[CERT-daily] Tageszusammenfassung - 04.04.2019

Daily end-of-shift report team at cert.at
Thu Apr 4 18:24:38 CEST 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 03-04-2019 18:00 − Donnerstag 04-04-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ Betrügerische Phishing-Mails sollen Willhaben-Login stehlen ∗∗∗
---------------------------------------------
Kriminelle geben sich als die Kleinanzeigenplattform Willhaben aus und versenden wahllos Phishing-Nachrichten. Willhaben-Nutzer/innen, die die Nachricht in ihrem Posteingang finden, werden über die erfolgreiche Veröffentlichung einer Anzeige für ein Apple Iphone Xs Max informiert. Betroffene dürfen den gefälschten Links in der Nachricht nicht folgen und keine Login-Daten eingeben, ansonsten verlieren sie ihr Willhaben-Konto an Kriminelle.
---------------------------------------------
https://www.watchlist-internet.at/news/betruegerische-phishing-mails-sollen-willhaben-login-stehlen/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ FortiGuard/FortiOS: Unprivileged, authenticated user can change the routing settings ∗∗∗
---------------------------------------------
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.
---------------------------------------------
https://fortiguard.com/psirt/FG-IR-18-230


∗∗∗ HPESBHF03912 rev.1 - Certain HPE Servers with a UEFI-based BIOS, Multiple Local Vulnerabilities ∗∗∗
---------------------------------------------
Security vulnerabilities in UEFI Open Source (EDK2)-based BIOS firmware may allow escalation of privilege, information disclosure or denial of service. Vendors are releasing firmware updates to mitigate these vulnerabilities.
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (apache2, golang, and putty), Gentoo (xen), and SUSE (clamav, SM3.1, and SMS3.1).
---------------------------------------------
https://lwn.net/Articles/784917/


∗∗∗ Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info


∗∗∗ Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject


∗∗∗ Cisco Small Business RV320 and RV325 Routers Weak Credential Encryption Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190404-rv-weak-encrypt


∗∗∗ Cisco Small Business RV320 and RV325 Routers Online Help Reflected Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190404-rv-xss


∗∗∗ IBM Security Bulletin: IBM API Connect Developer Portal is by Cross Site Scripting(XSS) in Drupal core (CVE-2019-6341) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-developer-portal-is-by-cross-site-scriptingxss-in-drupal-core-cve-2019-6341/


∗∗∗ IBM Security Bulletin: IBM API Connect Developer Portal is affected by multiple PHP vulnerabilities (CVE-2019-9641 CVE-2019-9637 CVE-2019-9639 CVE-2019-9638) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-developer-portal-is-affected-by-multiple-php-vulnerabilities-cve-2019-9641-cve-2019-9637-cve-2019-9639-cve-2019-9638/


∗∗∗ IBM Security Bulletin: IBM API Connect Developer Portal is affected by a cross site scripting vulnerability in Drupal ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-api-connect-developer-portal-is-affected-by-a-cross-site-scripting-vulnerability-in-drupal/


∗∗∗ IBM Security Bulletin: API Connect V2018 is impacted by vulnerability in the Kubernetes API server (CVE-2019-1002100) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v2018-is-impacted-by-vulnerability-in-the-kubernetes-api-server-cve-2019-1002100/


∗∗∗ IBM Security Bulletin: Spoofing vulnerability in IBM Business Automation Workflow (CVE-2019-4045) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-spoofing-vulnerability-in-ibm-business-automation-workflow-cve-2019-4045/


∗∗∗ IBM Security Bulletin: Cross-site request forgery vulnerability in IBM Business Automation Workflow (CVE-2018-2000) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-request-forgery-vulnerability-in-ibm-business-automation-workflow-cve-2018-2000/


∗∗∗ IBM Security Bulletin: Information leakage in IBM Business Automation Workflow (CVE-2018-1999) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-information-leakage-in-ibm-business-automation-workflow-cve-2018-1999/


∗∗∗ IBM Security Bulletin: Denial of service vulnerability in IBM Business Automation Workflow (CVE-2018-1997) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-denial-of-service-vulnerability-in-ibm-business-automation-workflow-cve-2018-1997/


∗∗∗ IBM Security Bulletin: API Connect V2018 is impacted by sensitive information disclosure (CVE-2019-4051) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v2018-is-impacted-by-sensitive-information-disclosure-cve-2019-4051/


∗∗∗ IBM Security Bulletin: External Service invocation in IBM Business Space affects IBM Business Automation Workflow and IBM Business Process Manager family products (CVE-2018-1885) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-external-service-invocation-in-ibm-business-space-affects-ibm-business-automation-workflow-and-ibm-business-process-manager-family-products-cve-2018-1885/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list