[CERT-daily] Tageszusammenfassung - 31.07.2018
Daily end-of-shift report
team at cert.at
Tue Jul 31 18:26:22 CEST 2018
=====================
= End-of-Day report =
=====================
Timeframe: Montag 30-07-2018 18:00 − Dienstag 31-07-2018 18:00
Handler: Robert Waldner
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ "National CERT" vs. "National CSIRTs" ∗∗∗
---------------------------------------------
"National CERT" vs. "National CSIRTs"2018/07/31The NIS Directive built upon previous work in the space of network and information security and also tried to use the established language of the field. This worked - up to a point. Im trying to summarize the differences and pitfalls regarding the term "national CSIRT".
---------------------------------------------
http://www.cert.at/services/blog/20180731155524-2252_en.html
∗∗∗ Betrug mit günstigen Wohnungen ∗∗∗
---------------------------------------------
Kriminelle inserieren günstige Wohnungen in guter Lage. Sie teilen Wohnungssuchenden mit, dass eine Besichtigung der Immobilie nur bei Bezahlung einer hohen Kaution möglich sei. Interessent/innen, die das Geld an das genannten Unternehmen bezahlen, verlieren es, denn es gibt die angebotene Wohnung nicht.
---------------------------------------------
https://www.watchlist-internet.at/news/betrug-mit-guenstigen-wohnungen/
∗∗∗ Update on the Distrust of Symantec TLS Certificates ∗∗∗
---------------------------------------------
Firefox 60 (the current release) displays an “untrusted connection” error for any website using a TLS/SSL certificate issued before June 1, 2016 that chains up to a Symantec root certificate. This is part of the consensus proposal for removing trust in Symantec TLS certificates that Mozilla adopted in 2017. This proposal was also adopted by the Google Chrome team, and more recently Apple announced their plan to distrust Symantec TLS certificates.
---------------------------------------------
https://blog.mozilla.org/security/2018/07/30/update-on-the-distrust-of-symantec-tls-certificates/
=====================
= Vulnerabilities =
=====================
∗∗∗ OTRS: Eine Schwachstelle ermöglicht das Erlangen von Administratorrechten ∗∗∗
---------------------------------------------
Ein Agent kann in OTRS als entfernter, einfach authentifizierter Angreifer mit Hilfe einer speziell präparierten URL seine Privilegien eskalieren und beliebige Benutzerrechte erlangen. Dazu gehören auch Adminstratorrechte.
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-1499/
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (network-manager-vpnc), Fedora (wireshark), Oracle (java-1.7.0-openjdk and yum-utils), Red Hat (chromium-browser, java-1.7.0-openjdk, memcached, qemu-kvm-rhev, and yum-utils), Scientific Linux (java-1.7.0-openjdk and yum-utils), Slackware (file and seamonkey), SUSE (gdk-pixbuf, libcgroup, libcgroup1, libvirt, and sssd), and Ubuntu (mysql-5.5 and mysql-5.5, mysql-5.7).
---------------------------------------------
https://lwn.net/Articles/761375/
∗∗∗ Drupal 8 release on August 1st, 2018 - DRUPAL-PSA-2018-07-30 ∗∗∗
---------------------------------------------
The Drupal Security Team will be coordinating a security release for Drupal 8 this week on Wednesday, August 1, 2018. (We are issuing this PSA in advance because the in the regular security release window schedule, August 1 would not typically be a core security window.)The Drupal 8 core release will be made between noon and 3pm EDT. It is rated as moderately critical and will be an update to a vendor library only.August 1 also remains a normal security release window for contributed projects.
---------------------------------------------
https://www.drupal.org/psa-2018-07-30
∗∗∗ IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719211
∗∗∗ IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719209
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IPv6 and MQ affect IBM SAN Volume Controller, IBM Storwize and IBM FlashSystem products ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10717931
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=ibm10717693
∗∗∗ IBM Security Bulletin: RCE vulnerability (CVE-2018-1595) affects IBM Platform Symphony, IBM Spectrum Symphony ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=isg3T1027819
∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in freetype2 (CVE-2016-10328) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719055
∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in dhcp (CVE-2018-5732 CVE-2018-5733) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719059
∗∗∗ IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719203
∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in GNU C Library ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719047
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM GSKit affect IBM Personal Communications ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10717437
∗∗∗ Linux kernel vulnerability CVE-2016-8650 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K46394694
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list