[CERT-daily] Tageszusammenfassung - 07.09.2021

Daily end-of-shift report team at cert.at
Tue Sep 7 18:13:05 CEST 2021


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 06-09-2021 18:00 − Dienstag 07-09-2021 18:00
Handler:     Dimitri Robl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server ∗∗∗
---------------------------------------------
The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. [...]
"At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected," the company said in a statement published over the weekend.
---------------------------------------------
https://thehackernews.com/2021/09/latest-atlassian-confluence-flaw.html


∗∗∗ Firefox 92 und ESR-Versionen bringen wichtige Sicherheitsupdates mit ∗∗∗
---------------------------------------------
Die neuen Versionen des Browsers nebst Extended Support Releases umfassen nicht nur funktionale Neuerungen, sondern auch Sicherheitslücken-Fixes.
---------------------------------------------
https://heise.de/-6185311


∗∗∗ online-handelsregister.eu bucht für einen Handelsregisterauszug über 750 Euro ab ∗∗∗
---------------------------------------------
Für einen Handelsregisterauszug verrechnet das Unternehmen hinter online-handelsregister.eu zusätzlich 749,00 Euro – angeblich für die Freischaltung des Portals. Opfern ist meist nicht bewusst, wie dieser Betrag zu Stande kam. Eines ist klar: online-handelsregister.eu geht nicht seriös vor und hat diesen Betrag ohne Berechtigung abgezogen, denn beim Kaufabschluss wurde die sogenannte Button-Lösung nicht eingehalten.
---------------------------------------------
https://www.watchlist-internet.at/news/online-handelsregistereu-bucht-fuer-einen-handelsregisterauszug-ueber-750-euro-ab/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Ghostscript Zero-Day Allows Full Server Compromises ∗∗∗
---------------------------------------------
Proof-of-concept exploit code was published online over the weekend for an unpatched Ghostscript vulnerability that puts all servers that rely on the component at risk of attacks. From a report: Published by Vietnamese security researcher Nguyen The Duc, the proof-of-concept code is available on GitHub and was confirmed to work by several of todays leading security researchers.
---------------------------------------------
https://it.slashdot.org/story/21/09/07/1532205/ghostscript-zero-day-allows-full-server-compromises


∗∗∗ Netgear schließt Sicherheitslücken in 20 Switches ∗∗∗
---------------------------------------------
Wenn die Voraussetzungen stimmen, könnten Angreifer die Kontrolle über Netgear-Switches erlangen. Sicherheitsupdates sind verfügbar.
---------------------------------------------
https://heise.de/-6184272


∗∗∗ Lücken in Gutenberg-Template-Plug-in gefährden eine Million WordPress-Websites ∗∗∗
---------------------------------------------
Angreifer könnten WordPress-Websites mit dem Plug-in Gutenberg Template Library & Redux Framework attackieren. Ein Sicherheitspatch steht zum Download.
---------------------------------------------
https://heise.de/-6184875


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by openSUSE (apache2, java-11-openjdk, libesmtp, nodejs10, ntfs-3g_ntfsprogs, openssl-1_1, xen, and xerces-c), Red Hat (kernel-rt and kpatch-patch), and SUSE (ntfs-3g_ntfsprogs and openssl-1_1).
---------------------------------------------
https://lwn.net/Articles/868569/


∗∗∗ Synology-SA-21:26 Photo Station ∗∗∗
---------------------------------------------
A vulnerability allows remote attackers to bypass security constraints via a susceptible version of Photo Station.
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_21_26


∗∗∗ Security Bulletin: A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14782) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-oracle-oct-2020-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-14782/


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-rational-functional-tester-4/


∗∗∗ Security Bulletin: Vulnerability in Dojo affects WebSphere Application Server (CVE-2020-5258) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-dojo-affects-websphere-application-server-cve-2020-5258-4/


∗∗∗ Security Bulletin: Multiple vulnerabilities have been identified in Oracle Jan 2021 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14803) (CVE-2020-27221) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-oracle-jan-2021-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-14803-cve-2020-27221/


∗∗∗ Security Bulletin: A security vulnerability has been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-2773) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-identified-in-oracle-oct-2020-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-2773/


∗∗∗ Security Bulletin: Vulnerability in Bind affects IBM Integrated Analytics System ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-affects-ibm-integrated-analytics-system-6/


∗∗∗ Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-4/


∗∗∗ Security Bulletin: CVE-2020-1971 vulnerability in OpenSSL may affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-1971-vulnerability-in-openssl-may-affect-ibm-workload-scheduler/


∗∗∗ Security Bulletin: Multiple vulnerabilities have been identified in Oracle Oct 2020 CPU for Java 8 shipped with IBM® Intelligent Operations Center (CVE-2020-14779, CVE-2020-14792,CVE-2020-14796,CVE-2020-14797,CVE-2020-14798) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-oracle-oct-2020-cpu-for-java-8-shipped-with-ibm-intelligent-operations-center-cve-2020-14779-cve-2020-14792cve-2020-14796/


∗∗∗ Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-3/


∗∗∗ Mitsubishi Electric MELSEC iQ-R Series ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsa-21-250-01


∗∗∗ Hitachi ABB Power Grids System Data Manager ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsa-21-250-02

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list