[CERT-daily] Tageszusammenfassung - Mittwoch 8-03-2017

Daily end-of-shift report team at cert.at
Wed Mar 8 18:23:16 CET 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 07-03-2017 18:00 − Mittwoch 08-03-2017 18:00
Handler:     Olaf Schwarz
Co-Handler:  Petr Sikuta
Co-Handler:  Stephan Richter




*** Little Monsters: Nutzerdaten aus Lady Gagas Social Network sollen geleakt sein ***
---------------------------------------------
Bei Lady Gagas App Little Monsters scheinen Nutzerdaten abhanden gekommen zu sein. Im Netz kursiert eine Datenbank mit privaten Daten von knapp einer Million Nutzer.
---------------------------------------------
https://heise.de/-3646447




*** Payments Giant Verifone Investigating Breach ***
---------------------------------------------
Credit and debit card payments giant Verifone [NYSE: PAY] is investigating a breach of its corporate computer networks that could impact companies running its point-of-sale solutions, according to multiple sources. Verifone says the extent of the breach was "limited" and that its payment services network was not impacted. San Jose, Calif.-based Verifone is the largest maker of credit card terminals used in the United States. It sells point-of-sale terminals and services to support the...
---------------------------------------------
https://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/




*** The HTTPS interception dilemma: Pros and cons ***
---------------------------------------------
HTTPS is the bread-and-butter of online security. Strong cryptography that works on all devices without complicating things for users. Thanks to innovative projects like Let's Encrypt, adoption of HTTPS is rising steadily: in mid-2015 it was at 39%, now it's at 51% of HTTPS requests. Recent research shows however that HTTPS interception happens quite often. In fact, about 10% of connections to CloudFlare are intercepted, and the main culprits are enterprise network monitoring...
---------------------------------------------
https://www.helpnetsecurity.com/2017/03/08/https-interception-dilemma/




*** Start of the Android Security Symposium 2017 ***
---------------------------------------------
Today starts the Android Security Symposium at the Technical University of Vienna, courtesy of the Josef Ressel Center u'smile. The upcoming three days are packed with presentations surrounding the entire Android security ecosystem, ranging from presentations about the security architecture of Android by Google and AT&T right this morning, to secure app development, novel attacks,...
---------------------------------------------
https://www.sba-research.org/2017/03/08/start-of-the-android-security-symposium-2017/




*** 21% of websites still use insecure SHA-1 certificates ***
---------------------------------------------
New research from Venafi Labs shows that 21 percent of the world's websites are still using certificates signed with the vulnerable Secure Hash Algorithm, SHA-1. On February 23, 2017, Google affiliated security researchers announced they cracked the SHA-1 security standard using a collision attack. The incident proved that the deprecated cryptographic secure hash algorithm still used to sign many website digital certificates can be manipulated. Newly issued certificates using the SHA-2...
---------------------------------------------
https://www.helpnetsecurity.com/2017/03/08/insecure-sha-1-certificates-usage/




*** NetIQ Access Manager Directory Traversal Flaw Lets Remote Authenticated Admin Users Download Arbitrary Files on the Target Admin Console System ***
---------------------------------------------
http://www.securitytracker.com/id/1037935




*** Bugtraq: Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in GoAhead ***
---------------------------------------------
http://www.securityfocus.com/archive/1/540234




*** Bugtraq: [security bulletin] HPESBHF03710 rev.1 - HPE Intelligent Management Center (IMC) PLAT, Multiple Remote Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/archive/1/540233




*** [2017-03-08] Multiple vulnerabilities in Navetti PricePoint ***
---------------------------------------------
Navetti PricePoint is vulnerable against a broad range of typical application based vulnerabilities. On one hand an attacker is able to execute arbitrary JavaScript code in the context of an arbitrary user. On the other hand, an attacker is able to read out the contents of the applications database due to missing input validation. Furthermore an attacker can use cross-site request forgery to perform arbitrary web requests with the identity of the victim without being noticed by the victim.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170308-0_Navetti_PricePoint_Multiple_Vulnerabilities_v10.txt




*** BlackBerry powered by Android Security Bulletin - March 2017 ***
---------------------------------------------
BlackBerry has released a security update to address multiple vulnerabilities in BlackBerry powered by Android smartphones. We recommend users update to the latest available software build.
---------------------------------------------
http://support.blackberry.com/kb/articleDetail?articleNumber=000039151




*** DFN-CERT-2017-0404: Red Hat JBoss Enterprise Web Server: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ***
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-0404/




*** Vuln: Mozilla Firefox and Thunderbird Multiple Security Vulnerabilities ***
---------------------------------------------
http://www.securityfocus.com/bid/96693
https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/




*** Bugtraq: [security bulletin] HPESBGN03712 rev.1 - HPE LoadRunner and Performance Center, Remote Code Execution ***
---------------------------------------------
http://www.securityfocus.com/archive/1/540238




*** [R1] Tenable Appliance 4.5.0 Fixes Multiple Vulnerabilities ***
---------------------------------------------
http://www.tenable.com/security/tns-2017-07




*** Schneider Electric Wonderware Intelligence ***
---------------------------------------------
This advisory contains mitigation details for a credentials management vulnerability in Schneider Electrics Wonderware Intelligence software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01




*** F5 Security Advisories ***
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2016-7975, CVE-2016-7986, and CVE-2017-5341 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/55/sol55129614.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, and CVE-2017-5342 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/04/sol04225025.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, and CVE-2016-7933 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/39/sol39512927.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, and CVE-2017-5486 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/31/sol31997425.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, and CVE-2016-7939 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/49/sol49144112.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2016-7926, CVE-2016-7932, and CVE-2016-7938 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/72/sol72403108.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, and CVE-2016-7927 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/77/sol77384526.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7983, and CVE-2016-7984 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/94/sol94010578.html?ref=rss
---------------------------------------------
*** Security Advisory: tcpdump vulnerabilities CVE-2016-7985, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, and CVE-2016-8575 ***
https://support.f5.com:443/kb/en-us/solutions/public/k/94/sol94778122.html?ref=rss
---------------------------------------------




*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Vulnerability in BIND impact AIX (CVE-2016-9131) ***
http://aix.software.ibm.com/aix/efixes/security/bind_advisory15.asc
---------------------------------------------
*** IBM Security Bulletin: IBM WebSphere MQ proliferation of channel agents causes denial of service (CVE-2017-1145) ***
http://www-01.ibm.com/support/docview.wss?uid=swg21999672
---------------------------------------------
*** IBM Security Bulletin: IBM Content Navigator Cross Site Scripting Vulnerability ***
http://www-01.ibm.com/support/docview.wss?uid=swg21999736
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Asset Analyzer ***
http://www-01.ibm.com/support/docview.wss?uid=swg21999881
---------------------------------------------
*** IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM MessageSight (CVE-2016-6303, CVE-2016-2182, CVE-2016-2178, CVE-2016-6306, CVE-2016-2183, CVE-2016-2177, CVE-2016-7052) ***
http://www.ibm.com/support/docview.wss?uid=swg21999451
---------------------------------------------
*** IBM Security Bulletin: A security vulnerability has been identified in IBM Reliable Scalable Cluster Technology shipped with IBM Tivoli System Automation for Multiplatforms (CVE-2017-1134). ***
http://www.ibm.com/support/docview.wss?uid=swg21998459
---------------------------------------------
*** IBM Security Bulletin: IBM MessageSight affected by GSKit Sweet32 Birthday attacks (CVE-2016-2183) ***
http://www.ibm.com/support/docview.wss?uid=swg21999452
---------------------------------------------
*** IBM Security Bulletin: OpenNTF project Social Business SDK CVE-2016-3092 ***
http://www.ibm.com/support/docview.wss?uid=swg21999337
---------------------------------------------


More information about the Daily mailing list