[CERT-daily] Tageszusammenfassung - Dienstag 7-02-2017

Daily end-of-shift report team at cert.at
Tue Feb 7 18:26:16 CET 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 06-02-2017 18:00 − Dienstag 07-02-2017 18:00
Handler:     Robert Waldner
Co-Handler:  n/a



*** Heute ist es soweit: Es ist Internationaler Safer Internet Day! ***
---------------------------------------------
Der jährliche Aktionstag wurde 2004 von der Europäischen Kommission im Rahmen des Safer Internet-Programms ins Leben gerufen und findet seitdem jeden Februar statt. Mehr als 100 Länder beteiligen sich weltweit am Safer Internet Day, um über die sichere und verantwortungsvolle Internetnutzung aufzuklären. International organisiert das europäische Netzwerk Insafe den Safer Internet Day.
---------------------------------------------
https://www.saferinternet.at/news/news-detail/article/heute-feiern-wir-es-ist-internationaler-safer-internet-day-639/




*** DFN-CERT-2017-0216/">Google Android Operating System: Mehrere Schwachstellen ermöglichen u.a. die komplette Systemübernahme ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-0216/




*** Got an OpenBSD Web server? Better patch it ***
---------------------------------------------
DoS-able bugs splatted OpenBSD and two of its SSL libraries need patches against a pair of denial-of-service bugs that can crash Web-facing servers
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2017/02/07/got_an_openbsd_web_server_better_patch_it/




*** Vuln: PEAR HTML_AJAX CVE-2017-5677 PHP Object Injection Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/96044




*** New Attack, Old Tricks ***
---------------------------------------------
A Word document targets Mac users with malicious macros and an open-source payload.
---------------------------------------------
https://objective-see.com/blog/blog_0x17.html




*** Citrix License Server for Windows and License Server VPX CVE-2017-5571 Open Redirect Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/96028/discuss





*** DFN-CERT-2017-0217/">BlackBerry powered by Android: Mehrere Schwachstellen ermöglichen u.a. die komplette Systemübernahme ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-0217/




*** [2017-02-07] Multiple vulnerabilities in JUNG Smart Visu server ***
---------------------------------------------
Attackers can dump password hashes and other available data from the operating system of the JUNG Smart Visu Server. An attacker is able to access and control all Smart Visu server installation if he is able to crack the hashes. The group address password can be removed by using a single PUT request.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170207_JUNG_Smart_Visu_Server_Multiple_vulnerabilities_v10.txt




*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM i ***
http://www-01.ibm.com/support/docview.wss?uid=nas8N1021845
---------------------------------------------
*** IBM Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation ***
http://www.ibm.com/support/docview.wss?uid=swg21997654
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities have been identified in IBM Flex System Manager (FSM) Storage Manager Install Anywhere (SMIA) Configuration tool ***
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024798
---------------------------------------------
*** IBM Security Bulletin: Multiple Vulnerabilities in OpenSSH affect IBM i ***
http://www.ibm.com/support/docview.wss?uid=nas8N1021846
---------------------------------------------
*** IBM Security Bulletin: Security Vulnerability in OpenSSL affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ***
http://www.ibm.com/support/docview.wss?uid=swg21997056
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect AppScan Standard (CVE-2016-5597, CVE-2016-5542) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21997784
---------------------------------------------
*** IBM Security Bulletin: Fix Available for IBM iNotes Cross-site Scripting Vulnerability (CVE-2016-5883) ***
http://www.ibm.com/support/docview.wss?uid=swg21997010
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Cisco Switches and Directors. ***
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009663
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Campaign, IBM Contact Optimization ***
http://www.ibm.com/support/docview.wss?uid=swg21982291
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in OpenSSL affect multiple N series products ***
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009687
---------------------------------------------





More information about the Daily mailing list