[CERT-daily] Tageszusammenfassung - Dienstag 29-11-2016

Daily end-of-shift report team at cert.at
Tue Nov 29 18:59:26 CET 2016


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 28-11-2016 18:00 − Dienstag 29-11-2016 18:00
Handler:     Robert Waldner
Co-Handler:  n/a




*** Bruce Schneier zur Netz-Sicherheit: "Die Ära von Spaß und Spielen ist vorbei" ***
---------------------------------------------
Der renommierte Sicherheits-Experte warnte auf dem Security-Kongress der Telekom vor einer grenzenlosen Vernetzung. Staatliche Regulierung sei unausweichlich.
---------------------------------------------
https://www.heise.de/newsticker/meldung/Bruce-Schneier-zur-Netz-Sicherheit-Die-Aera-von-Spass-und-Spielen-ist-vorbei-3507457.html




*** PayPal Fixes OAuth Token Leaking Vulnerability ***
---------------------------------------------
PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application. The vulnerability was publicly disclosed on Monday by Antonio Sanso, a senior software engineer at Adobe, after he came across the issue while testing his own OAuth client.
---------------------------------------------
http://threatpost.com/paypal-fixes-oauth-token-leaking-vulnerability/122136/




*** Vuln: WordPress Image Gallery Plugin HTML Injection Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/94565




*** A Rowhammer ban-hammer for all, and its all in software ***
---------------------------------------------
Sorry to go all MC Hammer on you, but boffins tell bit-flippers you cant touch this A group of German researchers reckon theyve cracked a pretty hard nut indeed: how to protect all x86 architectures from the 'Rowhammer' memory bug.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2016/11/29/a_rowhammer_banhammer_for_all_and_its_all_in_software/




*** Tenda / D-Link / TP-Link DHCP Cross Site Scripting ***
---------------------------------------------
https://cxsecurity.com/issue/WLB-2016110233




*** Every Windows 10 in-place Upgrade is a SEVERE Security risk ***
---------------------------------------------
[...] There is a small but CRAZY bug in the way the "Feature Update" (previously known as "Upgrade") is installed. The installation of a new build is done by reimaging the machine and the image installed by a small version of Windows called Windows PE (Preinstallation Environment).
---------------------------------------------
http://blog.win-fu.com/2016/11/every-windows-10-in-place-upgrade-is.html




*** F-Secure: QUICK TIP: How To Make Your Passwords Uncrackable ***
---------------------------------------------
TL;DR: 'The trick is to use a really long random password for each online account,' he tells us. 'The password length should be at least 20 symbols and numbers, but preferably 32.'
---------------------------------------------
https://safeandsavvy.f-secure.com/2016/09/14/quick-tip-how-to-make-your-passwords-uncrackable/




*** Azure Security Best Practices ***
---------------------------------------------
Moving applications and workloads to the cloud is a big draw for organizations, primarily due to the favorable economics, ease of deployment, and the flexibility and scale that the cloud provides. Microsoft Azure is one cloud platform seeing rising adoption in the past year. You may be contemplating moving workloads to Azure, particularly if you are a Microsoft shop. But like most organizations moving to the cloud, you are probably concerned about the security of your Azure environment.
---------------------------------------------
https://www.alienvault.com/blogs/security-essentials/azure-security-best-practices




*** TYPO3 CMS 7.6.14 released ***
---------------------------------------------
This version is a regression fix release for TYPO3 CMS 7.6.13 concerning the usage of the Composer mode with additional third party PHP libraries. This version contains bugfixes concerning Composer only.
---------------------------------------------
https://typo3.org/news/article/typo3-cms-7614-released/




*** Kontonummern und E-Mail: Daten von Mitfahrgelegenheit.de gestohlen ***
---------------------------------------------
Kontonummern und E-Mail-Adressen von ehemaligen Nutzern betroffen - Wenige Österreicher betroffen
---------------------------------------------
http://derstandard.at/2000048456695




*** TR-069 NewNTPServer Exploits: What we know so far, (Tue, Nov 29th) ***
---------------------------------------------
[This is a cleaned up version to summarize yesterdays diary about the attacks against DSL Routers] What is TR-069 TR-069 (or its earlier version TR-064) is a standard published by the Broadband Forum. The Broadband Forum is an industry organization defining standards used to manage broadband networks. It focuses heavily on DSL type modems and more recently included fiber optic connections. TR stands for Technical Report. TR-069 is considered the Broadband Forums Flagship Standard.
---------------------------------------------
https://isc.sans.edu/diary.html?storyid=21763&rss




*** Security Advisory: BIG-IP SPDY and HTTP/2 profile vulnerability CVE-2016-7475 ***
---------------------------------------------
https://support.f5.com:443/kb/en-us/solutions/public/k/01/sol01587042.html?ref=rss




*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Development Package for Apache Spark ***
http://www-01.ibm.com/support/docview.wss?uid=swg21994185
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in IBM Java Runtime affect WebSphere Dashboard Framework (CVE-2016-5573, CVE-2016-5597) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21994184
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in IBM Java SDK and IBM Java Runtime affect Web Experience Factory (CVE-2016-5573, CVE-2016-5597) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21994181
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities may affect IBM SDK, Java Technology Edition ***
https://www-01.ibm.com/support/docview.wss?uid=swg21985393
---------------------------------------------
*** IBM Security Bulletin: Multiple OpenSource Expat XML Vulnerabilities affect IBM DB2 Net Search Extender for Linux, Unix and Windows ***
http://www.ibm.com/support/docview.wss?uid=swg21992933
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Extreme Scale (CVEs-2016-3485) ***
http://www.ibm.com/support/docview.wss?uid=swg21993946
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker and IBM Integration Bus ( CVE-2016-2107,CVE-2016-2176) ***
http://www.ibm.com/support/docview.wss?uid=swg21992894
---------------------------------------------
*** IBM Security Bulletin: IBM Integration Bus and WebSphere Message Broker, upon installation, set incorrect permissions for an object ( CVE-2016-0394 ) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21985013
---------------------------------------------
*** IBM Security Bulletin: Vulnerability has been identified in View All User Domain Tasks of IBM Cloud Orchestrator (CVE-2016-0202 ) ***
http://www.ibm.com/support/docview.wss?uid=swg2C1000134
---------------------------------------------
*** IBM Security Bulletin: FileNet Workplace XT can be affected by the File Extension validation vulnerability (CVE-2016-8921) ***
http://www.ibm.com/support/docview.wss?uid=swg21994018
---------------------------------------------
*** IBM Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified. ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1009589
---------------------------------------------
*** IBM Security Bulletin: GPFS security vulnerabilities in IBM Storwize V7000 Unified (CVE-2016-2985 and CVE-2016-2984) ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1009324
---------------------------------------------






More information about the Daily mailing list