[CERT-daily] Tageszusammenfassung - Donnerstag 10-11-2016
Daily end-of-shift report
team at cert.at
Thu Nov 10 18:08:26 CET 2016
=======================
= End-of-Shift report =
=======================
Timeframe: Mittwoch 09-11-2016 18:00 − Donnerstag 10-11-2016 18:00
Handler: Robert Waldner
Co-Handler: n/a
*** VMSA-2016-0018 VMware product updates address local privilege escalation vulnerability in linux kernel ***
---------------------------------------------
Relevant Products
* VMware Identity Manager
* vRealize Automation
* vRealize Operations
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2016-0018.html
*** FortiWLC Undocumented Hardcoded core Account ***
---------------------------------------------
FortiWLC comes with a hardcoded account named core which is used by Meru Access Points to send core dumps to the FortiWLC and has read/write privileges over various parts of the system.
Impact: Unauthorized read/write remote access
Affected Products: FortiWLC 7.0-9-1, 7.0-10-0, 8.1-2-0, 8.1-3-2 and 8.2-4-0
---------------------------------------------
https://fortiguard.com/advisory/fortiwlc-undocumented-hardcoded-core-account
*** Deepsec: "Unternehmen interessieren sich nicht für Privacy, außer zum Marketing" ***
---------------------------------------------
Sicherheitsexperte Marcus J. Ranum übt auch scharfe Kritik an eigener Branche: Teure Lösungen für wenig Nutzen
---------------------------------------------
http://derstandard.at/2000047306876
*** OpenSSL Security Advisory [10 Nov 2016] (CVE-2016-7054, CVE-2016-7053, CVE-2016-7055) ***
---------------------------------------------
CVE-2016-7054: TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS.
CVE-2016-7053: Applications parsing invalid CMS structures can crash with a NULL pointer dereference.
---------------------------------------------
https://www.openssl.org/news/secadv/20161110.txt
*** ICMP Unreachable DoS Attacks (aka "Black Nurse"), (Thu, Nov 10th) ***
---------------------------------------------
It is not recommended to block all Type 3 ICMP messages. In particular Type 3 Code 4 (Fragmentation Needed and Don't Fragment was Set) messages are requied for path MTU discovery, which many modern operating systems use.
...
So what should you do?
* Don't panic. This is not a big deal. Test your firewall if you can, or check if is on the vulnerable list
* You are vulnerable if you use a smaller Cisco ASA firewall. Newer/Larger multi-core versions appear to be fine. SonicWall and "some" Palo Alto firewalls appear to be vulnerable too.
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=21699&rss
*** Bugtraq: Secunia Research: Oracle Outside In "GetTxObj()" Use-After-Free Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/archive/1/539732
*** Bugtraq: Secunia Research: Oracle Outside In "VwStreamRead()" Buffer Overflow Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/archive/1/539731
*** Internet Of Things: Sorgenkind Sicherheit ***
---------------------------------------------
Das Geschäft mit smarten Devices und vernetzten Produktionsanlagen brummt, doch die Sicherheit ist oft nur Nebensache. Auf einer Konferenz in Köln zeichneten Branchenvertreter ein düsteres Bild.
---------------------------------------------
https://heise.de/-3463589
*** Windows Mobile Application Penetration Testing Part 2: Understanding Applications ***
---------------------------------------------
In the First article of the series, we have covered the introduction and background required to start learning Windows Mobile Application Penetration Testing. We have also seen the requirements for setting up Windows Phone 8.1 emulators as well as Windows 10 mobile emulators. In this article, we will discuss the basics of Windows Phone 8.1 applications and UWP applications.
---------------------------------------------
http://resources.infosecinstitute.com/windows-mobile-application-penetration-testing-part-2-understanding-applications/
*** [R3] Nessus 6.9 Fixes Multiple Vulnerabilities ***
---------------------------------------------
http://www.tenable.com/security/tns-2016-16
*** F5 Security Advisories ***
---------------------------------------------
*** Security Advisory: BIG-IP ASM Proactive Bot Defense vulnerability CVE-2016-7472 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/17/sol17119920.html?ref=rss
---------------------------------------------
*** Security Advisory: SSL renegotiation vulnerability CVE-2011-1473 ***
https://support.f5.com:443/kb/en-us/solutions/public/15000/200/sol15278.html?ref=rss
---------------------------------------------
*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in lquerylv in LVM impacts AIX (CVE-2016-6079) ***
http://aix.software.ibm.com/aix/efixes/security/lquerylv_advisory.asc
---------------------------------------------
*** IBM Security Bulletin: IBM Resilient Cross Site Scripting Vulnerability (CVE-2016-6062) ***
https://success.resilientsystems.com/hc/en-us/articles/213457065-Security-Bulletin-IBM-Resilient-Cross-Site-Scripting-Vulnerability-CVE-2016-6062-
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in Apache Struts affect IBM WebSphere Portal (CVE-2015-0899, CVE-2016-1181, CVE-2016-1182) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21988770
---------------------------------------------
*** IBM Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty which may impact IBM Streams (CVE-2016-0378) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21993571
---------------------------------------------
*** IBM Security Bulletin: HTTP response splitting attack affects IBM TS7700 Virtualization Engine (CVE-2015-2017) ***
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1008115
---------------------------------------------
More information about the Daily
mailing list