===================== = End-of-Day report = =====================
Timeframe: Mittwoch 10-06-2020 18:00 − Freitag 12-06-2020 18:00 Handler: Dimitri Robl Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ Hackers are quick to notice exposed Elasticsearch servers ∗∗∗ --------------------------------------------- Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. --------------------------------------------- https://www.bleepingcomputer.com/news/security/hackers-are-quick-to-notice-e...
∗∗∗ Intel patches chip flaw that could leak your cryptographic secrets ∗∗∗ --------------------------------------------- Intel chip features that were intended to help you do cryptography better could have leaked your inner secrets. --------------------------------------------- https://nakedsecurity.sophos.com/2020/06/12/intel-patches-chip-flaw-that-cou...
∗∗∗ ConnectWise issues a slightly scary but unusually significant security advisory ∗∗∗ --------------------------------------------- Because IT service providers use ConnectWise to run your IT and this is its first-ever bug report ConnectWise isn't a vendor most Reg readers deal with directly, but the fact the company has just issued its first-ever security advisory deserves attention. --------------------------------------------- https://go.theregister.com/feed/www.theregister.com/2020/06/12/connectwise_s...
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by CentOS (tomcat), Debian (intel-microcode, libphp-phpmailer, mysql-connector-java, python-django, thunderbird, and xawtv), Fedora (kernel and thunderbird), Gentoo (perl), openSUSE (libexif and vim), Oracle (dotnet, kernel, microcode_ctl, and tomcat), Red Hat (net-snmp), Scientific Linux (libexif and tomcat), Slackware (kernel), and SUSE (adns, audiofile, ed, kvm, nodejs12, and xen). --------------------------------------------- https://lwn.net/Articles/822964/
∗∗∗ Critical Vulnerabilities Expose Siemens LOGO! Controllers to Attacks ∗∗∗ --------------------------------------------- Siemens’ LOGO! programmable logic controllers (PLCs) are affected by critical vulnerabilities that can be exploited remotely to launch denial-of-service (DoS) attacks and modify the device’s configuration. --------------------------------------------- https://www.securityweek.com/critical-vulnerabilities-expose-siemens-logo-co...
∗∗∗ 6 New Vulnerabilities Found on D-Link Home Routers ∗∗∗ --------------------------------------------- Six new D-Link vulnerabilities found in D-Links DIR-865L home cloud router. Consumers should patch ASAP. --------------------------------------------- https://unit42.paloaltonetworks.com/6-new-d-link-vulnerabilities-found-on-ho...
∗∗∗ Vulnerabilities in Citrix Workspace app and Receiver for Windows ∗∗∗ --------------------------------------------- Vulnerabilities have been identified in Citrix Workspace app and Receiver for Windows that could result in a local user escalating their privilege level to administrator during the uninstallation process. --------------------------------------------- https://support.citrix.com/article/CTX275460
∗∗∗ Red Hat JBoss Application Server (JBoss): Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0580
∗∗∗ Drupal: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0579
∗∗∗ WordPress: Mehrere Schwachstellen ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K20-0583
∗∗∗ Security Advisory - Denial of Service Vulnerability in Huawei FusionAccess Product ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200610-0...
∗∗∗ Security Advisory - FasterXML Jackson-databind Injection Vulnerability in Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200610-0...
∗∗∗ Security Bulletin: Vulnerabilities CVE-2020-1927 and CVE-2020-1934 in Apache HTTP Server affect IBM i ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-cve-2020-1...
∗∗∗ Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-s...
∗∗∗ Security Bulletin: IBM Workload Scheduler potentially vulnerable to cross site scripting ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-workload-scheduler-pot...
∗∗∗ Security Bulletin: IBM Event Streams is affected by Apache CXF vulnerability CVE-2019-12406 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affec...
∗∗∗ Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-s...
∗∗∗ Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Contract Management ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-s...
∗∗∗ Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-s...
∗∗∗ Security Bulletin: IBM Event Streams is affected by Go vulnerability CVE-2019-16276 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affec...
∗∗∗ Security Bulletin: IBM Event Streams is affected by WebSphere Liberty Profile vulnerability CVE-2019-4441 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affec...
∗∗∗ Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerability CVE-2019-20330 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affec...
∗∗∗ Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-oracle-database-s...
∗∗∗ Security Bulletin: IBM API Connect V5 is vulnerable to cross site scripting (XSS) (CVE-2020-4251) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v5-is-vuln...
∗∗∗ Security Bulletin: IBM Event Streams is affected by kafka vulnerability CVE-2019-12399 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affec...