[CERT-daily] Tageszusammenfassung - 20.09.2017

Wed Sep 20 18:08:36 CEST 2017

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 19-09-2017 18:00 − Mittwoch 20-09-2017 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=        News       =
=====================

∗∗∗ iTerm2 Leaks Everything You Hover in Your Terminal via DNS Requests ∗∗∗
---------------------------------------------
iTerm2, a popular Mac application that comes as a replacement for Apples official Terminal app, just received a security fix minutes ago for a severe security issue that leaked terminal content via DNS requests. [...]
---------------------------------------------
https://www.bleepingcomputer.com/news/security/iterm2-leaks-everything-you-hover-in-your-terminal-via-dns-requests/


∗∗∗ New tool: mac-robber.py, (Tue, Sep 19th) ∗∗∗
---------------------------------------------
On a recent forensic investigation where we couldn't take the Linux system down to image the disks, I was forced to do live response. Fortunately, I was able to get a memory image, but I also wanted a filesystem timeline. I first went to my old friend fls from The SleuthKit (TSK), but for some reason, it failed. So, I tried mac-robber (also from TSK) and it, too, failed. Not one to give up easily, I decided to write my own version of mac-robber in Python. Like the TSK mac-robber, [...]
---------------------------------------------
https://isc.sans.edu/diary/rss/22844


=====================
=    Advisories     =
=====================

∗∗∗ PHOENIX CONTACT mGuard Device Manager ∗∗∗
---------------------------------------------
This advisory contains mitigation details for improper access control vulnerabilities within PHOENIX CONTACTs mGuard Device Manager associated with Oracle Java SE.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01


∗∗∗ WordPress 4.8.2 Security and Maintenance Release ∗∗∗
---------------------------------------------
WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
---------------------------------------------
https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/


∗∗∗ Apple Security Updates ∗∗∗
---------------------------------------------
iOS 11: https://support.apple.com/en-us/HT208112 
Safari 11: https://support.apple.com/en-us/HT208116 
Xcode 9: https://support.apple.com/en-us/HT208103
---------------------------------------------


∗∗∗ DFN-CERT-2017-1665: Apache Foundation Tomcat: Zwei Schwachstellen ermöglichen u.a. das Ausführen beliebigen Programmcodes ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2017-1665/


∗∗∗ Security Advisory - Two Vulnerabilities in Some Huawei CPE Devices ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-01-cpe-en


∗∗∗ Security Advisory - Information Exposure Vulnerability in Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-01-encryption-en


∗∗∗ Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-01-frpbypass-en


∗∗∗ Security Advisory - Information Exposure Vulnerability on FusionSphere OpenStack ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170920-01-fusionsphere-en


∗∗∗ F5 TMM vulnerability CVE-2017-6147 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K43945001

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily