[CERT-daily] Tageszusammenfassung - 17.05.2019

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 16-05-2019 18:00 − Freitag 17-05-2019 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Cyber Security Challenge 2019 ∗∗∗
---------------------------------------------
Auch heuer veranstaltet der Verein Cyber Security Austria gemeinsam mit dem Abwehramt die Austria Cyber Security Challenge, quasi das Äquivalent zu den Mathe/Chemie/Latein/... - Olympiaden für Cyber Security.Über das Jahr hinweg werden einerseits die Staatsmeister ermittelt, aber auch das österreichische Team für den Europäischen Wettbewerb ausgesucht.
---------------------------------------------
http://www.cert.at/services/blog/20190517101951-2471.html


∗∗∗ Google recalls Titan Bluetooth keys after finding security flaw ∗∗∗
---------------------------------------------
Google had egg on its face this week after it had to recall some of its Titan hardware security keys for being insecure.
---------------------------------------------
https://nakedsecurity.sophos.com/2019/05/17/google-recalls-titan-bluetooth-keys-after-finding-security-flaw/


∗∗∗ A Large Chunk of Ethereum Clients Remain Unpatched ∗∗∗
---------------------------------------------
In a report shared with ZDNet today, security researchers from SRLabs revealed that a large chunk of the Ethereum client software that runs on Ethereum nodes has yet to receive a patch for a critical security flaw the company discovered earlier this year.
---------------------------------------------
https://it.slashdot.org/story/19/05/17/151222/a-large-chunk-of-ethereum-clients-remain-unpatched


∗∗∗ Intel fixt teils kritische Lücken in UEFI-BIOS, ME und Linux-Grafiktreiber ∗∗∗
---------------------------------------------
In den vergangenen Tagen beschäftigten Intel neben ZombieLoad noch weitere Lücken. Die sind zum Glück nicht aus der Ferne ausnutzbar.
---------------------------------------------
https://heise.de/-4423912


∗∗∗ Dateidiebstahl und mehr: Problematische Lücken in Apples AirDrop-Technik ∗∗∗
---------------------------------------------
Mit dem AWDL-Verfahren können iPhones, Macs und Co. direkt Daten austauschen. Forscher aus Darmstadt zeigten nun neue Missbrauchsmöglichkeiten.
---------------------------------------------
https://heise.de/-4424245



=====================
=  Vulnerabilities  =
=====================

∗∗∗ DNS-Software BIND: Neue Version schließt mehrere Schwachstellen ∗∗∗
---------------------------------------------
Die BIND-Versionen 9.11.7, 9.14.2 und aktualisierte BIND-Packages für Linux sind gegen zwei potzenzielle Denial-of-Service-Angriffspunkte abgesichert.
---------------------------------------------
https://heise.de/-4424425


∗∗∗ Security Advisory - MITM Vulnerability on Huawei Share ∗∗∗
---------------------------------------------
There is a man-in-the-middle(MITM) vulnerability on Huawei Share of certain smartphones. When users establish connection and transfer data through Huawei Share, an attacker could sniffer, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. 
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190517-01-share-en


∗∗∗ Vulnerability Spotlight: Multiple vulnerabilities in Wacom Update Helper ∗∗∗
---------------------------------------------
There are two privilege escalation vulnerabilities in the Wacom update helper. The update helper is a utility installed alongside the macOS application for Wacom tablets. The application interacts with the tablet and allows the user to manage it. These vulnerabilities could allow an attacker with local access to raise their privileges to root.
---------------------------------------------
https://blog.talosintelligence.com/2019/05/wacom-update-helper-vuln-spotlight-may-2019.html


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (jquery), Fedora (kernel-headers, php-typo3-phar-stream-wrapper, and python3), openSUSE (qemu, ucode-intel, and xen), Red Hat (chromium-browser, java-1.8.0-ibm, and rh-python35-python-jinja2), SUSE (containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork, evolution, graphviz, kernel, qemu, and systemd), and Ubuntu (libmediainfo, libvirt, and Wireshark).
---------------------------------------------
https://lwn.net/Articles/788773/


∗∗∗ Drupal: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen ∗∗∗
---------------------------------------------
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Drupal [genauer: externen Modulen, Anm.] ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0433


∗∗∗ Symantec Messaging Gateway: Schwachstelle ermöglicht Offenlegung von Informationen ∗∗∗
---------------------------------------------
Ein entfernter, authentisierter Angreifer aus dem angrenzenden Netzwerk kann eine Schwachstelle in Symantec Messaging Gateway ausnutzen, um Informationen offenzulegen.
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0432


∗∗∗ F-Secure Produkte: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen ∗∗∗
---------------------------------------------
https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2019/05/warnmeldung_tw-t19-0072.html


∗∗∗ Vuln: Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Denial of Service Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/108359


∗∗∗ Potential Impact on Processors in the POWER Family ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/


∗∗∗ IBM Security Bulletin: Apache Tomcat vulnerability affects IBM Storwize V7000 Unified (CVE-2019-4293) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-apache-tomcat-vulnerability-affects-ibm-storwize-v7000-unified-cve-2019-4293/


∗∗∗ IBM Security Bulletin: BigFix Platform 9.5.x / 9.2.x affected by multiple vulnerabilities (CVE-2018-16839, CVE-2018-16842, CVE-2018-16840, CVE-2019-3823, CVE-2019-3822, CVE-2018-16890, CVE-2019-4011, CVE-2018-2005, CVE-2019-4058, CVE-2019-1559) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-bigfix-platform-9-5-x-9-2-x-affected-by-multiple-vulnerabilities-cve-2018-16839-cve-2018-16842-cve-2018-16840-cve-2019-3823-cve-2019-3822-cve-2018-16890-cve-2019-4011/


∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Provisioning Manager for OS Deployment and Tivoli Provisioning Manager for Images (CVE-2018-0737) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-openssl-affect-tivoli-provisioning-manager-for-os-deployment-and-tivoli-provisioning-manager-for-images-cve-2018-0737/


∗∗∗ SSB-501863 (Last Update: 2019-05-16): Customer Information on Microsoft Windows RDP Vulnerability for Siemens Healthineers ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssb-501863.pdf


∗∗∗ Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K52370164


∗∗∗ Microarchitectural Load Port Data Sampling - Information Leak (MLPDS) CVE-2018-12127 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K97035296


∗∗∗ Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K80159635


∗∗∗ Microarchitectural Data Sampling Uncacheable Memory (MDSUM) CVE-2019-11091 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K34303485


∗∗∗ INTEL-SA-00233 Microarchitectural Data Sampling Advisory ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K41283800

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily