[CERT-daily] Tageszusammenfassung - 25.06.2019

Tue Jun 25 18:18:17 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 24-06-2019 18:00 − Dienstag 25-06-2019 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Using Whitelisting to Remediate an RCE Vulnerability (CVE-2019-2729) in Oracle WebLogic ∗∗∗
---------------------------------------------
Oracle WebLogic has recently disclosed and patched remote-code-execution (RCE) vulnerabilities in its software, many of which were due to insecure deserialization. Oracle addressed the most recent vulnerability, CVE-2019-2729, in an out-of-band security patch on June 18, 2019. CVE-2019-2729 was assigned a CVSS score of 9.8, making it a critical vulnerability.
---------------------------------------------
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/fYmCaoi4AE8/


∗∗∗ Thunderbird 60.7.2: Mozilla fixt potenziell gefährliche Lückenkombination ∗∗∗
---------------------------------------------
Das Mozilla Entwickler-Team hat vergangene Woche zwei Sicherheitslücken in Thunderbird behoben, die zuvor in Firefox aktiv ausgenutzt worden war.
---------------------------------------------
https://heise.de/-4454671


∗∗∗ Side-Channel Attacks: OpenSSH erhält Schutz vor Spectre, RAMBleed und Co. ∗∗∗
---------------------------------------------
Die temporäre Verschlüsselung im RAM soll mit OpenSSH genutzte Keys künftig vor Seitenkanalangriffen schützen.
---------------------------------------------
https://heise.de/-4455055


∗∗∗ Phishing-Versuch gegen free-Kund/innen der Advanzia Bank S.A. ∗∗∗
---------------------------------------------
Konsument/innen finden eine E-Mail in ihrem Posteingang, in der sie über die Notwendigkeit einer Datenbestätigung informiert werden, um die free-Kreditkarte weiter nutzen zu können. Die Nachricht erweckt den Eindruck, von der Advanzia Bank S.A. zu stammen, doch sie wird von Kriminellen verschickt. Dem Link darf nicht gefolgt werden, denn es handelt sich um einen Phishing-Versuch!
---------------------------------------------
https://www.watchlist-internet.at/news/phishing-versuch-gegen-free-kundinnen-der-advanzia-bank-sa/


∗∗∗ New Mac malware abuses recently disclosed Gatekeeper zero-day ∗∗∗
---------------------------------------------
Researchers find new OSX/Linker malware abusing still-unpatched macOS Gatekeeper bypass.
---------------------------------------------
https://www.zdnet.com/article/new-mac-malware-abuses-recently-disclosed-gatekeeper-zero-day/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ TYPO3 9.5.8 and 8.7.27 security releases published ∗∗∗
---------------------------------------------
We are announcing the release of the following TYPO3 updates: TYPO3 9.5.8 LTS TYPO3 8.7.27 LTS All versions are security releases and contain important security fixes
---------------------------------------------
https://typo3.org/article/typo3-958-and-8727-security-releases-published/


∗∗∗ TYPO3-EXT-SA-2019-014: Multiple vulnerabilities in extension "phpMyAdmin" (phpmyadmin) ∗∗∗
---------------------------------------------
CVE: CVE-2019-11768 and CVE-2019-12616 * PMASA-2019-3: SQL injection in Designer feature * PMASA-2019-4: CSRF vulnerability in login form
---------------------------------------------
https://typo3.org/security/advisory/typo3-ext-sa-2019-014/


∗∗∗ Kubernetes CVE-2019-11246 Incomplete Fix Arbitrary File Overwrite Vulnerability ∗∗∗
---------------------------------------------
Kubernetes is prone to a vulnerability that may allow attackers to overwrite arbitrary files. Successful exploits may allow an attacker to write arbitrary files in the context of the user running the affected application. Versions prior to kubernetes 1.12.9, 1.13.6, and 1.14.2 are vulnerable.
---------------------------------------------
https://www.securityfocus.com/bid/108866/discuss


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (python), Debian (bzip2, libvirt, python2.7, python3.4, rdesktop, and thunderbird), Fedora (thunderbird and tomcat), openSUSE (aubio, docker, enigmail, GraphicsMagick, and python-Jinja2), SUSE (kernel, libvirt, postgresql96, and tomcat), and Ubuntu (ceph, firefox, imagemagick, libmysofa, linux, linux-hwe, neutron, and policykit-desktop-privileges).
---------------------------------------------
https://lwn.net/Articles/792006/


∗∗∗ Alpine Linux Docker image vulnerability CVE-2019-5021 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K25551452


∗∗∗ QEMU: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0541

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily