[CERT-daily] Tageszusammenfassung - 09.10.2018

Daily end-of-shift report team at cert.at
Tue Oct 9 18:15:06 CEST 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 08-10-2018 18:00 − Dienstag 09-10-2018 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Millionen Xiongmai-Überwachungskameras durch Cloud-Feature unsicher (XMEye P2P Coud) ∗∗∗
---------------------------------------------
Über 9 Millionen IoT-Geräte des chinesischem OEM-Herstellers "Xiongmai" sind unsicher (selbst jene hinter einer Firewall), weil sie ein unsicheres Cloud-Feature namens "XMEye P2P cloud" standardmäßig aktiv haben.
---------------------------------------------
https://www.sec-consult.com/blog/2018/10/millionen-xiongmai-ueberwachungskameras-durch-cloud-feature-unsicher-xmeye-p2p-coud/


∗∗∗ Sicherheitsupdates: Kritische Lücken in Cisco DNA gefährden ganze Netzwerke ∗∗∗
---------------------------------------------
Cisco stellt Patches für verschiedene Produkte bereit und schließt damit viele Sicherheitslücken.
---------------------------------------------
http://heise.de/-4184517


∗∗∗ Oktober ist Europäischer Monat der Cyber-Sicherheit! ∗∗∗
---------------------------------------------
Auch diesen Oktober nimmt Österreich wieder an der EU-weiten Kampagne European Cyber Security Month (ECSM) teil. Im Fokus steht dabei die Bewusstseinsbildung für Risiken im Netz.
---------------------------------------------
https://www.watchlist-internet.at/news/oktober-ist-europaeischer-monat-der-cyber-sicherheit/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ [20181005] - Core - CSRF hardening in com_installer ∗∗∗
---------------------------------------------
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 through 3.8.12 Exploit type: CSRF Reported Date: 2018-September-26 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17858  Description Added additional CSRF hardening in com_installer actions in the backend. Affected Installs Joomla! CMS versions 2.5.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre. Reported By: Raviraj A. Powar
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/nfI3_UnJIrM/755-20181005-core-csrf-hardening-in-com-installer.html


∗∗∗ [20181004] - Core - ACL Violation in com_users for the admin verification ∗∗∗
---------------------------------------------
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 1.5.0 through 3.8.12 Exploit type: ACL Violation Reported Date: 2017-December-27 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17855  Description In case that an attacker gets access to the mail account of an user who can approve admin verifications in the registration process he can activate himself. Affected Installs Joomla! CMS versions 1.5.0 through 3.8.12 Solution Upgrade to version 3.8.13
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/qGhSucxwoZo/754-20181004-core-acl-violation-in-com-users-for-the-admin-verification.html


∗∗∗ [20181003] - Core - Access level Violation in com_tags ∗∗∗
---------------------------------------------
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.1.0 through 3.8.12 Exploit type: ACL Violation Reported Date: 2018-June-20 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17857  Description Inadequate checks on the tags search fields can lead to an access level violation. Affected Installs Joomla! CMS versions 3.1.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre.
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/nIIfD6jUDgU/753-20181003-core-access-level-violation-in-com-tags.html


∗∗∗ [20181002] - Core - Inadequate default access level for com_joomlaupdate ∗∗∗
---------------------------------------------
Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 2.5.4 through 3.8.12 Exploit type: Object Injection Reported Date: 2018-June-21 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17856  Description Joomla’s com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled access of Administrator-level users to access com_joomlaupdate and trigger a code execution. Affected Installs Joomla! CMS versions 2.5.4 through 3.8.12
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/MptbHWIJjXM/752-20181002-core-inadequate-default-access-level-for-com-joomlaupdate.html


∗∗∗ [20181001] - Core - Hardening com_contact contact form ∗∗∗
---------------------------------------------
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 through 3.8.12 Exploit type: Incorrect Access Control Reported Date: 2018-September-17 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17859  Description Inadequate checks in com_contact could allowed mail submission in disabled forms. Affected Installs Joomla! CMS versions 2.5.0 through 3.8.12 Solution Upgrade to version 3.8.13 Contact The JSST at the Joomla! Security Centre. Reported By: David Jardin (JSST)
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/lkwPYx4JflE/751-20181001-core-hardening-com-contact-contact-form.html


∗∗∗ SAP Security Patch Day - October 2018 ∗∗∗
---------------------------------------------
On 9th of October 2018, SAP Security Patch Day saw the release of 11 Security Notes. Additionally, there were 4 updates to previously released security notes.
---------------------------------------------
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095


∗∗∗ SSA-347726: Denial-of-Service Vulnerability in SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP Open Controller ∗∗∗
---------------------------------------------
Versions of SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200 SP Open Controller are affected by a denial-of-service vulnerability. An attacker with network access to the PLC can cause a Denial-of-Service condition on the network stack.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-347726.txt


∗∗∗ SSA-254686: Foreshadow / L1 Terminal Fault Vulnerabilities in Industrial Products ∗∗∗
---------------------------------------------
Security researchers published information on vulnerabilities known as Foreshadow and L1 Terminal Fault (L1TF). These vulnerabilities affect many modern processors from different vendors to a varying degree. Several Siemens Industrial Products contain processors that are affected by the vulnerabilities.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-254686.txt


∗∗∗ SSA-464260: TLS ROBOT vulnerability in SCALANCE W1750D ∗∗∗
---------------------------------------------
The latest update for SCALANCE W1750D addresses a vulnerability known as _ROBOT Attack_. The vulnerability could allow an attacker to decrypt TLS traffic. Siemens provides a firmware update and recommends users to update to the new version.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-464260.txt


∗∗∗ SSA-493830: Privilege Escalation in ROX II ∗∗∗
---------------------------------------------
The latest update for ROX II fixes two vulnerabilities. One vulnerability could allow an attacker with a low-privileged user account to execute arbitrary commands. The other vulnerability could allow an attacker with a low-privileged user account to escalate his privileges.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-493830.txt


∗∗∗ SSA-507847: Cross-Site Request Forgery Vulnerability in SIMATIC S7-1200 CPU Family ∗∗∗
---------------------------------------------
The latest firmware update for S7-1200 CPU family version 4 fixes a Cross-Site Request Forgery vulnerability. Siemens recommends to update affected devices as soon as possible.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-507847.txt


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (git), Debian (kernel, samba, and tinc), Fedora (kernel-headers), Oracle (firefox), Red Hat (firefox and qemu-kvm-rhev), Scientific Linux (firefox), SUSE (java-1_8_0-ibm, kubernetes-salt, velum, libxml2, and postgresql10), and Ubuntu (libxkbcommon).
---------------------------------------------
https://lwn.net/Articles/767948/


∗∗∗ iCloud for Windows 7.7 ∗∗∗
---------------------------------------------
https://support.apple.com/kb/HT209141


∗∗∗ iOS 12.0.1 ∗∗∗
---------------------------------------------
https://support.apple.com/kb/HT209162


∗∗∗ Zimbra Collaboration Suite: Eine Schwachstelle ermöglicht das Darstellen falscher Informationen ∗∗∗
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-2038/


∗∗∗ IBM Security Bulletin: IBM Netcool/OMNIbus Probe DSL Factory Framework is affected by Apache Camel’s Core vulnerability ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10731893


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in WebSphere application server affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10734305


∗∗∗ Remote Code Execution via XMeye P2P Cloud in Xiongmai IP Cameras, NVRs and DVRs ∗∗∗
---------------------------------------------
https://www.sec-consult.com/en/blog/advisories/vulnerabilities-xiongmai-ip-cameras-nvrs-dvrs-cve-2018-17915-cve-2018-17917-cve-2018-17919/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list