[CERT-daily] Tageszusammenfassung - Donnerstag 16-06-2016

Thu Jun 16 18:08:26 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Mittwoch 15-06-2016 18:00 − Donnerstag 16-06-2016 18:00
Handler:     Alexander Riepl
Co-Handler:  Robert Waldner


*** Estonia - Cryptographic Algorithms Lifecycle Report 2016 published ***
---------------------------------------------
Estonian Information System Authority (RIA) and Cybernetica have published the "Cryptographic Algorithms Lifecycle Report 2016".
---------------------------------------------
https://www.enisa.europa.eu/about-enisa/structure-organization/national-liaison-office/news-from-the-member-states/estonia-cryptographic-algorithms-lifecycle-report-2016-published


*** TLS Certificate Validation Vulnerability in Citrix iOS Receiver ***
---------------------------------------------
A vulnerability has been identified in Citrix iOS Receiver that could result in TLS certificates being incorrectly validated.
This vulnerability has been assigned the following CVE number:
    CVE-2016-5433: TLS Certificate Validation Vulnerability in Citrix iOS Receiver.
This vulnerability affects all versions of Citrix iOS Receiver earlier than 7.0.
This vulnerability does not affect Citrix Receivers on any other platforms.
---------------------------------------------
http://support.citrix.com/article/CTX213998


*** Citrix XenServer Security Update for CVE-2016-5302 ***
---------------------------------------------
A security vulnerability has been identified in XenServer 7.0 that may allow an attacker on the management network who is in possession of Active Directory credentials for an AD account that is not authorised to manage a XenServer host to compromise that host.
The following vulnerability has been addressed:
    CVE-2016-5302 (Low): Incorrect host management AD authentication
---------------------------------------------
http://support.citrix.com/article/CTX213549


*** Views - Less Critical - Access Bypass - SA-CONTRIB-2016-036 ***
---------------------------------------------
Project: Views (third-party module)
Version: 7.x
Date: 2016-June-15
Security risk: 7/25 ( Less Critical)
Vulnerability: Access bypass
DescriptionAn access bypass vulnerability exists in the Views module, where users without the "View content count" permission can see the number of hits collected by the Statistics module for results in the view.
---------------------------------------------
https://www.drupal.org/node/2749333


*** Trend Micro: Sicherheitsfirma findet trojanisierte Teamviewer-Versionen ***
---------------------------------------------
Wurde Teamviewer gehackt oder nicht? In den vergangenen Wochen beschwerten sich Hunderte Nutzer über Kriminelle, die über Teamviewer Konten plünderten. Der Hersteller selbst verwies auf schlechte Passwörter - eine Sicherheitsfirma hat jetzt eine weitere Idee. 
---------------------------------------------
http://www.golem.de/news/trend-micro-sicherheitsfirma-findet-trojanisierte-teamviewer-versionen-1606-121557-rss.html


*** Deep Discovery Inspector vulnerable to remote code execution ***
---------------------------------------------
Deep Discovery Inspector provided by Trend Micro Incorporated contains a remote code execution vulnerability.
---------------------------------------------
http://jvn.jp/en/jp/JVN55428526/


*** Facebook Privacy & Security Guide: Everything You Need to Know [Updated] ***
---------------------------------------------
Facebook grew in the past years to become the largest online social network in the world. It spread so much that even our parents, neighbors and distant relatives, even from remote areas of the country, now constantly use it. It's the place where everybody is active, from friends, family, work colleagues, old school friends to ...
---------------------------------------------
https://heimdalsecurity.com/blog/facebook-security-privacy-guide/


*** Bugtraq: [security bulletin] HPSBNS03625 rev.1 - HPE NonStop Application Server for Java (NSASJ) running SSL/TLS, Remote Disclosure of Information ***
---------------------------------------------
[security bulletin] HPSBNS03625 rev.1 - HPE NonStop Application Server for Java (NSASJ) running SSL/TLS, Remote Disclosure of Information
---------------------------------------------
http://www.securityfocus.com/archive/1/538693


*** Bugtraq: [security bulletin] HPSBGN03553 rev.1 - HP OneView Products using glibc and OpenSSL, Multiple Remote Vulnerabilties ***
---------------------------------------------
[security bulletin] HPSBGN03553 rev.1 - HP OneView Products using glibc and OpenSSL, Multiple Remote Vulnerabilties
---------------------------------------------
http://www.securityfocus.com/archive/1/538692


*** Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2016-002 ***
---------------------------------------------
Project: Drupal core
Version: 7.x, 8.x
Security risk: 11/25 ( Moderately Critical)
Vulnerability: Access bypass, Multiple vulnerabilities
Description Saving user accounts can sometimes grant the user all roles
---------------------------------------------
https://www.drupal.org/SA-CORE-2016-002


*** Cisco Security Advisories ***
---------------------------------------------
*** Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2
---------------------------------------------
*** Cisco RV110W, RV130W, and RV215W Routers Cross-Site Scripting Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1
---------------------------------------------
*** Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv
---------------------------------------------
*** Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability ***
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3
---------------------------------------------


*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Cross-Site Request Forgery Vulnerability in IBM WebSphere Portal (CVE-2016-2901) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21983974
---------------------------------------------
*** IBM Security Bulletin: IBM TRIRIGA Application platform is vulnerable to a cross-site scripting attack. (CVE-2016-2883) ***
http://www.ibm.com/support/docview.wss?uid=swg21985158
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in BeanShell affects IBM Leads (CVE-2016-2510) ***
http://www.ibm.com/support/docview.wss?uid=swg21982167
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in InstallAnywhere affects IBM InfoSphere Optim Performance Manager for DB2 on LUW and IBM InfoSphere Optim Configuration Manager on Windows Platform (CVE-2016-4560) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21984067
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager FastBack for Bare Machine Recovery (CVE-2016-2542) ***
http://www.ibm.com/support/docview.wss?uid=swg21984184
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager FastBack (CVE-2016-2542) ***
http://www.ibm.com/support/docview.wss?uid=swg21982809
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in IBM Notes KeyView PDF Filters (CVE-2016-0301, CVE-2016-0278, CVE-2016-0279, CVE-2016-0277) ***
http://www.ibm.com/support/docview.wss?uid=swg21982277
---------------------------------------------