[CERT-daily] Tageszusammenfassung - 28.11.2017
Daily end-of-shift report
team at cert.at
Tue Nov 28 18:21:27 CET 2017
=====================
= End-of-Day report =
=====================
Timeframe: Montag 27-11-2017 18:00 − Dienstag 28-11-2017 18:00
Handler: Nina Bieringer
Co-Handler: Robert Waldner
=====================
= News =
=====================
∗∗∗ Further abusing the badPwdCount attribute ∗∗∗
---------------------------------------------
... what happens if you store your password on all sorts of devices (for authenticating with Exchange, Skype For Business, etc.) and you change your password? That would result in Exchange, Windows or any other service trying to authenticate with an invalid password. If everything works correctly, you should be locked out very soon because of this. However, this is not the case.
---------------------------------------------
https://blog.fox-it.com/2017/11/28/further-abusing-the-badpwdcount-attribute/
=====================
= Vulnerabilities =
=====================
∗∗∗ Sicherheitsupdate: Thunderbird als Einfallstor für Schadcode ∗∗∗
---------------------------------------------
Nutzen Angreifer als kritisch eingestufte Sicherheitslücken in Thunderbird aus, könnten sie aus der Ferne Schadcode auf Computern ausführen. Eine abgesicherte Version löst diese Probleme.
---------------------------------------------
https://heise.de/-3903023
∗∗∗ Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability ∗∗∗
---------------------------------------------
A vulnerability in a CGI script in the Cisco Unified Computing System (UCS) Manager and the Cisco Firepower 9000 Series appliance could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance.The vulnerability is due to unprotected calling of shell commands in the CGI script. An attacker could exploit this vulnerability by sending a crafted HTTP request to the Cisco UCS Manager or the Cisco Firepower 9000
---------------------------------------------
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm
∗∗∗ DFN-CERT-2017-2131/">Foxit Reader, Foxit PhantomPDF: Mehrere Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes ∗∗∗
---------------------------------------------
Mehrere Schwachstellen in Foxit Reader und Foxit PhantomPDF bis inklusive Version 8.3.2.25013 für Windows ermöglichen einem in den meisten Fällen entfernten, nicht authentisierten Angreifer die Ausführung beliebigen Programmcodes, die Durchführung von Denial-of-Service (DoS)-Angriffen und das Ausspähen von Informationen. Voraussetzung für erfolgreiche Angriffe ist, dass es dem Angreifer gelingt, einen Benutzer dazu zu verleiten, eine schädlich manipulierte Datei zu öffnen. Zwei weitere Schwachstellen können vermutlich nur von einem lokalen Angreifer ausgenutzt werden, um Informationen auszuspähen.
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-2131/
∗∗∗ [Xen-announce] Xen Security Advisory 246 - x86: infinite loop due to missing PoD error checking ∗∗∗
---------------------------------------------
A malicious HVM guest can cause one pcpu to permanently hang. This normally cascades into the whole system freezing, resulting in a a host Denial of Service (DoS).
---------------------------------------------
https://xenbits.xen.org/xsa/advisory-246.html
∗∗∗ [Xen-announce] Xen Security Advisory 247 - Missing p2m error checking in PoD code ∗∗∗
---------------------------------------------
An unprivileged guest can retain a writable mapping of freed memory. Depending on how this page is used, it could result in either an information leak, or full privilege escalation. Alternatively, an unprivileged guest can cause Xen to hit a BUG(), causing a clean crash - ie, host-wide denial-of-service (DoS).
---------------------------------------------
https://xenbits.xen.org/xsa/advisory-247.html
∗∗∗ GNU C Library (glibc) vulnerability CVE-2017-15671 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K30314331
∗∗∗ GNU C Library (glibc) vulnerability CVE-2017-15670 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K35129173
∗∗∗ IBM Security Bulletin: Vulnerabilities in ntp affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099664
∗∗∗ IBM Security Bulletin: Vulnerability in bash affects IBM Chassis Management Module (CVE-2016-9401) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099641
∗∗∗ IBM Security Bulletin: Vulnerabilities in curl affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099665
∗∗∗ IBM Security Bulletin: Vulnerabilities in strongSwan affect IBM Chassis Management Module (CVE-2017-9022, CVE-2017-9023) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099642
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxslt affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099666
∗∗∗ IBM Security Bulletin: Vulnerabilities in strongswan affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099668
∗∗∗ IBM Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CVE-2017-9227, CVE-2017-9226, CVE-2017-9224) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099644
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099667
∗∗∗ IBM Security Bulletin: Vulnerability in libxml2 affects IBM Chassis Management Module (CVE-2016-9318) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099643
∗∗∗ IBM Security Bulletin: Vulnerability in bind affects IBM Chassis Management Module (CVE-2017-3142) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099645
∗∗∗ IBM Security Bulletin: Vulnerabilities in bind affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099669
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099671
∗∗∗ IBM Security Bulletin: Vulnerability in libxml2 affects IBM Chassis Management Module (CVE-2017-5969) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099660
∗∗∗ IBM Security Bulletin: Vulnerability in libgcrypt affects IBM Chassis Management Module (CVE-2017-7526) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099652
∗∗∗ IBM Security Bulletin: Vulnerability in Linux Kernel affects IBM Flex System Networking Switch Products (CVE-2017-6214) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099693
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in expat (CVE-2012-6702 CVE-2016-5300) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099657
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libxml2 (CVE-2016-9318 CVE-2016-9597) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099655
∗∗∗ IBM Security Bulletin: Vulnerability in Linux Kernel affects IBM RackSwitch Products (CVE-2017-6214) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099703
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM Flex System Networking Switch Products ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099702
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libs ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099653
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Products ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099696
∗∗∗ IBM Security Bulletin: Vulnerability in libxml2 affects IBM Flex System Networking Switch Products (CVE-2017-8872) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099694
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Products ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099695
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in bind (CVE-2016-9131 CVE-2016-9147 CVE-2016-9444) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099654
∗∗∗ IBM Security Bulletin: Vulnerability in libxml2 affects IBM RackSwitch Products (CVE-2017-8872) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099704
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM Flex System Networking Switch Products ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099701
∗∗∗ IBM Security Bulletin: Vulnerability in X.Org libICE affects IBM Chassis Management Module (CVE-2017-2626) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099661
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM Virtual Fabric 10Gb Switch Module for IBM BladeCenter ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099698
∗∗∗ IBM Security Bulletin: Vulnerability in libxml2 affects IBM Virtual Fabric 10Gb Switch Module for IBM BladeCenter (CVE-2017-8872) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099700
∗∗∗ IBM Security Bulletin: Vulnerabilities in libxml2 affect IBM Virtual Fabric 10Gb Switch Module for IBM BladeCenter ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099699
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libXrender (CVE-2016-7949 CVE-2016-7950) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099650
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libXv ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099649
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libX11 ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099648
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in bind (CVE-2017-3135) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099658
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in bash (CVE-2014-6277 CVE-2014-6278 CVE-2016-0634 CVE-2016-7543) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099656
∗∗∗ IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libXfixes (CVE-2016-7944 CVE-2013-1983) ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099651
∗∗∗ IBM Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM SONAS. ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1010856
∗∗∗ IBM Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22010577
∗∗∗ IBM Security Bulletin: Vulnerabilities in Samba affect IBM Spectrum Scale SMB protocol access method (CVE-2017-12163, CVE-2017-12151, CVE-2017-12150) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010703
∗∗∗ IBM Security Bulletin: Samba vulnerability issue on IBM SONAS (CVE-2017-12163) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1010855
∗∗∗ IBM Security Bulletin: IBM Cognos Controller 2017Q4 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22010679
∗∗∗ IBM Security Bulletin: IBM Connections Docs is Vulnerable to Denial of Service Issue in IBM WebSphere Application Server (CVE-2016-8919) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22005319
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list