[CERT-daily] Tageszusammenfassung - 05.01.2018

Daily end-of-shift report team at cert.at
Fri Jan 5 18:19:19 CET 2018


=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 04-01-2018 18:00 − Freitag 05-01-2018 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Google Unveils New Retpoline Coding Technique for Mitigating Spectre Attacks ∗∗∗
---------------------------------------------
Google has published details about a new coding technique created by the companys engineers that any developer can deploy and prevent Spectre attacks.
---------------------------------------------
https://www.bleepingcomputer.com/news/google/google-unveils-new-retpoline-coding-technique-for-mitigating-spectre-attacks/


∗∗∗ Microsoft could soon be “password free” ∗∗∗
---------------------------------------------
Is it the beginning of the end for passwords?
---------------------------------------------
https://nakedsecurity.sophos.com/2018/01/05/microsoft-could-soon-be-password-free/


∗∗∗ How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws ∗∗∗
---------------------------------------------
[...] An editorial-form article is probably not the best format to give advice, so were going to present a simple, dumbed-down, step-by-step article on how to get these updates and navigate Microsofts overly complicated announcement.
---------------------------------------------
https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/


∗∗∗ How a researcher hacked his own computer and found worst chip flaw ∗∗∗
---------------------------------------------
FRANKFURT (Reuters) - Daniel Gruss didn’t sleep much the night he hacked his own computer and exposed a flaw in most of the chips made in the past two decades by hardware giant Intel Corp (INTC.O).
---------------------------------------------
https://www.reuters.com/article/us-cyber-intel-researcher/how-a-researcher-hacked-his-own-computer-and-found-worst-chip-flaw-idUSKBN1ET1ZR


∗∗∗ Meltdown und Spectre: Alle Macs und iOS-Geräte betroffen ∗∗∗
---------------------------------------------
Apple hat sich endlich zu der Chiplücke in ARM- und Intel-Prozessoren geäußert. Demnach sind alle aktuellen Produkte des Konzerns angreifebar – die Apple Watch nicht mit Meltdown. Erste Bugfixes existieren.
---------------------------------------------
https://heise.de/-3934477


∗∗∗ XeroxDay: Zero-Day-Schwachstelle bei Xerox Alto gefunden!!!1elf ∗∗∗
---------------------------------------------
Der Passwortschutz der 14-Zoll-Disketten für Xerox Alto lässt sich im Handumdrehen aushebeln. Ein Fix ist nicht in Sicht. Vom Produktiveinsatz mit sensiblen Daten sollte daher Abstand genommen werden.
---------------------------------------------
https://heise.de/-3934443


∗∗∗ Prozessor-Lücken Meltdown und Spectre: Intel und ARM führen betroffene Prozessoren auf, Nvidia analysiert noch ∗∗∗
---------------------------------------------
Betroffen sind unter anderem sämtliche Intel-Core-Prozessoren bis zurück zum Jahr 2008 sowie eine Vielzahl von ARM-Cortex-CPUs. Nvidia glaubt, dass die CUDA-GPUs nicht anfällig sind und analysiert noch seine Tegra-Prozessoren.
---------------------------------------------
https://heise.de/-3934667


∗∗∗ Trackmageddon: GPS-Tracking-Services ermöglichen unbefugten Zugriff ∗∗∗
---------------------------------------------
Sicherheitsforscher haben Schwachstellen in zahlreichen Online-Tracking-Services entdeckt, die Angreifern unter anderem das Abrufen von GPS-Daten ermöglichen. Eine Liste der verwundbaren Services ist online verfügbar.
---------------------------------------------
https://heise.de/-3934328


∗∗∗ Jetzt patchen: Kritische Lücken in Dell EMC Data Protection Suite ∗∗∗
---------------------------------------------
Einige Dell-EMC-Produkte sind anfällig für Angriffe, die im schlimmsten Fall die vollständige Systemkompromittierung ermöglichen. Patches stehen bereit.
---------------------------------------------
https://heise.de/-3935063



=====================
=  Vulnerabilities  =
=====================

∗∗∗ DSA-4078 linux - security update ∗∗∗
---------------------------------------------
Multiple researchers have discovered a vulnerability in Intel processors,enabling an attacker controlling an unprivileged process to read memory fromarbitrary addresses, including from the kernel and all other processes runningon the system.
---------------------------------------------
https://www.debian.org/security/2018/dsa-4078


∗∗∗ Delta Electronics Delta Industrial Automation Screen Editor ∗∗∗
---------------------------------------------
This advisory contains mitigation details for stack-based buffer overflow, use-after-free, out-of-bounds write, and type confusion vulnerabilities in the Delta Electronics Delta Industrial Automation Screen Editor.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-004-01


∗∗∗ Advantech WebAccess ∗∗∗
---------------------------------------------
This advisory contains mitigation details for untrusted pointer dereference, stack-based buffer overflow, path traversal, SQL injection, and improper input validation vulnerabilities in Advantech’s WebAccess products.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02


∗∗∗ Intel-SA-00086 Security Review Cumulative Update ∗∗∗
---------------------------------------------
Intel recently released a security update (Intel-SA-00086), regarding Intel ME 11.x, SPS 4.0, and TXE 3.0 intel products.The following Firmware are impacted:Intel Management Engine (ME) Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20Intel Server Platform Services (SPS) Firmware version 4.0Intel Trusted Execution Engine (TXE) version 3.0And the following Intel products are affected:6th, 7th & 8th Generation Intel Core Processor FamilyIntel Xeon Processor E3-1200 v5 & v6 Product
---------------------------------------------
http://fortiguard.com/psirt/FG-IR-17-271


∗∗∗ VMSA-2018-0003 ∗∗∗
---------------------------------------------
vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2018-0003.html


∗∗∗ Citrix Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 ∗∗∗
---------------------------------------------
A new class of issues has been identified in common CPU architectures. The presently known issues could allow unprivileged [...]
---------------------------------------------
https://support.citrix.com/article/CTX231399


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (kernel), CentOS (kernel, libvirt, microcode_ctl, and qemu-kvm), Debian (kernel and xen), Fedora (kernel), Mageia (backintime, erlang, and wildmidi), openSUSE (kernel and ucode-intel), Oracle (kernel, libvirt, microcode_ctl, and qemu-kvm), Red Hat (kernel, kernel-rt, libvirt, microcode_ctl, qemu-kvm, and qemu-kvm-rhev), Scientific Linux (libvirt and qemu-kvm), SUSE (kvm and qemu), and Ubuntu (ruby1.9.1, ruby2.0, ruby2.3).
---------------------------------------------
https://lwn.net/Articles/743242/rss


∗∗∗ Three new stable kernels ∗∗∗
---------------------------------------------
Greg Kroah-Hartman has announced the release of the 4.14.12, 4.9.75, and 4.4.110 stable kernels. The bulk of thechanges are either to fix the mitigations for Meltdown/Spectre (in 4.14.12) or to backportthose mitigations (in the two older kernels). There are apparently known (orsuspected) problems with each of the releases, which Kroah-Hartman is hoping to get shaken out inthe near term. For example, the 4.4.110 announcement warns: "But becareful, there have been some reports of problems [...]
---------------------------------------------
https://lwn.net/Articles/743246/rss


∗∗∗ Bugtraq: SonicWall SonicOS NSA UTM Firewall - Bypass & Persistent Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/archive/1/541633


∗∗∗ DFN-CERT-2018-0035: Ruby: Eine Schwachstelle ermöglicht die Ausführung beliebigen Programmcodes ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0035/


∗∗∗ DFN-CERT-2018-0029: Mozilla Firefox, Spectre: Zwei Schwachstellen ermöglichen das Ausspähen von Informationen ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0029/


∗∗∗ HPESBHF03803 rev.1 - Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance, Remote Denial of Service and Execution of Code ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us


∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22011668


∗∗∗ IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM WebSphere Service Registry and Repository (CVE-2016-1000031) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22010680


∗∗∗ IBM Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling B2B Integrator ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22011978


∗∗∗ IBM Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling File Gateway ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22012006


∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by XML External Entity Injection (XXE) attack (CVE-2017-1666) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22011970


∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by SQL injection (CVE-2017-1670 ) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22012009


∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Spoofing through URL Redirection (CVE-2017-1668) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22012010


∗∗∗ IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by Path Traversal vulnerability (CVE-2017-1671) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22011967


∗∗∗ IBM Security Bulletin: IBM Security Access Manager Appliance is affected by OpenSSH vulnerabilities ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22012324


∗∗∗ IBM Security Bulletin: Authenticated Users Can Gain Privilege in IBM UrbanCode Deploy (CVE-2017-1493) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg2C1000367

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list