[CERT-daily] Tageszusammenfassung - 10.01.2020

Fri Jan 10 18:06:53 CET 2020

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 09-01-2020 18:00 − Freitag 10-01-2020 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641 ∗∗∗
---------------------------------------------
This is the first blog post in a three-part series that will detail how a vulnerability in iMessage can be exploited remotely without any user interaction on iOS 12.4 (fixed in iOS 12.4.1 in August 2019). It is essentially a more detailed version of my 36C3 talk from December 2019.
---------------------------------------------
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html


∗∗∗ Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging ∗∗∗
---------------------------------------------
Time to start 2020? No better time for writing about the TTD (Time Travel Debugging) feature from WinDBG.
---------------------------------------------
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ D-LINK Router: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten ∗∗∗
---------------------------------------------
Betroffene Systeme: D-LINK Router DCS-935L, D-LINK Router DCS-960L
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in D-LINK Routern ausnutzen, um die Kontrolle über das Gerät zu übernehmen.
---------------------------------------------
https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2020/01/warnmeldung_tw-t20-0007.html


∗∗∗ VMSA-2020-0001 -  	VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability (CVE-2020-3940) ∗∗∗
---------------------------------------------
VMware Workspace ONE SDK and dependent mobile applications do not properly handle certificate verification failures if SSL Pinning has been enabled in the Workspace ONE UEM Console. VMware has evaluated the severity of this issue to be in the moderate severity range with a maximum CVSSv3 base score of 6.8.
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2020-0001.html


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (ldm and sa-exim), Mageia (firefox), openSUSE (chromium, firefox, and thunderbird), SUSE (containerd, docker, docker-runc, golang-github-docker-libnetwork, firefox, log4j, nodejs10, nodejs12, and openssl-1_0_0), and Ubuntu (firefox).
---------------------------------------------
https://lwn.net/Articles/809175/


∗∗∗ Mattermost security update 5.18.1 / 5.17.3 / 5.16.5 / 5.9.8 (ESR) released ∗∗∗
---------------------------------------------
We have released a recommended security update via Mattermost Team Edition 5.18.1, 5.17.3, 5.16.5, 5.9.8 (ESR) and Mattermost Enterprise Edition 5.18.1, 5.17.3, 5.16.5, 5.9.8 (ESR). This security update addresses a high level vulnerability discovered during a security research review by Juho Nurminen. 
---------------------------------------------
https://mattermost.com/blog/mattermost-security-update-5-18-1-5-17-3-5-16-5-5-9-8-esr-released/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily