===================== = End-of-Day report = =====================

Timeframe: Dienstag 30-04-2019 18:00 − Donnerstag 02-05-2019 18:00 Handler: Stephan Richter Co-Handler: n/a

===================== = News = =====================

∗∗∗ Phishing-Mail hat es auf Ihr Willhaben-Konto abgesehen ∗∗∗ --------------------------------------------- Erneut sind Phishing-Mails Krimineller im Umlauf. Die Mails erwecken den Anschein, von der Kleinanzeigenplattform Willhaben zu stammen und informieren über die Veröffentlichung einer Verkaufsanzeige für eine Samsung Waschmaschine. Empfänger/innen dürfen den Links in der Nachricht nicht folgen und keine Daten eingeben, ansonsten verlieren sie ihr Willhaben-Konto. --------------------------------------------- https://www.watchlist-internet.at/news/phishing-mail-hat-es-auf-ihr-willhabe...

∗∗∗ JavaScript card sniffing attacks spread to other e-commerce platforms ∗∗∗ --------------------------------------------- OpenCart, OSCommerce, WooCommerce, Shopify are also being targeted. --------------------------------------------- https://www.zdnet.com/article/javascript-card-sniffer-attacks-spread-to-othe...

∗∗∗ 50,000 enterprise firms running SAP software vulnerable to attack ∗∗∗ --------------------------------------------- 9 out of 10 SAP production systems are believed to be vulnerable to new exploits. --------------------------------------------- https://www.zdnet.com/article/50000-enterprise-firms-running-sap-software-vu...

===================== = Vulnerabilities = =====================

∗∗∗ Sicherheitslücke: Treiberinstallation auf Dell-Laptops angreifbar ∗∗∗ --------------------------------------------- Eine auf Dell-Laptops vorinstallierte Windows-Software zur Installation von Treibern öffnet einen lokalen HTTP-Server. Ein Netzwerkangreifer kann das missbrauchen, um Schadsoftware zu installieren. --------------------------------------------- https://www.golem.de/news/sicherheitsluecke-treiberinstallation-auf-dell-lap...

∗∗∗ Rockwell Automation CompactLogix 5370 ∗∗∗ --------------------------------------------- This advisory includes mitigations for uncontrolled resource consumption and stack-based buffer overflow vulnerabilities reported in Rockwell Automation’s CompactLogix 5370 controllers. --------------------------------------------- https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01

∗∗∗ Citrix SD-WAN Security Update ∗∗∗ --------------------------------------------- An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic. --------------------------------------------- https://support.citrix.com/article/CTX247735

∗∗∗ Jetzt patchen: Cisco schließt Lücken in zahlreichen Produkten ∗∗∗ --------------------------------------------- Es ist mal wieder so weit: Netzwerkausrüster Cisco hat zahlreiche Aktualisierungen veröffentlicht. Eine der gepatchten Lücken gilt als kritisch. --------------------------------------------- https://heise.de/-4411599

∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Fedora (libmediainfo, php-horde-horde, and php-horde-turba), SUSE (hostinfo, supportutils, libjpeg-turbo, and openssl), and Ubuntu (dovecot, libpng1.6, and memcached). --------------------------------------------- https://lwn.net/Articles/787232/

∗∗∗ Security updates for Thursday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (proftpd-dfsg and signing-party), Fedora (php-horde-horde and php-horde-turba), and Ubuntu (php5). --------------------------------------------- https://lwn.net/Articles/787299/

∗∗∗ Many Vulnerabilities Found in Wireless Presentation Devices ∗∗∗ --------------------------------------------- Researchers at Tenable have discovered a total of 15 vulnerabilities across eight wireless presentation systems, including flaws that can be exploited to remotely hack devices. read more --------------------------------------------- https://www.securityweek.com/many-vulnerabilities-found-wireless-presentatio...

∗∗∗ Vuln: Microsoft Visual Studio asm Remote Memory Corruption Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/108122

∗∗∗ Vuln: Apache Archiva CVE-2019-0214 Arbitrary File Write Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/bid/108124

∗∗∗ IBM Security Advisories ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/

∗∗∗ Appliance mode vulnerability CVE-2019-6614 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K46524395

∗∗∗ CGNAT/PPTP vulnerability CVE-2019-6611 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K47527163

∗∗∗ DNS vulnerability CVE-2019-6612 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K24401914

∗∗∗ Appliance mode tmsh vulnerability CVE-2019-6615 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K87659521

∗∗∗ Appliance mode tmsh vulnerability CVE-2019-6616 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K82814400

∗∗∗ SNMP vulnerability CVE-2019-6613 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K27400151

∗∗∗ BIG-IP Resource Administrator vulnerability CVE-2019-6618 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K07702240

∗∗∗ BIG-IP Resource Administrator vulnerability CVE-2019-6617 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K38941195

∗∗∗ HTTP/2 ALPN vulnerability CVE-2019-6619 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K94563344

∗∗∗ NodeJS vulnerability CVE-2018-12120 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K37111863