[CERT-daily] Tageszusammenfassung - 26.11.2018

Mon Nov 26 18:14:47 CET 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 23-11-2018 18:00 − Montag 26-11-2018 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ His phone went dark, then $1m was sucked out in SIM-swap crypto-heist ∗∗∗
---------------------------------------------
A 21-year-old allegedly SIM-swapped Silicon Valley execs' phones to steal cryptocurrency, including one mans $1m tuition fund for his kids.
---------------------------------------------
https://nakedsecurity.sophos.com/2018/11/26/his-phone-went-dark-then-1m-was-sucked-out-in-sim-swap-crypto-heist/


∗∗∗ Unseriöse Handwerker aus dem Internet ∗∗∗
---------------------------------------------
Konsument/innen, die in der Nacht Probleme mit ihren Heizkörpern, ihrem Schloss oder ihrer Elektronik haben, können über das Internet unseriöse Installateur/innen, Schlosser/innen oder Elektriker/innen finden. Sie werben auf Websites mit günstigen Angeboten. Vor Ort verlangen die Unternehmen jedoch ein Vielfaches des vereinbarten Preises. Nachträgliche Beanstandungen sind nicht möglich, weil sie Kund/innen erfundene Daten nennen.
---------------------------------------------
https://www.watchlist-internet.at/news/unserioese-handwerker-aus-dem-internet/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (gnuplot5, icecast2, liblivemedia, otrs2, phpbb3, roundcube, squid3, and xml-security-c), Fedora (kio-extras, tmux, and xen), Gentoo (asterisk, chromium, exiv2, ghostscript-gpl, and thunderbird), openSUSE (libwpd, openssl, openssl-1_1, postgresql10, and SDL2_image), Red Hat (chromium-browser, rh-mysql57-mysql, rh-nginx110-nginx, and rh-nginx18-nginx), SUSE (exiv2, libgcrypt, rpm, and tiff), and Ubuntu (firefox and qemu).
---------------------------------------------
https://lwn.net/Articles/772954/


∗∗∗ ZDI-18-1361: (0Day) INVT Electric VT-Designer PM3 File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-18-1361/


∗∗∗ ZDI-18-1360: (0Day) INVT Electric VT-Designer File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-18-1360/


∗∗∗ IBM Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Storwize V7000 Unified (CVE-2016-0705) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-ibm-java-runtime-affects-ibm-storwize-v7000-unified-cve-2016-0705/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot for VMware (CVE-2018-1656, CVE-2018-12539) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-spectrum-protect-snapshot-for-vmware-cve-2018-1656-cve-2018-12539/


∗∗∗ IBM Security Bulletin: Content Collector for Email is affected by spoofing attack vulnerability in WAS Logout Form ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-email-is-affected-by-spoofing-attack-vulnerability-in-was-logout-form/


∗∗∗ IBM Security Bulletin: Content Collector for Email is affected by java deserialization vulnerability resulting in execution of untrusted data via the application server’s SOAP port ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-email-is-affected-by-java-deserialization-vulnerability-resulting-in-execution-of-untrusted-data-via-the-application-servers-soap-port/


∗∗∗ IBM Security Bulletin: Information Disclosure in IBM WebSphere Application Server Liberty affects IBM Spectrum Protect Snapshot for VMware (CVE-2018-1553) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-information-disclosure-in-ibm-websphere-application-server-liberty-affects-ibm-spectrum-protect-snapshot-for-vmware-cve-2018-1553/


∗∗∗ git: Schwachstelle ermöglicht Privilegieneskalation ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K18-1120

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily