[CERT-daily] Tageszusammenfassung - Dienstag 9-05-2017

Daily end-of-shift report team at cert.at
Tue May 9 18:13:57 CEST 2017


=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 08-05-2017 18:00 − Dienstag 09-05-2017 18:00
Handler:     Stephan Richter
Co-Handler:  n/a




*** SAP Security Patch Day - May 2017 ***
---------------------------------------------
This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products. SAP strongly recommends that [...]
---------------------------------------------
https://blogs.sap.com/2017/05/09/sap-security-patch-day-may-2017/




*** Project Zero: Microsofts Antivirensoftware gefährdet Windows-Nutzer ***
---------------------------------------------
Googles Project Zero hat eine schwerwiegende Sicherheitslücke in der Anti-Viren-Engine von Microsoft entdeckt. Schuld daran ist die simulierte Ausführung von Javascript-Code ohne Sandbox.
---------------------------------------------
https://www.golem.de/news/project-zero-microsofts-antivirensoftware-gefaehrdet-windows-nutzer-1705-127705-rss.html




*** Defeating Magento security mechanisms: Attacks used in the real world ***
---------------------------------------------
DefenseCode recently discovered and reported multiple stored cross-site scripting and cross-site request forgery vulnerabilities in Magento 1 and 2 which will be addressed in one of the future patches. In light of these findings, this article describes examples of several attacks used in the real world that combine common vulnerabilities with faulty security mechanisms in Magento, leading to an unfavourable outcome. Examples will be aimed at Magento 2, but most of them can be applied [...]
---------------------------------------------
https://www.helpnetsecurity.com/2017/05/09/defeating-magento-security/




*** Zeit für eine AMTshandlung? ***
---------------------------------------------
Letzte Woche veröffentlichte Intel ein Advisory über eine Schwachstelle in "Intel Active Management Technology", kurz AMT. Besagte Schwachstelle erlaubt einem Angreifer, auf einem Rechner mit aktiviertem AMT, die Zugriffskontrollen für eben jenes auszuhebeln, und so administrativen Zugriff zu erlangen - [...]
---------------------------------------------
http://www.cert.at/services/blog/20170508175554-1982.html




*** [2017-05-09] Multiple vulnerabilities in I, Librarian PDF manager ***
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt




*** Bugtraq: ESA-2017-035: EMC Mainframe Enablers ResourcePak Base privilege management vulnerability ***
---------------------------------------------
http://www.securityfocus.com/archive/1/540531




*** Security Update for Microsoft Malware Protection Engine ***
---------------------------------------------
The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.
---------------------------------------------
https://technet.microsoft.com/en-us/library/security/4022344




*** Security Bulletin posted for Adobe Flash Player and Adobe Experience Manager Forms ***
---------------------------------------------
Adobe has published security bulletins for Adobe Flash Player (APSB17-15) and Adobe Experience Manager Forms (APSB17-16). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1465




*** Vuln: Trend Micro Threat Discovery Appliance CVE-2016-8591 Command Injection Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/98343




*** Vuln: Trend Micro Threat Discovery Appliance CVE-2016-8592 Command Injection Vulnerability ***
---------------------------------------------
http://www.securityfocus.com/bid/98345




*** Cisco IOS and IOS XE Software Simple Network Management Protocol Subsystem Denial of Service Vulnerability ***
---------------------------------------------
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to a race condition that could occur when the affected software processes an SNMP read request that contains certain criteria for a specific object ID (OID) and an active crypto session is disconnected on an affected device. An attacker who can authenticate [...]
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-ios-xe-snmp




*** F5 Security Advisories ***
---------------------------------------------
*** NTP vulnerability CVE-2017-6451 ***
https://support.f5.com/csp/article/K32262483
---------------------------------------------
*** NTP vulnerability CVE-2017-6462 ***
https://support.f5.com/csp/article/K07082049
---------------------------------------------
*** NTP vulnerability CVE-2017-6458 ***
https://support.f5.com/csp/article/K99254031
---------------------------------------------
*** NTP vulnerability CVE-2017-6460 ***
https://support.f5.com/csp/article/K31310492
---------------------------------------------
*** NTP vulnerability CVE-2017-6464 ***
https://support.f5.com/csp/article/K96670746
---------------------------------------------




*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities may affect IBM SDK, Java Technology Edition ***
https://www.ibm.com/support/docview.wss?uid=swg22002169
---------------------------------------------
*** IBM Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2017-1095) ***
http://www-01.ibm.com/support/docview.wss?uid=swg22001006
---------------------------------------------
*** IBM Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2017-1094) ***
http://www-01.ibm.com/support/docview.wss?uid=swg22001002
---------------------------------------------
*** IBM Security Bulletin: There are multiple vulnerabilities in IBM Java Runtime and Apache Tomcat that affect IBM Cognos Business Viewpoint ***
http://www.ibm.com/support/docview.wss?uid=swg22003122
---------------------------------------------
*** IBM Security Bulletin: Secure properties can be shown in plain text in IBM UrbanCode Deploy (CVE-2016-9007) ***
http://www-01.ibm.com/support/docview.wss?uid=swg2C1000236
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Business Developer ***
http://www.ibm.com/support/docview.wss?uid=swg22002667
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software ***
http://www-01.ibm.com/support/docview.wss?uid=swg22003145
---------------------------------------------
*** IBM Security Bulletin: A vulnerability in the SQLite component of the Response Time agent affects IBM Performance Management products (CVE-2016-6153) ***
http://www.ibm.com/support/docview.wss?uid=swg22000836
---------------------------------------------


More information about the Daily mailing list