Daily

daily@lists.cert.at

1 participants
3249 discussions

Tageszusammenfassung - 21.02.2020
by Daily end-of-shift report 21 Feb '20

21 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 20-02-2020 18:00 − Freitag 21-02-2020 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Coronavirus-Malware breitet sich massiv aus ∗∗∗ --------------------------------------------- Cybersecurity-Experten warnen, dass der Coronavirus immer mehr zur Verbreitung von Malware genutzt wird. --------------------------------------------- https://futurezone.at/digital-life/coronavirus-malware-breitet-sich-massiv-… ∗∗∗ Subdomain-Takeover: Hunderte Microsoft-Subdomains gekapert ∗∗∗ --------------------------------------------- Ein Sicherheitsforscher konnte in den vergangenen Jahren Hunderte Microsoft-Subdomains kapern, doch trotz Meldung kümmerte sich Microsoft nur um wenige. Doch nicht nur der Sicherheitsforscher, auch eine Glücksspielseite übernahm offizielle Microsoft.com-Subdomains. --------------------------------------------- https://www.golem.de/news/subdomain-takeover-hunderte-microsoft-subdomains-… ∗∗∗ Apple: Safari soll nur noch einjährige TLS-Zertifikate akzeptieren ∗∗∗ --------------------------------------------- Apples Browser Safari soll ab 1. September nur noch TLS-Zertifikate mit einer maximalen Gültigkeit von 13 Monaten akzeptieren. Betroffen sind Webseiten wie Github.com oder Microsoft.com, die derzeit auf Zwei-Jahres-Zertifikate setzen. --------------------------------------------- https://www.golem.de/news/apple-safari-soll-nur-noch-einjaehrige-tls-zertif… ∗∗∗ Quick Analysis of an Encrypted Compound Document Format, (Fri, Feb 21st) ∗∗∗ --------------------------------------------- We like when our readers share interesting samples! Even if we have our own sources to hunt for malicious content, its always interesting to get fresh meat from third parties. Robert shared an interesting Microsoft Word document that I quickly analysed. Thanks to him! --------------------------------------------- https://isc.sans.edu/diary/rss/25826 ∗∗∗ How to Find & Remove SEO Spam on WordPress ∗∗∗ --------------------------------------------- Perhaps the best way to dive into the subject of finding and removing SEO spam on WordPress is with a quick experiment — probably one you’ll want to conduct at a private location. Run a Google search with the terms buy viagra cialis. Without clicking anything (seriously, don’t), take a close look at the results. You’ll likely see one or more seemingly innocent, non-pharmaceutical websites advertising these medications. --------------------------------------------- https://blog.sucuri.net/2020/02/remove-seo-spam-wordpress.html ∗∗∗ Fuzzing – Angriff ist die beste Verteidigung ∗∗∗ --------------------------------------------- Das automatisierte Testen von Software mit Fuzzing bietet einige Vorzüge, die sich Entwickler beim Testen zunutze machen sollten. --------------------------------------------- https://heise.de/-4659818 ∗∗∗ Over 400 ICS Vulnerabilities Disclosed in 2019: Report ∗∗∗ --------------------------------------------- More than 400 vulnerabilities affecting industrial control systems (ICS) were disclosed in 2019 and over a quarter of them had no patches when their existence was made public, according to a report published on Thursday by industrial cybersecurity firm Dragos. --------------------------------------------- https://www.securityweek.com/over-400-ics-vulnerabilities-disclosed-2019-re… ∗∗∗ Identitätsdiebstahl: Sicherheitsforscher warnen vor grundlegender Lücke in LTE-Netzen ∗∗∗ --------------------------------------------- Angreifer könnten sich als andere Personen ausgeben, und in deren Namen auftreten – Allerdings hoher Aufwand notwendig --------------------------------------------- https://www.derstandard.at/story/2000114840745/identitaetsdiebstahl-sicherh… ===================== = Vulnerabilities = ===================== ∗∗∗ B&R Industrial Automation Automation Studio and Automation Runtime ∗∗∗ --------------------------------------------- This advisory contains mitigations for an improper authorization vulnerability in B&R Industrial Automations Automation Studio and Automation Runtime software. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-051-01 ∗∗∗ Rockwell Automation FactoryTalk Diagnostics ∗∗∗ --------------------------------------------- This advisory contains mitigations for a deserialization of untrusted data vulnerability in Rockwell Automations FactoryTalk Diagnostics software. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-051-02 ∗∗∗ Honeywell NOTI-FIRE-NET Web Server (NWS-3) ∗∗∗ --------------------------------------------- This advisory contains mitigations for authentication bypass by capture relay, and path traversal vulnerabilities in Honeywells NOTI-FIRE-NET web servers. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-051-03 ∗∗∗ Auto-Maskin RP210E, DCU210E, and Marine Observer Pro (Android App) ∗∗∗ --------------------------------------------- This advisory contains mitigations for cleartext transmission of sensitive information, origin validation error, use of hard-coded credentials, weak password recovery mechanism for forgotten password, and weak password requirements vulnerabilities in Auto-Maskins RP 210E Remote Panels, DCU 210E Control Units, and Marine Observer Pro (Android App). --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-051-04 ∗∗∗ Root-Sicherheitslücke gefährdet IBM-Datenbank Db2 ∗∗∗ --------------------------------------------- Db2 von IBM ist verwundbar und Angreifer könnten schlimmstenfalls Schadcode ausführen. Vorläufige Fixes sind verfügbar. --------------------------------------------- https://heise.de/-4665536 ∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by CentOS (openjpeg2), Debian (cloud-init, jackson-databind, and python-reportlab), Red Hat (ksh, python-pillow, systemd, and thunderbird), Slackware (proftpd), SUSE (java-1_7_0-ibm, nodejs10, and nodejs12), and Ubuntu (ppp and squid, squid3). --------------------------------------------- https://lwn.net/Articles/812995/ ∗∗∗ Security Bulletin: IBM API Connect V5 is impacted by a denial of service vulnerability in Linux kernel (CVE-2019-11477) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v5-is-imp… ∗∗∗ Security Bulletin: Phishing Attack Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-4595) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-phishing-attack-vulnerabi… ∗∗∗ Security Bulletin: Multiple Vulnerabilities identified in IBM StoredIQ ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM License Metric Tool v9 (CVE-2019-4441). ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-we… ∗∗∗ Trend Micro Produkte: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0155 ∗∗∗ Apache Tomcat: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0154 ∗∗∗ Red Hat OpenShift Container Platform: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0157 ∗∗∗ Red Hat Enterprise Linux Server: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0156 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 20.02.2020
by Daily end-of-shift report 20 Feb '20

20 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 19-02-2020 18:00 − Donnerstag 20-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Cybergang Favors G Suite and Physical Checks For BEC Attacks ∗∗∗ --------------------------------------------- Exaggerated Lion, a newly discovered cybercrime group, uses new and unique tactics to target U.S. companies in BEC attacks. --------------------------------------------- https://threatpost.com/cybergang-favors-g-suite-and-physical-checks-for-bec… ∗∗∗ Nearly half of hospital Windows systems still vulnerable to RDP bugs ∗∗∗ --------------------------------------------- Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced, according to a report released this week. --------------------------------------------- https://nakedsecurity.sophos.com/2020/02/20/nearly-half-of-hospital-windows… ∗∗∗ Building a Stronger Cybersecurity Community: 8th ENISA Industry Event ∗∗∗ --------------------------------------------- On 17 February 2020, the EU Agency for Cybersecurity organised its 8th Industry Event in Brussels. --------------------------------------------- https://www.enisa.europa.eu/news/enisa-news/building-a-stronger-cybersecuri… ∗∗∗ Telecom Security Authorities meeting in Brussels ∗∗∗ --------------------------------------------- Last week the EU Agency for Cybersecurity hosted the 30th Article 13a meeting in Brussels. --------------------------------------------- https://www.enisa.europa.eu/news/enisa-news/telecom-security-authorities-me… ∗∗∗ Sicherheitsupdates: Ciscos High-Availability-Feature heißt Angreifer willkommen ∗∗∗ --------------------------------------------- Cisco kümmert sich unter anderem um kritische Lücken in Smart Software Manager, Email Security Appliance & Co. --------------------------------------------- https://heise.de/-4664787 ∗∗∗ Betrügerische Trading-Plattformen nehmen frühere Opfer ins Visier ∗∗∗ --------------------------------------------- Unseriöse Trading-Plattformen versuchen ihren Opfern mit unterschiedlichsten Maschen das Geld aus der Tasche zu ziehen. Einige frühere Betroffene werden nun erneut kontaktiert, obwohl sie bereits jeglichen Kontakt abgebrochen hatten: Angeblich wurden zwischenzeitlich hohe Gewinne erzielt, die nach Zahlung der Steuern beantragt werden könnten. Hier darf nichts bezahlt werden! --------------------------------------------- https://www.watchlist-internet.at/news/betruegerische-trading-plattformen-n… ∗∗∗ Exploiting Jira for Host Discovery ∗∗∗ --------------------------------------------- Last October I dived into the world of Jira Software (version 8.4.1) in the hope of discovering new vulnerabilities. Initially, I came across a few Cross-Site Request Forgery (CSRF) weaknesses, leading me to a vulnerability that allows a user to instruct the Jira server to initiate connections to other hosts of my choice. --------------------------------------------- https://medium.com/tenable-techblog/exploiting-jira-for-host-discovery-43be… ===================== = Vulnerabilities = ===================== ∗∗∗ Critical Adobe Flaws Fixed in Out-of-Band Update ∗∗∗ --------------------------------------------- Two critical Adobe vulnerabilities have been fixed in Adobe After Effects and Adobe Media Encoder. --------------------------------------------- https://threatpost.com/critical-adobe-flaws-fixed-in-out-of-band-update/153… ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (netty and netty-3.9), Fedora (ceph, dovecot, poppler, and webkit2gtk3), openSUSE (inn and rmt-server), Oracle (openjpeg2), Red Hat (rabbitmq-server), Scientific Linux (openjpeg2), SUSE (dnsmasq, rsyslog, and slurm), and Ubuntu (php7.0). --------------------------------------------- https://lwn.net/Articles/812924/ ∗∗∗ jQuery vulnerability CVE-2015-9251 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K29562170 ∗∗∗ PHP: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0147 ∗∗∗ Duplicator < 1.3.28 - Unauthenticated Arbitrary File Download ∗∗∗ --------------------------------------------- https://wpvulndb.com/vulnerabilities/10078 ∗∗∗ Profile - Moderately critical - Access Bypass - SA-CONTRIB-2020-004 ∗∗∗ --------------------------------------------- https://www.drupal.org/sa-contrib-2020-004 ∗∗∗ Security Bulletin: SQL Injection Affects IBM Emptoris Spend Analysis (CVE-2019-4752) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-sql-injection-affects-ibm… ∗∗∗ Security Bulletin: Resilient is vulnerable to Using Components with Known Vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-resilient-is-vulnerable-t… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: A Security Vulnerability Has Been Identified In IBM Security Secret Server (CVE-2019-4640) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-… ∗∗∗ Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Apache Tomcat vulnerabilities. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-websphere-cast-iron-s… ∗∗∗ Security Bulletin: Multiple vulnerabilities in Node.js affect IBM i ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: IBM API Connect has addressed the following vulnerability. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-has-addre… ∗∗∗ Security Bulletin: IBM API Connect is impacted by a vulnerability in Kubernetes(CVE-2019-11251) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impact… ∗∗∗ Security Bulletin: SQL Injection Affects IBM Emptoris Strategic Supply Management Platform (CVE-2019-4752) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-sql-injection-affects-ibm… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 19.02.2020
by Daily end-of-shift report 19 Feb '20

19 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Dienstag 18-02-2020 18:00 − Mittwoch 19-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ SMS Attack Spreads Emotet, Steals Bank Credentials ∗∗∗ --------------------------------------------- A new Emotet campaign is spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan. --------------------------------------------- https://threatpost.com/sms-attack-spreads-emotet-bank-credentials/153015/ ∗∗∗ Jetzt updaten: Exploit-Code für Lücke in Microsoft SQL Server veröffentlicht ∗∗∗ --------------------------------------------- Updates für MS SQL Server 2012, 2014 und 2016 vom Patch Tuesday beheben eine Sicherheitslücke, für die nun Proof-of-Concept-Code vorliegt. --------------------------------------------- https://heise.de/-4663968 ∗∗∗ Firmware-Sicherheitslücken: Angriffe auf Notebooks von Dell, HP und Lenovo ∗∗∗ --------------------------------------------- Notebook-Hersteller verbauen allerlei Komponenten von Zulieferern, denen selbst einfache Schutzmaßnahmen fehlen. --------------------------------------------- https://heise.de/-4664246 ∗∗∗ E-Mail der DNS Austria ist betrügerisch ∗∗∗ --------------------------------------------- Zahlreiche Website-BesitzerInnen erhalten momentan ein E-Mail einer DNS Austria – einem Unternehmen, das angeblich Domainnamen registriert. Sie werden darüber informiert, dass jemand ihre Domain mit einer anderen Endung registrieren möchte. Ihnen wird die Möglichkeit geboten, diese Domain zuvor zu kaufen. Überweisen Sie der DNS Austria kein Geld, es handelt sich um ein betrügerisches Vorgehen und das Unternehmen existiert nicht. --------------------------------------------- https://www.watchlist-internet.at/news/e-mail-der-dns-austria-ist-betrueger… ===================== = Vulnerabilities = ===================== ∗∗∗ Spacelabs Xhibit Telemetry Receiver (XTR) ∗∗∗ --------------------------------------------- This medical advisory contains mitigations for an improper input validation vulnerability in Spacelabs Xhibit Telemetry Receiver hardware --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsma-20-049-01 ∗∗∗ GE Ultrasound products ∗∗∗ --------------------------------------------- This medical advisory contains mitigations for a protection mechanism failure vulnerability in GE ultrasound products. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsma-20-049-02 ∗∗∗ Honeywell INNCOM INNControl 3 ∗∗∗ --------------------------------------------- This advisory contains mitigations for an improper privilege management vulnerability in Honeywells INNCOM INNControl 3 energy management platform. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-049-01 ∗∗∗ Emerson OpenEnterprise ∗∗∗ --------------------------------------------- This advisory contains mitigations for a heap-based buffer overflow vulnerability in Emersons OpenEnterprise SCADA Server software. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-049-02 ∗∗∗ VMSA-2020-0003 ∗∗∗ --------------------------------------------- vRealize Operations for Horizon Adapter updates address multiple security vulnerabilities (CVE-2020-3943, CVE-2020-3944, CVE-2020-3945) --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2020-0003.html ∗∗∗ Zero-Day Vulnerability in ThemeREX Addons Plugin Exploited in the Wild ∗∗∗ --------------------------------------------- Description: Remote Code Execution Affected Plugin: ThemeREX Addons Plugin Slug: trx_addons Affected Versions: Versions greater than 1.6.50 CVSS Score: 9.8 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Patched Version: Currently No Patch. Today, February 18th, our Threat Intelligence team was notified of a vulnerability present in ThemeREX Addons, a WordPress plugin installed on an estimated 44,000 sites. --------------------------------------------- https://www.wordfence.com/blog/2020/02/zero-day-vulnerability-in-themerex-a… ∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by CentOS (firefox, java-1.7.0-openjdk, ksh, and sudo), Debian (php7.0 and python-django), Fedora (cacti, cacti-spine, mbedtls, and thunderbird), openSUSE (chromium, re2), Oracle (firefox, java-1.7.0-openjdk, and sudo), Red Hat (openjpeg2 and sudo), Scientific Linux (java-1.7.0-openjdk and sudo), SUSE (dbus-1, dpdk, enigmail, fontforge, gcc9, ImageMagick, ipmitool, php72, sudo, and wicked), and Ubuntu (clamav, linux, linux-aws, linux-aws-hwe, linux-azure, --------------------------------------------- https://lwn.net/Articles/812851/ ∗∗∗ Bugtraq: [TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP) ∗∗∗ --------------------------------------------- http://www.securityfocus.com/archive/1/542236 ∗∗∗ Cisco Security Advisories ∗∗∗ --------------------------------------------- https://tools.cisco.com/security/center/publicationListing.x ∗∗∗ FortiOS URL redirection attack via the admin password change page ∗∗∗ --------------------------------------------- https://fortiguard.com/psirt/FG-IR-19-179 ∗∗∗ Huawei Security Advisories ∗∗∗ --------------------------------------------- https://www.huawei.com/en/psirt/all-bulletins?name=security-advisories&year… ∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to denial of service (CVE-2020-4135). ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-… ∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to denial of service (CVE-2020-4161) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-… ∗∗∗ Security Bulletin: A vulnerability have been identified in Netty shipped with IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library (CVE-2019-16869) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-have-been… ∗∗∗ Security Bulletin: A vulnerability has been identified in FasterXML Jackson library shipped with IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2019-14540) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-has-been-… ∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to denial of service (CVE-2020-4200). ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-… ∗∗∗ Security Bulletin: IBM Cloud Private is vulnerable to an IBM WebSphere Application Server Liberty vulnerability (CVE-2019-4663) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-private-is-vuln… ∗∗∗ Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-… ∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to privilege escalation (CVE-2020-4230). ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-… ∗∗∗ Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting (CVE-2019-4429) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-maximo-asset-manageme… ∗∗∗ Security Bulletin: Vulnerability in Netty affects IBM Netcool Agile Service Manager ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-netty-af… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 18.02.2020
by Daily end-of-shift report 18 Feb '20

18 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Montag 17-02-2020 18:00 − Dienstag 18-02-2020 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ SSL Testing Methods ∗∗∗ --------------------------------------------- Not all SSL configurations on websites are equal, and a growing number push for HTTPS everywhere. There is an increasing demand to check and quantify that little padlock in your browser. Some simple online tools provide a fast SSL report. They are SSL configuration checkers, which do not just check a certificate, which is really only part of that configuration. Instead, they perform a more thorough look. --------------------------------------------- https://blog.sucuri.net/2020/02/ssl-testing-methods.html ∗∗∗ Gut behütet: OWASP API Security Top 10 ∗∗∗ --------------------------------------------- Zunehmend stehen APIs im Visier von Hackern. Ein Blick auf die neue OWASP-Liste zu den Schwachstellen zeigt, an welchen Stellen Entwickler gefordert sind. --------------------------------------------- https://heise.de/-4660904 ∗∗∗ Kritische Lücke in WordPress-Plugin Profile Builder macht jeden zum Site-Admin ∗∗∗ --------------------------------------------- In der aktuellen Version des WordPress-Plugin Profile Builder haben die Entwickler eine Sicherheitslücke mit Höchstwertung geschlossen. --------------------------------------------- https://heise.de/-4663152 ∗∗∗ Building a bypass with MSBuild ∗∗∗ --------------------------------------------- Living-off-the-land binaries (LoLBins) continue to pose a risk to security defenders. We analyze the usage of the Microsoft Build Engine by attackers and red team personnel. These threats demonstrate techniques T1127 (Trusted Developer Utilities) and T1500 (Compile After Delivery) of MITRE ATT&CK framework. --------------------------------------------- https://blog.talosintelligence.com/2020/02/building-bypass-with-msbuild.html ∗∗∗ Vorsicht vor betrügerischen PayLife E-Mails ∗∗∗ --------------------------------------------- PayLife KundInnen aufgepasst: Aktuell sind Phishing-E-Mails unterwegs. Kriminelle geben sich als PayLife aus und behaupten, dass Ihre Karte gesperrt wurde. Um die Karte wieder freizuschalten, müssen Sie einen Identifikationsprozess durchlaufen und Ihre Daten bestätigen. Klicken Sie keinesfalls auf den Link, es handelt sich um Betrug! --------------------------------------------- https://www.watchlist-internet.at/news/vorsicht-vor-betruegerischen-paylife… ∗∗∗ Bypass Windows 10 User Group Policy (and more) with this One Weird Trick ∗∗∗ --------------------------------------------- I‘m going to share an (ab)use of a Windows feature which can result in bypassing User Group Policy (as well as a few other interesting things). Bypassing User Group Policy is not the end of the world, but it’s also not something that should be allowed and depending on User Group Policy setup, could result in unfortunate security scenarios. --------------------------------------------- https://medium.com/tenable-techblog/bypass-windows-10-user-group-policy-and… ===================== = Vulnerabilities = ===================== ∗∗∗ Vulnerability in wpCentral Plugin Leads to Privilege Escalation ∗∗∗ --------------------------------------------- Description: Improper Access Control to Privilege Escalation Affected Plugin: wpCentral Affected Versions: [...] --------------------------------------------- https://www.wordfence.com/blog/2020/02/vulnerability-in-wpcentral-plugin-le… ∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (systemd and thunderbird), Debian (clamav, libgd2, php7.3, spamassassin, and webkit2gtk), Fedora (kernel, kernel-headers, and sway), Mageia (firefox, kernel-linus, mutt, python-pillow, sphinx, thunderbird, and webkit2), openSUSE (firefox, nextcloud, and thunderbird), Oracle (firefox and ksh), Red Hat (curl, java-1.7.0-openjdk, kernel, and ruby), Scientific Linux (firefox and ksh), SUSE (sudo and xen), and Ubuntu (clamav, php5, php7.0, php7.2, [...] --------------------------------------------- https://lwn.net/Articles/812763/ ∗∗∗ Serious Vulnerabilities Expose SonicWall SMA Appliances to Remote Attacks ∗∗∗ --------------------------------------------- Several serious vulnerabilities have been found by a researcher in Secure Mobile Access (SMA) and Secure Remote Access (SRA) appliances made by SonicWall. The vendor has released software updates that patch the flaws. --------------------------------------------- https://www.securityweek.com/serious-vulnerabilities-expose-sonicwall-sma-a… ∗∗∗ F-Secure Patches Old AV Bypass Vulnerability ∗∗∗ --------------------------------------------- A vulnerability addressed by F-Secure in some of its business products could have been exploited to bypass their scanning engine using malformed archives. --------------------------------------------- https://www.securityweek.com/f-secure-patches-old-av-bypass-vulnerability ∗∗∗ Bugtraq: [TZO-17-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN) ∗∗∗ --------------------------------------------- http://www.securityfocus.com/archive/1/542235 ∗∗∗ Intel processors vulnerability CVE-2019-14607 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K29100014?utm_source=f5support&utm_mediu… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Netcool Agile Service Manager ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Netcool Agile Service Manager ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: IBM Operations Analytics – Log Analysis is affected by stack displayed in WebSphere Application Server (CVE-2019-4441) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-operations-analytics-… ∗∗∗ Security Bulletin: Oct 2019 : Multiple vulnerabilities in IBM Java Runtime affect IBM CICS TX on Cloud ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-oct-2019-multiple-vulnera… ∗∗∗ Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2019-2989) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java… ∗∗∗ Security Bulletin: Bypass security restrictions in WebSphere Application Server Liberty affect IBM Operations Analytics – Log Analysis (CVE-2019-4304) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-bypass-security-restricti… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Oct 2019 : Multiple vulnerabilities in IBM Java Runtime affect TXSeries for Multiplatforms ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-oct-2019-multiple-vulnera… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 17.02.2020
by Daily end-of-shift report 17 Feb '20

17 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Freitag 14-02-2020 18:00 − Montag 17-02-2020 18:00 Handler: Stephan Richter Co-Handler: n/a ===================== = News = ===================== ∗∗∗ Escaping the Chrome Sandbox with RIDL ∗∗∗ --------------------------------------------- tl;dr: Vulnerabilities that leak cross process memory can be exploited to escape the Chrome sandbox. An attacker is still required to compromise the renderer prior to mounting this attack. To protect against attacks on affected CPUs make sure your microcode is up to date and disable hyper-threading (HT). --------------------------------------------- https://googleprojectzero.blogspot.com/2020/02/escaping-chrome-sandbox-with… ∗∗∗ How to hack a company by circumventing its WAF through the abuse of a different security appliance and win bug bounties ∗∗∗ --------------------------------------------- Hey, wait! What do bug bounties and network security appliances have in common? Usually nothing! On the contrary, the security appliances allow virtual patching practices and actively participate to reduce the number of bug bounties paid to researchers…but this is a reverse story: a bug bounty was paid to us thanks to a misconfigured security appliance. --------------------------------------------- https://www.redtimmy.com/web-application-hacking/how-to-hack-a-company-by-c… ∗∗∗ Flaw in WordPress Themes Plugin Allowed Hackers to Become Site Admin ∗∗∗ --------------------------------------------- A serious vulnerability found in a WordPress themes plugin with over 200,000 active installations can be exploited to wipe a website’s database and gain administrator access to the site. read more --------------------------------------------- https://www.securityweek.com/flaw-wordpress-themes-plugin-allowed-hackers-b… ∗∗∗ Theres finally a way to remove xHelper, the unremovable Android malware ∗∗∗ --------------------------------------------- Malwarebytes researchers find a way to remove the malware, but they still dont know how it really operates. --------------------------------------------- https://www.zdnet.com/article/theres-finally-a-way-to-remove-xhelper-the-un… ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (evince, postgresql-9.4, and thunderbird), Fedora (ksh and libxml2), openSUSE (hostapd and nextcloud), Red Hat (chromium-browser, firefox, flash-plugin, and ksh), and SUSE (firefox and thunderbird). --------------------------------------------- https://lwn.net/Articles/812664/ ∗∗∗ PHOENIX CONTACT Emalytics Controller ILC 2050 BI(L) allows unauthorised read and write access to the configuration file. ∗∗∗ --------------------------------------------- https://cert.vde.com/de-de/advisories/vde-2020-001 ∗∗∗ Security Bulletin: Information disclosure in WebSphere Application Server Liberty bundled with IBM Operations Analytics – Log Analysis (CVE-2019-4305) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-in… ∗∗∗ Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Spectrum Protect Plus (CVE-2018-0735, CVE-2018-0734, CVE-2018-5407) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU – Oct 2019 – Includes Oracle Oct 2019 CPU minus CVE-2019-2949 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-sd… ∗∗∗ Security Bulletin: Security Vulnerabilities affect IBM Cloud Private – Kubernetes (CVE-2019-17110, CVE-2019-10223, CVE-2019-11253) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty in IBM Cloud Private VM Quickstarter ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Vulnerabilities in Websphere Liberty and OpenLiberty ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-websph… ∗∗∗ Security Bulletin: IBM Tivoli Common Reporting (TCR) interim fixes address Security Vulnerability and Exposure CVE-2018-1902 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-common-reporti… ∗∗∗ Security Bulletin: A Security Vulnerability affects IBM Cloud Private – Go (CVE-2019-17596) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-… ∗∗∗ Security Bulletin: Vulnerabilities in Apache Commons Compress ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 14.02.2020
by Daily end-of-shift report 14 Feb '20

14 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Donnerstag 13-02-2020 18:00 − Freitag 14-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Robert Waldner ===================== = News = ===================== ∗∗∗ Parallax RAT: Common Malware Payload After Hacker Forums Promotion ∗∗∗ --------------------------------------------- A remote access Trojan named Parallax is being widely distributed through malicious spam campaigns that when installed allow attackers to gain full control over an infected system. --------------------------------------------- https://www.bleepingcomputer.com/news/security/parallax-rat-common-malware-… ∗∗∗ Keep an Eye on Command-Line Browsers, (Fri, Feb 14th) ∗∗∗ --------------------------------------------- For a few weeks, Im searching for suspicious files that make use of a command line browser like curl.exe or wget.exe in Windows environment. Wait, you were not aware of this? Just open a cmd.exe and type 'curl.exe' on your Windows 10 host: [...] --------------------------------------------- https://isc.sans.edu/diary/rss/25804 ∗∗∗ LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File ∗∗∗ --------------------------------------------- Recently, we discovered LokiBot (detected by Trend Micro as Trojan.Win32.LOKI) impersonating a popular game launcher to trick users into executing it on their machines. Further analysis revealed that a sample of this variant employs a quirky, installation routine that involves dropping a compiled C# code file. --------------------------------------------- http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/WsiHoe_u7N4/ ∗∗∗ An In-Depth Technical Analysis of CurveBall (CVE-2020-0601) ∗∗∗ --------------------------------------------- The first Microsoft patch Tuesday of 2020 contained fixes for CVE-2020-0601 [...] an attacker exploiting this vulnerability could potentially create their own cryptographic certificates that appear to originate from a legitimate certificate that is fully trusted by Windows by default. .. this post will primarily highlight the code-level root cause analysis of the vulnerability in the context of how applications are likely to use CryptoAPI to handle certificates — more specifically in the [...] --------------------------------------------- https://blog.trendmicro.com/trendlabs-security-intelligence/an-in-depth-tec… ∗∗∗ Sicherheitslücken-Sammlung SweynTooth: SocS in zahlreichen Produkten verwundbar ∗∗∗ --------------------------------------------- Zwölf Lücken in der Bluetooth-Low-Energy-Umsetzung auf Systems-on-Chip mehrerer Hersteller betreffen Wearables, IoT- aber wohl auch medizinische Geräte. --------------------------------------------- https://heise.de/-4660872 ===================== = Vulnerabilities = ===================== ∗∗∗ Trend Micro AntiVirus: Schwachstelle ermöglicht Denial of Service ∗∗∗ --------------------------------------------- Trend Micro AntiVirus ist eine Anti-Viren-Software. Trend Micro Maximum Security ist eine Desktop Security Suite. Trend Micro Internet Security ist eine Firewall und Antivirus Lösung. --------------------------------------------- https://www.bsi-fuer-buerger.de/SharedDocs/Warnmeldungen/DE/TW/2020/02/warn… ∗∗∗ Schneider Electric Modicon Ethernet Serial RTU ∗∗∗ --------------------------------------------- This advisory contains mitigations for improper check for unusual or exceptional conditions, and improper access control vulnerabilities in Schneider Electrics Modicons BMXNOR0200H Ethernet Serial RTU, a remote terminal unit. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-044-01 ∗∗∗ Schneider Electric Magelis HMI Panels ∗∗∗ --------------------------------------------- This advisory contains mitigations for an improper check for unusual or exceptional conditions vulnerability in Schneiders Magelis HMI Panels. --------------------------------------------- https://www.us-cert.gov/ics/advisories/icsa-20-044-02 ∗∗∗ FortiManager Cross-Site WebSocket Hijacking (CSWSH) ∗∗∗ --------------------------------------------- An Insufficient Verification of Data Authenticity vulnerability in FortiManager may allow an unauthenticated attacker to perform a Cross-Site WebSocket Hijacking (CSWSH) attack. FortiManager 6.2.0 to 6.2.1, 6.0.6 and below. --------------------------------------------- https://fortiguard.com/psirt/FG-IR-19-191 ∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (debian-security-support, postgresql-11, and postgresql-9.6), Fedora (cutter-re, firefox, php-horde-Horde-Data, radare2, and texlive-base), openSUSE (docker-runc), Oracle (kernel), Red Hat (sudo), and Ubuntu (firefox). --------------------------------------------- https://lwn.net/Articles/812494/ ∗∗∗ Bugtraq: [TZO-13-2020] - AVIRA Generic AV Bypass (ZIP GPFLAG) ∗∗∗ --------------------------------------------- http://www.securityfocus.com/archive/1/542223 ∗∗∗ Security Bulletin: Vulnerability affecting IBM Network Performance Insight (CVE-2019-12402) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-affecting-i… ∗∗∗ Security Bulletin: Vulnerability affecting IBM Network Performance Insight (CVE-2019-16335) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-affecting-i… ∗∗∗ Security Bulletin: Oct 2019 : Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-oct-2019-multiple-vulnera… ∗∗∗ Security Bulletin: OpenSSL vulnerability affects IBM Rational Team Concert ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerability-aff… ∗∗∗ Security Bulletin: Oracle Outside In Technology vulnerability in Rational DOORS Next Generation ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-oracle-outside-in-technol… ∗∗∗ Security Bulletin: Vulnerabilities affect IBM Network Performance Insight (CVE-2019-14379, CVE-2019-17531, CVE-2019-14439 and CVE-2019-14540) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-affect-ib… ∗∗∗ Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for Digital Payments ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java… ∗∗∗ Red Hat Virtualization: Schwachstelle ermöglicht Cross-Site Scripting ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0132 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 13.02.2020
by Daily end-of-shift report 13 Feb '20

13 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Mittwoch 12-02-2020 18:00 − Donnerstag 13-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Robert Waldner ===================== = News = ===================== ∗∗∗ Microsoft Urges Exchange Admins to Disable SMBv1 to Block Malware ∗∗∗ --------------------------------------------- Microsoft is recommending administrators disable the SMBv1 network communication protocol on Exchange servers to provide better protection against malware threats and attacks. --------------------------------------------- https://www.bleepingcomputer.com/news/microsoft/microsoft-urges-exchange-ad… ∗∗∗ VU#597809: IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service ∗∗∗ --------------------------------------------- Impact: An unauthenticated remote attacker can execute arbitrary code on a vulnerable system, with SYSTEM privileges on Microsoft Windows. Solution: ServeRAID Manager is no longer supported and we do not expect IBM to release fixes. --------------------------------------------- https://kb.cert.org/vuls/id/597809 ∗∗∗ How to escalate privileges and steal secrets in Google Cloud Platform ∗∗∗ --------------------------------------------- The problem? There just isnt a lot of information available about GCP written from an attackers perspective. We set out to learn as much as we could about Google Cloud and how an attacker might work to abuse common design decisions --------------------------------------------- https://about.gitlab.com/blog/2020/02/12/plundering-gcp-escalating-privileg… ∗∗∗ From S3 bucket to Laravel unserialize RCE ∗∗∗ --------------------------------------------- TLDR: Anyone who have access to the app key can both impersonate other users and, if enabled, make the application deserialize arbitrary data. --------------------------------------------- https://blog.truesec.com/2020/02/12/from-s3-bucket-to-laravel-unserialize-r… ∗∗∗ Tipps für die Sicherheit Ihrer E-Mail-Adressen ∗∗∗ --------------------------------------------- Immer wieder erreichen die Watchlist Internet Meldungen verzweifelter KonsumentInnen zu Problemen mit ihren E-Mail-Accounts. So kann es zur Übernahme von Mail-Adressen oder Hacks kommen. Auch vergessene Passwörter, Sicherheitsfragen oder verdächtige Aktivitäten führen häufig zu Schwierigkeiten. --------------------------------------------- https://www.watchlist-internet.at/news/tipps-fuer-die-sicherheit-ihrer-e-ma… ∗∗∗ Wireshark Tutorial: Examining Qakbot Infections ∗∗∗ --------------------------------------------- Brad Duncan is back with a new Wireshark tutorial. This one examines a recent infection of Qakbot (AKA Qbot), which is an information stealer, so security pros can better understand its traffic patterns for detecting and investigating in the future. The post Wireshark Tutorial: Examining Qakbot Infections appeared first on Unit42. --------------------------------------------- https://unit42.paloaltonetworks.com/tutorial-qakbot-infection/ ===================== = Vulnerabilities = ===================== ∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (dovecot, firefox, ksh, and webkit2gtk), Debian (firefox-esr and openjdk-8), Mageia (exiv2, flash-player-plugin, python-waitress, and vim and neovim), openSUSE (pcp and rubygem-rack), Oracle (kernel), Red Hat (sudo), and Slackware (libarchive). --------------------------------------------- https://lwn.net/Articles/812389/ ∗∗∗ Security Bulletin: CVE-2019-4666 IBM UrbanCode Deploy (UCD) could allow a local user to obtain sensitive information by unmasking certain secure values in documents. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2019-4666-ibm-urbanco… ∗∗∗ Security Bulletin: vulnerabilities in Nimbus JOSE+JWT affect IBM Watson Machine Learning Accelerator 1.2.1 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-nimbus… ∗∗∗ Security Bulletin: Authentication bypass in IBM Tivoli Monitoring Service console ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-authentication-bypass-in-… ∗∗∗ Security Bulletin: OpenSSL vulnerability affects IBM Rational Team Concert ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerability-aff… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: CVE-2019-4666 IBM UrbanCode Build (UCB) could allow a local user to obtain sensitive information by unmasking certain secure values in documents. ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2019-4666-ibm-urbanco… ∗∗∗ Security Bulletin: CVE-2019-0199 The HTTP/2 implementation in embded Apache Tomcat Denial of Service Vulnerability ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2019-0199-the-http-2-… ∗∗∗ Security Bulletin: IBM Tivoli Monitoring Basic Services component (CVE-2019-15903) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-monitoring-bas… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 12.02.2020
by Daily end-of-shift report 12 Feb '20

12 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Dienstag 11-02-2020 18:00 − Mittwoch 12-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Robert Waldner ===================== = News = ===================== ∗∗∗ Jenkins servers can be abused for DDoS attacks ∗∗∗ --------------------------------------------- DDoS attacks can reach an amplification factor of 100, but servers will crash very quickly. --------------------------------------------- https://www.zdnet.com/article/jenkins-servers-can-be-abused-for-ddos-attack… ===================== = Vulnerabilities = ===================== ∗∗∗ Intel Releases Security Updates ∗∗∗ --------------------------------------------- Intel has released security updates to address vulnerabilities in multiple products. * RWC3 Advisory INTEL-SA-00341 * MPSS Advisory INTEL-SA-00340 * RWC2 Advisory INTEL-SA-00339 * SGX SDK Advisory INTEL-SA-00336 * CSME Advisory INTEL-SA-00307 * Renesas Electronics USB 3.0 Driver Advisory INTEL-SA-00273 --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2020/02/11/intel-releases-sec… ∗∗∗ Patchday: Microsoft schließt Zero-Day-Lücke in Internet Explorer ∗∗∗ --------------------------------------------- Seit Januar gibt es Attacken auf Internet Explorer. Dem schiebt Microsoft nun einen Riegel vor. Außerdem gibt es Sicherheitsupdates für Windows & Co. --------------------------------------------- https://heise.de/-4658554 ∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by CentOS (spice-gtk), Debian (libemail-address-list-perl), openSUSE (chromium, libqt5-qtbase, nginx, systemd, and wicked), Oracle (spice-gtk), Slackware (firefox and thunderbird), and Ubuntu (libexif and Yubico PIV Tool). --------------------------------------------- https://lwn.net/Articles/812293/ ∗∗∗ Red Hat OpenShift Service Mesh: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen ∗∗∗ --------------------------------------------- Die Red Hat OpenShift Container Platform bietet Unternehmen die Möglichkeit der Steuerung ihrer Kubernetes Umgebungen. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift Service Mesh ausnutzen, um Sicherheitsvorkehrungen zu umgehen. --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0120 ∗∗∗ 2020-02-12: Vulnerability in ABB Asset Suite - Direct Object Reference ∗∗∗ --------------------------------------------- https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9962&Lan… ∗∗∗ 2020-02-12: Vulnerabilities in ABB eSOMS ∗∗∗ --------------------------------------------- https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964&Lan… ∗∗∗ Wordpress Plugin: GDPR Cookie Consent < 1.8.3 - Improper Access Controls ∗∗∗ --------------------------------------------- https://wordpress.org/plugins/cookie-law-info/ ∗∗∗ Security Advisory - Dangling Pointer Reference Vulnerability in Some Huawei Firewall Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-… ∗∗∗ Security Advisory - Memory Leak Vulnerability in Some Firewall Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-… ∗∗∗ Security Advisory - Denial of Service Vulnerability in Some Huawei Firewall Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-… ∗∗∗ Security Advisory - Small OOB Read Vulnerability in Huawei Product ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-… ∗∗∗ Security Advisory - Double Free Memory Vulnerability in Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-… ∗∗∗ Security Advisory - Denial of Service Vulnerability in Huawei Product ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-… ∗∗∗ Security Advisory - Input Validation Vulnerability in Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200212-… ∗∗∗ Security Bulletin: OpenSSL vulnerabilites (CVE-2019-1552) impacting IBM Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop 3.9.1 and earlier ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-cv… ∗∗∗ Security Bulletin: Security Vulnerability in Expat affects IBM Netezza Analytics ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerability-in… ∗∗∗ Security Bulletin: OpenSSL vulnerabilites (CVE-2019-1563, CVE-2019-1547) impacting IBM Aspera High-Speed Transfer Server 3.9.1, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 3.9.1 and earlier ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-cv… ∗∗∗ Security Bulletin: Multiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple vulnerabilities affect Rational Publishing Engine ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: IBM Cognos Controller 2020Q1 Security Updater: Multiple Security Vulnerabilities have been identified in IBM Cognos Controller ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-controller-202… ∗∗∗ Security Bulletin: Curl vulnerabilities CVE-2019-5443 impact IBM Aspera High-Speed Transfer Server, IBM Aspera High-Speed Transfer Client, IBM Aspera Desktop Client 3.9.1 and earlier ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-curl-vulnerabilities-cve-… ∗∗∗ Security Bulletin: Vulnerabilities in Apache Tomcat affects IBM Platform Symphony ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache… ∗∗∗ Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera Desktop Client 3.9.1 and earlier (CVE-2019-1559) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-im… ∗∗∗ Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera Desktop Client 3.9.1 and earlier (CVE-2018-0734) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilites-im… ∗∗∗ Red Hat Quay: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0119 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 11.02.2020
by Daily end-of-shift report 11 Feb '20

11 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Montag 10-02-2020 18:00 − Dienstag 11-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: Stephan Richter ===================== = News = ===================== ∗∗∗ Fake-Abmahnungen im Namen echter Kanzleien mit Schadsoftware ∗∗∗ --------------------------------------------- Zahlreiche Internet-UserInnen und Website-BetreiberInnen erhalten derzeit vermeintliche Abmahnschreiben wegen angeblicher Urheberrechtsverletzungen im Namen echter Anwaltskanzleien. Kriminelle geben sich beispielsweise als Kanzlei Böhmert und Böhmert oder Kanzlei Wilde Beuger Solmecke aus. Die Schreiben sind gefälscht und enthalten Downloadlinks mit gefährlicher Schadsoftware! --------------------------------------------- https://www.watchlist-internet.at/news/fake-abmahnungen-im-namen-echter-kan… ===================== = Vulnerabilities = ===================== ∗∗∗ Security Bulletins Posted ∗∗∗ --------------------------------------------- Adobe has published security bulletins for Adobe Framemaker (APSB20-04), Adobe Acrobat and Reader (APSB20-05), Adobe Flash Player (APSB20-06), Adobe Digital Edition (APSB20-07) and Adobe Experience Manager (APSB20-08). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin. --------------------------------------------- https://blogs.adobe.com/psirt/?p=1830 ∗∗∗ Mozilla Releases Security Updates for Multiple Products ∗∗∗ --------------------------------------------- Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2020/02/11/mozilla-releases-s… ∗∗∗ FortiAP-S/W2 system files overwrite through tcpdump CLI command ∗∗∗ --------------------------------------------- An improper input validation (CWE-20) vulnerability in FortiAP-S/W2 CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump CLI commands. --------------------------------------------- https://fortiguard.com/psirt/FG-IR-19-298 ∗∗∗ FortiAP system command injection through ifconfig command ∗∗∗ --------------------------------------------- A system command injection vulnerability in the FortiAP CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands. --------------------------------------------- https://fortiguard.com/psirt/%20FG-IR-19-209 ∗∗∗ SAP Security Patch Day – February 2020 ∗∗∗ --------------------------------------------- On 11th of February 2020, SAP Security Patch Day saw the release of 13 Security Notes. There are 2 updates to previously released Patch Day Security Notes. --------------------------------------------- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 ∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (checkstyle), Fedora (poppler), Oracle (kernel), Red Hat (389-ds:1.4, java-1.7.1-ibm, java-1.8.0-ibm, nss-softokn, and spice-gtk), and Scientific Linux (spice-gtk). --------------------------------------------- https://lwn.net/Articles/812219/ ∗∗∗ Flaws in Accusoft ImageGear Expose Users to Remote Attacks ∗∗∗ --------------------------------------------- Critical vulnerabilities addressed in the Accusoft ImageGear library could be exploited by remote attackers to execute code on a victim machine, Cisco Talos’ security researchers report. read more --------------------------------------------- https://www.securityweek.com/flaws-accusoft-imagegear-expose-users-remote-a… ∗∗∗ SSA-986695 (Last Update: 2020-02-11): Information Disclosure Vulnerability in the OZW Web Server ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-986695.txt ∗∗∗ SSA-978558 (Last Update: 2020-02-11): Insufficient Logging Vulnerability in SIPORT MP ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-978558.txt ∗∗∗ SSA-974843 (Last Update: 2020-02-11): Denial-of-Service Vulnerability in SIPROTEC 4 and SIPROTEC Compact Relay Families ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-974843.txt ∗∗∗ SSA-951513 (Last Update: 2020-02-11): Clickjacking Vulnerability in SCALANCE X-300, X-200IRT, and X-200 Switch Families ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-951513.txt ∗∗∗ SSA-940889 (Last Update: 2020-02-11): Vulnerabilities in the embedded FTP server of SIMATIC CP 1543-1 ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-940889.txt ∗∗∗ SSA-780073 (Last Update: 2020-02-11): Denial-of-Service Vulnerability in PROFINET Devices via DCE-RPC Packets ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-780073.txt ∗∗∗ SSA-750824 (Last Update: 2020-02-11): Denial-of-Service Vulnerability in Profinet Devices ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-750824.txt ∗∗∗ SSA-591405 (Last Update: 2020-02-11): Web Vulnerabilities in SCALANCE S-600 family ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-591405.txt ∗∗∗ SSA-431678 (Last Update: 2020-02-11): Denial-of-Service Vulnerability in SIMATIC S7 CPU Families ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-431678.txt ∗∗∗ SSA-398519 (Last Update: 2020-02-11): Vulnerabilities in Intel CPUs (November 2019) ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-398519.txt ∗∗∗ SSA-270778 (Last Update: 2020-02-11): Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC and SIMATIC NET PC Software ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-270778.txt ∗∗∗ SSA-978220 (Last Update: 2020-02-11): Denial-of-Service Vulnerability over SNMP in Multiple Industrial Products ∗∗∗ --------------------------------------------- https://cert-portal.siemens.com/productcert/txt/ssa-978220.txt ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server (CVE-2020-2593, CVE-2020-2583, CVE-2019-4732) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2020-2593, CVE-2020-2583, CVE-2019-4732) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Platform Symphony and IBM Spectrum Symphony ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: IBM Content Navigator is vulnerable to Server Side Request Forgery (SSRF) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-content-navigator-is-… ∗∗∗ Symantec Endpoint Protection: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0111 -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Tageszusammenfassung - 10.02.2020
by Daily end-of-shift report 10 Feb '20

10 Feb '20

===================== = End-of-Day report = ===================== Timeframe: Freitag 07-02-2020 18:00 − Montag 10-02-2020 18:00 Handler: Thomas Pribitzer Co-Handler: n/a ===================== = News = ===================== ∗∗∗ KBOT: sometimes they come back ∗∗∗ --------------------------------------------- We recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, a virus. It is the first “living” virus in recent years that we have spotted in the wild. We named it KBOT. --------------------------------------------- https://securelist.com/kbot-sometimes-they-come-back/96157/ ∗∗∗ Emotet: Erster Hase-Igel-Loop für EmoCheck ∗∗∗ --------------------------------------------- Eine neue Emotet-Version machte ein erstes Update des Erkennungs-Tools EmoCheck fällig. --------------------------------------------- https://heise.de/-4656609 ∗∗∗ Dangerous Domain Corp.com Goes Up for Sale ∗∗∗ --------------------------------------------- As an early domain name investor, Mike OConnor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com. Some he sold over the years, but for the past 26 years OConnor refused to auction perhaps the most sensitive domain in his stable -- corp.com. --------------------------------------------- https://krebsonsecurity.com/2020/02/dangerous-domain-corp-com-goes-up-for-s… ∗∗∗ Betrügerisches Raiffeisen SMS im Umlauf ∗∗∗ --------------------------------------------- Zahlreiche HandynutzerInnen empfangen aktuell angeblich eine SMS von der Raiffeisenbank. Die Funktion pushTAN sei nicht aktiviert. Um das Problem zu beheben, werden Sie aufgefordert, einem Link zu folgen. Klicken Sie nicht auf den Link, Sie gelangen auf eine gefälschte Raiffeisen-Login-Seite. Kriminelle stehlen Ihre Zugangsdaten und Ihre Telefonnummer. --------------------------------------------- https://www.watchlist-internet.at/news/betruegerisches-raiffeisen-sms-im-um… ===================== = Vulnerabilities = ===================== ∗∗∗ Tutor LMS < 1.5.3 - Cross-Site Request Forgery (CSRF) ∗∗∗ --------------------------------------------- Tutor LMS WordPress plugin is vulnerable to Cross-Site Request Forgery (CSRF) attacks. --------------------------------------------- https://wpvulndb.com/vulnerabilities/10058 ∗∗∗ Geschlossene Lücke: Dell SupportAssist Client könnte Schadcode laden ∗∗∗ --------------------------------------------- Es gibt wichtige Sicherheitsupdates für Dell SupportAssist for business PCs und Dell SupportAssist for home PCs. --------------------------------------------- https://heise.de/-4656474 ∗∗∗ Sicherheitsupdate: Wiki-Software Confluence unter Windows angreifbar ∗∗∗ --------------------------------------------- Angreifer könnten die Windows-Version von Confluence attackieren und sich gegebenenfalls höhere Nutzerrechte verschaffen. --------------------------------------------- https://heise.de/-4656770 ∗∗∗ Security updates for Monday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (ipmitool, libexif, and ppp), Fedora (glib2, java-1.8.0-openjdk, java-11-openjdk, libasr, libuv, mingw-gdk-pixbuf, mingw-SDL2, nethack, nghttp2, nodejs, nodejs-mixin-deep, nodejs-set-value, nodejs-yarn, opensmtpd, python-feedgen, runc, samba, sox, and texlive-base), Mageia (chromium-browser-stable, mgetty, openslp, qtbase5, spamassassin, sudo, and xmlrpc), openSUSE (ceph and chromium), Oracle (grub2 and kernel), SUSE (docker-runc, LibreOffice, docker-runc, wicked), Ubuntu (libxml2, qtbase-opensource-src) --------------------------------------------- https://lwn.net/Articles/812118/ ∗∗∗ Security Advisory - Information Leak Vulnerability in Some Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200207-… ∗∗∗ Security Bulletin: Aspera Web Shares application is affected by NGINX Vulnerabilities (CVE-2018-16845, CVE-2018-16843, CVE-2019-7401) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-shares-applica… ∗∗∗ Security Bulletin: Aspera Web Applications (Faspex, Console, Shares) are affected by Apache Vulnerabilities (CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098), ) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-applications-f… ∗∗∗ Security Bulletin: Aspera Web Applications (Faspex, Console) are affected by Apache Vulnerabilities (CVE-2019-0196, CVE-2019-0197, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-applications-f… ∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (February 2020v1) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server January 2020 CPU that is bundled with IBM WebSphere Application Server Patterns ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-… ∗∗∗ Security Bulletin: Aspera Web Application (Faspex, Console, Orchestrator, Shares) are affected by Apache vulnerabilities (CVE-2019-9517, CVE-2019-10097) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-application-fa… ∗∗∗ Security Bulletin: Aspera Web Faspex application is affected by OpenSSL Vulnerability (CVE-2019-1552) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-aspera-web-faspex-applica… ∗∗∗ Security Bulletin: IBM Aspera WebApps (Shares, Faspex, Console, Orchestrator) and products are affected by OpenSSL Vulnerability (CVE-ID: CVE-2019-1543) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-aspera-webapps-shares… ∗∗∗ HPESBHF03978 rev.2 - HPE Superdome Flex Server, Multiple Remote Vulnerabilities ∗∗∗ --------------------------------------------- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_n… -- CERT.at Daily mailing list Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Daily