[CERT-daily] Tageszusammenfassung - 02.11.2017

Thu Nov 2 18:25:54 CET 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 31-10-2017 18:00 − Donnerstag 02-11-2017 18:00
Handler:     Nina Bieringer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Bericht: Log-in-Daten in iOS-Apps können ausgespäht werden ∗∗∗
---------------------------------------------
Die Log-in-Daten können bei 111 der 200 populärsten iOS-Apps einfach
ausgelesen werden. Möglich wird das durch eine unsaubere
Implementierung von HTTPs.
---------------------------------------------
https://futurezone.at/digital-life/bericht-log-in-daten-in-ios-apps-koennen-ausgespaeht-werden/295.776.002


∗∗∗ CLDAP is Now the No.3 Reflection Amplified DDoS Attack Vector, Surpassing SSDP and CharGen ∗∗∗
---------------------------------------------
With our DDoSMon, we are able to perform continuous and near real-time
monitoring on global DDoS attacks. For quite a long time, DNS, NTP,
CharGen and SSDP have been the most frequently abused services in DDoS
reflection amplification attacks. They rank respectively 1st, 2nd, 3rd
and [...]
---------------------------------------------
http://blog.netlab.360.com/cldap-is-now-the-3rd-reflection-amplified-ddos-attack-vector-surpassing-ssdp-and-chargen-en/


∗∗∗ ENGELSYSTEM - User notification ∗∗∗
---------------------------------------------
[...] ab dem 12. Dezember 2015 wurden zwei professionelle
Phishingdomains fuer das engelsystem, engelsystem.com und
engelsystem.net, eingerichtet. Diese wurden erst jetzt von uns gefunden
und danach zeitnah, nach einer Abuse-Meldung von uns, vom Hoster
offline genommen.
---------------------------------------------
https://engelsystem.de/usernotification.html


∗∗∗ Goodbye, login. Hello, heart scan. ∗∗∗
---------------------------------------------
A new non-contact, remote biometric tool could be the next advance in
computer security.
---------------------------------------------
http://www.buffalo.edu/news/releases/2017/09/034.html


∗∗∗ macOS 10.12 und 10.11: KRACK-Lücke gestopft, Loch im Schlüsselbund bleibt ∗∗∗
---------------------------------------------
Apple hat ein Sicherheitsupdate für Sierra und El Capitan
veröffentlicht, in dem ein vieldiskutiertes WLAN-Problem behoben wurde.
Ein anderer schwerwiegender Fehler wurde hingegen offenbar nicht
angegangen.
---------------------------------------------
https://heise.de/-3876491


∗∗∗ Jetzt patchen! SQL-Injection-Lücke bedroht WordPress ∗∗∗
---------------------------------------------
Die abgesicherte WordPress-Version 4.8.3 ist erschienen. Nutzer sollten
diese zügig installieren, da Angreifer Webseiten via
SQL-Injection-Attacke übernehmen könnten.
---------------------------------------------
https://heise.de/-3876623


∗∗∗ Misconfigured Amazon S3 Buckets allowing man-in-the-middle attacks ∗∗∗
---------------------------------------------
https://www.scmagazineuk.com/news/misconfigured-amazon-s3-buckets-allowing-man-in-the-middle-attacks/article/704833/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Advantech WebAccess ∗∗∗
---------------------------------------------
This advisory contains mitigation details for stack-based buffer
overflow and untrusted pointer dereference vulnerabilities in
Advantechs WebAccess.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-306-02


∗∗∗ Apple Releases Multiple Security Updates ∗∗∗
---------------------------------------------
Original release date: October 31, 2017 Apple has released security
updates to address vulnerabilities in multiple products. A remote
attacker could exploit some of these vulnerabilities to take control of
an affected system.US-CERT encourages users and administrators to
review Apple security pages for the following products and apply the
necessary updates: Cloud for Windows 7.1 iOS 11.1 iTunes 12.7.1 for
Windows macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and
Security Update [...]
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2017/10/31/Apple-Releases-Multiple-Security-Updates


∗∗∗ OpenSSL Security Advisory [02 Nov 2017] ∗∗∗
---------------------------------------------
bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
---------------------------------------------
https://www.openssl.org/news/secadv/20171102.txt


∗∗∗ Vuln: EMC AppSync CVE-2017-14376 Local Hardcoded Credentials Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/101626


∗∗∗ DFN-CERT-2017-1928: FortiClient: Eine Schwachstelle ermöglicht die Eskalation von Privilegien ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1928/


∗∗∗ Cisco Security Advisories ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/publicationListing.x


∗∗∗ IBM Security Bulletins ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/


∗∗∗ HPESBHF03787 rev.1 - Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT, Deserialization of Untrusted Data, Remote Code Execution ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us


∗∗∗ Security Advisory - Three Out-of-bounds Read Vulnerabilities in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171101-01-sccpx-en


∗∗∗ Security Notice - Statement on a Security Vulnerability of Huawei Mate9 Pro Demonstrated at the Mobile Pwn20wn Contest in the PacSec Conference ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20171101-01-smartphone-en


∗∗∗ EMC Unisphere for VMAX Virtual Appliance Authentication Bypass Lets Remote Users Access the Target System ∗∗∗
---------------------------------------------
http://www.securitytracker.com/id/1039704


∗∗∗ Java SE vulnerability CVE-2017-10116 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K35104614

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily