===================== = End-of-Day report = =====================
Timeframe: Montag 26-03-2018 18:00 − Dienstag 27-03-2018 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter
===================== = News = =====================
∗∗∗ Academics Discover New CPU Side-Channel Attack Named BranchScope ∗∗∗ --------------------------------------------- A team of academics from four US universities have discovered a new side-channel attack that takes advantage of the speculative execution feature in modern processors to recover data from users CPUs. --------------------------------------------- https://www.bleepingcomputer.com/news/security/academics-discover-new-cpu-si...
∗∗∗ Exploit kit development has gone to sh$t... ever since Adobe Flash was kicked to the curb ∗∗∗ --------------------------------------------- Coinkidink? Nah. Crooks are switching tactics There was a big drop in exploit kit development last year, and experts have equated this to the phasing out of Adobe Flash. --------------------------------------------- http://go.theregister.com/feed/www.theregister.co.uk/2018/03/27/exploit_kit_...
∗∗∗ E-Mail-Verschlüsselung: Enigmail 2.0 ist da ∗∗∗ --------------------------------------------- Mit der neuen Enigmail-Version 2.0 für den Mail-Client Thunderbird kann man unter anderem neben Text in Mails nun auch die Betreffzeile verschlüsseln. --------------------------------------------- https://heise.de/-4005589
∗∗∗ The Last Windows XP Security White Paper ∗∗∗ --------------------------------------------- Using the strategies and procedures we present in our paper could help prevent an attacker from taking control of your computer --------------------------------------------- https://www.welivesecurity.com/2018/03/27/last-windows-xp-security-white-pap...
===================== = Vulnerabilities = =====================
∗∗∗ Mozilla Releases Security Updates for Firefox ∗∗∗ --------------------------------------------- Original release date: March 27, 2018 Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 59.0.2 and Firefox ESR 52.7.3 and apply the necessary updates. --------------------------------------------- https://www.us-cert.gov/ncas/current-activity/2018/03/27/Mozilla-Releases-Se...
∗∗∗ 2018-02-06 (updated 2018-03-27): Vulnerability in MicroSCADA Pro SYS600 9.x - Improper Access Control ∗∗∗ --------------------------------------------- 3.2.2018 Original document, 16.3.2018 Fix for SYS600 9.3 systems is available. Clarified file system permissions for created Windows groups, see FAQ. --------------------------------------------- http://search.abb.com/library/Download.aspx?DocumentID=1MRS257731&Langua...
∗∗∗ OpenSSL Security Advisory [27 Mar 2018] ∗∗∗ --------------------------------------------- Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739) Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733) rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) --------------------------------------------- https://openssl.org/news/secadv/20180327.txt
∗∗∗ Security updates for Tuesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (firefox-esr, irssi, and librelp), Gentoo (busybox and plib), Mageia (exempi and jupyter-notebook), openSUSE (clamav, dhcp, nginx, python-Django, python3-Django, and thunderbird), Oracle (slf4j), Red Hat (slf4j), Scientific Linux (slf4j), Slackware (firefox), SUSE (librelp), and Ubuntu (screen-resolution-extra). --------------------------------------------- https://lwn.net/Articles/750207/
∗∗∗ Bugtraq: Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability ∗∗∗ --------------------------------------------- http://www.securityfocus.com/archive/1/541897
∗∗∗ DFN-CERT-2018-0574: Librelp: Eine Schwachstelle ermöglicht das Ausführen beliebigen Programmcodes mit den Rechten des Dienstes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0574/
∗∗∗ DFN-CERT-2018-0573: Jenkins-Plugins: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0573/
∗∗∗ DFN-CERT-2018-0575: Sophos UTM: Eine Schwachstelle ermöglicht die Ausführung beliebigen Programmcodes ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0575/
∗∗∗ DFN-CERT-2018-0581: Apache Struts: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ∗∗∗ --------------------------------------------- https://portal.cert.dfn.de/adv/DFN-CERT-2018-0581/
∗∗∗ Security Notice - Statement on Command Injection Vulnerability in Huawei HG655m Product ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-notices/2018/huawei-sn-20180327-01-h...
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Fabric Manager ∗∗∗ --------------------------------------------- https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099782
∗∗∗ IBM Security Bulletin: ∗∗∗ --------------------------------------------- http://www-01.ibm.com/support/docview.wss?uid=isg3T1027315
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22014717
∗∗∗ IBM Security Bulletin: IBM B2B Advanced Communications is Affected by an XML External Entity Injection (XXE) Attack when Processing XML Data ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22014656
∗∗∗ IBM Security Bulletin: Security Bulletin: IBM Security Privileged Identity Manager is affected by sensitive information in page comments vulnerability (CVE-2017-1705) ∗∗∗ --------------------------------------------- http://www.ibm.com/support/docview.wss?uid=swg22014988
∗∗∗ NTP vulnerability CVE-2018-7184 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K13540723