[CERT-daily] Tageszusammenfassung - Mittwoch 1-07-2015

Daily end-of-shift report team at cert.at
Wed Jul 1 18:15:02 CEST 2015


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 30-06-2015 18:00 − Mittwoch 01-07-2015 18:00
Handler:     Robert Waldner
Co-Handler:  n/a



*** What is Wi-Fi Sense and Why Does It Want Your Facebook Account? ***
---------------------------------------------
Wi-Fi Sense is a feature built into Windows 10. You may see a pop-up saying "Wi-Fi Sense needs permission to use your Facebook account." It also works with Outlook.com and Skype contacts. This feature allows you to share Wi-Fi login information - network names and passphrases - with your friends. It's designed to automatically connect Windows 10 devices to shared networks.
...
Wi-Fi Sense was originally a Windows Phone 8.1 feature that made the jump to desktop PCs and tablets with Windows 10.
---------------------------------------------
http://www.howtogeek.com/219700/what-is-wi-fi-sense-and-why-does-it-want-your-facebook-account/?PageSpeed=noscript





*** EU-Kompromiss zu Meldepflichten bei Cyberangriffen steht ***
---------------------------------------------
Betreiber "wesentlicher" Infrastrukturen und Dienste in der EU müssen bald Cyberangriffe melden, für Digitalplattformen wie soziale Netzwerke sollen abgestufte Regeln gelten. Darauf haben sich EU-Rat und Parlament geeinigt.
---------------------------------------------
http://www.heise.de/newsticker/meldung/EU-Kompromiss-zu-Meldepflichten-bei-Cyberangriffen-steht-2732313.html?wt_mc=rss.ho.beitrag.rdf




*** Apple Patches Dozens of Flaws in iOS 8.4, OS X 10.10.4 ***
---------------------------------------------
Apple has released new versions of iOS and OS X, both of which include a significant number of security patches, several for bugs that can lead to remote code execution and other serious issues. Version 8.4 of iOS contains fixes for more than 30 security vulnerabilities, including bugs in the iOS kernel, WebKit, and CoreText.
---------------------------------------------
http://threatpost.com/apple-patches-dozens-of-flaws-in-ios-8-4-os-x-10-10-4/113547




*** ZDI-15-275: (0Day) SolarWinds Storage Manager AuthenticationFilter Remote Code Execution Vulnerability ***
---------------------------------------------
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Manager. Authentication is not required to exploit this vulnerability.
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-15-275/





*** TYPO3 CMS 6.2.14 and 7.3.1 released ***
---------------------------------------------
We are announcing the release of the following TYPO3 CMS updates:
    TYPO3 CMS 6.2.14 LTS
    TYPO3 CMS 7.3.1
Both versions are maintenance releases and contain bug and security fixes.  
---------------------------------------------
http://www.typo3.org/news/article/typo3-cms-6214-and-731-released/






*** Apple gets around to fixing those 77 security holes in OS X Yosemite ***
---------------------------------------------
Your OS X box can still be owned by, well, just about everything Apple has released a series of security updates to address 77 CVE-listed security vulnerabilities in OS X Yosemite.
---------------------------------------------
http://www.theregister.co.uk/2015/06/30/apple_finally_gets_around_to_fixing_those_77_security_holes_in_os_x_yosemite/





*** A third of iThings open to VPN-hijacking, app-wrecking attacks ***
---------------------------------------------
Masques off: Researchers detail five ways to wreck Apple stuff A trio of FireEye researchers have reported twin app-demolishing iOS vulnerabilities Apple has partially fixed in its latest update that could wreck core apps such as the App Store and Settings.
---------------------------------------------
http://www.theregister.co.uk/2015/07/01/masque_attack_ios_fireeye/





*** June 2015 Android malware review from Doctor Web ***
---------------------------------------------
PRINCIPAL TRENDS IN JUNE
- Activity of banking Trojans
- Emergence of new downloader
- Trojans Emergence of new Android ransomware
- Growing number of SMS Trojans   
---------------------------------------------
http://news.drweb.com/show/?i=9511&lng=en&c=9



*** Cisco Vulnerability Alerts ***
---------------------------------------------
Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability 
http://tools.cisco.com/security/center/viewAlert.x?alertId=39569
---------------------------------------------
Cisco Nexus Devices Python Subsystem Local Privilege Escalation Vulnerabilities
http://tools.cisco.com/security/center/viewAlert.x?alertId=39571
---------------------------------------------
Cisco Unified MeetingPlace SQL Injection Vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=39570
---------------------------------------------
Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=39568
---------------------------------------------



*** IBM Security Bulletins ***
---------------------------------------------
IBM Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server that shipped with WebSphere Enterprise Service Bus (CVE-2015-4000)
http://www.ibm.com/support/docview.wss?uid=swg21961048
---------------------------------------------
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects PowerKVM (CVE-2015-4000)
http://www.ibm.com/support/docview.wss?uid=isg3T1022395
---------------------------------------------
IBM Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server that shipped with WebSphere Enterprise Service Bus Registry Edition (CVE-2015-4000)
http://www.ibm.com/support/docview.wss?uid=swg21961049
---------------------------------------------
IBM Security Bulletin: CICS Transaction Gateway for Multiplatforms
http://www.ibm.com/support/docview.wss?uid=swg21903636
---------------------------------------------
IBM Security Bulletin: A security vulnerability in IBM WebSphere Application Server affects IBM Security Access Manager for Web version 7.0 software installations and IBM Tivoli Access Manager for e-business (CVE-2015-1920)
http://www.ibm.com/support/docview.wss?uid=swg21960450
---------------------------------------------
IBM Security Bulletin: Multiple vulnerabilities in the FreeType library affect IBM Security Access Manager for Web
http://www.ibm.com/support/docview.wss?uid=swg21960562
---------------------------------------------
IBM Security Bulletin: Multiple vulnerabilities in FreeType library affect IBM Security Access Manager for Mobile.
http://www.ibm.com/support/docview.wss?uid=swg21958900
---------------------------------------------
IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Access Manager for Web
http://www.ibm.com/support/docview.wss?uid=swg21960668
---------------------------------------------
IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Access Manager for Mobile.
http://www.ibm.com/support/docview.wss?uid=swg21958903
---------------------------------------------
IBM Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Access Manager for Web (CVE-2013-7423)
http://www.ibm.com/support/docview.wss?uid=swg21960456
---------------------------------------------
Vulnerabilities in NTPv4 affect AIX
http://www.ibm.com/support/
---------------------------------------------
IBM Security Bulletin: Multiple cross-site scripting (XSS) vulnerabilities in IBM Dojo Toolkit affects IBM Case Manager (CVE-2014-8917)
http://www.ibm.com/support/docview.wss?uid=swg21883851
---------------------------------------------
IBM Security Bulletin: PowerKVM is affected by a kexec-tools vulnerability (CVE-2015-0267)
http://www.ibm.com/support/docview.wss?uid=isg3T1022407
---------------------------------------------
IBM Security Bulletin: Dual_EC_DRBG vulnerability and RC4 stream cipher vulnerability affect WebSphere Transformation Extender Secure Adapter Collection (CVE-2007-6755, CVE-2015-2808)
http://www.ibm.com/support/docview.wss?uid=swg21959577
---------------------------------------------
IBM Security Bulletin: XSS vulnerability in Error dialog which can execute scripts injected into addressability and comments features that affects IBM Case Manager (CVE-2015-1979)
http://www.ibm.com/support/docview.wss?uid=swg21959695
---------------------------------------------
IBM Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Sterling Connect:Express for UNIX (CVE-2015-4000, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)
http://www.ibm.com/support/docview.wss?uid=swg21959308
---------------------------------------------
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Command Center (CVE-2015-4000)
http://www.ibm.com/support/docview.wss?uid=swg21960508
---------------------------------------------
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects the Enterprise Common Collector component of the IBM Tivoli zEnterprise Monitoring Agent (CVE-2015-4000)
http://www.ibm.com/support/docview.wss?uid=swg21960019
---------------------------------------------
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM InfoSphere Optim Performance Manager (CVE-2015-4000)
http://www.ibm.com/support/docview.wss?uid=swg21959591
---------------------------------------------
IBM Security Bulletin: JavaScript evaluation vulnerability in IBM Business Process Manager (CVE-2015-1961)
http://www.ibm.com/support/docview.wss?uid=swg21959052
---------------------------------------------
IBM Security Bulletin: IBM Security Identity Manager Virtual Appliance affected by Java vulnerabilities (CVE-2015-0138 CVE-2015-0204 CVE-2015-1914 CVE-2015-2808 )
http://www.ibm.com/support/docview.wss?uid=swg21960515
---------------------------------------------
IBM Security Bulletin: Potential denial of service may affect IBM WebSphere Application Server shipped with IBM Tivoli Network Performance Manager (CVE-2015-1829) 
http://www.ibm.com/support/docview.wss?uid=swg21960364
---------------------------------------------
IBM Security Bulletin: PowerKVM is affected by a bind vulnerability (CVE-2015-1349)
http://www.ibm.com/support/docview.wss?uid=isg3T1022295
---------------------------------------------
IBM Security Bulletin: PowerKVM is affected by a qemu vulnerability (CVE-2014-9718)
http://www.ibm.com/support/docview.wss?uid=isg3T1022294
---------------------------------------------
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Access Manager for Mobile (CVE-2015-0488, CVE-2015-0478, CVE-2015-1916)
http://www.ibm.com/support/docview.wss?uid=swg21959597
---------------------------------------------
IBM Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Access Manager for Mobile (CVE-2013-7423)
http://www.ibm.com/support/docview.wss?uid=swg21959604
---------------------------------------------
IBM Security Bulletin: IBM PowerVC is impacted by OpenStack Glance v2 API unrestricted path traversal (CVE-2014-9493, CVE-2015-1195)
http://www.ibm.com/support/docview.wss?uid=nas8N1020785
---------------------------------------------
IBM Security Bulletin: IBM PowerVC is impacted by Apache Qpid security vulnerabilities (CVE-2015-0203, CVE-2015-0223, CVE-2015-0224)
http://www.ibm.com/support/docview.wss?uid=nas8N1020787
---------------------------------------------
IBM Security Bulletin: A cross-site scripting vulnerability affects IBM Security Access Manager for Mobile (CVE-2015-1966)
http://www.ibm.com/support/docview.wss?uid=swg21959068
---------------------------------------------
IBM Security Bulletin: A cross-site scripting vulnerability affects IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway (CVE-2015-1966)
http://www.ibm.com/support/docview.wss?uid=swg21959071
---------------------------------------------
IBM Security Bulletin: XSS Vulnerability in IBM Jazz Foundation affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-0130)
http://www.ibm.com/support/docview.wss?uid=swg21960407
---------------------------------------------




More information about the Daily mailing list