[CERT-daily] Tageszusammenfassung - Dienstag 23-05-2017

Tue May 23 18:42:29 CEST 2017

=======================
= End-of-Shift report =
=======================

Timeframe:   Montag 22-05-2017 18:00 − Dienstag 23-05-2017 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter


*** EU security think tank ENISA looks for IoT security, cant find any ***
---------------------------------------------
Proposes baseline security spec, plus stickers to prove thing-makers have complied European network and infosec agency ENISA has taken a look at Internet of Things security, and doesnt much like what it sees.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2017/05/23/enisa_proposes_internet_of_things_security_standards/


*** Biometrie: Iris-Scanner des Galaxy S8 kann einfach manipuliert werden ***
---------------------------------------------
Schon wieder zeigt sich: Biometrische Merkmale sind praktisch zum Entsperren von Geräten - sicher sind sie hingegen nicht. Ein Hacker hat gezeigt, dass sich der Irisscanner des Galaxy S8 von Samsung mit einem einfachen Foto und einer Kontaktlinse austricksen lässt.
---------------------------------------------
https://www.golem.de/news/biometrie-iris-scanner-des-galaxy-s8-kann-einfach-manipuliert-werden-1705-127987-rss.html


*** Preloading in Internet Explorer 11 sends complete browsing history to Microsoft ***
---------------------------------------------
Your entire browsing history will periodically be sent to Microsoft. The data sent includes all addresses you visit and when you visited them (derived from that is also how long you spent on each page), and the address of the page that referred you to each page.
---------------------------------------------
https://ctrl.blog/entry/ie11-flip-out-privacy


*** Windows 10 UAC Bypass Uses "Apps & Features" Utility ***
---------------------------------------------
Malware authors have a new UAC bypass technique at their disposal that they can use to install malicious apps on devices running Windows 10.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/windows-10-uac-bypass-uses-apps-and-features-utility/


*** Hackers can use subtitles to take over millions of devices running VLC, Kodi, Popcorn Time and Stremio ***
---------------------------------------------
Check Point researchers revealed a new attack vector threatening millions of users of popular media players, including VLC, Kodi (XBMC), Popcorn Time and Stremio. By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers, attackers can potentially take complete control of any device running the vulnerable platforms.
---------------------------------------------
https://www.helpnetsecurity.com/2017/05/23/subtitle-hack/


*** [2017-05-23] Arbitrary File Upload & Stored XSS in InvoicePlane ***
---------------------------------------------
Multiple high risk vulnerabilities, such as arbitrary file upload and stored cross site-scripting, within the InvoicePlane software allow an attacker to compromise the affected server.
---------------------------------------------
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170523-0_InvoicePlane_Upload_arbitrary_files_stored_XSS_v10.txt


*** BIG-IP Azure cloud vulnerability CVE-2017-6131 ***
---------------------------------------------
BIG-IP Azure cloud vulnerability CVE-2017-6131. Security Advisory. Security Advisory Description. In some circumstances ...
---------------------------------------------
https://support.f5.com/csp/article/K61757346


*** Cisco Integrated Management Controller Remote Code Execution Vulnerability ***
---------------------------------------------
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (CIMC) could allow an unauthenticated, remote attacker to perform unauthorized remote command execution on the affected device.The vulnerability exists because the affected software does not sufficiently sanitize specific values that are received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. Successful exploitation...
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc3


*** Cisco Integrated Management Controller Privilege Escalation Vulnerability ***
---------------------------------------------
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (CIMC) could allow an authenticated, remote attacker to elevate the privileges of user accounts on the affected device.The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to elevate the privileges of user accounts configured on the device.
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-cimc


*** IBM Security Bulletins ***
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in NTP affect IBM Flex System Chassis Management Module (CMM) ***
https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=MIGR-5099561
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in xorg-x11-libX11 affect IBM Flex System Chassis Management Module (CMM) ***
https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=MIGR-5099564
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in cURL affect IBM Flex System Chassis Management Module (CMM) ***
https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=MIGR-5099562
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in OpenSSL affect MegaRAID Storage Manager ***
https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=migr-5099576
---------------------------------------------
*** IBM Security Bulletin: Vulnerabilities in tcpdump affect IBM Flex System Chassis Management Module (CMM) ***
https://support.podc.sl.edst.ibm.com/support/home/docdisplay?lndocid=MIGR-5099568
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Web Experience Factory ***
http://www.ibm.com/support/docview.wss?uid=swg22003695
---------------------------------------------
*** IBM Security Bulletin: Directory Traversal vulnerabilities impact IBM Network Advisor. ***
http://www.ibm.com/support/docview.wss?uid=ssg1S1009700
---------------------------------------------
*** IBM Security Bulletin: Rational DOORS Web Access is affected by Apache Tomcat vulnerability (CVE-2016-6816) ***
http://www.ibm.com/support/docview.wss?uid=swg22003660
---------------------------------------------
*** IBM Security Bulletin: Open Source cURL Libcurl, used by BigFix Platform, has security vulnerabilities (CVE-2016-8617 CVE-2016-8624 CVE-2016-8621) ***
http://www-01.ibm.com/support/docview.wss?uid=swg22001818
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Access Manager (CVE-2016-5597, CVE-2016-5554) ***
http://www-01.ibm.com/support/docview.wss?uid=swg22002446
---------------------------------------------
*** IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web (CVE-2016-5597, CVE-2016-5554) ***
http://www-01.ibm.com/support/docview.wss?uid=swg22002445
---------------------------------------------