[CERT-daily] Tageszusammenfassung - 27.03.2018
Daily end-of-shift report
team at cert.at
Tue Mar 27 18:27:50 CEST 2018
=====================
= End-of-Day report =
=====================
Timeframe: Montag 26-03-2018 18:00 − Dienstag 27-03-2018 18:00
Handler: Robert Waldner
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ Academics Discover New CPU Side-Channel Attack Named BranchScope ∗∗∗
---------------------------------------------
A team of academics from four US universities have discovered a new side-channel attack that takes advantage of the speculative execution feature in modern processors to recover data from users CPUs.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/academics-discover-new-cpu-side-channel-attack-named-branchscope/
∗∗∗ Exploit kit development has gone to sh$t... ever since Adobe Flash was kicked to the curb ∗∗∗
---------------------------------------------
Coinkidink? Nah. Crooks are switching tactics There was a big drop in exploit kit development last year, and experts have equated this to the phasing out of Adobe Flash.
---------------------------------------------
http://go.theregister.com/feed/www.theregister.co.uk/2018/03/27/exploit_kit_decline/
∗∗∗ E-Mail-Verschlüsselung: Enigmail 2.0 ist da ∗∗∗
---------------------------------------------
Mit der neuen Enigmail-Version 2.0 für den Mail-Client Thunderbird kann man unter anderem neben Text in Mails nun auch die Betreffzeile verschlüsseln.
---------------------------------------------
https://heise.de/-4005589
∗∗∗ The Last Windows XP Security White Paper ∗∗∗
---------------------------------------------
Using the strategies and procedures we present in our paper could help prevent an attacker from taking control of your computer
---------------------------------------------
https://www.welivesecurity.com/2018/03/27/last-windows-xp-security-white-paper/
=====================
= Vulnerabilities =
=====================
∗∗∗ Mozilla Releases Security Updates for Firefox ∗∗∗
---------------------------------------------
Original release date: March 27, 2018 Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 59.0.2 and Firefox ESR 52.7.3 and apply the necessary updates.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2018/03/27/Mozilla-Releases-Security-Updates-Firefox
∗∗∗ 2018-02-06 (updated 2018-03-27): Vulnerability in MicroSCADA Pro SYS600 9.x - Improper Access Control ∗∗∗
---------------------------------------------
3.2.2018 Original document, 16.3.2018 Fix for SYS600 9.3 systems is available. Clarified file system permissions for created Windows groups, see FAQ.
---------------------------------------------
http://search.abb.com/library/Download.aspx?DocumentID=1MRS257731&LanguageCode=en&DocumentPartId=&Action=Launch
∗∗∗ OpenSSL Security Advisory [27 Mar 2018] ∗∗∗
---------------------------------------------
Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739)
Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733)
rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
---------------------------------------------
https://openssl.org/news/secadv/20180327.txt
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (firefox-esr, irssi, and librelp), Gentoo (busybox and plib), Mageia (exempi and jupyter-notebook), openSUSE (clamav, dhcp, nginx, python-Django, python3-Django, and thunderbird), Oracle (slf4j), Red Hat (slf4j), Scientific Linux (slf4j), Slackware (firefox), SUSE (librelp), and Ubuntu (screen-resolution-extra).
---------------------------------------------
https://lwn.net/Articles/750207/
∗∗∗ Bugtraq: Microsoft Skype Mobile v81.2 & v8.13 - Remote Denial of Service Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/archive/1/541897
∗∗∗ DFN-CERT-2018-0574: Librelp: Eine Schwachstelle ermöglicht das Ausführen beliebigen Programmcodes mit den Rechten des Dienstes ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0574/
∗∗∗ DFN-CERT-2018-0573: Jenkins-Plugins: Mehrere Schwachstellen ermöglichen u.a. die Ausführung beliebigen Programmcodes ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0573/
∗∗∗ DFN-CERT-2018-0575: Sophos UTM: Eine Schwachstelle ermöglicht die Ausführung beliebigen Programmcodes ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0575/
∗∗∗ DFN-CERT-2018-0581: Apache Struts: Eine Schwachstelle ermöglicht einen Denial-of-Service-Angriff ∗∗∗
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0581/
∗∗∗ Security Notice - Statement on Command Injection Vulnerability in Huawei HG655m Product ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-notices/2018/huawei-sn-20180327-01-hg655m-en
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Fabric Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/support/home/docdisplay?lndocid=MIGR-5099782
∗∗∗ IBM Security Bulletin: ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=isg3T1027315
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014717
∗∗∗ IBM Security Bulletin: IBM B2B Advanced Communications is Affected by an XML External Entity Injection (XXE) Attack when Processing XML Data ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014656
∗∗∗ IBM Security Bulletin: Security Bulletin: IBM Security Privileged Identity Manager is affected by sensitive information in page comments vulnerability (CVE-2017-1705) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22014988
∗∗∗ NTP vulnerability CVE-2018-7184 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K13540723
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list