[CERT-daily] Tageszusammenfassung - 02.10.2018
Daily end-of-shift report
team at cert.at
Tue Oct 2 18:09:13 CEST 2018
=====================
= End-of-Day report =
=====================
Timeframe: Montag 01-10-2018 18:00 − Dienstag 02-10-2018 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities ∗∗∗
---------------------------------------------
It has not been a good week for PDF programs. We had an Adobe Acrobat & Reader update released yesterday that fixed 86 vulnerabilities, including numerous critical ones. Not to be beaten, an update for Foxit PDF Reader and Foxit PhantomPDF was released last Friday that fixes a whopping 116 vulnerabilities.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/security-update-for-foxit-pdf-reader-fixes-118-vulnerabilities/
∗∗∗ Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack ∗∗∗
---------------------------------------------
Rated as high-risk vulnerabilities, these privilege-escalation flaws could allow an unauthenticated attacker to access protected content.
---------------------------------------------
https://threatpost.com/nine-nas-bugs-open-lenovoemc-iomega-devices-to-attack/137829/
∗∗∗ Keine Rechnung von ibostream.de und sobastream.de zahlen ∗∗∗
---------------------------------------------
Die Abo-Fallen ibostream.de und sobastream.de sehen für ihre Nutzung eine kostenlose Registrierung vor. Fünf Tagen nach der Registrierung erhalten Konsument/innen von der Ibo Das Limited oder der Stream It Limited eine Rechnung von 359,88- Euro. Nutzer/innen müssen die Summe nicht bezahlen, denn zwischen ihnen und ibostream.de oder sobastream.de gibt es keinen Vertrag.
---------------------------------------------
https://www.watchlist-internet.at/news/keine-rechnung-von-ibostreamde-und-sobastreamde-zahlen/
=====================
= Vulnerabilities =
=====================
∗∗∗ Kritische Sicherheitslücken in Adobe Acrobat und Reader - Patches verfügbar ∗∗∗
---------------------------------------------
Adobe hat ausserhalb des monatlichen Patch-Zyklus Updates für Acrobat und Reader veröffentlicht, mit denen teils kritische Sicherheitslücken geschlossen werden.
---------------------------------------------
https://www.cert.at/warnings/all/20181002.html
∗∗∗ Android Security Bulletin - October 2018 ∗∗∗
---------------------------------------------
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. [...] The most severe of these issues is a critical security vulnerability in Framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
---------------------------------------------
https://source.android.com/security/bulletin/2018-10-01.html
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (lib32-libxml2, libxml2, mosquitto, and ntp), Debian (kernel and strongswan), Fedora (firefox), openSUSE (zsh), Oracle (kernel), Red Hat (ceph-iscsi-cli), SUSE (openssl-1_0_0), and Ubuntu (kernel, linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-raspi2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, and strongswan).
---------------------------------------------
https://lwn.net/Articles/767467/
∗∗∗ Vuln: LibTIFF CVE-2018-17795 Heap Based Buffer Overflow Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/105445
∗∗∗ Red Hat JBoss A-MQ, Red Hat JBoss Fuse: Eine Schwachstelle ermöglicht das Erlangen von Benutzerrechten ∗∗∗
---------------------------------------------
https://adv-archiv.dfn-cert.de/adv/2018-1989/
∗∗∗ IBM Security Bulletin: Multiple security vulnerabilities in GSKit used by Edge Caching proxy of WebSphere Application Server ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10732391
∗∗∗ IBM Security Bulletin: Cross-site scripting vulnerability in OAuth ear in WebSphere Application Server (CVE-2018-1794) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10729571
∗∗∗ IBM Security Bulletin: Cross-site scripting vulnerability in SAML ear in WebSphere Application Server (CVE-2018-1793) ∗∗∗
---------------------------------------------
https://www-01.ibm.com/support/docview.wss?uid=ibm10729563
∗∗∗ IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private (CVE-2018-0739,CVE-2017-17512, CVE-2018-1000122) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ibm10719199
∗∗∗ IBM Security Bulletin: IBM b-type Network/Storage switches are affected by Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) vulnerabilities. ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1010724
∗∗∗ Password disclosure vulnerability & XSS in PTC ThingWorx ∗∗∗
---------------------------------------------
https://www.sec-consult.com/en/blog/advisories/password-disclosure-vulnerability-xss-in-ptc-thingworx/
∗∗∗ HPESBHF03897 rev.1 - HPE Switches and Routers using OpenSSL, and Intelligent Management Center (iMC) PLAT, Remote Denial of Service ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03897en_us
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list