[CERT-daily] Tageszusammenfassung - 11.12.2018

Daily end-of-shift report team at cert.at
Tue Dec 11 18:26:58 CET 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 10-12-2018 18:00 − Dienstag 11-12-2018 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ MySQL-Frontend: Lücke in PhpMyAdmin erlaubt Datendiebstahl ∗∗∗
---------------------------------------------
Eine Sicherheitslücke im MySQL-Frontend PhpMyAdmin erlaubt es, lokale Dateien auszulesen. Dafür benötigt man jedoch einen bereits existierenden Login. (MySQL, PHP)
---------------------------------------------
https://www.golem.de/news/mysql-frontend-luecke-in-phpmyadmin-erlaubt-datendiebstahl-1812-138193-rss.html


∗∗∗ Warnung vor schlossauf.at ∗∗∗
---------------------------------------------
Die Website schlossauf.at wirbt mit einem seriösen und preiswerter Schlüsseldienst, der in 20min vor Ort bei Kund/innen ist. Konsument/innen, die den Dienst nutzen, nehmen in Wahrheit Kontakt mit der deutschen Gesellschaft MK Notservice GmbH auf. Sie vermittelt Schlosser/innen. Die Dienste vor Ort sind laut Kund/innenmeinungen mit langen Wartezeiten verbunden und sehr teuer.
---------------------------------------------
https://www.watchlist-internet.at/news/warnung-vor-schlossaufat/


∗∗∗ Augen auf beim digitale Vignetten-Kauf! ∗∗∗
---------------------------------------------
Die digitale Vignette können Sie an unterschiedlichsten Stellen erstehen. Neben der ASFINAG, dem ÖAMTC oder dem ARBÖ vertreiben nämlich auch andere unbekanntere Anbieter die digitale Vignette. Achtung: Hier werden zum Teil zusätzliche Kosten verrechnet, die Sie leicht vermeiden können, indem Sie einen kurzen Vergleich anstellen.
---------------------------------------------
https://www.watchlist-internet.at/news/augen-auf-beim-digitale-vignetten-kauf/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates available for Adobe Acrobat and Reader (APSB18-41) ∗∗∗
---------------------------------------------
Adobe has published a security bulletin for Adobe Acrobat and Reader (APSB18-41). The updates referenced in the bulletin address critical and important vulnerabilities, and Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1674


∗∗∗ Decoupled Router - Critical - Access bypass - SA-CONTRIB-2018-071 ∗∗∗
---------------------------------------------
Project: Decoupled RouterVersion: 8.x-1.18.x-1.0Date: 2018-October-31Security risk: Critical 15∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:AllVulnerability: Access bypassDescription: This module enables you to resolve the provided Drupal path in order to find the canonical path and information about the resolved entity. This information includes entity type ID, entity ID, entity UUID and entity label.The module doesnt sufficiently check access before displaying entity labels.
---------------------------------------------
https://www.drupal.org/sa-contrib-2018-071


∗∗∗ TYPO3 9.5.2, 8.7.21 and 7.6.32 security releases published ∗∗∗
---------------------------------------------
We are announcing the release of the following TYPO3 updates:
 * TYPO3 9.5.2 LTS
 * TYPO3 8.7.21 LTS
 * TYPO3 7.6.32 LTS
All versions are security releases and contain important security fixes.
---------------------------------------------
https://typo3.org/article/typo3-952-8721-and-7632-security-releases-published/


∗∗∗ SAP Security Patch Day – December 2018 ∗∗∗
---------------------------------------------
On 11th of December 2018, SAP Security Patch Day saw the release of 9 Security Notes. Additionally, there were 3 updates to previously released security notes.
---------------------------------------------
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (php7.0), Fedora (keepalived, kernel, kernel-headers, kernel-tools, mingw-uriparser, and uriparser), openSUSE (pdns-recursor), Oracle (kernel), SUSE (compat-openssl098, glibc, java-1_8_0-ibm, kernel, opensc, python, python-base, python-cryptography, python-pyOpenSSL, samba, and soundtouch), and Ubuntu (cups).
---------------------------------------------
https://lwn.net/Articles/774590/


∗∗∗ SSA-982399: Missing Authentication in TIM 1531 IRC Modules ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-982399.txt


∗∗∗ SSA-181018: Heap Overflow Vulnerability in SCALANCE X switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-181018.txt


∗∗∗ SSA-674165: Vulnerability in McAfee MACC product for SINAMICS PERFECT HARMONY GH180 drives ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-674165.txt


∗∗∗ SSA-170881: Vulnerabilities in SINUMERIK Controllers ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-170881.txt


∗∗∗ IBM Security Bulletin: Open Source Python-paramiko vulnerability affects IBM Netezza Host Management. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-open-source-python-paramiko-vulnerability-affects-ibm-netezza-host-management/


∗∗∗ IBM Security Bulletin: Potential cross-site request forgery in WebSphere Application Server Admin Console (CVE-2018-1926) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-cross-site-request-forgery-in-websphere-application-server-admin-console-cve-2018-1926/


∗∗∗ IBM Security Bulletin: Potential Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2018-1901) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-privilege-escalation-vulnerability-in-websphere-application-server-cve-2018-1901/


∗∗∗ IBM Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server (CVE-2018-1904) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-remote-code-execution-vulnerability-in-websphere-application-server-cve-2018-1904/


∗∗∗ IBM Security Bulletin: Vulnerability in BIND affects Power Hardware Management Console (CVE-2018-5740) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-bind-affects-power-hardware-management-console-cve-2018-5740/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-cloud-orchestrator-and-ibm-cloud-orchestrator-enterprise/


∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by a glibc vulnerability (CVE-2017-15670) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-access-manager-appliance-is-affected-by-a-glibc-vulnerability-cve-2017-15670/


∗∗∗ IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2018-1060, CVE-2018-1061) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-affect-ibm-cloud-private-cve-2018-1060-cve-2018-1061/


∗∗∗ IBM Security Bulletin: IBM Cloud Manager with OpenStack is affected by a OpenSSL vulnerabilities (CVE-2018-0732, CVE-2018-0737) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cloud-manager-with-openstack-is-affected-by-a-openssl-vulnerabilities-cve-2018-0732-cve-2018-0737/


∗∗∗ glibc vulnerability CVE-2017-16997 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K43546166

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list