[CERT-daily] Tageszusammenfassung - 07.12.2018

Daily end-of-shift report team at cert.at
Fri Dec 7 18:03:23 CET 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 06-12-2018 18:00 − Freitag 07-12-2018 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Using Fuzzing to Mine for Zero-Days ∗∗∗
---------------------------------------------
Infosec Insider Derek Manky discusses how new technologies and economic models are facilitating fuzzing in todays security landscape.
---------------------------------------------
https://threatpost.com/using-fuzzing-to-mine-for-zero-days/139683/


∗∗∗ Is it Time to Uninstall Flash? (If you havent already) ∗∗∗
---------------------------------------------
If you havent uninstalled Flash yet, maybe today should be that day. The update posted yesterday has a remote code exec proof-of-concept already here: [...]
---------------------------------------------
https://isc.sans.edu/forums/diary/Is+it+Time+to+Uninstall+Flash+If+you+havent+already/24382/


∗∗∗ Array string obfuscation ∗∗∗
---------------------------------------------
We continue to see an increase in the number of these PHP injections that use multiple obfuscation methods to evade detection, but lately one method has been increasingly utilized: [...]
---------------------------------------------
http://labs.sucuri.net/?note=2018-12-06



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Philips HealthSuite Health Android App ∗∗∗
---------------------------------------------
This advisory includes mitigations for an inadequate encryption strength vulnerability in Philips HealthSuite Health Android App.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSMA-18-340-01


∗∗∗ GE Proficy GDS ∗∗∗
---------------------------------------------
This advisory contains mitigations for an improper restriction of XML external entity reference vulnerability in GEs Proficy GDS.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-340-01


∗∗∗ Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules ∗∗∗
---------------------------------------------
This advisory contains mitigations for a missing authentication vulnerability in the Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-310-02


∗∗∗ watchOS 5.1.2 ∗∗∗
---------------------------------------------
This document describes the security content of watchOS 5.1.2.
---------------------------------------------
https://support.apple.com/en-us/HT209343


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (jupyter-notebook), CentOS (ghostscript), Debian (libphp-phpmailer and policykit-1), Fedora (bird), Gentoo (ede), Mageia (flash-player-plugin), openSUSE (dom4j, dpdk, glib2, nextcloud, postgresql94, and qemu), Oracle (kernel), SUSE (firefox, libarchive, libgit2, libreoffice, ncurses, openssl-1_0_0, squid, and tiff), and Ubuntu (ghostscript, openssl, openssl1.0, and wavpack).
---------------------------------------------
https://lwn.net/Articles/774270/


∗∗∗ Multiple vulnerabilities in multiple SEIKO EPSON printers and scanners ∗∗∗
---------------------------------------------
https://jvn.jp/en/jp/JVN89767228/


∗∗∗ IBM Security Bulletin: Potential information disclosure in WebSphere Application Server (CVE-2018-1957) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-information-disclosure-in-websphere-application-server-cve-2018-1957/


∗∗∗ IBM Security Bulletin: IBM QRadar Network Security is affected by multiple openssl vulnerabilities. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-network-security-is-affected-by-multiple-openssl-vulnerabilities/


∗∗∗ IBM Security Bulletin: IBM QRadar Network Security is affected by a CPU vulnerability (CVE-2018-3620) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-qradar-network-security-is-affected-by-a-cpu-vulnerability-cve-2018-3620/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security SiteProtector System ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-security-siteprotector-system-5/


∗∗∗ IBM Security Bulletin: IBM Social Program Management Design System contains an HTML injection vulnerability (CVE-2018-1671) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-social-program-management-design-system-contains-an-html-injection-vulnerability-cve-2018-1671/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list