[CERT-daily] Tageszusammenfassung - 09.11.2017

Daily end-of-shift report team at cert.at
Thu Nov 9 18:14:11 CET 2017


=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 08-11-2017 18:00 − Donnerstag 09-11-2017 18:00
Handler:     Nina Bieringer
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Evil pixels: researcher demos data-theft over screen-share protocols ∗∗∗
---------------------------------------------
Users see white noise, attackers see whatever they just stole from you Its the kind of thinking you expect from someone who lives in a volcano lair: exfiltrating data from remote screen pixel values.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2017/11/09/evil_pixels_researcher_demos_datatheft_over_screenshare_protocols/


∗∗∗ Tausende Cisco-Switches offen im Internet – Angriffe laufen bereits ∗∗∗
---------------------------------------------
Über 200.000 Cisco Switches sind übers Internet erreichbar und lassen sich umkonfigurieren oder komplett übernehmen; mehrere tausend davon allein in Deutschland. Die Systeme werden bereits angegriffen, doch der Hersteller sieht keine Schwachstelle.
---------------------------------------------
https://heise.de/-3882810


∗∗∗ Hacker dringt weiter in Intels Management Engine vor ∗∗∗
---------------------------------------------
Maxim Goryachy von der Beratungsfirma Positive Technologies konnte eine Programmierschnittstelle zu Intels Managemet Engine öffnen, während Google-Experten die Firmware-Alternative NERF entwickeln.
---------------------------------------------
https://heise.de/-3884928



=====================
=  Vulnerabilities  =
=====================

∗∗∗ DSA-4022 libreoffice - security update ∗∗∗
---------------------------------------------
Marcin Noga discovered two vulnerabilities in LibreOffice, which couldresult in the execution of arbitrary code if a malformed PPT or DOCdocument is opened.
---------------------------------------------
https://www.debian.org/security/2017/dsa-4022


∗∗∗ BlackBerry powered by Android Security Bulletin – November 2017 ∗∗∗
---------------------------------------------
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000046592


∗∗∗ VU#739007: IEEE P1735 implementations may have weak cryptographic protections ∗∗∗
---------------------------------------------
http://www.kb.cert.org/vuls/id/739007


∗∗∗ 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 1.0 ∗∗∗
---------------------------------------------
https://technet.microsoft.com/en-us/library/security/4053440


∗∗∗ Vuln: Multiple Asterisk Products CDR Remote Buffer Overflow Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/101760


∗∗∗ DFN-CERT-2017-1987: Jenkins: Zwei Schwachstellen ermöglichen u.a. Manipulation von Dateien ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1987/


∗∗∗ DFN-CERT-2017-1991: Roundcube Webmail: Eine Schwachstelle ermöglicht das Ausspähen von Informationen ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1991/


∗∗∗ IBM Security Bulletin: Vulnerability in Service Assistant GUI affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-1710) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010788


∗∗∗ IBM Security Bulletin: IBM Security Access Manager appliances are affected by vulnerabilities in libtasn1 (CVE-2015-2806, CVE-2015-3622) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22010224


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22007609


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg2C1000357


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center (CVE-2017-10115, CVE-2017-10116) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22009304


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i and Rational Developer for AIX and Linux ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22010191

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list