===================== = End-of-Day report = =====================
Timeframe: Dienstag 19-12-2017 18:00 − Mittwoch 20-12-2017 18:00 Handler: Nina Bieringer Co-Handler: Alexander Riepl
===================== = News = =====================
∗∗∗ Verschlüsselung: Audit findet schwerwiegende Sicherheitslücken in Enigmail ∗∗∗ --------------------------------------------- Mozillas Secure Open Source Fund und der Berliner E-Mail-Anbieter Posteo haben einen Security-Audit für Thunderbird und die Erweiterung Enigmail in Auftrag gegeben. Dabei sind einige kritische und schwerwiegende Lücken gefunden worden. --------------------------------------------- https://www.golem.de/news/verschluesselung-audit-findet-schwerwiegende-siche...
∗∗∗ Avast veröffentlicht Maschinencode-Decompiler als Open Source ∗∗∗ --------------------------------------------- Der Virenschutz-Hersteller Avast hat ein Werkzeug entwickelt, mit dem sich ausführbarer Maschinencode in lesbaren Quelltext zurückübersetzen lassen soll. Damit lässt sich das Verhalten von Programmen analysieren, ohne sie auszuführen. --------------------------------------------- https://heise.de/-3923397
∗∗∗ Backdoor in Captcha Plugin Affects 300K WordPress Sites ∗∗∗ --------------------------------------------- The WordPress repository recently removed the plugin Captcha over what initially appeared to be a trademark issue with the current author using “WordPress” [Editors note: the original page has been removed, we’re now linking to a screen shot.] in their brand name. Whenever the WordPress repository removes a plugin with a large user base, we check .. --------------------------------------------- https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/
===================== = Vulnerabilities = =====================
∗∗∗ Ecava IntegraXor ∗∗∗ --------------------------------------------- This advisory contains mitigation details for SQL injection vulnerabilities in Ecava’s IntegraXor. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-353-03
∗∗∗ Siemens LOGO! Soft Comfort ∗∗∗ --------------------------------------------- This advisory contains mitigation details for a download of code without integrity check vulnerability in Siemens LOGO! Soft Comfort software. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-353-04
∗∗∗ WECON Technology Co., Ltd. LeviStudio HMI ∗∗∗ --------------------------------------------- This advisory contains mitigation details for a heap-based buffer overflow vulnerability in WECON’s LeviStudio HMI. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-17-353-05
∗∗∗ Multiple vulnerabilities in extension "JobControl" (dmmjobcontrol) ∗∗∗ --------------------------------------------- It has been discovered that the extension "JobControl" (dmmjobcontrol) is susceptible to SQL Injection and Cross Site-Scripting. --------------------------------------------- https://typo3.org/news/article/multiple-vulnerabilities-in-extension-jobcont...
∗∗∗ Captcha 4.3.6–4.4.4 - Backdoored ∗∗∗ --------------------------------------------- https://wpvulndb.com/vulnerabilities/8980
∗∗∗ DFN-CERT-2017-2302/">TYPO3 Extensions: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-2302/
∗∗∗ DFN-CERT-2017-2305/">VMware ESXi, Workstation, Fusion, vCenter Server Appliance: Mehrere Schwachstellen ermöglichen u.a. das Erlangen von Administratorrechten ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2017-2305/
∗∗∗ Huawei Security Advisories ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories
∗∗∗ IBM Security Bulletin: IBM Connections Docs is affected by libxml2 vulnerabilty (CVE-2017-16932 CVE-2017-16931) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011831
∗∗∗ IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM® SDK for Node.js™ in IBM Bluemix (CVE-2017-3735 CVE-2017-14919) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22011851
∗∗∗ BIG-IP APM Portal Access vulnerability CVE-2017-0301 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K54358225
∗∗∗ TMM vulnerability CVE-2017-6140 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K55102452