[CERT-daily] Tageszusammenfassung - 05.11.2018
Daily end-of-shift report
team at cert.at
Mon Nov 5 18:29:28 CET 2018
=====================
= End-of-Day report =
=====================
Timeframe: Freitag 02-11-2018 18:00 − Montag 05-11-2018 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ New Microsoft Edge Browser Zero-Day RCE Exploit in the Works ∗∗∗
---------------------------------------------
Details are about to emerge about a zero-day remote code execution vulnerability in the Microsoft Edge web browser, as two researchers plan to reveal a proof-of-concept and publish a general write up. Microsoft has not been told the details of this vulnerability. [...]
---------------------------------------------
https://www.bleepingcomputer.com/news/security/new-microsoft-edge-browser-zero-day-rce-exploit-in-the-works/
∗∗∗ Neue Schwachstelle in Intel-CPUs: Hyper-Threading anfällig für Datenleck ∗∗∗
---------------------------------------------
Forscher demonstrieren einen neuen CPU-Bug bei aktuellen Intel-Prozessoren, über den sich Daten aus einem benachbarten Thread auslesen lassen.
---------------------------------------------
http://heise.de/-4210282
∗∗∗ Streaming-Server Icecast: Angreifer könnten Online-Radiosender ausknipsen ∗∗∗
---------------------------------------------
In der aktuellen Version von Icecast haben die Entwickler eine Sicherheitslücke geschlossen.
---------------------------------------------
http://heise.de/-4210875
∗∗∗ Heres Why [Insert Thing Here] Is Not a Password Killer ∗∗∗
---------------------------------------------
These days, I get a lot of messages from people on security related things. Often its related to data breaches or sloppy behaviour on behalf of some online service playing fast and loose with HTTPS or passwords or some other easily observable security posture. But on a fairly regular basis, [...]
---------------------------------------------
https://www.troyhunt.com/heres-why-insert-thing-here-is-not-a-password-killer/
∗∗∗ Finger weg vom Fake-Shop gaming-ez.com! ∗∗∗
---------------------------------------------
Kaufen Sie nicht auf gaming-ez.com ein. Die Playstation 4 Pro-, Xbox One- oder Nintendo Switch- Angebote sind zwar verlockend, werden aber nie geliefert. Überwiesenes Geld ist verloren.
---------------------------------------------
https://www.watchlist-internet.at/news/finger-weg-vom-fake-shop-gaming-ezcom/
∗∗∗ Datendiebstahl mit gefälschtem AirAsia-Ticket ∗∗∗
---------------------------------------------
Konsument/innen erhalten ein gefälschtes AirAsia-Ticket für einen Flug von Hong Kong nach Kuala Lumpur. Sie können es stornieren, indem sie die Website eines Payment Center aufrufen. Dieses fragt PayPal-Zugangsdaten sowie Kreditkarten- und Bankinformationen ab. Ebenfalls ist eine persönliche Identifizierung vorgesehen. Kund/innen, die die gewünschten Informationen bekannt geben, werden Opfer eines Daten- und Identitätsdiebstahls.
---------------------------------------------
https://www.watchlist-internet.at/news/datendiebstahl-mit-gefaelschtem-airasia-ticket/
=====================
= Vulnerabilities =
=====================
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affect IBM Performance Management products ∗∗∗
---------------------------------------------
Affected product(s) and affected version(s):IBM Cloud Application Performance Management, Base Private IBM Cloud Application Performance Management, Advanced Private IBM Cloud Application Performance Management
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-the-ibm-sdk-java-technology-edition-affect-ibm-performance-management-products-2/
∗∗∗ IBM Security Bulletin: IBM Lotus Protector for Mail Security has released fixes in response to the public disclosed vulnerability found by vFinder (CVE-2018-14883 and CVE-2018-14851) ∗∗∗
---------------------------------------------
Affected product(s) and affected version(s):Affected Product NameAffected VersionsIBM Lotus Protector for Mail Security2.8.3.0IBM Lotus Protector for Mail Security2.8.1.0
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-lotus-protector-for-mail-security-has-released-fixes-in-response-to-the-public-disclosed-vulnerability-found-by-vfinder-cve-2018-14883-and-cve-2018-14851/
∗∗∗ IBM Security Bulletin: A vulnerability in Apache Zookeeper could affect IBM Performance Management products (CVE-2018-8012) ∗∗∗
---------------------------------------------
Apache Zookeeper could allow a remote attacker to bypass security restrictions, caused by the failure to enforce authentication or authorization when a server attempts to join a quorum. An attacker could exploit this vulnerability to join the cluster and begin propagating counterfeit changes to the leader.
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-apache-zookeeper-could-affect-ibm-performance-management-products-cve-2018-8012/
∗∗∗ IBM Security Bulletin: Vulnerabilities in IBM Java Runtime affect Rational Publishing Engine ∗∗∗
---------------------------------------------
Affected product(s) and affected version(s):Rational Publishing Engine 2.1.0 Rational Publishing Engine 2.1.1 Rational Publishing Engine 2.1.2 Rational Publishing Engine 6.0.5 Rational Publishing Engine 6.0.6
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-rational-publishing-engine/
∗∗∗ IBM Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology ∗∗∗
---------------------------------------------
Security vulnerabilities affect multiple products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) and Rational Software Architect Design Manager (RSA DM).
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-affect-multiple-ibm-rational-products-based-on-ibm-jazz-technology/
∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (curl, icecast2, mupdf, and ruby2.3), Fedora (lldpad, NetworkManager, python-django, roundcubemail, thunderbird, webkit2gtk3, xen, and xorg-x11-server), Mageia (axis, cimg, gmic, dnsmasq, gitolite, gnutls, java-1.8.0-openjdk, lighttpd, mbedtls, mediawiki, perl-Dancer2, python-cryptography, and virtualbox), Red Hat (openvswitch, Red Hat Virtualization, and thunderbird), SUSE (curl, ffmpeg, and soundtouch), and Ubuntu (network-manager and systemd).
---------------------------------------------
https://lwn.net/Articles/770744/
∗∗∗ ZDI-18-1336: (0Day) Juuko JK-800 Replay Attack Vulnerability ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-18-1336/
∗∗∗ Security Advisory - Lock-screen Bypass Vulnerability in Huawei Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20181105-01-smartphone-en
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list