[CERT-daily] Tageszusammenfassung - 27.12.2018

Daily end-of-shift report team at cert.at
Thu Dec 27 18:06:52 CET 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 21-12-2018 18:00 − Donnerstag 27-12-2018 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Upcoming Security Updates for Adobe Acrobat and Reader (APSB19-02) ∗∗∗
---------------------------------------------
A prenotification security advisory (APSB19-02) has been posted regarding upcoming Adobe Acrobat and Reader updates scheduled for Thursday, January 03, 2019. We will continue to provide updates on the upcoming release via the Security Bulletins and Advisories page as well [...]
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1680


∗∗∗ 5 Steps to Mitigate Endpoint Security Incidents ∗∗∗
---------------------------------------------
Endpoint security may be the best investment you have ever made. According to a Ponemon survey – The 2017 State of Endpoint Security Risk – the average cost to an organization of attacks that managed to breach endpoint security was $5 million. In this article, we will look at what you need to know about [...]
---------------------------------------------
https://resources.infosecinstitute.com/5-steps-to-mitigate-endpoint-security-incidents/


∗∗∗ Warnung vor Auresoil Sensi & Secure ∗∗∗
---------------------------------------------
Auf einem erfundenen österreichischen Medizinportal behaupten Unbekannte, dass es mit Auresoil Sensi & Secure möglich sei, „das Hörvermögen zu 100% wiederherzustellen“. Das Produkt können Interessent/innen um 57 Euro auf bestmarkethub.com/43/auresoil-med/gps erwerben. Davon raten wir ab, denn die medizinische Wirkung von Auresoil Sensi & Secure ist unklar und kann schädlich sein.
---------------------------------------------
https://www.watchlist-internet.at/news/warnung-vor-auresoil-sensi-secure/


∗∗∗ Nicht bei der Knurf GmbH & Co. KG bewerben ∗∗∗
---------------------------------------------
Die betrügerische Knurf GmbH & Co. KG sucht über knurf.net Proband/innen, die Produkte oder Dienstleitungen testen sollen. Die Aufgabe von Interessent/innen besteht letzen Endes darin, dass sie ein Online-Konto eröffnen und ihre Zugangsdaten an das erfundene Unternehmen senden. Damit ist es den Kriminellen möglich, Verbrechen und Geldwäscherei unter dem Namen ihrer Opfer zu begehen.
---------------------------------------------
https://www.watchlist-internet.at/news/nicht-bei-der-knurf-gmbh-co-kg-bewerben/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials ∗∗∗
---------------------------------------------
An authenticated user can visit the page spaces.htm, for example, http://victime_ip/spaces.htm, and obtain clear text password of user admin [...]
---------------------------------------------
https://seclists.org/fulldisclosure/2018/Dec/45


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (firefox), Debian (ghostscript, libarchive, openjpeg2, and sqlite3), Fedora (krb5, mariadb, mariadb-connector-c, mingw-openjpeg2, openjpeg2, phpMyAdmin, python-lxml, spatialite-tools, sqlite, and squid), Mageia (kernel), openSUSE (bluez, git, go1.10, libnettle, libqt5-qtbase, ovmf, pdns, perl, tcpdump, tiff, tryton, and yast2-rmt), Slackware (netatalk), and SUSE (buildah, caasp-cli, caasp-dex, cni-plugins, container-feeder, containerd-kubic, cri-o, [...]
---------------------------------------------
https://lwn.net/Articles/775549/


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (libextractor and nagios3) and Fedora (adplug, mingw-podofo, and podofo).
---------------------------------------------
https://lwn.net/Articles/775584/


∗∗∗ Synology-SA-18:63 DS File ∗∗∗
---------------------------------------------
A vulnerability allows local users to obtain sensitive information via a susceptible version of Android DS File.
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_18_63


∗∗∗ Synology-SA-18:64 DSM ∗∗∗
---------------------------------------------
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of Synology Diskstation Manager (DSM).
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_18_64


∗∗∗ Synology-SA-18:65 SRM ∗∗∗
---------------------------------------------
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of Synology Router Manager (SRM).
---------------------------------------------
https://www.synology.com/en-global/support/security/Synology_SA_18_65


∗∗∗ Vuln: McAfee Application and Change Control Multiple Security Bypass Vulnerabilities ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/106282


∗∗∗ Vuln: Kibana CVE-2018-17246 Local File Include Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/106285


∗∗∗ diverse Router: Schwachstelle ermöglicht Erlangen von Administratorrechten ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K18-1200


∗∗∗ IBM Security Bulletin: Vulnerabilities in the Java runtime environment that IBM provides affect WebSphere DataPower XC10 Appliance ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-the-java-runtime-environment-that-ibm-provides-affect-websphere-datapower-xc10-appliance/


∗∗∗ IBM Security Bulletin: Vulnerabilities in Java runtime environment that IBM provides affect WebSphere eXtreme Scale ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-java-runtime-environment-that-ibm-provides-affect-websphere-extreme-scale/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-workload-scheduler-4/


∗∗∗ IBM Security Bulletin: IBM Lotus Protector for Mail Security has released fixes in response to the public disclosed vulnerability for PHP (CVE-2018-12882) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-lotus-protector-for-mail-security-has-released-fixes-in-response-to-the-public-disclosed-vulnerability-for-php-cve-2018-12882/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-netcool-impact-4/


∗∗∗ IBM Security Bulletin: IBM Content Classification is affected by IBM SDK, Java Technology Edition Quarterly CPU – Jul 2018 – Includes Oracle Jul 2018 CPU ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-content-classification-is-affected-by-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2018-includes-oracle-jul-2018-cpu/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list