[CERT-daily] Tageszusammenfassung - Freitag 17-06-2016

Fri Jun 17 18:00:12 CEST 2016

=======================
= End-of-Shift report =
=======================

Timeframe:   Donnerstag 16-06-2016 18:00 − Freitag 17-06-2016 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** SAP patches three-year-old vulnerability, plus 20 more flaws ***
---------------------------------------------
SAP this week patched 21 product vulnerabilities, including an information disclosure flaw that was originally disclosed more than three years ago.
---------------------------------------------
http://www.scmagazine.com/sap-patches-three-year-old-vulnerability-plus-20-more-flaws/article/503720/


*** X86 Shellcode Obfuscation - Part 3 ***
---------------------------------------------
Last time, Ive added obfuscation support for most common x86 instructions, which allowed to process the obfuscation output several times in order to get even better results. The obfuscated code output now, while being pretty well obfuscated, still is pretty easy to navigate as the execution flow is not changed. I will fix it this episode as I explain methods of implementing full blown execution flow obfuscation by injecting dozens of jumps to make the code output unrecognizable.
---------------------------------------------
https://breakdev.org/x86-shellcode-obfuscation-part-3/


*** ENISA: Free online tool for the notification of personal data breaches ***
---------------------------------------------
The purpose of the tool is to allow data controllers to complete and submit online a personal data breach notification to the competent authority (DPA/NRA). The tool covers all types of personal data breaches and business sectors, whether public or private. Based on the input of the notification, the tool also provides to the competent authority an assessment of the severity of the breach.
---------------------------------------------
https://www.enisa.europa.eu/news/enisa-news/free-online-tool-for-the-notification-of-personal-data-breaches


*** GitHub: Anmeldeversuche mit auf anderen Sites gestohlenen Zugangsdaten ***
---------------------------------------------
Das GitHub-Team hat zahlreiche Log-in-Versuche festgestellt, die teilweise erfolgreich waren. Offensichtlich haben Hacker versucht, sich mit auf anderen Sites gestohlenen Zugangsdaten anzumelden.
---------------------------------------------
http://heise.de/-3240522


*** Kryptowährung: Einbrecher stehlen 56 Millionen US-Dollar in Ether - fast ***
---------------------------------------------
Sicherheitslücke bei der Bitcoin-Alternative Ethereum: Angreifer konnten 3,5 Millionen Einheiten der Ether stehlen. Eine ungewöhnliche Maßnahme soll aber verhindern, dass das Geld auch wirklich ausgezahlt wird.
---------------------------------------------
http://www.golem.de/news/kryptowaehrung-einbrecher-stehlen-56-millionen-us-dollar-in-ether-fast-1606-121598-rss.html


*** Security updates available for Adobe Flash Player (APSB16-18) and Adobe AIR (APSB16-23) ***
---------------------------------------------
Adobe has published a Security Bulletin (APSB16-18) regarding security updates that address critical vulnerabilities in Adobe Flash Player. Adobe is aware of a report that an exploit for CVE-2016-4171 exists in the wild, and is being used in limited, targeted...
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1371


*** Bugtraq: [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player ***
---------------------------------------------
http://www.securityfocus.com/archive/1/538699


*** Cisco Prime Network Registrar System Configuration Protocol Information Disclosure Vulnerability ***
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-pnr


*** Bugtraq: User enumeration in Skype for Business 2013 ***
---------------------------------------------
http://www.securityfocus.com/archive/1/538697


*** Bugtraq: [SECURITY] [DSA 3604-1] drupal7 security update ***
---------------------------------------------
http://www.securityfocus.com/archive/1/538696


*** Python urllib HTTP Header Injection ***
---------------------------------------------
Topic: Python urllib HTTP Header Injection Risk: Low Text:Pythons built-in URL library ("urllib2" in 2.x and "urllib" in 3.x) is vulnerable to protocol stream injection attacks (a.k.a...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016060130


*** Solarwinds Virtualization Manager 6.3.1 Java Deserialization ***
---------------------------------------------
Topic: Solarwinds Virtualization Manager 6.3.1 Java Deserialization Risk: High Text:Java Deserialization in Solarwinds Virtualization Manager 6.3.1 Product: Solarwinds Virtualization Manager Vendor: Solarwin...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016060126


*** Json2Html Cross Site Scripting ***
---------------------------------------------
Topic: Json2Html Cross Site Scripting Risk: Low Text:# Exploit Title: Json2Html Javascript Library - Reflective/Persistant XSS # Date: 0 day # Exploit Author: David Silveiro # E...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016060123


*** Gemalto Sentinel License Manager 18.0.1 Directory Traversal ***
---------------------------------------------
Topic: Gemalto Sentinel License Manager 18.0.1 Directory Traversal Risk: Medium Text:Gemalto Sentinel License Manager 18.0.1 Directory Traversal Vulnerability Vendor: Gemalto NV | SafeNet, Inc Product we...
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016060121


*** Security Advisory - Insufficient Input Validation Vulnerability in the FusionInsight ***
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2016/huawei-sa-20160617-01-fusioninsight-en


*** Moxa PT-7728 Series Switch Improper Authorization Vulnerability ***
---------------------------------------------
This advisory contains mitigation details for an improper authorization vulnerability in Moxa's Industrial Ethernet Switch PT-7728 series.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-16-168-01


*** sol64505405: NTP vulnerability CVE-2016-4956 ***
---------------------------------------------
This vulnerability can only be exposed if the ntp.conf file is manually edited to enable "broadcastclient" mode in network time protocol (NTP).
---------------------------------------------
https://support.f5.com/kb/en-us/solutions/public/k/64/sol64505405.html


*** sol14969: BIG-IP Edge and FirePass client information leakage vulnerability CVE-2013-6024 ***
---------------------------------------------
The Edge Client components in F5 BIG-IP APM, BIG-IP Edge Gateway, and FirePass allow attackers to obtain sensitive information from process memory via unspecified vectors. (CVE-2013-6024) An attacker with sufficient local privileges on a client machine running Windows or Mac OS X may be able to gain access to a users APM password. Note: This vulnerability is limited to the BIG-IP Edge Client and FirePass legacy client for Windows and Mac OS X only; it does not impact the BIG-IP or FirePass host.
---------------------------------------------
https://support.f5.com/kb/en-us/solutions/public/14000/900/sol14969.html


*** sol82644737: NTP vulnerability CVE-2016-4954 ***
---------------------------------------------
Impact: The NTP service may be disrupted. Security Issue Status: F5 Product Development has assigned ID 597023 (BIG-IP), ID 598184 (BIG-IQ), ID 598186 (Enterprise Manager), and LRS-60784 (LineRate) to this vulnerability.
---------------------------------------------
https://support.f5.com/kb/en-us/solutions/public/k/82/sol82644737.html


*** IBM Security Bulletin: Vulnerability identified in IBM Java SDK affect WebSphere Service Registry and Repository Studio (CVE-2016-3426) ***
---------------------------------------------
A vulnerability in IBM SDK Java Technology Edition, Version 6 that is shipped with IBM WebSphere Service Registry and Repository Studio. These issues were disclosed as part of the IBM Java SDK updates in April 2016. CVE(s): CVE-2016-3426 Affected product(s) and affected version(s): WebSphere Service Registry and Repository Studio V8.5, V8.0, V7.5 and V7.0 are...
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg21985335


*** IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM b-type SAN switches and directors (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794) ***
---------------------------------------------
OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM b-type SAN switches and directors. IBM b-type SAN firmware has addressed the applicable CVEs. CVE(s): CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794 Affected product(s) and affected version(s): IBM b-type switches and directors running FOS versions prior to 7.4.1c are affected.
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1006391