communications protocol used for some IoT/smart devices is vulnerable to a downgrade attack that can allow a malicious party to intercept and tamper with traffic between smart devices.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/z-shave-attack-could-impact-over-100-million-iot-devices/


∗∗∗ Electron: Was es mit dem Patch des Patches auf sich hat... ∗∗∗
---------------------------------------------
Die Entwickler von Electron haben in der vorigen Woche einen Patch für den Januar-Patch ihres Cross-Plattform-Frameworks zur Erstellung von Desktop-Apps veröffentlicht. Ein Sicherheitsforscher von Doyensec erläuterte nun, warum das notwendig war.
---------------------------------------------
https://www.heise.de/-4058755


∗∗∗ Gefälschter Überweisungsauftrag für Vereins-Kassier/innen ∗∗∗
---------------------------------------------
Vereins-Kassier/innen erhalten eine angebliche Benachrichtigung ihrer Obfrau oder ihres Obmanns, in der es heißt, dass der Verein dringend Geld ins Ausland überweisen müsse. Kommen sie der Aufforderung nach, verliert der Verein Geld, denn das Schreiben stammt von Kriminellen.
---------------------------------------------
https://www.watchlist-internet.at/news/gefaelschter-ueberweisungsauftrag-fuer-vereins-kassierinnen/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ VU#338343: strongSwan VPN charon server vulnerable to buffer underflow ∗∗∗
---------------------------------------------
[...] strongSwan VPNs charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow, resulting in denial of service.
---------------------------------------------
http://www.kb.cert.org/vuls/id/338343


∗∗∗ BeaconMedaes TotalAlert Scroll Medical Air Systems ∗∗∗
---------------------------------------------
This medical device advisory includes mitigations for improper access controls, insufficiently protected credentials, and unprotected storage of credentials vulnerabilities in the BeaconMedaes TotalAlert Scroll Medical Air Systems web application.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01


∗∗∗ Schneider Electric Floating License Manager ∗∗∗
---------------------------------------------
This advisory includes mitigations for heap-based buffer overflow, improper restriction of operations within the bounds of a memory buffer, and open redirect vulnerabilities in the Schneider Electric Floating License Manager.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (bind, libofx, and thunderbird), Debian (thunderbird, xdg-utils, and xen), Fedora (procps-ng), Mageia (gnupg2, mbedtls, pdns, and pdns-recursor), openSUSE (bash, GraphicsMagick, icu, and kernel), Oracle (thunderbird), Red Hat (java-1.7.1-ibm, java-1.8.0-ibm, and thunderbird), Scientific Linux (thunderbird), and Ubuntu (curl).
---------------------------------------------
https://lwn.net/Articles/755667/


∗∗∗ IBM Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by an Application Error vulnerability ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016515


∗∗∗ IBM Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by an Incorrect Permission Assignment for Critical Resource vulnerability ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016132


∗∗∗ IBM Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Query Parameter in SSL Request vulnerability ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016131


∗∗∗ IBM Security Bulletin: IBM Spectrum Control (formerly IBM Tivoli Storage Productivity Center) is affected by a vulnerability in Apache CXF (CVE-2017-12624) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014053


∗∗∗ IBM Security Bulletin: Open Source Apache CXF Vulnerabilities affects IBM Spectrum LSF Explorer ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=isg3T1027368


∗∗∗ IBM Security Bulletin: API Connect Developer Portal is affected by a PHP vulnerability (CVE-2017-7272) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016607


∗∗∗ IBM Security Bulletin: IBM Spectrum Control (formerly IBM Tivoli Storage Productivity is affected by an OpenSSL vulnerabilitiy (CVE-2018-0739) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22015614


∗∗∗ IBM Security Bulletin: IBM FileNet Image Services is affected by GSKit and GSKit-Crypto vulnerabilities ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=swg22014741


∗∗∗ IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) CVE-2017-1788 ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014729


∗∗∗ IBM Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Cross-Site Scripting vulnerability ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016512


∗∗∗ IBM Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Session Identifier Not Updated vulnerability ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22016513

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily