[CERT-daily] Tageszusammenfassung - 09.08.2018

Thu Aug 9 18:31:46 CEST 2018

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 08-08-2018 18:00 − Donnerstag 09-08-2018 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Warnung vor Bewerbung bei webex-solutions.at ∗∗∗
---------------------------------------------
Webex Solutions ist eine betrügerische Scheinfirma. Sie sucht Mitarbeiter/innen. Auf ihrer Website webex-solutions.at fragt sie persönliche Daten von Interessent/innen ab. In Wahrheit gibt es keine zu besetzende Stelle. Kriminelle nutzen die Angaben ihrer Opfer, damit sie mit diesen ein Konto eröffnen und darüber Geldwäscherei betreiben können.
---------------------------------------------
https://www.watchlist-internet.at/news/warnung-vor-bewerbung-bei-webex-solutionsat/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Upcoming Security Updates for Adobe Acrobat and Reader (APSB18-29) ∗∗∗
---------------------------------------------
A prenotification security advisory (APSB18-29) has been posted regarding upcoming Adobe Acrobat and Reader updates scheduled for Tuesday, August 14, 2018.
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1591


∗∗∗ [Drupal] PHP Configuration - Critical - Arbitrary PHP code execution - SA-CONTRIB-2018-055 ∗∗∗
---------------------------------------------
This module enables you to add or overwrite PHP configuration on a drupal website. The module doesnt sufficiently allow access to set these configurations, leading to arbitrary PHP configuration execution by an attacker.This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer phpconfig".
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-055


∗∗∗ RSYSLOG: Eine Schwachstelle ermöglicht u. a. einen Denial-of-Service-Angriff ∗∗∗
---------------------------------------------
Ein entfernter, nicht authentisierter Angreifer kann eine Schwachstelle in RSYSLOG ausnutzen, um einen Denial-of-Service (DoS)-Angriff durchzuführen oder möglicherweise auch beliebigen Programmcode zur Ausführung zu bringen.
Der Hersteller hat RSYSLOG 8.37.0 (v8-stable) zur Verfügung gestellt.
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-1558/
https://www.adiscon.com/news/news-release/rsyslog-8-37-0-v8-stable-released/


∗∗∗ Vulnerabilities in multiple third party TYPO3 CMS extensions ∗∗∗
---------------------------------------------
several vulnerabilities have been found in the following third party TYPO3 extensions:
* "Heise Shariff" (rx_shariff)
* "Register to tt_address" (registeraddress)
* "Amazon AWS S3 FAL driver (CDN)" (aus_driver_amazon_s3)
* "Powermail" (powermail)
* "AWS SDK for PHP" (aws_sdk_php)
* "Front End User Registration" (sr_feuser_register)
* "Amazon Web Services SDK " (aws_sdk)
* "Frontend Treeview" (mh_treeview)
* "TemplaVoilà! Plus" (templavoilaplus)
---------------------------------------------
http://lists.typo3.org/pipermail/typo3-announce/2018/000429.html


∗∗∗ Black Hat: Windows-10-Assistent Cortana reißt Sicherheitslücken auf ∗∗∗
---------------------------------------------
Auf der Black Hat in Las Vegas haben Forscher mehrere Lücken in Cortana aufgedeckt. So lässt sich zum Beispiel Schadcode über den Sprachassistenten ausführen.
---------------------------------------------
http://heise.de/-4132425


∗∗∗ BIND deny-answer-aliases Bug Lets Remote Users Cause the Target named Service to Crash ∗∗∗
---------------------------------------------
A remote user can trigger an INSIST assertion failure in 'name.c', causing the 'named' service to stop processing.
Systems that use the "deny-answer-aliases" feature are affected.
---------------------------------------------
http://www.securitytracker.com/id/1041436


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (kernel, linux-hardened, linux-lts, and linux-zen), Debian (kamailio and wpa), Fedora (kernel-headers, kernel-tools, moodle, and vim-syntastic), and openSUSE (clamav, enigmail, and java-11-openjdk).
---------------------------------------------
https://lwn.net/Articles/762205/


∗∗∗ IBM Security Bulletin: IBM UrbanCode Deploy diagnostics files may contain confidential data (CVE-2017-1286) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=swg2C1000377


∗∗∗ IBM Security Bulletin: Vulnerabilities CVE-2018-1333 and CVE-2018-8011 in the IBM i HTTP Server affect IBM i. ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10720141


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Application Dependency Discovery Manager (TADDM) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719933


∗∗∗ IBM Security Bulletin: Plugins can be uploaded to IBM UrbanCode Deploy without Authentication (CVE-2017-1749) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=swg2C1000374


∗∗∗ HPESBHF03805 rev.23 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03805en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily