[CERT-daily] Tageszusammenfassung - 25.09.2019

Daily end-of-shift report team at cert.at
Wed Sep 25 18:09:25 CEST 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 24-09-2019 18:00 − Mittwoch 25-09-2019 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ vBulletin Zero-Day Exploited for Years, Gets Unofficial Patch ∗∗∗
---------------------------------------------
A zero-day exploit for the vBulletin forum platform was publicly disclosed and quickly used to attack affected versions of the forum software. It turns out, though, that this exploit has been known, utilized, and sold by researchers and attackers for years.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/vbulletin-zero-day-exploited-for-years-gets-unofficial-patch/


∗∗∗ Free Decryptors Released for Two Ransomware Families ∗∗∗
---------------------------------------------
Security researchers have released decryption tools which victims of two different ransomware families can use to recover their files for free. On 25 September, Kaspersky Lab unveiled decryptors for both the Yatron and FortuneCrypt crypto-ransomware families.
---------------------------------------------
https://www.tripwire.com/state-of-security/security-data-protection/free-decryptors-released-for-two-ransomware-families/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Apple Releases Security Updates ∗∗∗
---------------------------------------------
Original release date: September 25, 2019Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to obtain access to sensitive information.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2019/09/25/apple-releases-security-updates


∗∗∗ Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques.
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd


∗∗∗ VMSA-2019-0015 ∗∗∗
---------------------------------------------
VMware Cloud Foundation and VMware Harbor Container Registry for PCF address remote escalation of privilege vulnerability (CVE-2019-16097)
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2019-0015.html


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (kernel, libgcrypt20, and spip), Fedora (compat-openssl10, expat, ghostscript, ibus, java-1.8.0-openjdk-aarch32, and SDL2_image), openSUSE (bird, chromium, kernel, libreoffice, links, and varnish), Oracle (httpd:2.4 and qemu-kvm), Red Hat (kernel), Scientific Linux (qemu-kvm), SUSE (djvulibre, dovecot22, ghostscript, kernel, libxml2, and python-Twisted), and Ubuntu (file-roller and libreoffice).
---------------------------------------------
https://lwn.net/Articles/800553/


∗∗∗ [20190901] - Core - XSS in logo parameter of default templates ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/PO-TPPu7rQ0/791-20190901-core-xss-in-logo-parameter-of-default-templates.html


∗∗∗ SBA-ADV-20190911-01: Easy FancyBox Wordpress Plugin Stored Cross-site Scripting (XSS) ∗∗∗
---------------------------------------------
https://github.com/sbaresearch/advisories/commit/9000d9bfd120a1b8f5f1643e5fce6a3fcda05353


∗∗∗ Security Advisory - Two Integer overflow Vulnerabilities in Some Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190925-01-smartphone-en


∗∗∗ Security Advisory - Out-of-bounds Read Vulnerability in Gauss100 OLTP Database of Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190925-01-database-en


∗∗∗ Security Advisory - Improper Validation Vulnerability in Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190925-03-smartphone-en


∗∗∗ Security Advisory - Insufficient Verification Vulnerability in Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190925-02-smartphone-en


∗∗∗ Security Advisory - Insufficient Verification Vulnerability in Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190925-01-codeexecution-en


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Operational Decision Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-sdk-java-technology-edition-affect-ibm-operational-decision-manager-7/


∗∗∗ IBM Security Bulletin: Linux Kernel as used in IBM QRadar Network Packet Capture is vulnerable to denial of service (CVE-2019-11477, CVE-2019-11478, CVE-2019-11479) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-linux-kernel-as-used-in-ibm-qradar-network-packet-capture-is-vulnerable-to-denial-of-service-cve-2019-11477-cve-2019-11478-cve-2019-11479/


∗∗∗ IBM Security Bulletin: IBM MQ and IBM MQ Appliance command server is vulnerable to a denial of service attack caused by specially crafted PCF messages (CVE-2019-4378) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-mq-and-ibm-mq-appliance-command-server-is-vulnerable-to-a-denial-of-service-attack-caused-by-specially-crafted-pcf-messages-cve-2019-4378/


∗∗∗ IBM Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2019-10241, CVE-2019-10246 & CVE-2019-10247) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-java-vulnerability-affects-ibm-sterling-connectdirect-browser-user-interface-cve-2019-10241-cve-2019-10246-cve-2019-10247/


∗∗∗ IBM Security Bulletin: Clickjacking vulnerability in WebSphere Application Server Liberty Admin Center in IBM Cloud (CVE-2019-4285) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-clickjacking-vulnerability-in-websphere-application-server-liberty-admin-center-in-ibm-cloud-cve-2019-4285/


∗∗∗ IBM Security Bulletin: IBM QRadar SIEM is vulnerable to Server Side Request Forgery (CVE-2019-4262) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-siem-is-vulnerable-to-server-side-request-forgery-cve-2019-4262/


∗∗∗ IBM Security Bulletin:IBM Security Identity Adapters has released a fix in response to the OpenSSL vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletinibm-security-identity-adapters-has-released-a-fix-in-response-to-the-openssl-vulnerabilities/


∗∗∗ BIG-IQ services for stats vulnerability CVE-2019-6652 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K23101430


∗∗∗ BIG-IP APM Edge Client logging vulnerability CVE-2019-6656 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K23876153


∗∗∗ BIG-IP Analytics vulnerability CVE-2019-6655 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K31152411


∗∗∗ Martian address filtering vulnerability CVE-2019-6654 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K45644893


∗∗∗ BIG-IQ vulnerability CVE-2019-6653 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K71712132


∗∗∗ REST Framework vulnerability CVE-2019-6651 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K89509323

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list