[CERT-daily] Tageszusammenfassung - 23.02.2018
Daily end-of-shift report
team at cert.at
Fri Feb 23 18:20:59 CET 2018
=====================
= End-of-Day report =
=====================
Timeframe: Donnerstag 22-02-2018 18:00 − Freitag 23-02-2018 18:00
Handler: Nina Bieringer
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Botched npm Update Crashes Linux Systems, Forces Users to Reinstall ∗∗∗
---------------------------------------------
A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot.
---------------------------------------------
https://www.bleepingcomputer.com/news/linux/botched-npm-update-crashes-linux-systems-forces-users-to-reinstall/
∗∗∗ Android P Will Block Background Apps from Accessing Phones Camera & Microphone ∗∗∗
---------------------------------------------
Android P, the next major version of the Android operating system, will block idle (background) applications from accessing a smartphones camera or microphone.
---------------------------------------------
https://www.bleepingcomputer.com/news/mobile/android-p-will-block-background-apps-from-accessing-phones-camera-and-microphone/
∗∗∗ Pwned Passwords: Troy Hunt veröffentlicht eine halbe Milliarde Passworthashes ∗∗∗
---------------------------------------------
Bei HaveIBeenPwned können Nutzer aktuell rund eine halbe Milliarde Passwort-Hashes herunterladen. Damit könnten sie Dienste in die Lage versetzen, geleakte Passwörter abzulehnen.
---------------------------------------------
https://www.golem.de/news/pwned-passwords-troy-hunt-veroeffentlicht-eine-halbe-milliarde-passworthashes-1802-132941.html
∗∗∗ Mitm6 - Pwning IPv4 Via IPv6 ∗∗∗
---------------------------------------------
Mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address and setting the attackers host as default DNS server [...]
---------------------------------------------
https://www.kitploit.com/2018/02/mitm6-pwning-ipv4-via-ipv6.html
∗∗∗ Versionsverwaltung: GitLab 10.5 integriert Verschlüsselung mit Lets Encrypt ∗∗∗
---------------------------------------------
Insgesamt 26 Neuerungen bringt die neue Version von GitLab mit. Spannend sind vor allem die Verschlüsselung mit Lets Encrypt, externe Daten in CI/CD-Pipelines, und der Einzug von Gemnasium in die Versionsverwaltung.
---------------------------------------------
https://www.heise.de/developer/meldung/Versionsverwaltung-GitLab-10-5-integriert-Verschluesselung-mit-Let-s-Encrypt-3976550.html
∗∗∗ Name, Adresse, Geburtsdatum: ÖBB-App zeigte fremde Nutzerdaten an ∗∗∗
---------------------------------------------
Betroffene sahen sensible Daten anderer Nutzer. Ob auch Kreditkarteninformationen im Detail eingesehen werden konnten, ist noch nicht klar
---------------------------------------------
http://derstandard.at/2000074884009
∗∗∗ Report Highlights Challenges of Incident Response ∗∗∗
---------------------------------------------
False Positives Lead to a Surprising Number of Incident Response Investigations read more
---------------------------------------------
https://www.securityweek.com/report-highlights-challenges-incident-response
=====================
= Vulnerabilities =
=====================
∗∗∗ MFSBGN03798 rev.1 - Micro Focus UCMDB-Browser, Apache Struts Instance ∗∗∗
---------------------------------------------
A potential security vulnerability has been identified in Micro Focus Universal CMDB. The vulnerability could be remotely exploited to allow Arbitrary Code Execution.
---------------------------------------------
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03086019
∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (cups, gcc-6, irssi, kernel, and squid3), Fedora (mupdf), Mageia (irssi, mpv, qpdf, and quagga), openSUSE (libmad and postgresql95), SUSE (kernel and php5), and Ubuntu (kernel, linux-lts-trusty, linux-raspi2, and wavpack).
---------------------------------------------
https://lwn.net/Articles/747911/
∗∗∗ DFN-CERT-2018-0378: Apache Tomcat: Zwei Schwachstellen ermöglichen das Umgehen von Sicherheitsvorkehrungen ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0378/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list