Daily

daily@lists.cert.at

1 participants
3211 discussions

Tageszusammenfassung - 23.01.2018
by Daily end-of-shift report 23 Jan '18

23 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Montag 22-01-2018 18:00 − Dienstag 23-01-2018 18:00 Handler: Alexander Riepl Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Newsletter-Dienst: Mailchimp verrät E-Mail-Adressen von Newsletter-Abonnenten ∗∗∗ --------------------------------------------- Spezifische Referrer für jeden Newsletter-Nutzer haben dazu geführt, dass Webseitenbetreiber die E-Mail-Adressen von Mailchimp-Nutzern herausfinden konnten. Das Problem wurde nach Meldung an den Anbieter mittlerweile behoben. --------------------------------------------- https://www.golem.de/news/newsletter-dienst-mailchimp-verraet-e-mail-adress… ∗∗∗ Just Keep Swimming: How to Avoid Phishing on Social Media ∗∗∗ --------------------------------------------- >From Facebook to LinkedIn, social media is flat-out rife with phishing attacks. You’ve probably encountered one before… Do fake Oakley sunglasses sales ring a bell? Phishing attacks attempt to steal .. --------------------------------------------- https://www.webroot.com/blog/2018/01/22/how-to-avoid-phishing-social-media/ ∗∗∗ "MaMi": MacOS-Malware hört User ab und manipuliert Datenverkehr ∗∗∗ --------------------------------------------- Schädling leitet Traffic über von Unbekannten kontrollierte DNS-Server um --------------------------------------------- http://derstandard.at/2000072382780 ∗∗∗ Millionen PCs verwundbar: Forscher deckt Lücke in allen Blizzard-Games auf ∗∗∗ --------------------------------------------- Konzern arbeitet bereits an Lösung – Problem bei Client --------------------------------------------- http://derstandard.at/2000072835431 ∗∗∗ Achtung: Whatsapp Abo-Betrug kursiert derzeit per Mail ∗∗∗ --------------------------------------------- "Konto ist abgelaufen" – ehemaliges Abomodell von Whatsapp wird instrumentalisiert um Kreditkartendaten zu ergattern --------------------------------------------- http://derstandard.at/2000072831670 ∗∗∗ SamSam - The Evolution Continues Netting Over $325,000 in 4 Weeks ∗∗∗ --------------------------------------------- This post was written by Vitor VenturaIntroductionTalos has been working in conjunction with Cisco IR Services on what we believe to be a new variant of the SamSam ransomware. This ransomware has been observed across multiple industries including Government, Healthcare and ICS. These attacks do not appear to be highly targeted, and appear to be more opportunistic in nature.Given SamSams victimology, its impacts are not just felt within the business world, they are also impacting people, --------------------------------------------- http://blog.talosintelligence.com/2018/01/samsam-evolution-continues-nettin… ===================== = Vulnerabilities = ===================== ∗∗∗ HTTP Host header attacks against web proxy disclaimer response webpage ∗∗∗ --------------------------------------------- The FortiOS web proxy disclaimer page is potentially vulnerable to an XSS attack, via maliciously crafted "Host" headers in user HTTP requests. The latter is possible if an attacker is in a Man-in-the-middle position (i.e. able to modify the HTTP requests of the potential victim before they reach the web proxy), or poisons a web cache used by the potential victim.In the latter attack scenario, the tainted disclaimer web page being cached, the XSS attack can be considered as persistent. --------------------------------------------- http://fortiguard.com/psirt/FG-IR-17-262 ∗∗∗ VMSA-2018-0002.3 ∗∗∗ --------------------------------------------- VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution. --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2018-0002.html ∗∗∗ JSA10836 - 2018-01 Security Bulletin: SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured. (CVE-2018-0009) ∗∗∗ --------------------------------------------- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10836 ∗∗∗ XXE & Reflected XSS in Oracle Financial Services Analytical Applications ∗∗∗ --------------------------------------------- https://www.sec-consult.com/en/blog/advisories/xxe-reflected-xss-in-oracle-… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 22.01.2018
by Daily end-of-shift report 22 Jan '18

22 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Freitag 19-01-2018 18:00 − Montag 22-01-2018 18:00 Handler: Alexander Riepl Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Hacker One: Nur 20 Prozent der Bounty-Jäger hacken in Vollzeit ∗∗∗ --------------------------------------------- Das US-Unternehmen Hacker One hat aktuelle Zahlen vorgestellt: Die meisten Bounties werden nach wie vor von US-Unternehmen gezahlt. Die Daten zeigen außerdem, dass das Finden von Schwachstellen für die meisten ein Nebenberuf oder Hobby ist. --------------------------------------------- https://www.golem.de/news/hacker-one-nur-20-prozent-der-bounty-jaeger-hacke… ∗∗∗ Powerful Skygofree Spyware Was Already Reported and Analyzed In 2017 ∗∗∗ --------------------------------------------- The Skygofree spyware analyzed by Kaspersky today was first spotted by the researcher Lukas Stefanko and the first analysis was published last year by the experts of CSE Cybsec ZLab. The Skygofree .. --------------------------------------------- http://resources.infosecinstitute.com/powerful-skygofree-spyware-already-re… ∗∗∗ Apple Preps ChaiOS iMessage Bug Fix, Report ∗∗∗ --------------------------------------------- A so-called ‘text bomb’ flaw in Apple’s iPhone and Mac computers that causes devices to crash or restart will be patched next week, according to multiple sources. --------------------------------------------- http://threatpost.com/apple-preps-chaios-imessage-bug-fix-report/129544/ ∗∗∗ Followup to IPv6 brute force and IPv6 blocking ∗∗∗ --------------------------------------------- My diary earlier this week led to some good discussion in the comments and on twitter. I want to, first off, apologize for not responding as much or as quickly as I would have liked, I&#;x26;#;39;ve actually been ill most of this week since posting the previous diary (and signing up for this slot as handler on duty). Having said that, .. --------------------------------------------- https://isc.sans.edu/diary/23253 ∗∗∗ Struts and DotNetNuke Server Exploits Used For Cryptocurrency Mining ∗∗∗ --------------------------------------------- Threat actors have turned to cryptocurrency mining as a reliable way to make a profit in recent months. Cryptocurrency miners use the computing power of end users to mine coins of various kinds, most commonly via malware or compromised websites. By compromising servers in order to run cryptocurrency miners, the threat actors would gain .. --------------------------------------------- https://blog.trendmicro.com/trendlabs-security-intelligence/struts-dotnetnu… ∗∗∗ Dark Caracal: Good News and Bad News ∗∗∗ --------------------------------------------- Yesterday, EFF and Lookout announced a new report, Dark Caracal, that uncovers a new, global malware espionage campaign. One aspect of that campaign was the use of malicious, fake apps to impersonate legitimate popular apps like Signal and WhatsApp. Some readers had questions about what this means for them. This blog post is here to answer .. --------------------------------------------- https://www.eff.org/deeplinks/2018/01/dark-caracal-good-news-and-bad-news ∗∗∗ DarkComet upload vulnerability ∗∗∗ --------------------------------------------- This post will introduce a file upload vulnerability in DarkComet’s C&C server. While a flaw that allows an attacker to download files has already been known for many years there is no mention of this very similar vulnerability. A quick disclaimer before we go into the actual matter: Hacking a C&C server might seem morally justified but it is still illegal. Don’t do it. --------------------------------------------- https://pseudolaboratories.github.io/DarkComet-upload-vulnerability/ ∗∗∗ Zweiter Faktor: Nur wenige User sichern ihren Google-Account zusätzlich ab ∗∗∗ --------------------------------------------- Laut Google wird Zwei-Faktor-Authentifizierung gerade einmal von zehn Prozent alle Nutzer eingesetzt --------------------------------------------- http://derstandard.at/2000072757014 ∗∗∗ 2018 ICS Security Predictions ∗∗∗ --------------------------------------------- We just closed another year in the ICS security industry, one filled with advanced (and exciting) product developments. We also saw an increased market awareness, with growing a emphasis on protecting industrial infrastructure. --------------------------------------------- https://www.bayshorenetworks.com/blog/ics-security-2018-predictions ∗∗∗ Cryptocurrency Hacks and Heists in 2017 ∗∗∗ --------------------------------------------- The cryptocurrency rush took the world by storm last year. This dynamic environment lured new players, including hungry investors, miners, enthusiasts, looking to their hand at innovative startups not to mention threat actors. We witnessed blockchain splits, a boom of Initial Coin Offerings (ICOs), regulatory attempts by governments, the .. --------------------------------------------- https://www.tripwire.com/state-of-security/security-data-protection/cyber-s… ===================== = Vulnerabilities = ===================== ∗∗∗ Google Forms <= 0.91 - Unauthenticated Server-Side Request Forgery (SSRF) ∗∗∗ --------------------------------------------- https://wpvulndb.com/vulnerabilities/9013 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 19.01.2018
by Daily end-of-shift report 19 Jan '18

19 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 18-01-2018 18:00 − Freitag 19-01-2018 18:00 Handler: Nina Bieringer Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Magento: Kreditkartendaten von bis zu 40.000 Oneplus-Käufern kopiert ∗∗∗ --------------------------------------------- Oneplus hat seine Untersuchung zu kopierten Kreditkarten abgeschlossen. Angreifer konnten wohl eine Schwachstelle für Cross-Site-Scripting ausnutzen. --------------------------------------------- https://www.golem.de/news/magento-kreditkartendaten-von-bis-zu-40-000-onepl… ∗∗∗ NCSC Releases Security Advisory ∗∗∗ --------------------------------------------- Original release date: January 18, 2018 The United Kingdoms National Cyber Security Centre (NCSC) has released a report updating its guidance on Turla Neuron malware, which provides a platform to steal sensitive data. NCSC provides enhanced cybersecurity services to protect against cybersecurity threats. NCCIC/US-CERT encourages users and administrators to review the NCSC advisory to access the report and for more information. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2018/01/18/NCSC-Releases-Secu… ∗∗∗ 2018: Vierfach-Jubiläum für Österreichs Internet ∗∗∗ --------------------------------------------- Nicht nur die Republik begeht im heurigen Jahr mehrere Jahrestage, auch Österreichs Internet hat 2018 mehrfachen Grund zu feiern: Vor genau dreißig Jahren wurde die Internet-Endung .at ins weltweite Domain Name System eingetragen, 1998 wurden die Vergabestelle nic.at und die Online-Meldestelle Stopline ins Leben gerufen. Das CERT.at, Österreichs nationales Computer Emergency Response Team, feiert 2018 seinen zehnten Geburtstag. --------------------------------------------- https://www.nic.at/de/news/pressemeldungen/2018-vierfach-jubilaum-fur-oster… ∗∗∗ Militärs, Journalisten, Aktivisten: Libanesische Hacker vergaßen Daten auf offenem Server ∗∗∗ --------------------------------------------- Libanesischer Geheimdienst GDGS als Urheber des Leaks vermutet – Betroffene aus über 20 Ländern --------------------------------------------- http://derstandard.at/2000072593892 ===================== = Vulnerabilities = ===================== ∗∗∗ Cisco Releases Security Updates ∗∗∗ --------------------------------------------- Original release date: January 17, 2018 | Last revised: January 18, 2018 Cisco has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates: [...] --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2018/01/17/Cisco-Releases-Sec… ∗∗∗ Filr 3.0 - Security Update 3 ∗∗∗ --------------------------------------------- Abstract: Security Update for Spectre and Meltdown vulnerabilities in Filr (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754).Document ID: 5360950Security Alert: YesDistribution Type: PublicEntitlement Required: YesFiles:readme_filr_3su3.txt (2.68 kB)Products:Filr 3 Standard EditionFilr 3 Advanced EditionSuperceded Patches: None --------------------------------------------- https://download.novell.com/Download?buildid=4_X7yeGlMKg~ ∗∗∗ Filr 2.0 - Security Update 4 ∗∗∗ --------------------------------------------- Abstract: Security Update for Spectre and Meltdown vulnerabilities in Filr (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754).Document ID: 5360930Security Alert: YesDistribution Type: PublicEntitlement Required: YesFiles:Search-2.0.0.423.HP.zip (157.55 MB)MySQL-2.0.0.205.HP.zip (157.55 MB)Filr-2.0.0.494.HP.zip (157.55 MB)Products:Filr 2Superceded Patches: None --------------------------------------------- https://download.novell.com/Download?buildid=h0wMCm1OqIU~ ∗∗∗ Citrix XenServer Multiple Security Updates ∗∗∗ --------------------------------------------- Due to concerns about the robustness of some of the Intel microcode updates included in the earlier hotfixes for these issues (XS71ECU1009, XS72E013 and XS73E001), Citrix has superseded these hotfixes with new hotfixes listed below. Customers are strongly recommended to apply these new hotfixes. --------------------------------------------- https://support.citrix.com/article/CTX231390 ∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (bind, irssi, nrpe, perl-xml-libxml, and transmission-cli), CentOS (java-1.8.0-openjdk), Debian (awstats, libgd2, mysql-5.5, rsync, smarty3, and transmission), Fedora (keycloak-httpd-client-install and rootsh), and Red Hat (java-1.7.0-oracle and java-1.8.0-oracle). --------------------------------------------- https://lwn.net/Articles/744791/rss ∗∗∗ CPU Side-Channel Information Disclosure Vulnerabilities ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ DFN-CERT-2018-0136: Symantec Advanced Secure Gateway, ProxySG: Mehrere Schwachstellen ermöglichen u.a. Cross-Site-Scripting-Angriffe ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0136/ ∗∗∗ CPU hardware vulnerable to Meltdown and Spectre attacks ∗∗∗ --------------------------------------------- http://fortiguard.com/psirt/FG-IR-18-002 ∗∗∗ IBM Security Bulletin: IBM StoredIQ is affected by the vulnerabilities known as Spectre and Meltdown. ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012718 ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affects IBM WebSphere Application Server for IBM Cloud October 2017 CPU ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011913 ∗∗∗ IBM Security Bulletin: September 2016 OpenSSL Vulnerabilities affect Multiple N series Products ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010852 ∗∗∗ BIG-IP AFM vulnerability CVE-2017-6142 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K20682450 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 18.01.2018
by Daily end-of-shift report 18 Jan '18

18 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 17-01-2018 18:00 − Donnerstag 18-01-2018 18:00 Handler: Nina Bieringer Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ How I exploited ACME TLS-SNI-01 issuing Lets Encrypt SSL-certs for any domain using shared hosting ∗∗∗ --------------------------------------------- TL;DR: I was able to issue SSL certificates I was not supposed to be able to. AWS CloudFront and Heroku were among the affected. The issue was in the specification of ACME TLS-SNI-01 in combination with shared hosting providers. To be clear, Let’s Encrypt only followed the specification, they did nothing wrong here. Quite the opposite I would say. --------------------------------------------- https://labs.detectify.com/2018/01/12/how-i-exploited-acme-tls-sni-01-issui… ∗∗∗ Some Basic Rules for Securing Your IoT Stuff ∗∗∗ --------------------------------------------- Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured "Internet of Things" or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldnt begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and "smart" lightbulbs. Throughout 2016 and 2017, [...] --------------------------------------------- https://krebsonsecurity.com/2018/01/some-basic-rules-for-securing-your-iot-… ===================== = Vulnerabilities = ===================== ∗∗∗ Meltdown and Spectre Vulnerabilities (Update B) ∗∗∗ --------------------------------------------- This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01A Meltdown and Spectre Vulnerabilities that was published January 16, 2018, on the NCCIC/ICS-CERT web site. --------------------------------------------- https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01B ∗∗∗ Citrix XenServer Multiple Security Updates ∗∗∗ --------------------------------------------- Due to concerns about the robustness of some of the Intel microcode updates included in the hotfixes below, Citrix recommends that customers ... --------------------------------------------- https://support.citrix.com/article/CTX231390 ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by CentOS (linux-firmware and microcode_ctl), Fedora (icecat and transmission), Oracle (java-1.8.0-openjdk and microcode_ctl), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk), Slackware (bind), SUSE (kernel), and Ubuntu (eglibc). --------------------------------------------- https://lwn.net/Articles/744713/rss ∗∗∗ Bugtraq: [security bulletin] HPESBMU03806 rev.1 - HPE IceWall Products, Multiple Remote Unauthorized Disclosure of Information, Unauthorized Modificiation ∗∗∗ --------------------------------------------- http://www.securityfocus.com/archive/1/541694 ∗∗∗ DFN-CERT-2018-0111: GitLab: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0111/ ∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop (CVE-2017-3736) ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22012552 ∗∗∗ IBM Security Bulletin: Security Vulnerabilities in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012696 ∗∗∗ SSA-284673 (Last Update 2018-01-18): Vulnerability in Industrial Products ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673… ∗∗∗ SSA-275839 (Last Update 2018-01-18): Denial-of-Service Vulnerability in Industrial Products ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-275839… ∗∗∗ SSA-346262 (Last Update 2018-01-18): Denial-of-Service in Industrial Products ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-346262… ∗∗∗ SSA-701708 (Last Update 2018-01-18): Local Privilege Escalation in Industrial Products ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708… ∗∗∗ SSA-127490 (Last Update 2018-01-18): Vulnerabilities in SIMATIC WinCC Add-Ons ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-127490… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 17.01.2018
by Daily end-of-shift report 17 Jan '18

17 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Dienstag 16-01-2018 18:00 − Mittwoch 17-01-2018 18:00 Handler: Nina Bieringer Co-Handler: Alexander Riepl ===================== = News = ===================== ∗∗∗ Linux-Kernel 4.15 schützt vor Meltdown und Spectre ∗∗∗ --------------------------------------------- Das noch diesen Monat erwartete Linux 4.15 versucht, die Prozessor-Sicherheitslücken Meltdown und Spectre im Zaum zu halten. Ohne Performance-Verlust geht das aber auch bei Linux nicht – und vollständig sind die Gegenmaßnahmen auch noch nicht. --------------------------------------------- https://heise.de/-3900646 ===================== = Vulnerabilities = ===================== ∗∗∗ Meltdown and Spectre Vulnerabilities (Update A) ∗∗∗ --------------------------------------------- This updated alert is a follow-up to the original alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities that was published January 11, 2018, on the NCCIC/ICS-CERT web site. --------------------------------------------- https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01A ∗∗∗ Cisco Web Security Appliance Reflected Cross-Site Scripting Vulnerability ∗∗∗ --------------------------------------------- A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user .. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco Unified Communications Manager Information Disclosure Vulnerability ∗∗∗ --------------------------------------------- A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data.The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker .. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco StarOS CLI Command Injection Vulnerability ∗∗∗ --------------------------------------------- A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected .. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Cisco Email Security and Content Security Management Appliance Privilege Escalation Vulnerability ∗∗∗ --------------------------------------------- A vulnerability in the administrative shell of the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a privilege level of a guest user. The vulnerability is .. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ Oracle Critical Patch Update Advisory - January 2018 ∗∗∗ --------------------------------------------- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html ∗∗∗ Critical Patch Update - January 2018 ∗∗∗ --------------------------------------------- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html ∗∗∗ Solaris Third Party Bulletin - January 2018 ∗∗∗ --------------------------------------------- http://www.oracle.com/technetwork/topics/security/bulletinjan2018-4181198.h… ∗∗∗ Oracle Linux Bulletin - January 2018 ∗∗∗ --------------------------------------------- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2018-4214… ∗∗∗ Oracle VM Server for x86 Bulletin - January 2018 ∗∗∗ --------------------------------------------- http://www.oracle.com/technetwork/topics/security/ovmbulletinjan2018-421464… ∗∗∗ WordPress 4.9.2 Security and Maintenance Release ∗∗∗ --------------------------------------------- https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 16.01.2018
by Daily end-of-shift report 16 Jan '18

16 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Montag 15-01-2018 18:00 − Dienstag 16-01-2018 18:00 Handler: Nina Bieringer Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Skygofree: Kaspersky findet mutmaßlichen Staatstrojaner ∗∗∗ --------------------------------------------- Ein Unternehmen aus Italien soll hinter einer Android-Malware stecken, die seit Jahren verteilt wird. Interessant ist dabei die Vielzahl an Kontrollmöglichkeiten der Angreifer - von HTTP über XMPP und die Firebase-Dienste. --------------------------------------------- https://www.golem.de/news/skygofree-kaspersky-findet-mutmasslichen-staatstr… ∗∗∗ WhatsApp und Signal: Forscher beschreiben Schwächen verschlüsselter Gruppenchats ∗∗∗ --------------------------------------------- Zwar ist die Ende-zu-Ende-Verschlüsselung bei WhatsApp und Signal sicher, das Drumherum lässt aber eventuell zu wünschen übrig. So wird ein von Spionen gekaperter Kontrollserver mitunter zur Schwachstelle. --------------------------------------------- https://heise.de/-3942046 ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (ca-certificates, gdk-pixbuf, and graphicsmagick), Fedora (qtpass), openSUSE (python-openpyxl and syncthing), Slackware (kernel), and Ubuntu (gdk-pixbuf). --------------------------------------------- https://lwn.net/Articles/744503/rss ∗∗∗ BlackBerry powered by Android Security Bulletin – January 2018 ∗∗∗ --------------------------------------------- http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber… ∗∗∗ Vuln: Atlassian JIRA CVE-2017-16862 Cross Site Request Forgery Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/102506 ∗∗∗ Vuln: Atlassian JIRA CVE-2017-16864 Cross Site Scripting Vulnerabiliy ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/102505 ∗∗∗ IBM Fix available for Insecure Direct Object Reference in IBM Cúram Social Program Management (CVE-2018-1362) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012528 ∗∗∗ IBM Security Bulletin: Rational Developer for System z – Add support for TLS v1.2 with MS-CAPI in HCE ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22011808 ∗∗∗ IBM Security Bulletin: IBM Developer for z Systems – Add support for TLS v1.2 with MS-CAPI in HCE ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22011816 ∗∗∗ IBM Security Bulletin: IBM i2 COPLINK BeanShell Vulnerability (CVE-2016-2510) ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg21982952 ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation (CVE-2017-10141, CVE-2017-10196) ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22012619 ∗∗∗ IBM Security Bulletin: IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation are affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22010868 ∗∗∗ IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22012476 ∗∗∗ IBM Security Bulletin: Vulnerability in Open Source cURL Libcurl affects IBM PureApplication. (CVE-2017-1000257) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011203 ∗∗∗ IBM Security Bulletin: IBM Kenexa LCMS Premier on Cloud is affected by Open Source Commons FileUpload Apache Vulnerabilities ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011720 ∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows ∗∗∗ --------------------------------------------- https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099753 ∗∗∗ [R1] SecurityCenter 5.6.1 Fixes Multiple Third-party Vulnerabilities ∗∗∗ --------------------------------------------- http://www.tenable.com/security/tns-2017-16 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 15.01.2018
by Daily end-of-shift report 15 Jan '18

15 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Freitag 12-01-2018 18:00 − Montag 15-01-2018 18:00 Handler: Nina Bieringer Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ List of Links: BIOS Updates for the Meltdown and Spectre Patches ∗∗∗ --------------------------------------------- As Intel, AMD, and other CPU manufacturers have started releasing CPU microcode (firmware) updates for processor models affected by the Meltdown and Spectre patches, those updates are trickling down to OEMs and motherboard vendors, who are now integrating these patches into BIOS/UEFI updates for affected PCs. [...] --------------------------------------------- https://www.bleepingcomputer.com/news/software/list-of-links-bios-updates-f… ∗∗∗ Lenovo findet Backdoor in eigenen Netzwerk-Switches ∗∗∗ --------------------------------------------- Die kompromitierten Switch-Modelle, die nun zu Lenovos Portfolio gehören, hatte ursprünglich der längst aufgelöste Netzwerk-Zulieferer Nortel entwickelt. --------------------------------------------- https://heise.de/-3940562 ∗∗∗ Intel AMT: Exploit hebelt Zugangsschutz von Firmen-Notebooks aus ∗∗∗ --------------------------------------------- F-Secure berichtet über eine potenzielle Sicherheitslücke in Intel AMT, die es Angreifern ermöglicht, sämtliche gängigen Zugangsschutzmaßnahmen vieler Firmen-Notebooks auszuhebeln. --------------------------------------------- https://heise.de/-3940637 ∗∗∗ Personal Cloud: Seagate sichert NAS gegen Fernzugriff ab ∗∗∗ --------------------------------------------- In Netzwerkspeichern des Herstellers Seagate stecken Bugs, die mit einigem Aufwand für den Remote-Zugriff missbraucht werden können. Ein Firmware-Update behebt das Problem. --------------------------------------------- https://heise.de/-3941451 ===================== = Vulnerabilities = ===================== ∗∗∗ Sicherheitsupdates für VMware Workstation, Player, Fusion und ESXi ∗∗∗ --------------------------------------------- https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2018/01/warn… ∗∗∗ DSA-4086 libxml2 - security update ∗∗∗ --------------------------------------------- Nick Wellnhofer discovered that certain function calls inside XPathpredicates can lead to use-after-free and double-free errors whenexecuted by libxml2s XPath engine via an XSLT transformation. --------------------------------------------- https://www.debian.org/security/2018/dsa-4086 ∗∗∗ DSA-4087 transmission - security update ∗∗∗ --------------------------------------------- Tavis Ormandy discovered a vulnerability in the Transmission BitTorrentclient; insecure RPC handling between the Transmission daemon and theclient interface(s) may result in the execution of arbitrary code if auser visits a malicious website while Transmission is running. --------------------------------------------- https://www.debian.org/security/2018/dsa-4087 ∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (qtpass), Debian (libkohana2-php, libxml2, transmission, and xmltooling), Fedora (kernel and qpid-cpp), Gentoo (PolarSSL and xen), Mageia (flash-player-plugin, irssi, kernel, kernel-linus, kernel-tmb, libvorbis, microcode, nvidia-current, php & libgd, poppler, webkit2, and wireshark), openSUSE (gifsicle, glibc, GraphicsMagick, gwenhywfar, ImageMagick, libetpan, mariadb, pngcrush, postgresql94, rsync, tiff, and wireshark), and Oracle (kernel). --------------------------------------------- https://lwn.net/Articles/744398/rss ∗∗∗ DFN-CERT-2018-0084: XMLTooling, Shibboleth Service Provider (SP): Eine Schwachstelle ermöglicht u.a. die Übernahme einer Identität ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0084/ ∗∗∗ Security Advisory - Two DOS Vulnerabilities of XML Parser in Some Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171201-… ∗∗∗ IBM Security Bulletin: This Power firmware update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (known as Spectre and Meltdown) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=isg3T1026811 ∗∗∗ IBM Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2017-3736) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012518 ∗∗∗ IBM Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2017-3735) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012519 ∗∗∗ IBM Security Bulletin: IBM Security Proventia Network Active Bypass is affected by glibc vulnerabilities (CVE-2015-8982 CVE-2015-8983 CVE-2015-8984 CVE-2015-8985) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012428 ∗∗∗ IBM Security Bulletin: IBM Security Proventia Network Active Bypass is affected by glibc vulnerability (CVE-2017-1000366) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012517 ∗∗∗ IBM Security Bulletin: IBM i has released PTFs in response to the vulnerabilities known as Spectre and Meltdown ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=nas8N1022433 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM i. ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=nas8N1022429 ∗∗∗ IBM Security Bulletin: Vulnerabilities in WebSphere eXtreme Scale Version 8.6.0.8 Libraries Affect IBM B2B Advanced Communications (CVE-2015-4936) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012332 ∗∗∗ IBM Security Bulletin: Vulnerabilities in Apache HTTP Components Libraries Affect IBM B2B Advanced Communications ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012312 ∗∗∗ Palo Alto PAN-OS RSA TLS Implementation Lets Remote Users Decrypt Data Communicated By the Target System ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1040149 ∗∗∗ Palo Alto PAN-OS Input Validation Flaw in Captive Portal Lets Remote Users Conduct Cross-Site Scripting Attacks ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1040148 ∗∗∗ Palo Alto PAN-OS Input Validation Flaw in GlobalProtect Interface Lets Remote Users Conduct Cross-Site Scripting Attacks ∗∗∗ --------------------------------------------- http://www.securitytracker.com/id/1040147 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 12.01.2018
by Daily end-of-shift report 12 Jan '18

12 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 11-01-2018 18:00 − Freitag 12-01-2018 18:00 Handler: Robert Waldner Co-Handler: n/a ===================== = News = ===================== ∗∗∗ AMD Will Release CPU Microcode Updates for Spectre Flaw This Week ∗∗∗ --------------------------------------------- AMD officially admitted today that its processors are not vulnerable to the Meltdown bug, but are affected by both variants of the Spectre flaw. --------------------------------------------- https://www.bleepingcomputer.com/news/hardware/amd-will-release-cpu-microco… ∗∗∗ PowerStager Analysis ∗∗∗ --------------------------------------------- Unit 42 analyzes PowerStager and the unique obfuscation technique it was employing for its PowerShell segments --------------------------------------------- https://researchcenter.paloaltonetworks.com/2018/01/unit42-powerstager-anal… ∗∗∗ Perfect SAP Penetration testing. Part 3: The Scope of Vulnerability Search ∗∗∗ --------------------------------------------- In this part we will demonstrate that sometimes traditional approach does not work. If SAP pentesters know a number of SAP vulnerabilities and downloaded free tools from the Internet, they won’t be able to hack a system because some companies have applied the latest patches and they don’t have at least the most common issues (e.g. Gateway bypass, Verb Tampering, or default passwords). [...] This article will show what we did to break the walls. --------------------------------------------- https://erpscan.com/press-center/blog/perfect-sap-penetration-testing-part-… ∗∗∗ Vorsicht vor Fake-Mails vom BSI mit angeblichen Meltdown-/Spectre-Patches ∗∗∗ --------------------------------------------- Betrügerische Mails im Namen des Bundesamt für Sicherheit in der Informationstechnik wollen Opfern einen als Meltdown-/Spectre-Patch getarnten Trojaner unterjubeln. --------------------------------------------- https://www.heise.de/security/meldung/Vorsicht-vor-Fake-Mails-vom-BSI-mit-a… ===================== = Vulnerabilities = ===================== ∗∗∗ Meltdown and Spectre Vulnerabilities ∗∗∗ --------------------------------------------- NCCIC/ICS-CERT is referencing CERT/CC’s vulnerability note VU#584653 CPU hardware vulnerable to side-channel attacks to enhance the awareness of critical infrastructure asset owners/operators and to identify affected product vendors that have contacted ICS-CERT for help disseminating customer notifications/recommendations to mitigate the risk associated with cache side-channel attacks known as Meltdown and Spectre. --------------------------------------------- https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01 ∗∗∗ Advantech WebAccess (Update A) ∗∗∗ --------------------------------------------- This updated advisory is a follow-up to the original advisory titled ICSA-18-004-02 Advantech WebAccess that was published January 4, 2018, on the NCCIC/ICS-CERT web site. This updated advisory contains mitigation details for untrusted pointer dereference, stack-based buffer overflow, path traversal, SQL injection, improper input validation, unrestricted upload of file with dangerous type, and use after free vulnerabilities in Advantech’s WebAccess products. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02A ∗∗∗ WECON Technology Co., Ltd. LeviStudio HMI Editor ∗∗∗ --------------------------------------------- This advisory contains mitigation details for stack-based and heap-based buffer overflow vulnerabilities in the WECON LeviStudio HMI Editor software. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-011-01 ∗∗∗ Moxa MXview ∗∗∗ --------------------------------------------- This advisory contains mitigation details for an unquoted search path or element vulnerability in the Moxa MXview network management software. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-011-02 ∗∗∗ PHOENIX CONTACT FL SWITCH ∗∗∗ --------------------------------------------- This advisory contains mitigation details for improper authorization and information exposure vulnerabilities in the PHOENIX CONTACT FL SWITCH. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-18-011-03 ∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (intel-ucode), Debian (gifsicle), Fedora (awstats and kernel), Gentoo (icoutils, pysaml2, and tigervnc), Mageia (dokuwiki and poppler), Oracle (kernel), SUSE (glibc, kernel, microcode_ctl, tiff, and ucode-intel), and Ubuntu (intel-microcode). --------------------------------------------- https://lwn.net/Articles/744175/rss ∗∗∗ DFN-CERT-2018-0080: Wireshark: Mehrere Schwachstellen ermöglichen Denial-of-Service-Angriffe ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0080/ ∗∗∗ Security Advisory - Weak Cryptography Vulnerability in Some Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171222-… ∗∗∗ IBM Security Bulletin: Vulnerabilities in IBM Java Runtime affects Rational Publishing Engine ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012454 ∗∗∗ IBM Security Bulletin: Vulnerability in Apache Commons FileUpload Affects IBM Sterling Secure Proxy ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012458 ∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by a cURL vulnerability (CVE-2016-7167) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012358 ∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by a vulnerability in Python (CVE-2014-9365) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012355 ∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM B2B Advanced Communications ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22012406 ∗∗∗ IBM Security Bulletin: Vulnerability in IBM HTTP Server affects Netezza Performance Portal ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22008807 ∗∗∗ Critical Patch Update - January 2018 - Pre-Release Announcement ∗∗∗ --------------------------------------------- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html ∗∗∗ SSB-068644 (Last Update 2018-01-11): General Customer Information for Spectre and Meltdown ∗∗∗ --------------------------------------------- https://www.siemens.com/cert/pool/cert/siemens_security_bulletin_ssb-068644… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 11.01.2018
by Daily end-of-shift report 11 Jan '18

11 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 10-01-2018 18:00 − Donnerstag 11-01-2018 18:00 Handler: Robert Waldner Co-Handler: Nina Bieringer ===================== = News = ===================== ∗∗∗ mitm6 – compromising IPv4 networks via IPv6 ∗∗∗ --------------------------------------------- ... most companies are unaware that while IPv6 might not be actively in use, all Windows versions since Windows Vista (including server variants) have IPv6 enabled and prefer it over IPv4. In this blog, an attack is presented that abuses the default IPv6 configuration in Windows networks to spoof DNS replies by acting as a malicious DNS servers and redirect traffic to an attacker specified endpoint. --------------------------------------------- https://blog.fox-it.com/2018/01/11/mitm6-compromising-ipv4-networks-via-ipv… ===================== = Vulnerabilities = ===================== ∗∗∗ SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software ∗∗∗ --------------------------------------------- The Simple Network Management Protocol(SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ DFN-CERT-2018-0073/">Juniper Networks ScreenOS: Eine Schwachstelle ermöglicht das Ausspähen von Informationen ∗∗∗ --------------------------------------------- Ein nicht authentisierter Angreifer im benachbarten Netzwerk kann die Schwachstelle in ScreenOS, die auch unter dem Namen 'Etherleak' geführt wird, ausnutzen, um Informationen auszuspähen. Der Hersteller veröffentlicht die ScreenOS Version 6.3.0r25 zur Behebung der Schwachstelle. Alle nachfolgenden ScreenOS Versionen sind über diese Schwachstelle ebenfalls nicht mehr verwundbar. --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0073/ ∗∗∗ DFN-CERT-2018-0077/">Juniper Junos Space: Mehrere Schwachstellen ermöglichen u.a. die komplette Systemübernahme ∗∗∗ --------------------------------------------- Es existieren mehrere Schwachstellen im Junos Space Security Director and Log Collector, in Junos Space sowie den enthaltenen Komponenten Apache Commons Collections, Apache HTTP-Server (httpd), Apache Log4, Apache Tomcat, JBoss Enterprise Application Platform (EAP), dessen Webkonsole, dem JGroups Framework, dem Linux-Kernel, OpenSSH und rpcbind. --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0077/ ∗∗∗ DFN-CERT-2018-0071/">Juniper Junos OS: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- Für einige der genannten Schwachstellen stehen Workarounds zur Mitigation zur Verfügung. Die Hinweise dazu finden sich in den einzelnen Security Bulletins. --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0071/ ∗∗∗ WebKitGTK+ Security Advisory WSA-2018-0001 ∗∗∗ --------------------------------------------- Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the speculative execution by utilizing branch target injection. Description: Security improvements are included to mitigate the effects. --------------------------------------------- https://www.securityfocus.com/archive/1/541659 ∗∗∗ Spectre-Lücke: Auch Server mit IBM POWER, Fujitsu SPARC und ARMv8 betroffen ∗∗∗ --------------------------------------------- IBM stellt Firmware-Updates für Server mit POWER7+, POWER8 und POWER9 bereit, Fujitsu will einige SPARC-M10- und -M12-Server patchen; zu ARM-SoCs für Server fehlen Infos. --------------------------------------------- https://heise.de/-3938749 ∗∗∗ VMSA-2018-0005 ∗∗∗ --------------------------------------------- VMware Workstation, and Fusion updates resolve use-after-free and integer-overflow vulnerabilities --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2018-0005.html ∗∗∗ January 2018 Office Update Release ∗∗∗ --------------------------------------------- The January 2018 Public Update releases for Office are now available! This month, there are 36 security updates and 25 non-security updates. All of the security and non-security updates are listed in KB article 4058103. --------------------------------------------- https://blogs.technet.microsoft.com/office_sustained_engineering/2018/01/09… ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (glibc and lib32-glibc), Debian (ming and poco), Fedora (electron-cash, electrum, firefox, heketi, microcode_ctl, and python-jsonrpclib), openSUSE (clamav-database and ucode-intel), Red Hat (flash-plugin), SUSE (OBS toolchain), and Ubuntu (webkit2gtk). --------------------------------------------- https://lwn.net/Articles/744075/rss ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011739 ∗∗∗ IBM Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server Vulnerabilities ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22009368 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 10.01.2018
by Daily end-of-shift report 10 Jan '18

10 Jan '18

===================== = End-of-Day report = ===================== Timeframe: Dienstag 09-01-2018 18:00 − Mittwoch 10-01-2018 18:00 Handler: Robert Waldner Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Let’s Encrypt: 2018.01.09 Issue with TLS-SNI-01 and Shared Hosting Infrastructure ∗∗∗ --------------------------------------------- At approximately 5 p.m. Pacific time on January 9, 2018, we received a report from Frans Rosén of Detectify outlining a method of exploiting some shared hosting infrastructures to obtain certificates for domains he did not control, by making use of the ACME TLS-SNI-01 challenge type. We quickly confirmed the issue and mitigated it by entirely disabling TLS-SNI-01 validation in Let’s Encrypt --------------------------------------------- https://community.letsencrypt.org/t/2018-01-09-issue-with-tls-sni-01-and-sh… ===================== = Vulnerabilities = ===================== ∗∗∗ January 2018 security update release ∗∗∗ --------------------------------------------- Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this months security updates can be found in the Security Update Guide. --------------------------------------------- https://blogs.technet.microsoft.com/msrc/2018/01/09/january-2018-security-u… ∗∗∗ Bugtraq: [security bulletin] HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. ∗∗∗ --------------------------------------------- On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE. --------------------------------------------- http://www.securityfocus.com/archive/1/541654 ∗∗∗ DFN-CERT-2018-0065/">Irssi: Mehrere Schwachstellen ermöglichen verschiedene Denial-of-Service-Angriffe ∗∗∗ --------------------------------------------- Mehrere Schwachstellen in Irssi ermöglichen auch einem entfernten, einfach authentisierten Angreifer verschiedene Denial-of-Service (DoS)-Angriffe. Das Irssi-Projekt stellt die Version 1.0.6 von Irssi im Quellcode zur Verfügung, um die Schwachstellen zu schließen. --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0065/ ∗∗∗ Blue Coat ProxySG Multiple Flaws Let Remote Users Conduct Cross-Site Scripting and Open Redirect Attacks and Obtain Authentication Information ∗∗∗ --------------------------------------------- Several vulnerabilities were reported in Blue Coat ProxySG. A remote user can redirect the target user's browser to an arbitrary site. A remote user can obtain authentication information on the target system. A remote user can conduct cross-site scripting attacks. --------------------------------------------- http://www.securitytracker.com/id/1040138 ∗∗∗ VMSA-2018-0004 ∗∗∗ --------------------------------------------- VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Remediation for speculative execution issue --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2018-0004.html ∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (awstats, gdk-pixbuf, plexus-utils, and plexus-utils2), Fedora (asterisk, gimp, heimdal, libexif, linux-firmware, mupdf, poppler, thunderbird, webkitgtk4, wireshark, and xrdp), openSUSE (diffoscope, irssi, and qemu), SUSE (java-1_7_0-ibm, kernel-firmware, and qemu), and Ubuntu (irssi, kernel, linux, linux-aws, linux-euclid, linux-kvm, linux-hwe, linux-azure, linux-gcp, linux-oem, linux-lts-trusty, linux-lts-xenial, linux-lts-xenial, linux-aws, --------------------------------------------- https://lwn.net/Articles/743903/rss ∗∗∗ Cisco Unified Communications Manager Cross-Site Scripting Vulnerability ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco… ∗∗∗ IBM Security Bulletin: Cross-Site Scripting Vulnerability in IBM WebSphere Portal (CVE-2018-1361) ∗∗∗ --------------------------------------------- https://www-01.ibm.com/support/docview.wss?uid=swg22012409 ∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Software Architect and Rational Software Architect for WebSphere Software ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=swg22012420 ∗∗∗ IBM Security Bulletin: Fix available for Stored Cross Site Scripting (XSS) Vulnerability in IBM Cúram Social Program Management (CVE-2017-1739) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012366 ∗∗∗ IBM Security Bulletin: Fix available for Reflected Cross Site Scripting (XSS) Vulnerability in IBM Cúram Social Program Management (CVE-2017-1740) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012372 ∗∗∗ IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Cúram Social Program Management (CVE-2016-1000031) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012374 ∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by a vulnerability (CVE-2017-1478) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22012323 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily